Ever wanted to RDP (Remote Desktop Protocol) into a Windows system and utilize your dual monitors for more real estate? Well, I guess many do not know this, but it’s possible.
* Assuming you’re RDP Client is 6+ (Introduced in Vista)
Click>Start>Run and type “mstsc /v:IP OR NAME OF SERVER /span
In later version, the function MULTIMON mode is available. For more information, click MSDN
I recently upgraded my ESXi host to 4.1u1 and forgot to enable SSH. In the past, from what I know, you can only enable SSH on a vmware host by the hidden feature or via menu on the console requiring you to be there or depend on a IP-KVM device.
Apparently, you can enable it remote!
You should be able to log in now via SSH
Connect to console via serial cable (typical 9600,8n1) using a terminal type program (HyperTerm, PuTTY, ZTERM, TerraTerm)
Username: maintainer
Password: bcpb + serial number of the firewall
Note: Some devices after booting, may only give you a window of 14 seconds to type in the username & password.
#config system admin
#edit admin
#set password
#end
Read this yesterday and have heard “things”, but it’s been confirmed apparently. There’s a technique (TCP Split Handshake attack) to fool common firewalls into “treating” an attacker as if it’s on the inside of the network. Appears to affect many of the big names in firewalls, Cisco, Juniper, Fortinet, SonicWall.
I started playing with the latest FortiAP220b device. Plugging in my trusty ultra-cool USB Bluetooth Serial adapter powered by the USB port on the FortiAP I noticed the following:
FAP22B3U1XXXX314 login: admin
Mar 1 12:12:03 login[606]: root login on `ttyS0′BusyBox v1.01 (2010.08.28-00:38+0000) Built-in shell (ash)
Enter ‘help’ for a list of built-in commands.FAP22B3U1XXXX314 # help
Built-in commands:
——————-
. : alias bg break cd chdir continue eval exec exit export false
fg hash help jobs kill let local pwd read readonly return set
shift times trap true type ulimit umask unalias unset waitFAP22B3U1XXXX314 # .
Ok, so we know it’s running an embedded type of Linux called Busy-Box. At this point the AP is NOT administrated by the Fortigate. Not sure how much I can do with it until I tick manage – more to follow…
I’m always looking for ways to lighten the load I carry on my back every day. That load being my backpack. I carry enough equipment to perform daily and semi-annual duties. Beside the absolute essential (MacBook Pro 15″ 2010), power supply & wireless mouse, I carry cables such as (funny I have to list it!)
So the other day, out of the blue I found out there’s blue-tooth serial adapters! I was like sliced-bread. I immediately ordered one:
The adapter defaults at 19200 baud so I had to connect my Serial-2-USB and set baud rate. If you are from the MODEM days 70′s-early 90′s), it’s very similar to the HAYES AT command set. Once I paired the adapter on my MAC, I loaded ZTERM and connected – voila! I have console on my Cisco from 40 ft away! Awesome I say and this will eliminate about 80 feet of cable I used to carry around!
If you work with customers who use multiple internet carriers, how do you handle an ISP outage in regards to name resolution? You’ve probably ran into the situation where a LINK reports up, but the actual route is down on the other side of your gateway thus the ISP’s DNS servers are unreachable. Now days, DNS servers published by ISP’s are only reachable with in “their” network. Sure, you can distribute each of the ISP’s DNS as first/second/third, but what happens to the end users browsing experience? It’s slow, not working, down – waiting for that first, second or even third DNS server progression to resolve.
One solution I’ve employed is to use an outside DNS source beyond the ISP such as OpenDNS or Google’s public DNS. To provide redundancy, be sure to push both to PC’s via DHCP.