How-To

Useful nmap testing commands

Nothing new here .  Just wanted to share some commands I are useful when performing network or direct systems testing using the nmap tool. The commands below will all display scan results in console while also saving to file.

 

Discover live hosts: 

nmap -n -sn -PE -oA live_hosts 10.0.0.0/24

Discover open TCP ports:

nmap -sS -vv -p- -oA tcp_ports_65535 10.0.0.2
nmap -sS -vv -p- -Pn –reason –open -oA tcp_ports_65535 10.0.0.2
nmap -sS -vv -p- -Pn –reason –max-rate 1 –open -oA tcp_ports_65535 10.0.0.2

 

Discover open UDP ports:

nmap -sU -vv -p- -oA udp_ports_65535 10.0.0.2

 

Discover services running on open UDP ports:

nmap -sU -sV -vv -A -O -p[port1],[port2] -oA open_udp_ports 10.0.0.2

Scan for most common 1000 TCP ports:

nmap -sS -sV -vv -A -O –top-ports 1000 –reason –open -oA tcp_ports_1000 10.0.0.2

Scan for most common 1000 UDP ports:

nmap -sU -sV -vv -A -O –top-ports 1000 –reason –open -oA udp_ports_1000 10.0.0.2

 

External ADFS Password Change Broken after Windows Updates

AD FS 3.0 has the capability to allow the user to change their password when they supply their existing password. To enable this, open the AD FS management console, expand Service, and select Endpoints. In the middle pane, you’ll see a long list of endpoints. Scroll down to the Other section, and select /adfs/portal/updatepassword/. Right click on it, and choose enable

This will enable users on the corporate network to use the AD FS forms-based login to change their password.

Recently After installing Windows Updates, I’ve noticed that this was no longer working for my ensternal clients who connect to https://<servername>/adfs/portal/updatepassword.

Externally I would immediately see the error message “An error occurred. Contact your administrator.” When opening the URL within the LAN it opened just fine and I would be able to change passwords.

 

Turns out that the recent updates have disabled the setting allowing the updatepassword feature to be exposed.  I had addressed this by opeing the AD FS management console, expand Service, and select Endpoints. In the middle pane, you’ll see a long list of endpoints. Scroll down to the Other section, and select /adfs/portal/updatepassword/. Setting the proxy enabled to “Yes” and restarting ADFS Services on both the ADFS server and Proxy server.

And now it works without issue.

 

I was unable to determine which update caused this this If I come across it I will update this post and share.

Here is a list of recently applied updates.

 

 

Install Microsoft SQL on Linux – Ubuntu Server

I recently had the pleasure of installing Microsoft SQL Server on Linux – Ubuntu Server. This was a very straight-forward installed and just works. The following steps are what were taken to install and configure this server.

My Setup:

  • Ubuntu 17.10 Server – VMware Template
  • Network Connectivity
  • SQL Server Management Studio 17 – Testing connectivity to SQL Server

Prerequisites:

  • Ubuntu Linux Server – Memory: 3.25, Disk Space: 6GB, CPU (x64): 2 Cores
  • Internet Access – Offline Installs are also possible
  • Root or SU Access
  • Time – 5-6 Minutes

Steps:

  1. Log into Ubuntu Linux server via console or SSH (Preferred), su into root
  2. We need to import the repository GPG Keys by first downloading and adding it with he following command: curl https://packages.microsoft.com/keys/microsoft.asc | sudo apt-key add –
  3. Next we register the repository by entering: add-apt-repository “$(curl https://packages.microsoft.com/config/ubuntu/16.04/mssql-server-2017.list)”
  4. Next we need to upload the repository list and install SQL with the following commands: apt update | apt install mssql-server -y
  5. After the SQL Server package has completed installing.  You will be instructed to run mssql-config setup to setup the SQL Server version you will be installing, in addition to password credentials.  This is done by issue the following command: /opt/mssql/bin/mssql-conf setup
  6. Optional – Open your firewall if enabled to allow for SQL’s TCP/1433 from remote hosts.
  7. Test connecting to your newly install SQL Server via SSMS.
  8. Done!

Screenshot:

Video:

Tech Short: Configure WDS Server

You have installed your WDS Server Role and now its time to configure.  I hope my steps below help you.

Requirements

  • Installed WDS Role
  • Administrative Rights
  • Installation Media

 

WDS Server Configuration:

  1. On the Server Manager tool, click Tools and then click Windows Deployment Services.
  2. On the Windows Deployment Services console, expand Servers.
  3. Right-click your WDS server name and select Configure Server.
  4. Navigate to the Install Options page, choosing Integrated with Active Directory or Standalone server button is selected and then click Next.
  5. On the Remote Installation Folder Location page, select a folder or click Next to accept the default value. This folder will hold the WDS images.
  6. On the PXE Server Initial Settings page exists there options: Select the Respond to all client computers (known and unknown) then click Next.
  7. On the Operation Complete page, you have the option to Add images to the server now by selecting the check box and click Finish.  This will guide you through the initial image setup.

 

Video:

Done!

 

Tech Short: How-To WDS Server Role – Server 2016

 

Background:

Windows Deployment Services (WDS) is a service role that allows you to deploy operating systems to the PXE supported clients without the need of physical media.

Requirements:

  • Windows Server 2016 Server Install
  • Administrative rights on Server

Install of Windows Deployment Service

  1. On the Server Manager tool, click Manage, and then click Add Roles and Features.
  2. Accept the default selections and click Next until you get the Select server roles page.
  3. On the Select server roles page, as shown in the following figure, select the Windows Deployment Services check box.
  4. On the Add Roles and Features Wizard window, click Add Features.
  5. Accept the default selections and click Next, until you get the Confirm installation selections page.
  6. Click Install to complete the installation.

Video:

 

Done – Next up is to configure WDS