vmware-cmd VM Management

http://www.esxguide.com/esx/content/view/2/25/

vmware-cmd -l

Sample:

[root@esxhost root]# vmware-cmd -l

 /vmfs/volumes/44ee9812-da790870-b7f7-00145e1b5242/cumuli/cumuli.vmx
/vmfs/volumes/44ebf538-51cc7998-2525-00145e1b556a/printer/printer.vmx

List path and names of .registered VM vmx files on the present host

RTMP authentication for Wowza Media

http://www.wowza.com/forums/content.php?115

1. add the following definitions as the last entries in the
list:


ModuleRTMPAuthenticate
ModuleRTMPAuthenticate
com.wowza.wms.plugin.security.ModuleRTMPAuthenticate


2. restart the service

3. Add a username and password entry into the  file:

“[install-dir]/conf/publish.password”

for each user to which you want to grant publishing access.

VLC transcoder for mms->rtp->rtmp

http://ubuntuforums.org/showthread.php?t=1117283
http://www.wowza.com/forums/content.php?90

1. Install mp4a(AAC) support for VLC

$ sudo wget http://www.medibuntu.org/sources.list.d/$(lsb_release -cs).list
--output-document=/etc/apt/sources.list.d/medibuntu.list && sudo apt-get -q
update && sudo apt-get --yes -q --allow-unauthenticated install
medibuntu-keyring && sudo apt-get -q update

$ sudo apt-get install ffmpeg libavcodec-extra-52

2. Run VLC from the command line, and use screen for background processing


screen -d -m cvlc -vvv "mms://my.live/mylive" --sout
"#transcode{venc=x264{keyint=60,profile=baseline,level=3.0,nocabac},
vcodec=x264,vb=150,scale=0.5,acodec=mp4a,ab=96,channels=2,samplerate=48000}:
rtp{dst=wowza.server.ip,port=10000,mux=ts}"

3. use 'killall screen' to stop encoding if needed.

convert ssh2, openssh keys

http://burnz.wordpress.com/2007/12/14/ssh-convert-openssh-to-ssh2-and-vise-versa/


Convert OpenSSH key to SSH2 key

Run the OpenSSH version of ssh-keygen on your OpenSSH public key to convert
it into the format needed by SSH2 on the remote machine. This must be done on
the system running OpenSSH.
#ssh-keygen -e -f ~/.ssh/id_dsa.pub > ~/.ssh/id_dsa_ssh2.pub
Convert SSH2 key to OpenSSH key

Run the OpenSSH version of ssh-keygen on your ssh2 public key to convert it
into the format needed by OpenSSH. This needs to be done on the system
running OpenSSH.
#ssh-keygen -i -f ~/.ssh/id_dsa_1024_a.pub > ~/.ssh/id_dsa_1024_a_openssh.pub

Old MySQL Client does not support authentication...

http://dev.mysql.com/doc/refman/5.0/en/old-client.html

Warning: mysql_connect(): Client does not support authentication protocol requested by server; consider upgrading MySQL client in C:\Program Files\Apache Group\Apache2\test\phpBB2\db\mysql4.php

Reset the password to pre-4.1 style for each user that needs to use a pre-4.1 client program. This can be done using the SET PASSWORD statement and the OLD_PASSWORD()function:

mysql> SET PASSWORD FOR
    -> 'some_user'@'some_host' = OLD_PASSWORD('newpwd');

Alternatively, use UPDATE and FLUSH PRIVILEGES:

mysql> UPDATE mysql.user SET Password = OLD_PASSWORD('newpwd')
    -> WHERE Host = 'some_host' AND User = 'some_user';
mysql> FLUSH PRIVILEGES;

php4 compilation lex error...

http://www.phpbuilder.com/board/archive/index.php/t-7104592.html


./configure --with-mysql=/usr/local/mysql --with-apxs

error is

checking lex output file root... ./configure: lex: command not found
configure: error: cannot find output from lex; giving up

