Tuesday, December 8, 2009

WMIC Command to start and stop a service

To restart a service on a remote computer from the command line:

wmic /node:"." service where name="MpsSvc" call StopService && wmic /node:"." service where name="MpsSvc" call StartService

Friday, November 20, 2009

Nice Information Security Quote

National Security Agency (NSA) information assurance director Richard Schaeffer said that agencies can protect their systems against 80 percent of known cyber attacks by following three steps:

  1. implementing best security practices
  2. configuring networks properly
  3. monitoring networks effectively

My bet is that people and processes fill the gap.

Wednesday, November 18, 2009


Here is an interesting NMAP example to run against a box.

nmap.exe -v -sS -P0 -p1- --script all --script-args=smbuser=USERNAME,smbpass=PASSWORD,smbdomain=DOMAIN computer.domain

Monday, November 16, 2009

MySQL Backup

Ever had to backup a MySQL database running on Windows. Well this was my first time. I have a pretty active database that grows to about 70GB over the course of a month. I wanted to perform the backup using a MySQL tool. I suppose I could have just run a Windows backup, but that wouldn't be much fun. So here is what I ended up doing. I ran the below command from within the folder I wanted to land the dump files in. For instance I wanted my dump files to reside in C:\mysql\backup so I ran the below command from within this folder I created.

..\bin\mysqldump.exe --user=root --password=abc123! --routines --create-options --single-transaction --skip-add-locks --skip-lock-tables --default-character-set=utf8 database table bzip2.exe > database_table.sql.bz2

To get the compression running, I downloaded Cygwin to use the bzip2.exe utility. I actually needed the below files for the bzip2.exe utility to run and I placed these files in the newly created backup folder:

To decompress the file simply run: bzip2.exe -d database_table.sql.bz2.

I apologize, but I can't list all the sites I looked at to come up with this specific command but it is not original. Maybe the original part is running on Windows instead of *nix. Maybe next time I will just run Windows backup

Monday, November 9, 2009

Alabama, Atlanta Bound!

Since I am an Alabama fan and this is my blog, I just want to say Roll Tide!

Upgrade Nessus

Ever wonder how to upgrade Nessus installed on a Ubuntu box. Since I am a Windows admin and not a Linux, I just spent 15 mintues trying to find the command. So next time I have it:

dpkg -i Nessus-4.0.2-ubuntu810_amd64.deb

simple huh!

Friday, October 30, 2009

Using PuTTY Secure Copy client

Here are a few simple examples for using the PSCP command line utility for moving files between Windows and *nix over SSH. I realize it is much more capable but these are really the only reasons I use it.

Copy from *nix:
pscp.exe -2 -scp username@server.domain.loc:/home/username/*.* c:\Temp\

Copy to *nix:
pscp.exe -2 -scp c:\Temp\*.* username@server.domain.loc:/home/username/

List files and directories on *nix:
pscp.exe -2 -scp -ls username@server.domain.loc:/home/username/

If you are familiar with FTP, you can use the PSFTP.EXE tool to do the same thing as in the below example:

psftp.exe -2 -l username server.domain.loc

Once authenticated use the mget command to copy files to the local Windows computer.

Thursday, October 22, 2009

Upgrade ePO Agent

  1. Uninstall Agent (this step may be unnecessary since using /FORCEINSTALL to install a new agent removes the current agent but it doesn't hurt and may prevent install failures.)

    1. Use the /REMOVE command-line option to uninstall the agent.

    2. Click Start and the Run.

    3. Click Browse and navigate to the following file: "C:\Program Files\Network Associates\Common Framework\FrmInst.exe"

    4. Append /REMOVE=AGENT to the end of the file path in the "Open:" box and click OK.

    5. The McAfee Agent and Updater Installation window may appear. Click OK upon completion.

  2. Install New Agent: FramePkg.exe /FORCEINSTALL /INSTALL=AGENT /INSTDIR="%ProgramFiles%\McAfee\Common Framework"

  3. Test Connectivity: "%ProgramFiles%\MCAFEE\COMMON FRAMEWORK\CMDAGENT.EXE" /C /E /P /S

  4. Try to manually update from new ePO server