Posted by jpluimers on 2021/11/03
For my research list. Links thanks to Matthijs ter Woord.
–jeroen
Posted in .NET, Development, Power User, Software Development, Web Browsers | Leave a Comment »
Posted by jpluimers on 2021/11/03
I have the same problem mentioned in the answer to [WayBack] Terminating a script in PowerShell – Stack Overflow: confused by most answers, and keeping to forget what each method means (there is Exit, Return, Break and (if you love exception handling to do simple flow control), Throw.
So here is the full quote of what [WayBack] User New Guy answered:
Posted in *nix, CommandLine, Development, Power User, PowerShell, PowerShell, Scripting, Software Development, Windows | Leave a Comment »
Posted by jpluimers on 2021/11/03
Some links for my archive; note that pure tar-pits by now are also hampering large email sender services like SendGrid, Mailgun and Amazon SES.
So the below links are for educational and historic purposes only.
I assembled these links because out of a sudden, Ring 2FA verification emails could not be delivered any more.
Ring 2FA came mandatory towards the end of February 2020.
Some links on that:
The purpose of Two-Step Verification (2SV) is to protect you from bad actors logging into your Ring account, even if those bad actors have the proper login credentials. This feature will be enabled by default for all users and, unlike 2FA, there is no user option to opt out.
Sendmail timeouts:
–jeroen
Posted in *nix, Communications Development, Development, HIS Host Integration Services, Internet protocol suite, Power User, SMTP | Leave a Comment »
Posted by jpluimers on 2021/11/02
As it combines VBA and AppleScript, I might need the script from this in the future [WayBack] Word for Mac 2011: create macro or shortcut to ‘Insert Picture – Microsoft Community.
–jeroen
Posted in Development, Office, Office 2011 for Mac, Office Automation, Office VBA, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2021/11/02
Maybe I laughed a little bit too loud (:
Via: [Archive.is] Kenji Matsuoka on Twitter: “Have you seen this gem? … “
–jeroen
Posted in Development, Micro Services, Software Development | Leave a Comment »
Posted by jpluimers on 2021/11/02
Some links in case I ever need to jail-break a Mikrotik device:
–jeroen
Posted in Development, Internet, MikroTik, Power User, routers, Software Development | Leave a Comment »
Posted by jpluimers on 2021/10/29
If you enable File and Printer sharing on Windows, by default the firewall only enables it on private networks for the local subnet as remote address (for domain networks, it allows “Any”) as seen on the picture below.
When your network consists of multiple subnets, for instance when it is large, or multiple sites are connected via site-to-site VPN (often called LAN-to-LAN VPN) solutions, then these subnets cannot access each others files or printers.
Realising these default blocks, they are easy to resolve as explained in for instance [WayBack] Windows firewall blocking network shares through VPN server – Server Fault by [WayBack] Brian:
I realize this is almost three years late, but I just spent today fighting with the same problem. I did get it working, so I figured I’d share. Note that I’m using a Windows 7 PC as the file server; other versions might need slightly different configuration.
In the “Windows Firewall with Advance Security”, there are several “File and Printer Sharing” rules:
- File and Printer Sharing (NB-Datagram-In)
- File and Printer Sharing (NB-Name-In)
- File and Printer Sharing (NB-Session-In)
- File and Printer Sharing (SMB-In)
(There are additional rules, but I didn’t care about printer sharing. The same changes would apply if you want those.)
File and Printer Sharing appears to default to “Local subnet” only. You’ll need to add the subnet of your VPN clients.
Modify each of those rules as follows:
- Open the Properties dialog for the rule.
- Navigate to the Scope tab.
- In the Remote IP address section, the “These IP addresses” radio button should be selected.
- Click “Add…” next to the list of addresses. By default, only “Local subnet” is in the list.
- In the “This IP address or subnet:” field, enter the subnet assigned to your VPN clients (this is probably 192.168.1.0/24 in the OP, but if not, it’s the subnet assigned to the VPN adapter on the client side), then click OK.
- If you’re also using IPv6, add the VPN client IPv6 subnet as well.
That was enough for me to access file shares over the VPN.
(If you want to do it manually, you need to open TCP ports 139 and 445, and UDP ports 137 and 138, in the file server’s firewall.)
Hopefully I will find some time in the future to automate this using PowerShell, as netsh names are localised do hard to make universal.
These links might help me with that:
Posted in Communications Development, Development, Internet protocol suite, Power User, SMB, TCP, Windows | Leave a Comment »
Posted by jpluimers on 2021/10/28
After doing a lot of – historically grown – dash scripting for ESXi, I found out there is Python available on ESXi:
Yes I know that Python 3.5 is end-of-life (and 3.5.10 was the latest version), but it is a lot better than shell scripts.