=> I installed flex and bison and everything is humming along

Perl execute telnet command as root

http://ubuntuforums.org/showthread.php?t=19236

# Edit sudoers with visudo
# myuser ALL=(ALL)       NOPASSWD: /mybin/killexe MYEXE
# myuser ALL=(ALL)       NOPASSWD: /mybin/MYEXE

use Net::Telnet ();
   $t = new Net::Telnet (Timeout => 10,
                         Prompt => '/\[myuser\@myhost\ mydir\]\$ $/');
   $t->open("127.0.0.1");
   $t->login("user","password");
   @lines = $t->cmd("who");
   print @lines;

Linux installation URL on XenServer

ftp://my.centos.repo/pub/Linux/CentOS/4.8/os/i386
ftp://ftp.debian.org/debian

mdadm for software RAID on XenServer

http://www.linuxjournal.com/article/8874
http://cns-service.blogspot.com/2007/11/adding-or-deleting-local-storage.html

# mdadm --create /dev/md1 --level=raid5 --raid-devices=3 --chunk=4 /dev/sd{b,c,d}
# mdadm --detail -scan >> /etc/mdadm.conf
# cat /proc/mdstat
# xe sr-create content-type="localSR" type=lvm device-config-device=/dev/md1 shared=false name-label="RAID 5 Storage Group"

to restore/reactive disk arrays on a new server:

# mdadm --detail -scan >> /etc/mdadm.conf
# mdadm -A -s

XP快速設定「互動式登入: 不要顯示上次登入的使用者名稱」

http://www.wretch.cc/blog/ronan863/12210115

透過登錄檔方式建立：

．開啟REGEDIT.EXE
．來到HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
．建立一個DWORD項目，名稱為「dontdisplaylastusername」，設定值 1 為不要顯示
．若要取消，值是"0"或刪除此項目

變壓器該如何選取呢?

http://battery.give168.com/news_product_info.php/newsid/9


一.核對輸出電壓:在每一款變壓器的背面均會詳實記載著輸出電壓. 例 :15V,18V,19V, 20V等等數據即是了.

二 .核對接頭孔徑:變壓器為了配合筆電的接孔,設計出各種不同孔徑的接頭,此時只有選擇合適的接頭孔徑即可.須特別注意有些接頭的內部會有針腳(Pin inside),特別是在IBM,DELL,SONY等筆電上面.一定要選擇能合筆電接在一起的孔徑變壓器,否則就白搭的了,這部份,也是較困擾的地方,一般變壓器上並未詳載此部份的資訊,必須用工具測量,若無工具,可參考系統中己經幫您歸類好的變壓器來尋找即可.或冾客服人員幫您代勞也可以.

三.挑選輸出電流:這數據也會寫在變壓器或設備的背面,例5A.6A,3A(安培)等等即可.當上述二項都等符合後,您只要找出輸出電流大於或等於您手中那顆變壓器即可. 或許有人會問輸出電流大於原來的那顆變壓器,會把筆電燒掉嗎?這您大可放心,輸出電流愈大,代表所能提供的功率也就愈高,即電流乘以電壓.俗稱的瓦特數(W).也就愈能提供的筆電設備更穩定的電力來源,就如同PC電源供應器一樣,350W,400W,500W...等一樣,瓦特數愈高,電力也就愈穩定.就是這個意思.但一般瓦特數愈高,變壓器的體積也會愈大,使用上也是必須考量的一點,那相反得,輸出電流小於您的手中變壓器時,則可能導致充電功能異常或無法充的困擾,且變壓器會變得很燙,因此不建議使用.

