Tips

I was wondering if we people here at firewall site could post some tips. Say one each day and there should be a good collection of them here. which will be useful when quickly searching for it. I guess every member should contribute. Tips on any subjects related to computer can be posted .So here goes my contribution of today :

OS: Windows (Tested on 2000/XP)

If you place .LOG (case sensitive) in the beginning of the first line of a NOTEPAD document (any extension), the time and date will automatically be inserted as the last line whenever you open it, and the cursor will position to the next line.

You can place a shortcut to a .NPD file on your desktop and use it keep a diary of phone contacts.

Please let me know what tips you have


I guess i have posted this thread in wrong catagory again. I am really very sorry for this modraters but i will take very good care befor posting any thread that to which catagory it should belong to.
Now if our respected moderators like i would suggest to move this to tips and tricks and overclocking catagory.

---

I removed this thread from “Hilarious Stuff And Sites” To here were it would better fit.

Forum Moderator,
Jack Burgess

Very nice tip!!

Here's mine:

When working in vi, go to command mode <escape> then type
:split

That will split your window, allowing you to edit two files at once

:split <filename>

Will open the file in the split window.

Press ctrl W twice to switch between the two files

If you type

:vert split

You will have a vertical split window!

You can keep splitting multiple times both horizontally and vertically... this is a great way to correlate logfiles and modify configuration files..

Cheers,

For *nix guys or indeed anyone who appreciates the ease command-line completion brings to typing, here's a tip for enabling it under Windows 2K/XP:

Under the "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor" and/or "HKEY_CURRENT_USER\Software\Microsoft\Command Processor" Registry keys (value in HKEY_CURRENT_USER overrides) add or modify a REG_DWORD value named CompletionChar and set it to 9 to use the TAB key for command completion in console windows.

Here is my tip again

Need to run a test on a physically available computer? NMap, Strobe are available for your disposal at this site.

Here's my tip for the day.

The mac address table is your friend in switched environments. Especially when it comes to tracking down nuisance workstations. Or rouge dhcp servers, as was the case for me yesterday. Before I get to using the mac address table, I'll explain how I found a rouge dhcp server.

Customer complains their network connection isn't working since they got to work that morning. I go to the workstation and look at ipconfig. The workstation is on an entirely different network than it should be, one that doesn't even exist in any of the dhcp servers. The dhcp server that it got it's reservation from is 10.10.1.1. I call back to have my co-workers check our dhcp to double check that someone wasn't monkeying around or was perhaps compromised. While they are checking, I start capturing packets from that VLAN with my laptop and quickly capture some that are sourced from 10.10.1.1.

I now have the mac address from the ethernet header. I console into the switch that the customer plugged into, and searched for the mac address in it's mac address table. It's originating port is the fiber uplink port, telling me that the dhcp server is in a different location but of course in the same VLAN.

I telnet into the layer 3 switch that the fiber goes to, a Catalyst 6500. I search for the mac address on it, and it points me to an interface that it is going to a different switch in a completely different building. The Cisco IOS command for doing this is:

switch#show mac-address-table address 000d.ef14.55a8

The output of the command will show the source interface and VLAN the mac address belongs to. From here, I telnet into the switch that is connected to that interface, and trace it to a fiber interface that goes to another switch. I telnet into this last switch, and it's mac address table tells me the exact port that the server is on. I then shutdown the port, and head to the location to slap somebody. Of course, no one there knows who was using that computer, and it wasn't a part of the domain, so the only user was administrator...

This is lengthy, but I have used this method many times to find "bad" hosts.

Good tip jwj
Here's mine, basic and obvious but a lifesaver:
During all those slack days when things are running smoothly, don't play doom or surf the internet. Spend the time documenting your network:
Do you have a diagram that shows what connects to where and how, with device IP addresses, names, locations etc listed on it?
Do you have an asset inventory?
Do you have a list of hosts, MAC addresses etc and their locations?
Do you have copies of the current config copied from all your network devices and burned to a CD in your firesafe?
Do you have network traces, traffic graphs etc taken during normal operation as a baseline (also useful for trending)?
Do you have a proper listing of all your WAN circuits along with the contact details of the provider and the information you'll need to give them when reporting a fault?
If you document things when it's quiet, your response can be slick and professional when the fan needs to be cleaned...