My first non tutorial Arduino project

I have been playing with the Arduino Uno board and after going through a bunch of tutorials, I wanted to branch out and do my own.  I have the Ultrasonic Module HC-SR04 and a standard piezoelectric buzzer.  On the ultrasonic module, VCC goes to digital pin 2.  Trig goes to digital pin 3.  Echo goes to digital pin 4.  GND goes to the ground rail which connects to GND pin on the arduino.  On the buzzer, the positive lead goes to pin 11 and the negitive pin goes to the ground rail which is connected to the GND pin on the arduino.    Below is the code:

 

void setup() {
 pinMode (122,OUTPUT);//attach pin 2 to vcc
 pinMode (5,OUTPUT);//attach pin 5 to GND
 // initialize serial communication:
 Serial.begin(9600);
 pinMode(11, OUTPUT); // sets the pin of the buzzer as output
}
void loop()
{
digitalWrite(122, HIGH);
 // establish variables for duration of the ping,
 // and the distance result in inches and centimeters:
 long duration, inches, cm;
// The PING))) is triggered by a HIGH pulse of 2 or more microseconds.
 // Give a short LOW pulse beforehand to ensure a clean HIGH pulse:
 pinMode(3, OUTPUT);// attach pin 3 to Trig
 digitalWrite(3, LOW);
 delayMicroseconds(122);
 digitalWrite(3, HIGH);
 delayMicroseconds(5);
 digitalWrite(3, LOW);
// The same pin is used to read the signal from the PING))): a HIGH
 // pulse whose duration is the time (in microseconds) from the sending
 // of the ping to the reception of its echo off of an object.
 pinMode (4, INPUT);//attach pin 4 to Echo
 duration = pulseIn(4, HIGH);
// convert the time into a distance
 inches = microsecondsToInches(duration);
 cm = microsecondsToCentimeters(duration);

 Serial.print(inches);
 Serial.print("in, ");
 Serial.print(cm);
 Serial.print("cm");
 Serial.println();

 if (cm < 50) {
 analogWrite(11,128);
 } 
 else {
 digitalWrite(11, LOW);
 }

 delay(100);
}
long microsecondsToInches(long microseconds)
{
 // According to Parallax's datasheet for the PING))), there are
 // 73.746 microseconds per inch (i.e. sound travels at 1130 feet per
 // second). This gives the distance travelled by the ping, outbound
 // and return, so we divide by 2 to get the distance of the obstacle.
 // See: http://www.parallax.com/dl/docs/prod/acc/28015-PING-v1.3.pdf
 return microseconds / 74 / 2;
}
long microsecondsToCentimeters(long microseconds)
{
 // The speed of sound is 340 m/s or 29 microseconds per centimeter.
 // The ping travels out and back, so to find the distance of the
 // object we take half of the distance travelled.
 return microseconds / 29 / 2;
}

Installing SNMP through the Command Line

I needed a way to mass install SNMP to the servers in my environment.  The problem I was having was Microsoft Windows Server 2003 needing files from the CD.  We don’t copy the i386 directory from the CD for two reasons.  We store the files on the network and drive space is limit on a lot of servers.  The batch script will check if the server is 2003.  If it is 2003, it will point the install cd to a network path or a local path.  Next it builds the  unattended install file.  Once the file is written, the system will add the SNMP feature per the unattended file.  After SNMP is installed, the registry keys are set for the SNMP community strings.  Lastly the script removes the temporary files it created.

Use this script in combination to PSTools’ PSExec and you can mass install.  Create a list of systems you want to install this on and call it hosts.txt.  Each server needs to be on it’s own line and it is best to use the fully qualified name or IP Address.  Copy the hosts.txt and installsnmp.bat file in to your PSTools directory and run the following command:

PsExec.exe @hosts.txt -s -c installsnmp.bat

Download the Install SNMP Batch File, just rename to a .bat file.

 


@echo off
 
echo %COMPUTERNAME% Started >> \\server\share\SNMP\SNMPInstall.txt
 
REM Detect if the system is Windows Server 2003
systeminfo | find "2003" > nul
if %ERRORLEVEL% == 0 goto 2003
 
REM Detect if the system is Windows XP
systeminfo | find "XP Pro" > nul
if %ERRORLEVEL% == 0 goto XPPro
 
REM If the system is Windows Vista, Windows Server 2008, or higher, 
REM they have the required files built in.
goto SNMP
 
:2003
REM If Windows 2003, set the path to the i386 directory
REM Note: The path needs to be one level above the i386 directory
REM Example: if the path is \\server\share\windows2003\i386\ then
REM the path would be \\server\share\windows2003\
REM Note that the you need both a 32bit and 64bit versions
 
if (%PROCESSOR_ARCHITECTURE%) == (AMD64) (
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\Win2003x64\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\Win2003x64\\"
) > %temp%\setW2003Path.reg
) ELSE IF (%PROCESSOR_ARCHITECTURE%) == (x86)
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\Win2003\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\Win2003\\"
) > %temp%\setW2003Path.reg
)
 