四.若您現在所用的變壓器會有過熱的情形,或是外接的設備較多,或機子已老舊,原本變壓器已經故障等等,在輸出電壓一樣的情形下,則建議儘量買瓦數大一些的變壓器.以便能提供足夠的電力輸出供筆電來使用.例原先是65W則儘量買90W的來用,對筆電及變壓器本身都是好的,更不用擔心會傷到筆電本身.

netstat monitor connections

http://blog.yam.com/ddy1280/article/2364428


#!/bin/sh
LOGDIR=/home/passant/log
SUBNET=172.16.68.34
while(true)
do
#echo "TOTAL: `netstat -tan | grep tcp | wc -l` connections"
#echo "FROM newsusers: `netstat -tan | grep $SUBNET | cut -f20 -d " " | cut -f1 -d ":" | sort | uniq -c | wc -l` IPs"
#echo "FROM newsusers: `netstat -tan | grep $SUBNET | awk '{print $5}' | cut -f1 -d ":" | sort | uniq -c | wc -l` IPs"
netstat -tan | grep $SUBNET | awk '{print $5}' | cut -f1 -d ":" | sort | uniq -c | wc -l | awk '{print $1}' >> $LOGDIR/$SUBNET-`date +%Y-%m-%d_%H`.log
#netstat -tan | grep  $SUBNET | cut -f20 -d " " | cut -f1 -d ":" | sort |uniq -c
#netstat -tan | grep  $SUBNET | awk '{print $5}' | cut -f1 -d ":" | sort |uniq -c
sleep 10s
done

nmap host discovery

http://nmap.org/book/man-host-discovery.html


nmap -v -n -sP my.network.0/24  | grep -A 1 up > scannow.txt
diff scannow.txt scanbase.txt

open ESX non-standard ports

http://www.esxguide.com/esx/component/option,com_alphacontent/section,1/cat,3/task,view/id,24/Itemid,80/

Not all nostandard ports can be opened in the GUI.  Open Port

(IBM Directore Sample)

esxcfg-firewall --openPort 14247,tcp,out,IBMDirector

esxcfg-firewall --openPort 14247,tcp,in,IBMDirector

esxcfg-firewall --openPort 14247,udp,in,IBMDirector

esxcfg-firewall --openPort 14247,udp,out,IBMDirector

esxcfg-firewall --openPort 14248,tcp,out,IBMDirector

esxcfg-firewall --openPort 14248,tcp,in,IBMDirecto

ssh port forwarding instead of SOCKS for bypassing firewall

http://serverfault.com/questions/214816/remote-desktop-over-ssh-socks-proxy-to-bypass-firewall

You don't need a SOCKS proxy for this; simple SSH port forwarding will work. For example, there's a server at my office I frequently need to access, which we'll call server.example.com. I can't connect to it directly, but I can ssh to myofficemachine.example.com. So I do this:

ssh -L 3389:server.example.com:3389 myofficemachine.example.com

And then I point my local Remote Desktop client to localhost. This works great, and my setup is almost identical to yours -- a Mac at home, a Linux box at my office, and a Windows server on another work network.

Using Google Desktop Search as a network search server

http://www.geekzone.co.nz/content.asp?contentid=3939

Google Desktop Search can be installed on any PC, but the built-in web server will only allow localhost connections. But even this can be changed. I've found that DNKA will act as proxy and allow external connections to the server! The program is very flexible, allowing user control (anonymous or logged use), IP allow/deny, and Logging. And what's more, it allows the user to define a drive list to index, including mapped network drives. This is so much easier than manually changing the registry.

There's a couple of disadvantages though. First, the server will only run in the context of the user who installed it. So this user must be always logged on the server. Or create a scheduled task that runs on startup, without the need of a user to login. Simply create a batch file, google.bat for example, with the following lines:

"C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
"C:\Program Files\DNKA\ServerOptions.exe" /restart
Create a new scheduled task that runs when your computer starts, and run as the user with privileges to run the server programs (this is the username used to install the programs). Now, even if the computer is restarted, there's no need for someone to come around and login!

Second, the Google Desktop Search will not update the network drive index automatically. But DNKA allows for "touch" and also server port number change.

And if the whole team uses the same drive letter as the "Search Server", result links will open the correct document, all the time.

One of the advantages of this approach instead of having each team member with her own Google Desktop Search is the network traffic impact. Instead of multiple users trying to index a huge mapped drive, we have only one doing the job. There you go. A cheap search server...

PS. DNKA is free for personal use, with a cheap licence for commercial use.

