Linux-firewall

ufw status
ufw disable
ufw enable

PowerShell - Audit script

https://community.idera.com/database-tools/powershell/ask_the_experts/f/active_directory__powershell_remoting-9/23795/ad-audit-script




Clear-Host
Powershell Set-ExecutionPolicy Unrestricted -Scope CurrentUser -Force
Powershell Set-ExecutionPolicy RemoteSigned -Scope CurrentUser -Force
import-module activedirectory

$PSEmailServer = "10.90.8.60"
$MailTo = "<prapat_c@shera.com>"
$MailFrom = "Reports_Audit <it_support@sherasolution.com>"
$MailSubject = "AUDIT -:- Active emplyee list -:- $(Get-date -f dd-MM-yyyy)"
$file = ".\Audit-emp_Active.csv"

$Location = "ou=shera,dc=shera,dc=com"
$Ldap = "(!userAccountControl:1.2.840.113556.1.4.803:=2)(!description=vendor)(!description=eMail)(!description=test*)(!description=system*)(!description=vendor*)(!description=HC*)(!description=email*)"


# Results Variable set
$Results = @()
# Get list of users and properties
#$Users = Get-ADUser -Filter * -Properties *
$Users = Get-ADUser -SearchBase $Location –LDAPfilter $Ldap -Properties *

# loop for each user
foreach($user in $users)
{

# Variable for password Expire
$pwdexp = (Get-ADuser $user.SamAccountName -Properties "msDS-UserPasswordExpiryTimeComputed")."msDS-UserPasswordExpiryTimeComputed"

#If statment for password attriubte resluts
if ($pwdexp -eq "9223372036854775807"){
$pwdexp = "No"}
else {
$pwdexp = Get-Date ([DateTime]::FromFileTime([Int64]::Parse($pwdexp))) -Format "dd/MM/yyyy HH:mm:ss"
}

$pwdEnable = (Get-ADuser $user.SamAccountName -Properties "PasswordNeverExpires")."PasswordNeverExpires"
if ($pwdEnable -eq "True"){
 $pwdEnable = "No"}
else {
 $pwdEnable = "Yes"
}

$acctEnable = (Get-ADuser $user.SamAccountName -Properties "enabled")."enabled"
if ($acctEnable -eq "True"){
 $acctEnable = "No"}
else {
 $acctEnable = "Yes"
}

$acctExpTime = (Get-ADuser $user.SamAccountName -Properties "AccountExpirationDate")."AccountExpirationDate"
if ([string]::IsNullOrEmpty($acctExpTime)){
 $acctExpTime = "No"}
else {
 $acctExpTime
}



# Select specific porperties
$Properties = @{
#userPrincipalName = $User.userPrincipalName
#description = $User.description
#LastLogon = [datetime]::FromFileTime($User.Lastlogon)
#LockedOut = $User.LockedOut
#whenCreated = $User.whenCreated
#userAccountControl = $User.userAccountControl
#PasswordLastSet = [datetime]::FromFileTime($User.pwdLastSet)
#PasswordNeverExpires = $User.PasswordNeverExpires
#AccountExpires = $User.AccountExpirationDate
#PasswordExpired = $User.PasswordExpired
EmpID = $User.EmployeeID
userName = $User.SamAccountName
PswdExpires = $pwdEnable
PswdExpiresTime = $pwdexp
AcctDisabled = $acctEnable
AcctExpiresTime = $acctExpTime



# Get each users group membershipt and use - join to break up to individual names
#Groups = ($user.memberof | Get-ADGroup | Select -ExpandProperty Name) -join ","

}

# OutPut resluts variable to psobject
$Results += New-Object psobject -Property $properties


}
# Run results variable, selects specificed objects and export to CSV.
#$Results | Select UserName, userPrincipalName,description,LastLogon,enabled,LockedOut,whenCreated,userAccountControl,PasswordLastSet,PasswordExpired,PasswordNeverExpires,AccountExpires,PasswordWillExpire,group
$Results | Select EmpID,UserName,PswdExpires,PswdExpiresTime,AcctDisabled,AcctExpiresTime | sort EmpID |

export-csv "$file" -notypeinformation -Encoding UTF8

Send-MailMessage -To $MailTo -From $MailFrom -Subject $MailSubject  -Attachments "$file"

Linux-Disk

$ lsblk -o NAME,FSTYPE,UUID

$ vi /etc/fstab

Linux-SSH

^Installation

$ apt-get update
$ apt-get install openssh-serv

^Configuration

$ vi /etc/ssh/sshd_config
  
  PasswordAuthentication yes

^Check service

$ service ssh status

$ /etc/init.d/ssh restart
$ systemctl restart ssh
$ service ssh restart

$ service ssh stop
$ service ssh start

^Enable service

$ systemctl disable ssh
$ systemctl enable ssh

^test

$ ssh sheraadm@localhost
$ ssh localhost

^Check firewall

$ netstat -tanp | grep ssh

HP-Switch

<HP> system-view
[HP]  display transceiver interface GigabitEthernet 1/0/26

Linux Command

^^Add-User

$ sudo useradd -s /bin/bash -d /home/vivek/ -m -G sudo vivek
$ sudo passwd vivek

• -s /bin/bash – Set /bin/bash as login shell of the new account
• -d /home/vivek/ – Set /home/vivek/ as home directory of the new Ubuntu account
• -m – Create the user’s home directory
• -G sudo – Make sure vivek user can sudo i.e. give admin access to the new account

^^Add group

$ sudo usermod -a -G groupName userName

• The -a (append) switch is essential. Otherwise, the user will be removed from any groups, not in the list.
• The -G switch takes a (comma-separated) list of additional groups to assign the user to

$ cat /etc/passwd
$ cat /etc/group
$ iptables -L

software-download

That-Link

https://drive.google.com/drive/folders/1UA-k5mVTDexv5-ya402epNP26FGNw0C7?usp=sharing

Fortigate

การ Reset Password Fortigate 

"FortiAP"

c:\Telnet xx.xx.xx.xx

#cfg -a LOGIN_PASSWD=fgtadmin
#cfg -c



"Console"

FGT3HD4012345XXX login: maintainer
Password: bcpbFGT3 HD4012346 XXX l  //password: bcpb+serial no.
Welcome !
FGT3HD4012345XXX # config system admin
FGT3HD 4012345XXX (admin) # edit admin
FGT3HD4012345XXX (admin) # set password 1234

FGT3HD4012345XXX (admin) # end






https://help.fortinet.com/fos50hlp/54/Content/FortiOS/fortigate-wireless-54/reference-fortiap-cli.htm