Hyper-V nested virtualization (for EVE-NG примерно)

 Run PowerShell as Administrator

Set-VMProcessor -VMName "VirtualMachineName" -ExposeVirtualizationExtensions $True

VirtualMachineName - the  name of previously created VM on which we want to start nested virtualization 

SWAKS - linux cli mail client

 SWAKS(1)                                                                   SWAKS                                                                  SWAKS(1)

NAME
       swaks - Swiss Army Knife SMTP, the all-purpose smtp transaction tester

DESCRIPTION
       swaks' primary design goal is to be a flexible, scriptable, transaction-oriented SMTP test tool.  It handles SMTP features and extensions such as
       TLS, authentication, and pipelining; multiple version of the SMTP protocol including SMTP, ESMTP, and LMTP; and multiple transport methods
       including unix-domain sockets, internet-domain sockets, and pipes to spawned processes.  Options can be specified in environment variables,
       configuration files, and the command line allowing maximum configurability and ease of use for operators and scripters.

QUICK START
       Deliver a standard test email to user@example.com on port 25 of test-server.example.net:

        swaks --to user@example.com --server test-server.example.net

       Deliver a standard test email, requiring CRAM-MD5 authentication as user me@example.com.  An "X-Test" header will be added to the email body.  The
       authentication password will be prompted for.

        swaks --to user@example.com --from me@example.com --auth CRAM-MD5 --auth-user me@example.com --header-X-Test "test email"

       Test a virus scanner using EICAR in an attachment.  Don't show the message DATA part.:

        swaks -t user@example.com --attach - --server test-server.example.com --suppress-data </path/to/eicar.txt

       Test a spam scanner using GTUBE in the body of an email, routed via the MX records for example.com:

        swaks --to user@example.com --body /path/to/gtube/file

       Deliver a standard test email to user@example.com using the LMTP protocol via a UNIX domain socket file

        swaks --to user@example.com --socket /var/lda.sock --protocol LMTP

       Report all the recipients in a text file that are non-verifyiable on a test server:

        for E in `cat /path/to/email/file`
        do
            swaks --to $E --server test-server.example.com --quit-after RCPT --hide-all
            [ $? -ne 0 ] && echo $E
        done

ESXi 5/6 stuck on “Relocating modules and starting up the kernel…”

 On some server (SunFire, ProLiant) after installation and/or reboot server stuck in state “Relocating modules and starting up the kernel…” 

To fix this we have to add a boot parameter to the ESXi kernel. To do this, reboot, and while ESXi is booting hit the tab key. Next add a parameter to disable the headless check “ignoreHeadless=TRUE” 

To make the ignoreHeadless=TRUE permanent for each reboot open ESXi shell (locally or via SSH) and excute: 

esxcfg-advcfg --set-kernel "TRUE" ignoreHeadless
 

Confirm by:
esxcfg-advcfg –get-kernel ignoreHeadless

 

traceroute/ping !H vs * (destination host unreachable)

raceroute -n 192.168.33.8
traceroute to 192.168.33.8 (194.134.33.8), 30 hops max, 60 byte packets
 1  192.168.199.1  0.128 ms  0.076 ms  0.086 ms
 2  192.168.161.122  0.391 ms  0.390 ms  0.280 ms
 3  192.168.161.114  0.283 ms  0.417 ms  0.407 ms
 4  192.168.161.191  0.571 ms  0.665 ms  0.757 ms
 5  192.168.100.4  0.747 ms  0.707 ms  0.381 ms
 6  192.168.96.4  0.848 ms  0.834 ms  0.563 ms
 7  192.168.96.4  3011.733 ms !H  3011.689 ms !H  3011.574 ms !H 
The simple difference is that for an unreachable host, the last hop router is returning an ICMP destination unreachable response.

• * means that your machine received no response.
• !H means that your machine received ICMP message "destination host unreachable" from the host indicated in the traceroute output.
• Rarely traceroute can indicate also other unreachable messages like !N or !P (network or protocol) etc.

A machine normally sends "destination host unreachable" when it cannot send the IP packet to the network. This could happen when:

• There is no route to the destination.
• The next-hop IP address or the final IP address cannot be resolved to an L2 address (there is no ARP reply for the IP address).

Routers can be configured to not to send the ICMP message but you can also get * instead of !H when your request was silently dropped by an ACL or firewall policy. In security policies silent drop is a normal practice.
The drop caused by a security policy depends on the type of message sent by traceroute. Traditional Unix traceroute by default sends UDP packets to "unusual" ports like 33434 but it can use other methods too. Windows tracert sends ICMP echo requests.

ASDM "this app can't run on your PC" - Windows 10

C:\Users\ivan.popov>ver
Microsoft Windows [Version 10.0.19041.329]
After installing the latest java and trying to start Cisco ASDM:







Solution: change target in shortcut (right-click - Properties - Target) to :
C:\Windows\System32\wscript.exe invisible.vbs run.bat

Juniper SRX (flow mode) - nat translations

show security flow session nat 
И хубава картинка от (https://junipertrain.wordpress.com/2016/10/15/srx-nat-cheat-sheet/)

"/" --> по диагонала от output-a горе (в зелено)
"\" --> по диагонала от output-a горе (в синьо)

https://www.juniper.net/documentation/en_US/junos12.1x46/topics/task/verification/nat-security-configuration-verifying.html
https://kb.juniper.net/InfoCenter/index?page=content&id=KB16252
https://kb.juniper.net/InfoCenter/index?page=content&id=KB21922
https://kb.juniper.net/InfoCenter/index?page=content&id=KB15758