免費流量監測軟體NetWorx

http://blog.soft.idv.tw/?p=447
http://www.softperfect.com/products/networx/

它最大的特色就是能直接在Windows工具列顯示網路的速度，軟體大小不到1MB，除了提供可安裝版本外，還有可攜式版本可使用，非常方便好用喔～常下載東西的玩家可別錯過了！

開放原始碼對於Android的成功並不十分重要?

http://www.zdnet.com.tw/news/software/0,2000085678,20150822,00.htm

如果不是谷歌的財務實力與知名的工程團隊的話，Android或許不會成長至目前的地位。更重要的是，谷歌是免費提供Android，因為谷歌的核心業務並不是軟體或搜尋，而是吸引人的廣告。谷歌的策略一直是資助Android，然後推出廉價的手機與低成本的無線網際網路連線，好讓更多人能看到谷歌所提供的廣告。

維基百科十年 自由信息獲認同

http://www.epochtimes.com/b5/11/8/8/n3337731.htm

來自全世界56個國家的650多人 8月3號在以色列海法參加了維基百科十週年年會。在新聞發佈會上，維基百科創始人威爾斯（Jimmy Wales）表示，該網站下一步的發展重點是開發發展中國家網絡市場，使那裏的民眾能夠自由獲得信息，同時維基百科將繼續完善自己，使更多人受益。

網路攻擊新招 出動改造無人機

http://www.epochtimes.com/b5/11/8/6/n3336729.htm

電腦安全專家今天展示一種自製的無人飛機，能夠發動空中網路攻擊，劫持手機通話，甚至能投下髒彈。柏金斯（Rich Perkins）與塔西（Mike Tassey）在車庫內把廢舊的美國陸軍靶機（target drone）改造成亮黃色的無線空中監視平台（Wireless Aerial Surveillance Platform，WASP），讓這種無人飛機可以尋找手機與網路熱點。

ChromeOS security concerns: extensions.

http://www.techbang.com.tw/posts/6633-chrome-os-security-fall-black-hot-researchers-break-system

研究人員指出有一些擴充套件取得太多的權限，例如RSS閱讀器、Email通知程式等，要求可以登入所有google.com的子網域，並存取書籤、Cookie、歷史紀錄、分頁等，這都讓有心人士可以拿來利用，取得這些儲存在Google上的資料，如連絡人清單、語音帳戶，並以CSV格式將全部列表匯出。他們希望Google能制定更嚴格的API標準，例如使用沙盒標籤(sandboxing tabs)讓擴充套件之間無法對話，並移除本地儲存的功能。

Google AdWords 20大關鍵字

http://www.techbang.com.tw/posts/6626-google-to-322-billion-profit-a-year-of-20-keywords-adwords-advertising

1. 保險(Insurance)：最高出價54.91美元，佔總收入的24%
2. 貸款(Loans)：最高出價44.28美元，佔總收入的12.8%
3. 抵押借款(Mortgage)：最高出價47.12美元，佔總收入的9%
4. 法律顧問(Attorney)：最高出價47.07美元，佔總收入的3.6%
5. 信貸(Credit)：最高出價36.06美元，佔總收入的3.2%
6. 律師(Lawyer)：最高出價42.51美元，佔總收入的3%
7. 捐贈(Donate)：最高出價42.02美元，佔總收入的2.5%
8. 學位(Degree)：最高出價40.61美元，佔總收入的2.2%
9. 虛擬主機(Hosting)：最高出價31.91美元，佔總收入的2.2%
10. 專利申請(Claim)：最高出價45.51美元，佔總收入的1.4%
11. 電話會議(Conference Call)：最高出價42.05美元
12. 貿易(Trading)：最高出價33.19美元
13. 軟體(Software)：最高出價35.29美元
14. 回復(Recovery)：最高出價42.03美元
15. 轉讓(Transfer)：最高出價29.86美元
16. 瓦斯/電力(Gas/Electricity)：最高出價54.62美元
17. 課程(Classes)：最高出價35.04美元
18. 康復(Rehab)：最高出價33.59美元
19. 醫療(Treatment)：最高出價37.18美元
20. 臍帶血(Cord Blood)：最高出價27.80美元

