IT Blog

Configuring sFlow on D-Link Switches

sFlow – Traffic analysis protocol, similar to NetFlow.

Enable/disable sFlow on the switch:

enable/disable sflow

Viewing parameters:

show sflow
show sflow flow_sampler
show sflow counter_poller
show sflow analyzer_server

Adding/modifying the sFlow analyzer server:

create/config sflow analyzer_server 1-4 owner NAME timeout 1-2000000(sec)/infinite collectoraddress ADDRESS collectorport udp_PORT maxdatagramsize 300-1400

Example of removing the sFlow analyzer server:

delete sflow analyzer_server 1-4

Creating, modifying, deleting the sFlow polling counters:

create/config sflow counter_poller ports NUMBER/all analyzer_server_id 1-4 interval disable/20-120(sec)
delete sflow counter_poller ports NUMBER/all

Create, modify, delete sFlow sample ports:

create/config sflow flow_sampler ports NUMBER/all analyzer_server_id (1-4) rate value 0-65535 tx_rate value 0-65535 maxheadersize value 18-256
delete sflow flow_sampler ports NUMBER/all

I will give an example of setting:

enable sflow
create sflow analyzer_server 1 owner Linux collectoraddress 192.168.1.5 collectorport 6343
create sflow counter_poller ports 1 analyzer_server_id 1 interval 20
create sflow flow_sampler ports 1:1 analyzer_server_id 1 rate 1000 maxheadersize 128

The solution to the error “Missing /etc/ntopng/ntopng.start. Quitting”

I tried to run ntopng once:

sudo /etc/init.d/ntopng start

And got the following start error:

* Missing /etc/ntopng/ntopng.start. Quitting
…fail!

ntopng was started only like this:

sudo /etc/init.d/ntopng force-start

To solve an error, just create an empty file:

sudo touch /etc/ntopng/ntopng.start
sudo /etc/init.d/ntopng restart

Why Hyper-V virtual machines are not always available over the network

Suppose the server has one network card and in network connections it can be seen as “Ethernet”, but after adding the Hyper-V role, a virtual switch vEthernet (…) is created.

Virtual machines can be seen from other computers but can not be seen from the local.

Therefore, for virtual machines to be accessible from the local machine, you must disable the DHCP client to Ethernet, or assign an IP address manually, then the virtual switch vEthernet (…) will receive IP instead of Ethernet because they have the same The MAC address.

How to delete a page VKontakte

To delete a VK page, you need to login using your login and password, click the upper right of the icon and select “Settings”.
Below, click on the link “You can delete your page”.

Next, you need to select the reason for the deletion, you can uncheck the “Tell your friends” box if you do not want all friends to see the message and the reason for the deletion.
And click “Delete page”.

In my case, a message was displayed that the page was deleted and it can be restored to the specified date (within 7 months).

Using netwox

I will give examples of using netwox and describe them.
I described the netwox installation in this article – Установка netwox

Example of a standard startup:

sudo netwox

netwox has quite a lot of functions, you can see them by pressing after starting the number 3 and Enter.

Network configuration display:

sudo netwox 1

Display debugging information:

sudo netwox 2

Display information about the IP address or host name:

sudo netwox 3 example.com

Displaying information about the MAC address:

sudo netwox 4 -e 00:15:5D:38:01:08

Obtaining MAC addresses from the IP list:

sudo netwox 5 -i 192.168.1.0/24

Display information that will be used to reach the specified IP address:

sudo netwox 6 192.168.24.254

Sniffer, displaying the transmitted packets on the screen:

sudo netwox 7

Sniffer, displaying only the list of open ports that were used in the captured packets:

sudo netwox 8

Sniffer, mapping of MAC and IP addresses:

sudo netwox 9

An example of capturing packets and displaying brief statistics (the number of packets counted, the size of packages, the percentage of the number of packets (c%), the percentage of the size (s%)):

netwox 10 -d eth0

Convert a digit to an encrypted one:

sudo netwox 21 -n number

Converting a string to an encrypted string (sha256, md5, etc.):

sudo netwox 22 -d text

Show ASCII table:

sudo netwox 23

Check the security of the directory:

sudo netwox 25 /tmp/

Example of ICMP PING:

sudo netwox 49 -i 192.168.24.253

Example of ARP PING:

sudo netwox 55 -i 192.168.24.253

Example ICMP route tracing:

sudo netwox 57 -i examle.com

Example of TCP route tracing:

sudo netwox 59 -i examle.com

Example UDP route tracing:

sudo netwox 61 -i examle.com

Example of port scanning:

sudo netwox 67 -i 192.168.24.254 -p 1-1000

ICMP scanning for availability:

sudo netwox 65 -i 192.168.1.0/24

TCP port access scan:

sudo netwox 67 -i 192.168.1.0/24 -p 80

UDP port access scan:

sudo netwox 69 -i 192.168.1.0/24 -p 80

ARP scanning:

sudo netwox 71 -i 192.168.1.0/24

Flood random fragments:

sudo netwox 74 -i 192.168.24.254

Filling the table of MAC-addresses of the switch by sending a flood:

sudo netwox 75

Synflood:

sudo netwox 76 -i 192.168.24.254 -p 80

etc.

Installing netwox

netwox – a tool for finding and solving problems on the network.

Installation command for Ubuntu / Debian:

sudo apt-get install netwox

You can remove netwox like this:

sudo apt-get autoremove netwox

See also:
Using netwox

Installing and Configuring OpenFire

OpenFire – A cross-platform XMPP server written in Java.

For the test, I will install OpenFire in Ubuntu Server 16.04 and describe the process.

Since OpenFire requires Java, let’s see the installed version on the system:

java -version

If necessary, install Java:

sudo apt-get install default-jre

Then go to the download page www.igniterealtime.org/downloads/, click download and copy the link.

Download, adding at the end the copied link instead of LINK:

wget -O openfire.deb LINK

For example:

wget -O openfire.deb http://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_4.2.1_all.deb

Install:

sudo dpkg --install openfire.deb

Now it remains to open in the browser http://YourServer:9090/ and follow the prompts.

After that, the installation of OpenFire will be completed.

If necessary, you can stop, start, or restart OpenFire like this:

/etc/init.d/openfire {start|stop|restart|force-reload}

Installing and Configuring SSMTP

SSMTP – an alternative to sendmail for sending mail, allows you to configure sending via third-party mail servers.

To install in Ubuntu, use the command:

sudo apt-get install ssmtp mailutils

Next, open the /etc/ssmtp/ssmtp.conf file in any text editor (in the nano, press Ctrl+X to exit, y/n to save or discard changes):

sudo nano /etc/ssmtp/ssmtp.conf

Comment out all and set up as shown below for an example:

root=test@gmail.com
mailhub=smtp.gmail.com:587
hostname=smtp.gmail.com:587
UseSTARTTLS=YES
AuthUser=test@gmail.com
AuthPass=password
FromLineOverride=YES

If you use Google mail, you will probably need to allow “Untrusted applications” in the settings at https://myaccount.google.com/security.

Also open the /etc/ssmtp/revaliases file in the text editor:

sudo nano /etc/ssmtp/revaliases

And add:

root:test@gmail.com:smtp.gmail.com:587

Let’s try to send the letter to the specified address (after the command we will type the desired text and put a point for completion):

sendmail -v admin@example.com

Letters must be sent from the address specified in the file /etc/ssmtp/ssmtp.conf.

How to delete a Foursquare account

For the test, I delete the Foursquare account.

First go to the account using your login and password, then click on the user’s icon in the upper right, select “My profile” – “Privacy settings”, in the text we find the link “delete your account” and click on it.

Direct link to delete:
https://foursquare.com/delete_me

In the opened page, you must specify the reason for the deletion and click “Delete Account”, then enter the password for confirmation.

That’s all.

Using Linux ISG

View all sessions:

/opt/ISG/bin/ISG.pl
/opt/ISG/bin/ISG.pl | less

View information about a specific session:

/opt/ISG/bin/ISG.pl | grep 192.168.4.168

Viewing the number of sessions:

/opt/ISG/bin/ISG.pl show_count

Deleting a specific session:

/opt/ISG/bin/ISG.pl clear 192.168.4.168
/opt/ISG/bin/ISG.pl clear <IP-address | Virtual# | Session-ID>

Change the speed for a specific session (incoming/outgoing, for example 100 MB/s):

/opt/ISG/bin/ISG.pl change_rate 192.168.4.168 102400 102400

I note that the speed is specified in kilobytes, and when viewed in the table of sessions is displayed in bytes.

I’ll describe the possible keys to the flags:
A (Session approved)
X (Session not approved)
S (This is a service (or sub-session))
O (Service administrative status is enabled)
U (Online service (RADIUS account is active, traffic flow))
T (Type of service – “tagger”)
Z (Disconnected)