So now some links for my list of things to try in order to use Python for scripting ESXi operations:
Take a look at the pyVmomi project which is the official Python SDK for the VMware vSphere API that allows you to manage ESX, ESXi and vCenter.
Moreover, the pyvmomi-community-samples repository contains lot of examples.
Also, checkout the pyvmomi Community Samples repo. It has all kinds of great samples, including one that could fit this request: github.com/vmware/pyvmomi-community-samples/blob/master/samples/… – [Wayback] Kyle Ruddy
Welcome to the pyvmomi-community-samples project
This is a place for anyone to learn about working with the vSphere Management SDK’s native python binding library pyVmomi. Samples here are contributed by developers like you and curated by your fellow developers. The quality and validity of the samples will vary, however, if you see a problem report it! If you can solve someone’s problem, contribute a fix! If you need a new sample ask for one!
pyVmomi is the Python SDK for the VMware vSphere API that allows you to manage ESX, ESXi, and vCenter.
Executable Samples
This directory contains a collection of executable sample scripts that use the pyVmomi library. There is atoolsdirectory that holds a collection of tools and atestsdirectory that holds the tests for those tools.Quality and License
Scripts are provided as-is by numerous contributors and the status of any sample at any point is subject to change. The project is intended as a collaborative exercise in community learning and may not contain best practice methods.All samples revert to the license of the project and all ownership reverts to the community project.Contribution Notes
- If a script is in this directory, it is an executable sample.
- conform to pep8
- avoid using any special tools beyond pyVmomi.
- do not extend the pyVmomi API in this project we have two separate projects dedicated to that.
- tests are appreciated but optional because of this sample quality must be manually assessed bug reports and fixes are much appreciated.
- A reviewer will pull a new sample for testing and will attempt to run the sample. If the reviewer can do this, the sample can be merged
Getting Help
- Question can be opened as issues at https://github.com/vmware/pyvmomi-community-samples/issues
- The IRC forum #pyvmomi is for developers working with pyVmomi
of which there are many, for instance:
Any reusable classes or methods that you develop can be included in packages under this directory. When adding a reusable component we highly recommend that you include tests.Only some samples will make use of reusable components. This is where to put those.
–jeroen
Posted in *nix, *nix-tools, ash/dash, ash/dash development, Development, Power User, Python, Scripting, Software Development | Leave a Comment »
Posted by jpluimers on 2021/10/27
For my link archive; I started with [Wayback] dash get all parameters quoted – Google Search:
Parameter(s) Description $0the first positional parameter, equivalent to argv[0]in C, see the first argument$FUNCNAMEthe function name (attention: inside a function, $0is still the$0of the shell, not the function name)$1 … $9the argument list elements from 1 to 9 ${10} … ${N}the argument list elements beyond 9 (note the parameter expansion syntax!) $*all positional parameters except $0, see mass usage$@all positional parameters except $0, see mass usage$#the number of arguments, not counting $0These positional parameters reflect exactly what was given to the script when it was called.
Option-switch parsing (e.g.
-hfor displaying help) is not performed at this point.See also the dictionary entry for “parameter”.
Syntax Effective result $*$1 $2 $3 … ${N}$@$1 $2 $3 … ${N}"$*""$1c$2c$3c…c${N}""$@""$1" "$2" "$3" … "${N}"
The
$@variable expands to all command-line parameters separated by spaces. Here is an example.abc "$@"When using
$@, you should (almost) always put it in double-quotes to avoid misparsing of arguments containing spaces or wildcards (see below). This works for multiple arguments. It is also portable to all POSIX-compliant shells.It is also worth nothing that
$0(generally the script’s name or path) is not in$@.The Bash Reference Manual Special Parameters Section says that
$@expands to the positional parameters starting from one. When the expansion occurs within double quotes, each parameter expands to a separate word. That is"$@"is equivalent to"$1" "$2" "$3"....
If the arguments are to be stored in a script variable and the arguments are expected to contain spaces, I wholeheartedly recommend employing a
"$*"trick with the input field separator set to tabIFS=$'\t'[Wayback].
and comment by Serge as well:
Here is [Wayback] an example, which includes quoted input. The input also matters!
