startup-config

If you run a large Exchange environment, or you may have been hired to a company with an existing Exchange infrastructure, but at some point you will want to audit the mail boxes to find any users that have delegated access to their mailbox to other people. Below is a Power Shell script does just that.

$AllUsers = Get-Mailbox * -resultsize:unlimited

ForEach ($Alias in $AllUsers)
{
     $Mailbox = "" + $Alias.Name + ":\Inbox"
     Get-MailboxFolderPermission -identity $Mailbox | Select User,FolderName,AccessRights `
       | Ft $Mailbox,User,FolderName,AccessRights >> delegates.csv
}

I am in the process of changing hosting companies, I have used Dreamhost for almost two years, but I think it’s time for a change, I have switched to Site5. I have am very happy with the service so far, updates to follow.

There will be times when you need to figure out what accounts have Local Administrator permissions on a server or workstation.

I came across a Power Shell function that does it nicely.

function Get-LocalAdmin {
    param ($strComputer)

    $admins = Gwmi win32_groupuser -computer $strComputer
    $admins = $admins |? ($_.groupcomponent -like '*"Administrators"'}

    $admins |% {
        $_.partcomponent -match ".+Domain\=(.+)\,Name\=(.+)$" > $nul
        $matches[1].trim('"') + "\" + $matches[2].trim('"')
    }
}

You can use the function like so…

PS C:\Users\Administrator> Get-LocalAdmin localhost
SU\Domain Admins
[cut for brevity]

I use SSH a lot, for the this web site, and a few others, plus all my Cisco devices. It can get a bit confusing to keep track of all the hosts, etc. What I do to make things a little easier is to create a small Bash shell script that will connect to the host that is in the first argument ($0) that gets passed to the script, now you might be thinking to yourself how do I change $0, it’s always the name of the script. Before I go on, here is the simple Bash script I created for this tip

#!/bin/sh
#
SSHBIN=$(which ssh)
$SSHBIN $(basename $0)

Place this script any where that is in your PATH, I add the directory ~/bin to the PATH variable, so that I were I placed by script. Now to easily connect to one of your favorite SSH hosts, just symlink to the script using the host name you use to connect.

bin$ ln -s ssh-to.sh example@example.net

Now we can just type, or my favorite part, use command line completion (tab) if you have dozens of hosts symlink’d to the script.

$ example@example.net
example$

You will want to make use of certificates so you don’t have to remember passwords, and make the login seamless.

Most networks that you protect with a Cisco ASA device, will probably want to deny ICMP (maybe not ICMP types) on the outside interface, this will reduce the noise that comes out of the network. This will make the network harder to find through external enumeration.

ASA5505(config)#icmp permit any echo-reply outside

You will have to permit the ICMP Echo Reply packet using an access list, as the packet is coming from a less secure interface. This will allow hosts and the ASA device itself to ping hosts on the internet. If you use:

ASA5505(config)#icmp deny any outside

You will deny ICMP completely.

While browsing for information on my Linksys E4200, I came across the Wikipedia article about Linksys routers. There was something neat noted under the E4200 section of the article. Linksys has included a hidden panel, that will execute common Linux commands to gather information from the router.

http://192.168.1.1/System.asp

Below is a screenshot of the hidden menu. On this panel you can view the ARP table, check CPU usage, and a host of other pages that will give you information via Linux commands.

When administering servers remotely, there will come a time when you have to reboot a batch of servers of Windows servers. Now you could drop to Powershell and knock out a script that could easily do this task, but at some point you will have to type out the name of every server, and depending on the number of servers you have to reboot, that could take a while. But, thankfully someone at Microsoft thought of that scenario, and came up with a simple Remote Shutdown Tool, which has a GUI component. To access this GUI, run the shutdown command with -i switch. This will show the user interface below.

This is one of the more useful “hidden” Windows tools I have learnt about recently, even though it’s been in Windows for a nice while. I am sure there are dozens of useful tools or shortcuts in Windows that I don’t know about.