Checking NIC Speed in Linux
To check the link speed for Linux, the easiest method is to issue the following command:dmesg | grep 100. This will bring up anything with 100mb or higher, so if you have a 10mb NIC, or think you do, then change it to 10 instead of 100.
PIX Packet Capture
There are times when you need to capture traffic on a PIX firewall. Here is how it can be accomplished:
Query Multiple IPs in DNS
Here is a simple bash script to query multiple IPs and get the DNS names:
Expect Script for Cisco Devices
Expect script for Cisco devices.
Investigating Malicious Files
This site to upload suspicious files. This site will scan your file through multiple anti-virus software. Since most people don’t run multiple AV engines on their machines they can use this site to verify if a file is legitimate.
Windump
Windump is a little different then tcpdump when looking for interfaces. Run windump -D to identify the interfaces on your windows machine. Once the NIC is identified that you want to monitor run the windump -i followed by the full NIC ID.
Avoiding Non-Delivery Reports (NDR)
Email administrators should start using http://www.openspf.org/. Once everyone starts using this it will avoid all those NDRs that users get. Many people think they can eliminate NDRs on their SPAM filters but this will block out legitimate NDRs.
ttyrpld
ttyrpld is a mult-os kernel-level tty key- and screenlogger with (a)synchronous replay supprt. It supports most tty types, including vc, bsd and unix98-style ptys (xterm/ssh), serial, isdn, etc. Being implemented within the Kernel makes it unavoidable for the default user. It runs with no overhead if the logging daemon is not active.