Use
"$@"instead of plain$@if you actually wish your parameters to be passed the same.Observe:
$ cat no_quotes.sh #!/bin/bash echo_args.sh $@ $ cat quotes.sh #!/bin/bash echo_args.sh "$@" $ cat echo_args.sh #!/bin/bash echo Received: $1 echo Received: $2 echo Received: $3 echo Received: $4 $ ./no_quotes.sh first second Received: first Received: second Received: Received: $ ./no_quotes.sh "one quoted arg" Received: one Received: quoted Received: arg Received: $ ./quotes.sh first second Received: first Received: second Received: Received: $ ./quotes.sh "one quoted arg" Received: one quoted arg Received: Received: Received:
–jeroen
Posted in *nix, *nix-tools, ash/dash, ash/dash development, bash, bash, Development, ESXi6, ESXi6.5, ESXi6.7, ESXi7, Power User, Scripting, Software Development, Virtualization, VMware, VMware ESXi | Leave a Comment »
Posted by jpluimers on 2021/10/27
Just 2 years ago I bumped into shodan.io through [Wayback] Onderzoekers: zestig slecht beveiligde Nederlandse scada-systemen op internet – Computer – Nieuws – Tweakers and saved the entry [Wayback] Shodan (website) – Wikipedia:
Shodan is a search engine that lets the user find specific types of computers (webcams, routers, servers, etc.) connected to the internet using a variety of filters. Some have also described it as a search engine of service banners, which are metadata that the server sends back to the client.[1] This can be information about the server software, what options the service supports, a welcome message or anything else that the client can find out before interacting with the server.
Shodan collects data mostly on web servers (HTTP/HTTPS – ports 80, 8080, 443, 8443), as well as FTP (port 21), SSH (port 22), Telnet (port 23), SNMP (port 161), IMAP (ports 143, or (encrypted) 993), SMTP (port 25), SIP (port 5060),[2] and Real Time Streaming Protocol (RTSP, port 554). The latter can be used to access webcams and their video stream.[3]
It was launched in 2009 by computer programmer John Matherly, who, in 2003,[4] conceived the idea of searching devices linked to the Internet.
It looked promising, but I was really pressed for time (having impromptu arrange all care for my mom, and became even more so when I got diagnosed with rectum cancer later that year), so did not pay much attention apart from registering.
Last year in the midst of my chemos I noted [Archive.is] Nate Warfield on Twitter: “https://t.co/16969jRfuL The latest Citrix vulnerability looks bad but there might be time to fix them before PoC comes out. The @shodanhq query above might help. (support.citrix.com/article/CTX269106 has more details)… “ (I think via @jilles_com) , so put it on my list of things to look into a bit further.
Since then, I found out a lot of people dislike Shodan and want to blacklist it because they see it as a threat. It feels like people think the internet is like the [Wayback] Ravenous Bugblatter Beast of Traal | Hitchhikers | Fandom
The Ravenous Bugblatter Beast of Traal is a vicious wild animal from the planet of [Wayback] Traal, known for its never-ending hunger and its mind-boggling stupidity. One of the main features of the Beast is that if you can’t see it, it assumes it can’t see you.
(This by the way is one of the reasons for Towel Day – Wikipedia)
Anyway: a few lists of Shodan IPv4 addresses and hostnames, and means to maintain them for the ones interested:
Reality is that the internet is much smarter, so if you block Shodan from seeing you, others from the internet still will and if you have vulnerable services, one day they will be abused. For instance, this personal anecdote:
I forgot I had a port redirection on my router for RDP access a non longer existing Windows system any more. I forgot that this Windows machine had no fixed DHCP-lease while in use (it kept it’s lease as it was always on).
When that machine was long gone, another temporary Windows machine obtained the same internal machine (the router had been rebooted and after reboot hands out previously handed out IP address), and boom: the new Windows machine was bombarded with RDP logon requests.
In the end, the new Windows machine was not compromised, so I was lucky as it could have been.
Back when registering, shodan.io sent SMTP mail via sky.census.shodan.io, so you might want to not blacklist it if you blacklist at all (incidentally, when writing the IP address servicing that hostname was hosted in The Netherlands: [Wayback] 80.82.77.33 – sky.census.shodan.io – Netherlands – IP Volume inc – IP address geolocation).
It is good to think of you use Shodan, as not all usage might be legal where you live or where you travel to.
Some discussion in Dutch on the risks of using Shodan are in the above Tweakers.net link. It boils down to:
That’s basically with anything you find on the internet, for instance by Googling, so nothing new here.
I mainly use Shodan to see if I have any known vulnerabilities exposed. There are not that many ports open, but given the anecdote above, I might screw up again and not be so lucky.
This article has a balanced explanation of Shodan, how you use it, and how to stay safe: [Wayback] How to remove your device from the Shodan IoT search engine.
Posted in Development, IoT Internet of Things, Network-and-equipment, Power User, Security, Software Development, Web Development | Leave a Comment »
The Wiert Corner - irregular stream of stuff 