Wednesday, November 12, 2014

Change IP address and netmask in Solaris 11





[root@server:/ ]$ ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
net0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 32.119.202.220 netmask fffffff8 broadcast 32.119.202.223
ether 0:10:e0:f:d5:16
net8: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
inet 169.254.182.77 netmask ffffff00 broadcast 169.254.182.255
ether 2:21:28:57:47:17



List current IP setting:

[root@server:/ ]$ ipadm
NAME CLASS/TYPE STATE UNDER ADDR
lo0 loopback ok -- --
lo0/v4 static ok -- 127.0.0.1/8
lo0/v6 static ok -- ::1/128
net0 ip ok -- --
net0/v4 static ok -- 32.119.202.220/29
net0/v6 addrconf ok -- fe80::210:e0ff:fe0f:d516/10
net8 ip ok -- --
net8/v4 static ok -- 169.254.182.77/24 <-----------change this
[root@server:/ ]$





Let's chage netmask on interface net8/v4 to /29:





[root@server:/ ]$ ipadm set-addrprop -p prefixlen=29 net8/v4






[root@server:/ ]$ ipadm
NAME CLASS/TYPE STATE UNDER ADDR
lo0 loopback ok -- --
lo0/v4 static ok -- 127.0.0.1/8
lo0/v6 static ok -- ::1/128
net0 ip ok -- --
net0/v4 static ok -- 32.119.202.220/29
net0/v6 addrconf ok -- fe80::210:e0ff:fe0f:d516/10
net8 ip ok -- --
net8/v4 static ok -- 169.254.182.77/29 <---------------changed
[root@server:/ ]$



Confirm:


[root@server:/ ]$ cat /etc/ipadm/ipadm-DefaultFixed.conf
_ifname=lo0;_aobjname=lo0/v4; _ipv4saddr=string,127.0.0.1;prefixlen=string,8;up=string,yes;
_ifname=lo0; _family=string,2,26;_class=uint64,2;
_ifname=lo0;_aobjname=lo0/v6; _ipv6saddr=string,::1;prefixlen=string,128;up=string,yes;
_ifname=net0; _family=string,2,26;_class=uint64,0;
_ifname=net0;_aobjname=net0/v4; _ipv4saddr=string,32.119.202.220;prefixlen=string,29;up=string,yes;
_ifname=net0;_aobjname=net0/v6; _intfid=string,::;prefixlen=string,0;_stateless=string,yes;_stateful=string,yes;
_ifname=net8; _family=string,2,26;_class=uint64,0;
_aobjname=net8/v4;_ifname=net8; _ipv4saddr=string,169.254.182.77;up=string,yes;prefixlen=string,29;








[root@server:/ ]$ ifconfig -a
lo0: flags=2001000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4,VIRTUAL> mtu 8232 index 1
inet 127.0.0.1 netmask ff000000
net0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
inet 32.119.202.220 netmask fffffff8 broadcast 32.119.202.223
ether 0:10:e0:f:d5:16
net8: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 4
inet 169.254.182.77 netmask fffffff8 broadcast 169.254.182.79
ether 2:21:28:57:47:17




Converersion from Solaris HEX format:


fffffffc 255.255.255.252 /30
fffffff8 255.255.255.248 /29
fffffff0 255.255.255.240 /28
ffffffe0 255.255.255.224 /27
ffffffc0 255.255.255.192 /26
ffffff80 255.255.255.128 /25
ffffff00 255.255.255.0 /24
fffffe00 255.255.254.0 /23
fffffc00 255.255.252.0 /22
fffff800 255.255.248.0 /21
fffff000 255.255.240.0 /20
ffffe000 255.255.224.0 /19
ffffc000 255.255.192.0 /18
ffff8000 255.255.128.0 /17

Friday, January 24, 2014

Display X app on another Linux computer with su or sudo

Imagine you have a Linux server (server) without X server installed (or running) and you need to execute some application in graphical environment. If you also have another Linux computer with X server running (laptop), then here are the steps how to do it:

Note: On server you will need this package for X authentication: xorg-x11-xauth

1) connect from laptop with GUI to the server with enabled X11 forwarding:

laptop$ ssh -X user@server_IP

2) when connecting for a firs time, notice:
/usr/bin/xauth: creating new authority file /home/user/.Xauthority

3) you can run any X application on server and you will see X output on your laptop
server$ echo $DISPLAY
localhost:10.0
server$ xclock

4) if you su or sudo to different user, you can't run X application, because you don't have /home/user/.Xauthority file with correct session details

server$ xclock

...
debug2: X11 connection uses different authentication protocol.
X11 connection rejected because of wrong authentication.
debug2: X11 rejected 1 i0/o0
debug2: channel 1: read failed
...

5) connect as normal user again and export your X session details:
laptop$ ssh -X user@server_IP
server$ xauth list
server/unix:11 MIT-MAGIC-COOKIE-1 6ead87db0aa40e02d948eb1634855706

6) now su or sudo to different user and import your session settings:
server$ xauth add <paste the list line here>


7) notice the message:
xauth: creating new authority file /root/.Xauthority

8) now you can run X application again:
server$ xclock

Reset Snare password

Based on my investigation and Snare knowledge level - the Snare Webpage password is located in registry:


You can use this script to change Snare password into: Snr12pas

@echo off
echo
echo changing snare password to Snr12pas
echo ****************
echo Please exit (ctrl+c) now if you do NOT want to go ahead!
echo ****************
pause
echo
echo making backup of existing password in registry into c:\Program Files\Snare\pass_backup.reg
echo
Reg export "HKLM\Software\InterSect Alliance\AuditService\Remote" "c:\Program Files\Snare\pass_backup.reg"
echo
echo backup done, pres enter for the password reset
pause
echo
echo resetting password
echo
reg add "HKLM\Software\InterSect Alliance\AuditService\Remote" /v AccessKeySet /t REG_SZ /d 42f0134b89d7c6f32155ac6eab2125ee /f
reg add "HKLM\Software\InterSect Alliance\AuditService\Remote" /v AccessKeySetSnare1 /t REG_SZ /d 142fd8d4998c9e9fe70e371e4aa658f8 /f
reg add "HKLM\Software\InterSect Alliance\AuditService\Remote" /v AccessKeySetSnare2 /t REG_SZ /d f6987883c4f54c235082142168b0a3db /f
reg add "HKLM\Software\InterSect Alliance\AuditService\Remote" /v AccessKeySetSnare3 /t REG_SZ /d f99d180b53b5eacd1e32ca929876417d /f
net stop snare
net start snare
echo
echo done!