All posts by admin

Encoding vs Encription vs Hashing: Explained in One Word

This could be often confusing so to remember I tried to use one word and a short explanation without getting into any technical details here.

 

1. Encoding = Translate

It’s goal is to converts data so it can be understood by another system. Security is not it’s concern.
ex. ASCII, Unicode

 

2. Encryption = Transform

It’s goal is to change the data into a different format so it’s Super Secure and will require a key to unlock. Security is it’s main concern.
ex. DES, 3DES, AES

 

3. Hashing = un-Touched

It’s goal is to check the data and make sure there was no modification of any kind during the transfer and the data is intact. Integrity is it’s main concern.
ex. MD5, SHA

 

Just remember the Triple T, Translate, Transform, un-Touched.

I tried to find a word that I can replace un-Touched which starts with T but wasn’t able to find. If anyone can come up with something better please leave a comment and I will replace it.

How to copy a VM host to host without vCenter

I would like to show you how you can copy (using SCP) a virtual machine from one ESXi host to another ESXi host without using a vCenter.

 

Login to both ESXi hosts that you are copying from and copying to and make sure SSH is enabled by following the setups below.

Check under Configuration Tab of the host > Security Profile > Services > Click Properties and check SSH is running if not start

ssh enabled

If SSH is Stopped, click Options

Select “Start and stop manually” and hit Start.

Under Firewall check SSH Server Client is checked.

Firewall Property

Make sure this is done on both the host.

Now you can ssh into the esxi host 1 that has the VM that needs to be transferred. Lets give that host ip 1.1.1.1 and the Host 2 that’s going to receive the file will be 2.2.2.2.

You can SSH into the host 1 using putty(win) or terminal (mac)

#ssh root@1.1.1.1
The authenticity of host '1.1.1.1 (1.1.1.1)' can't be established.
 RSA key fingerprint is b2:d6:00:34:aa:cc:62:95:8f:d7:f3:1d:59:1e:c3:54.
 Are you sure you want to continue connecting (yes/no)? yes                         <------ Say yes

then it will prompt for Password: so enter that.

Do a ping test from host 1 to host 2

 ~ # ping 2.2.2.2

If it’s pinging that it looks good. I am not sure but In some cases the ping might be blocked.

Start transfering folder

 nohup scp -rv /vmfs/volumes/data-store1/vm-folder-name root@2.2.2.2:/vmfs/volumes/data-store2/

 

For Multiple VMs (Folders)

First change directory to the Datastore folder

cd /vmfs/volumes/data-store1/

Then it’s better to enter multiple VMs leave just a single space between the VM folder name. No quotes or commas.

nohup scp -rv vm-folder-1 vm-folder-2 root@2.2.2.2:/vmfs/volumes/data-store2/

Now you will be prompted for “host 2” password. enter that and the file transfer will start. The flags used here are -rv, where r is for folder tranfer and v for verbos to watch the progress.

Note: I added nohup before scp, this will allow the command to run in background even if you close Terminal/Putty window.

How to Password Reset on 3850 Switch

Do the regular routine of unplugging the power-cord and holding the mode button and then plugging back until you land in recover mode (switch:)

Now enter the following commands

switch: SWITCH_IGNORE_STARTUP_CFG=1
switch: SWITCH_DISABLE_PASSWORD_RECOVERY=0
switch: boot

After reboot

Switch(config)#no system ignore startupconfig switch all
Switch(config)#system disable password recovery switch all
Switch#copy running startup

 

How to Recover Cisco AP 3602

Find the step by step solution here.

Note: You can’t do password recovery on most of the AP so you will need to factory reset. If it will be connected to a WLC it can then copy the new config.

Authentication vs Authorization

I use to always find these two words confusing. Never use to understand the difference between both and actually both sounded like same with similar meaning. Actually they are not.

Authentication (AuthC) is the process of identifying the authenticity of a user. Is he really the same person he claims to be or he is hiding behind a mask of someone else.

Example: If you have ever been to a convention center (Ex. RSA, Cisco Live etc.) you will first go to the front desk were they will ask you for your name and company ID and also will request you to accompany with a Driver’s License. Now they are trying to Authenticate whether the company badge and the Driver’s License belongs to the same person.

AuthoriZation (AuthZ) is the process of assigning permission or restrictions, in other words what level of access to secure assets or location.

Example: Once your ID is checked at the front desk of the convention center and you are authenticated, a badge (tag) is given to you which might say Guest, Exhibitor or Owner etc. Based on what Authorization or access level you are granted, you can access certain levels and rooms in the convention center.

I hope this clarifies.

Setting up TFTP server on Windows Machine

Go to tftpd32 website.

Click Download from the top menu. Then Select tftpd32 standard edition (installer) and download the exe file.

Start the installer and if prompted with the following screen hit yes.

 

Select I Agree

 

 

Leave the default settings and hit Next.

 

 

 

Leave the default location unless you really have to change it and then hit Install.

 

Installation should be now complete, simply click close.

 

 

 

From your desktop double-click the Tftpd32 icon.

Once the application starts, select Settings > GLOBAL (Tab) and just check TFTP Server/Client unless you want the others.

Now select TFTP (Tab) > Browse (Base Directory)

I recommend you to create a tftp folder under (C:) drive and select it as below and hit ok:

If it prompts to restart the server please do so. Your ftp server is ready to use.

How to give simple user permission in VMWare

  1. Login to ESXi host directly (Not vCenter)
  2. Go to Home > Administration > Roles
  3. Click on Add Role button.
  4. Give a Name and Check the appropriate Privilege. We usually check the following
  5. Go to Home > Inventory > Inventory > Local Users & Groups
  6. Right click in the white space and click Add.
  7. Enter a username and password and hit ok.
  8. Go to Permissions and right-click and Add Permission…
  9. Click Add… button under Users and Groups.
  10. Select user (student) and click Add again and hit ok.
  11. From Assigned Role drop-down menu select student and ok.
  12. In some cases you will need to hide certain VMs from the student for example the jumpbox or the admin VM because if they power it off accidentally they will kick them self out. So follow the steps below. Select the VM that you need to hide and go to Permissions tabs.
  13. Double click on the user in this case student and select No access and hit ok.

When you now login to vSphere with your student username and password you will not be able to see the admin vm/jumpbox and you will only have limitted access.