Operating systems market share

http://www.zdnet.com.tw/news/software/0,2000085678,20150768,00.htm

Windows XP的市佔率正逐漸縮減，而整體Windows系統也略微下滑：在六月與七月之間，它下滑了0.63個百分點（從88.29%至87.66%）。在此同時，Mac OS增加了0.22個百分點（從5.37%上升至5.59%），Linux則增加了0.03個百分點（從0.95%上升至0.98%）。行動作業系統也毫無意外地增加了佔有率。

同一時間，Windows 7增加了0.74%（從27.13%至27.87%）。Windows Vista下滑了0.28%（從9.52%至9.24%），Windows XP則下滑了1.19%（從51.13%至49.94%）。在大約一年之後，Windows 7可望會超越Windows XP的市佔率。

Browser war and their rankings

http://www.techbang.com.tw/posts/6605-us-users-love-to-use-windows-7-better-than-firefox-and-chrome-ie9

全球瀏覽器市占率：(2011/7)

1. IE：52.71%
2. Firefox：21.47%
3. Chrome：13.49%
4. Safari：8.10%
5. Opera：1.25%
6. Other：1.31%

台灣資安公司洩六千多筆客戶E-mail

http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=6249


國內一家資安產品代理公司一時疏忽，造成網站伺服器的目錄瀏覽門戶洞開，就如同一個開放的FTP站台一樣，所有人都可以下載該Web Server上的資料。細看檔案內容雖然都是些eDM、廣告，但是當中的資料甚至還包括客戶E-mail，資安人駐站專家Roamer說，雖然這並不能算是觸犯個資法，因為僅有eDM發送對象 - 電子郵件，但這是很容易引起目標性攻擊手段的資料內容，外洩的電子郵件筆數多達六千多筆，其中不乏政府、銀行、電信產業、製造業等。 

南韓3,500萬筆個資外洩 駭客拿台灣當跳板

http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=6253


國內專門研究APT攻擊的團隊Xecure-lab表示，這起攻擊最引人注目的是，使用的惡意程式是以台灣的某知名出版集團網站當作跳板，在經過通報後，雖然該惡意程式已被下架，不過也已經出現了68.2小時。

I/O monitoring: iowait% of top

http://victor.csie.org/blog/archives/292

iowait includes disk I/O, memory I/O, and also affected by process numbers!!

New vSphere Health Check 5.0 & ghettoVCB Script

http://www.virtuallyghetto.com/2011/07/new-vsphere-health-check-50-ghettovcb.html

The vSphere Health Check script has now been updated to support vSphere 5.0 and includes some new features. The popular free virtual machine backup script ghettoVCB has also been updated to support ESXi 5.0!

copy,paste,files, ssh on Chromebook

copy/paste in crosh: double-click copy, three-finger-press paste.http://t.co/bUXm8Ge

Copying files on chromebook: download them from file:///../Downloads and file:///media/..!!http://t.co/u0APAH0

using ssh key on chromebook: ctrl-alt-t >crosh>ssh>key. download the key into files:///.../Downloads.http://t.co/l0FwCJz

Disable Error Reporting on Windows

1. In addition to Error Reporting Service in Service Console, help and support service (svchost.exe -k netsvc) may also need to be disabled.

2. My Computer -> System Properties->Advanced.

http://www.windowsnetworking.com/articles_tutorials/disable-error-reporting-windows-xp-server-2003.html

3. Dr. Watson also needs to be disabled?

tagBeep免費網站監測並免費發簡訊通知！

http://blog.soft.idv.tw/?p=1025

一個免費的主機監控服務—tagBeep，它能設定最短每分鐘幫你監控一次主機狀態(從美國跟歐洲)，還可以自動幫網站做快照，更提供了Windows版的桌面監控程式跟Chrome監控外掛，最棒的一點是當網站出問題時，會即時發出免費的簡訊來通知你喔(每天最多20通)！

