| Subcribe via RSS

Infoblox: Import DHCP from Windows DHCP when using VoIP

January 12th, 2011 | No Comments | Posted in Infoblox

When importing DHCP scopes and settings from a Microsoft DHCP with the Data Import Wizard, it’s important to verify that the DHCP options are correct.

This is especially important when dealing with IP telephones.

Recently, when I helped import some DHCP data from a Microsoft DHCP server, the Data Import Wizard changed the call server option (Option 128 for Nortel) from “String” to “Text”. You might guess the result.

If you more information on the correct syntax for “Call Server Information” (Option 128) for Nortel IP telephones, use the following blog post by Michael McNamara as a reference.
DHCP Options (VoIP)

Tags: , , , , , , , ,

Infoblox NIOS 6.0 and older appliances

January 10th, 2011 | No Comments | Posted in Infoblox

Just a note, if you are stuck with one of the following models:
IB: -250, -500, -1000, -1200, -550, -1050, -1550, and -2000 you will not be able to upgrade to 6.0.

You can check if your appliance(s) is/are compatible by running the following cli command:

show upgrade_compatible 6.0

Running it will look something like this:

Infoblox > show upgrade_compatible 6.0
Hardware Type(model) Node IP Status
IB-1050 192.168.150.2 Not Compatible
The grid is not compatible with 6.0 release.
Infoblox >

If you try to upgrade, you will get the following error message, when you try to distribute the image:
2011-01-10 09:41:10 UTC,”syslog”,”CRITICAL”,”logger[24930]“,”Use CLI: show upgrade_compatible”
2011-01-10 09:41:10 UTC,”syslog”,”CRITICAL”,”logger[24928]“,”Grid not compatible with 6.0 release”
2011-01-10 09:39:55 UTC,”syslog”,”CRITICAL”,”logger[22493]“,”Use CLI: show upgrade_compatible”
2011-01-10 09:39:55 UTC,”syslog”,”CRITICAL”,”logger[22492]“,”Grid not compatible with 6.0 release”
2011-01-10 09:33:02 UTC,”syslog”,”CRITICAL”,”logger[10791]“,”Use CLI: show upgrade_compatible”
2011-01-10 09:33:02 UTC,”syslog”,”CRITICAL”,”logger[10790]“,”Grid not compatible with 6.0 release”

Tags: , , , , , , ,

Infoblox NIOS 6.0.0 released

January 7th, 2011 | No Comments | Posted in Infoblox

Infoblox recently released version 6.0.0 of NIOS. No, you should not upgrade immediately. Wait for them to fix some bugs. In the meantime, you should read about all the awesome features included in version 6.0.0 of NIOS.

NIOS 6.0.0 Feature overview
- CSV import
- NXDOMAIN response replacement
- Blacklisting
- DHCP Lease Scavenging
- BGP Anycast Support
- bloxTools
- Synchronization with MS Windows Servers improvement
More »

Tags: , , , , , , , ,

System Forensics, Investigation, And Response by John R. Vacca and K Rudolph

December 15th, 2010 | No Comments | Posted in Books, Security

New book on the block, “System Forensics, Investigation, And Response” by John R. Vacca and K Rudolph. Published by Jones & Bartlett Learning.
System Forensics, Investigation, And Response

If I manage to get through it, I’ll write a short review.

Tags: , ,

What does VDI awareness in Trend Micro OfficeScan 10.5 imply?

November 10th, 2010 | No Comments | Posted in Security, Software, Trend Micro

One of the new features of Trend Micro OfficeScan 10.5 is “Virtual Desktop Infrastructure awareness”.
But what does this mean? Trend has implemented two features, to ease the performance impact of running anti-virus in a virtual environment.

First of all, before performing a full system scan, OfficeScan will check with the server if other systems in the environment are also running a full scan. In order to avoid multiple full system scans in the same environment.

Second, they implemented the option to scan a virtual machine template. And save the results as a cache (which will be used when performing a full system scan).