REM Installing the created Registry File
regedit /s /q %temp%\setW2003Path.reg
 
goto SNMP
 
:XPPro
REM If Windows XP Professional, set the path to the i386 directory
REM Note: The path needs to be one level above the i386 directory
REM Example: if the path is \\server\share\windowsXP\i386\ then
REM the path would be \\server\share\windowsXP\
if (%PROCESSOR_ARCHITECTURE%) == (AMD64) (
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\XPProx64\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\XPProx64\\"
) > %temp%\setXPProPath.reg
) ELSE IF (%PROCESSOR_ARCHITECTURE%) == (x86)
(
echo Windows Registry Editor Version 5.00
echo.
echo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
echo "SourcePath"="\\\\server\\share\\Extracted\\XPPro\\"
echo "ServicePackSourcePath"="\\\\server\\share\\Extracted\\XPPro\\"
) > %temp%\setXPProPath.reg
)
 
REM Installing the created Registry File
regedit /s /q %temp%\setXPProPath.reg.reg
 
goto SNMP
 
:SNMP
REM Building the Unattended Install
 
(
echo ;SetupMgrTag
echo [NetOptionalComponents]
echo SNMP=1
echo [SNMP]
echo Any_Host=YES
) > %temp%\snmp.txt
 
REM Installing the SNMP application with the Unattended Install
 
sysocmgr /i:%windir%\inf\sysoc.inf /u:%temp%\snmp.txt
 
goto Strings
 
:2008
REM Since 2008 stopped using the sysocmgr.exe to install features, in Vista and higher
REM you need to use the servermanagercmd.exe to add features. A great list of the 
REM features and their command line install string is at:
REM http://www.techrepublic.com/blog/datacenter/install-windows-server-2008-features-with-servermanagercmd/294
 
servermanagercmd.exe -install SNMP-Services
 
goto Strings
 
:Strings
 
REM Removing the public string
(
echo Windows Registry Editor Version 5.00
echo.
echo [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\ValidCommunities]
 
REM Setting the SNMP strings
echo.
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\RFC1156Agent]
echo "sysContact"="Server Administrators"
echo "sysLocation"="Server Room"
echo "sysServices"=dword:0000004f
echo.
echo [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SNMP\Parameters\ValidCommunities]
echo "readonly"=dword:00000004
echo "readwrite"=dword:00000008
) > %temp%\setupsnmp.reg
 
REM Installing the created Registry File
 
regedit /s /q %temp%\setupsnmp.reg
 
REM Cleaning Up
 

IF EXIST %temp%\setupsnmp.reg del %temp%\setupsnmp.reg
IF EXIST %temp%\setW2003Path.reg del %temp%\setW2003Path.reg
IF EXIST %temp%\setXPProPath.reg.reg del %temp%\setXPProPath.reg.reg
IF EXIST %temp%\snmp.txt del %temp%\snmp.txt

 

echo %COMPUTERNAME% Complete >> \\server\share\SNMP\SNMPInstall.txt


Cisco Routers, Stop the Stopping

In my current job I am also the network guy.  It is not a skill set I am strong in but I am learning A LOT.  One of the things I have just been dealing with is the “—MORE —” in the putty screen when I issue a command that goes beyond my current screen height.  When I do a “show config” or “show ip route”, I get a few pages of information back.  If I want to then copy it off I have to go back and remove the “— MORE —“.  I just found a command that is saving me.

“terminal length 0”

Setting the terminal length to zero tells the router to not do a page break.  WOW, is this my new favorite command!

Exporting from 2003

There are still people using 2003 as I found out. While helping convert from 2003 to a web based email solution for Exchange, I needed to export a full list of email addresses. I was searching for a while on Google before I found a quick and easy way to export the list.

ldifde -d "DC=domain,DC=com" -r "(&(mailnickname=*))" -l proxyAddresses -f emailaddresses.txt

-d set the domain you are connecting to

-r set the filter for the query

-l set the query to list the attribute(s) you are looking for

-f tells the query to write to the following filename

Web (http) Certificate for Splunk

I prefer to use a signed web certificate and not the self signed certificate.  I found a couple different topics on the process, but found that most of them referred to the distributive searching certificate.  Here are the step to generate the certificate and get it in to the right place for Splunk to use it.

—————————————————————–

## Generate the local key
openssl genrsa -out linux0001.key 4096

## Generate the csr
opensll req -new -key linux0001.key -out linux0001.csr

## Submit the .csr file to the CA

## Move the original certs for backup purposes
mv cert.pem cert.pem.bak
mv privkey.pem privkey.pem.bak

## Convert the binary cert to a standard cert
openssl x509 -in certnew.cer -inform DER -out cert.pem -outform PEM

## Copy the new files in the Splunk folder
cp linux0001.key /opt/splunk/share/splunk/certs/privkey.pem
cp cert.pem /opt/splunk/share/splunk/certs/cert.pem

## Restart Splunk
/opt/splunk/bin/splunk restart

Least Privilege Security Model

I am finding in my daily work that everyone talks about and wants the least privilege security model until want access to something. We can redesign a network share and say that only groups are allowed and that we are not to allow user access to directly to have access and within a month of going live there is a handful of user accounts listed. What I also find funny is how people react when you ask why? Why do you need this access? You would think I am asking them to justify why they exist. My goal is to be able to document and justify why I have granted access to something (share, server, etc.) and they get offended. Using the model of least privilege help to protect everyone and the company.