端點安全為附加價值 桌面虛擬化需要更全面的理由

http://www.informationsecurity.com.tw/article/article_detail.aspx?aid=6240

尤其在ECFA通過後，兩岸三地的溝通越來越頻繁，特別是對台灣銀行業去大陸設分行的需求，企業也在尋求一種方式中央控管的方式，讓前端的東西集中到在台灣總部來控管。


Citrix大中華區總裁曹衡康說，當終端電腦從一千台變成一萬台時，姑且不論當中的硬體設備如處理器、記憶體品牌或規格如何，光是作業系統的大量升級，其汰換的速度就很慢了。而針對資安的需求，在網路上傳遞的甚至也不是資料，而是操作訊號，傳送到後端交由資料中心來處理，他舉例，就像開電視機一樣，電視螢幕裡並不存有資料。

openvz: Unable to fork: Cannot allocate memory

http://forum.openvz.org/index.php?t=msg&goto=9094&
http://www.le4.org/?p=169

cat /proc/user_beancounters


In your UBC, kmemsize has failcnts for veid 1200. To raise this metric limit:

vzctl set 1200 --kmemsize 12752512:12752512 --save; vzctl restart 1200

Basically, your resource limits are too low for your applications' demands. This will fix that, at least on this resource, kernel memory.



用cat /proc/user_beancounters发现112内核内存不够
将原来内核内存由12M调整为64M
vzctl set 112 --kmemsize 67108864:67108864 --save
#vzctl restart 112一般不用重启就行

ffmpeg batch transcoding of mpeg4

@echo off
SET WORKDIR="D:\ffmpeg\WORLD"
SET OUTPUTDIR="D:\ffmpeg\output"
for %%B in (%WORKDIR%\*) do (ffmpeg -y -i %%B -vcodec mpeg4 -vtag XVID
-threads 2 -acodec libmp3lame -b 4000k -ab 128k %%B.xvid.avi)
for %%B in (%WORKDIR%\*.xvid.avi) do (move %%B %OUTPUTDIR%)

sort unique ip address from mail log

sort maillog.tmp | uniq -c

Show & drop MySQL user grants

drop user 'username'@'hostname';
show grants for 'username'@'hostname';

Introduction of VMware vCenter Server

http://benjr.tw/node/590

在使用 VMware vSphere 有一個很重要的關鍵就是 Vcenter.Vcenter 簡單的來說就是 vSphere 的管理介面.不同於以前的單機管理方式,所有使用 vmware EXS /ESXi 都可以同時透過 vcenter 這管理介面來做管理.同時 vmotion,DRS,HA Consolidated Backup,Plug-in 功能皆是在此完成管理.

什麼是 vCenter Server ,vCenter server 只是一個提供服務的應用程式,他必須安裝在 windows 的作業系統上,這個 Windows 可以在虛擬機器上也可以是在實體機器上,目前 VMware ESXi 4.0 支援下列的 Windows 版本.
Windows XP Pro SP2 (SP2 required)
Windows Server 2003, SP1 and SP2 32bit and 64bit all editions
Windows Server 2003, R2 and SP2 32bit and 64bit all editions
Windows Server 2008 32bit all editions
Windows Server 2008 64bit Standard and Enterprise editions

Price of VMware vCenter Server

http://store.vmware.com/store/vmware/en_US/DisplayProductDetailsPage/productID.126844900?resid=Tis6LwoHAtQAAFJBGgcAAAAW&rests=1311455789647

US$2000~3000 for Foundation edition...Soooo expensive!!

VMware Consolidate Backup (vcb) for ESX

http://chiahu.com/blog/?p=508

http://www.weithenn.org/cgi-bin/wiki.pl?vcbMounter

http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1002978

http://www.petri.co.il/vmware-consolidated-backup-utilities.htm

vcbMounter -h 172.16.68.130 -u user -p password -a name:Debian -r /backup/Debian -t fullvm

vcbRestore -h 172.16.68.130 -u user -p password -s /backup/Debian/