Tags: , , , ,

Infoblox NIOS 5.1r3 released

November 4th, 2010 | No Comments | Posted in Infoblox

Infoblox NIOS 5.1r3 has been released today
New features are:
- Authenticated DHCP
- Option 82 Fixed address support
- Intermidate Certificates
- Enhanced MIB
- GUI enhancements
- API enhancements
- bloxTools enhancements
The most exciting new feature is definitely the “Authenticated DHCP”- feature.
More »

Tags: , , ,

How-to: FOR loop inside a FOR loop in batch

October 14th, 2010 | No Comments | Posted in Scripting, Windows

How to do a FOR loop inside a FOR loop in batch?
How to do nested FOR loops in batch?

Example:
@echo off
setlocal EnableDelayedExpansion EnableExtensions
for /F %%a in (file.txt) do (
set file_content=%%a
for /f "tokens=*" %%k in (' %file_content%') do (
set command_result=%%k
echo !file_content! !command_result!
)
)
ENDLOCAL

Tags: , , , , ,

Trend Micro OfficeScan 10.5 Features and thoughts

October 11th, 2010 | No Comments | Posted in Security, Software, Trend Micro, Windows

It’s almost 2 months since the release of OfficeScan 10.5. Anyone out there upgraded yet? If so, what’s your experience?
I’ve done a couple of installations and upgrades, and I’ll share my experiences:

First, what’s changed in OfficeScan from version 10.0 SP1?

- Active Directory Integration
- Smart Protection Solutions
- Security Compliance
- Virtual Desktop Support
- Role-based administration
- General Product enhancements

So, what is my experience with the new features?
More »

Tags: , , ,

Howto: Netstat CSV

October 8th, 2010 | No Comments | Posted in Scripting, Security

How to output netstat result to CSV (comma-separated values/character-separated value).

Example netstat to CSV with “-an” flags.
for /F "tokens=1-4 delims= " %A in ('netstat -an') do echo %A,%B,%C,%D

Example netstat to CSV with “-ano” flags with output to file.
for /F "tokens=1-5 delims= " %A in ('netstat -ano') do echo %A,%B,%C,%D,%E>>outputfile.csv

Note if you are going to use it in a batch script, remember to use the following format:
for /F "tokens=1-4 delims= " %%A in ('netstat -an') do echo %%A,%%B,%%C,%%D

And you can of course use this to just list “Listening” ports:
for /F "tokens=1-4 delims= " %A in ('netstat -an ^| find "LISTENING"') do echo %A,%B,C%,%D

Why would you do this?
1. Openports (from DiamonCS is licensed)
2. No need for third party binaries.

Why would you not do this?
1. Hard to parse netstat -anob

If you know how to parse “netstat -anob”, please feel free to leave a comment ;)

Tags: , , , ,

Trend Micro Smart Scan Server 2.0 and OfficeScan 10.0 SP1

October 7th, 2010 | No Comments | Posted in Security, Trend Micro

When Trend Micro released OfficeScan 10.5 they also released Smart Scan Server 2.0. But is Smart Scan Server 2.0 compatible with OfficeScan 10.0? I’ve tested it with OfficeScan 10.0 SP1, and it works without any problem. Of course you wont be able to use the “local” Web Reputation Server included in the Smart Scan Server without installing OfficeScan 10.5. But the File Reputation Service is working perfectly.

By installing the Smart Scan Server 2.0, you will get the following features:
- “Local” Web Reputation Server
- Additional Widgets
- Web Access and Pattern Update Log
- Notifications through email and SNMP
- Multi language web interface

Full installation readme:
http://www.trendmicro.com/ftp/documentation/readme/tmcss-2.0.1336-1-x86_64-DVD_README-en.txt

Patch update readme:
http://www.trendmicro.com/ftp/documentation/readme/PatchPackage-2.0-1336.x86_64_README-en.txt

Tags: , , , , , ,