Reverse SSH Tunneling

source: http://www.howtoforge.com/reverse-ssh-tunneling

 

Have you ever wanted to ssh to your Linux box that sits behind NAT? Now you can with reverse SSH tunneling. This document will show you step by step how to set up reverse SSH tunneling. The reverse SSH tunneling should work fine with Unix like systems.

Let's assume that Destination's IP is 192.168.20.55 (Linux box that you want to access).
You want to access from Linux client with IP 138.47.99.99.
Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99) 

1. SSH from the destination to the source (with public ip) using command below:

ssh -R 19999:localhost:22 sourceuser@138.47.99.99

* port 19999 can be any unused port.

2. Now you can SSH from source to destination through SSH tuneling:

ssh localhost -p 19999

3. 3rd party servers can also access 192.168.20.55 through Destination (138.47.99.99).

Destination (192.168.20.55) <- |NAT| <- Source (138.47.99.99) <- Bob's server 

3.1 From Bob's server:

ssh sourceuser@138.47.99.99 

3.2 After the sucessful login to Source:

ssh localhost -p 19999 

* the connection between destination and source must be alive at all time.
Tip: you may run a command (e.g. watch, top) on Destination to keep the connection active.

Use SSH to Create an HTTP Proxy

SOCKS is built in to OpenSSH, so it's a trivial matter to set up a local SOCKS proxy with the -D flag.

For example:

$ ssh -D 12345 myuser@remote_ssh_server

will open up the port 12345 on your local machine as a SOCKS proxy so all your HTTP traffic can be specified to go through the SSH tunnel and out remote_ssh_server on the other end. Your proxy server is now set up.

Next, set up your browser to use the proxy server. Most browsers include proxy support. For Firefox 3, go to Edit→Preferences→Advanced→Network→Settings, and specify that you want to use a Manual Proxy, localhost, port 12345 and SOCKS v5 (although OpenSSH supports both versions 4 and 5).

Now your browser is using a secure tunnel to your remote SSH server.

Collecting Mini Dump file from Windows 2003 Server

Summary:

Under Windows 2003 Server, sometimes Dr. Watson logs are not generated when an application crashes. However, mini dump files are always generated for the Windows error reporting service. Unfortunately by default this service queues notifications and doesn’t usually alert the user until the server is rebooted. Below are instructions on configuring the Windows error reporting service to instantly display a dialog when a crash occurs, and how to retrieve the crash information.

Description:

To stop the Windows error reporting service from queuing crash information:
- Open the registry editor (Start -> Run -> regedit)
- Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PCHealth\ErrorReporting\
- Change the DWORD ForceQueueMode value to 0
- Restart the machine
To retrieve the mini dump file when an application crashes.
- After an application crashes a dialog with the following title will be displayed:
“(Application Name) has encountered a problem and needs to close. We are sorry for the inconvenience.”
- Click the “click here” hyperlink
- A second dialog will appear with an “Error signature” section and a “Reporting details” section. Keep a record of the “AppVer”.
- Click the “click here” that follows “To view technical information about the error report”.
- A third dialog with 2 complete paths will be displayed. They usually follow the format of:
(System Partition):\DOCUME~1\ADMINI~1\LOCALS~1\Temp\(Folder name starting with W)\(File name)
- Open Windows Explorer and navigate to the folder the starts with “W”
- (Do not dismiss any of the dialogs; doing so will remove the folder)
- Copy the folder to the desktop
- Create a text file and enter the “AppVer” into it, and add the file to the folder on the desktop
- ZIP the folder and send it to Group Logic

Windows Cluster - Manual Failover vs Automatic Failover

article source - SQL Server Tips by Ashwin

Often, DBA's are given a task to find the RCA of SQL Server failover in cluster and it is difficult to find whether the failover is an automatic failover (due to some issue) or a manual failover (by any other dba, system admin etc).

An easy way to figure that out is to take a look at the cluster log (which is generally seen at C:\Windows\Cluster\Cluster.log on all the member nodes in cluster.
Open the log and search for these keywords “FmsMoveGroupRequest” and “FmpDoMoveGroup”. You will find entries similar to the below.

This says that it is a manual failover and not an automatic failover

1.INFO [FM] FmsMoveGroupRequest: To move group ‘a47f0c1a-fc1b-45ed-8a34-07bf59300c9c’

2.INFO [FM] FmpDoMoveGroup: Entry

3.INFO [FM] FmpMoveGroup: Entry

4.INFO [FM] FmpPickNodeFromPreferredListAtRandom: Picking node for group a47f0c1a-fc1b-45ed-8a34-07bf59300c9c [SQL2005], suggested node 1…

5.INFO [FM] FmpPickNodeFromPreferredListAtRandom: Node 1 for group a47f0c1a-fc1b-45ed-8a34-07bf59300c9c is user preferred…

6.INFO [FM] FmpPickNodeFromPreferredListAtRandom: Selected node 1 for group a47f0c1a-fc1b-45ed-8a34-07bf59300c9c…

7.INFO [FM] FmpMoveGroup: Moving group a47f0c1a-fc1b-45ed-8a34-07bf59300c9c to node 1 (1)

8.INFO [FM] FmpNotifyGroupStateChangeReason: Notifying group SQL2005 [a47f0c1a-fc1b-45ed-8a34-07bf59300c9c] of state change reason 1…

If you scroll through the log, you will find these entries which says that the manual failvover has successfully completed

1.INFO [FM] FmpCompleteMoveGroup: Exit, status = 0

2.INFO [FM] FmpMovePendingThread Exit.

How to build LAPP (Linux + Apache + Postgres + PHP) easy

This LAPP is to be built based on Ubuntu (or Debian or any derivative of the Ubuntu)

Install Postgresql

sudo apt-get install postgresql-8.1 php5-pgsql

Install Apache

• The following mod-security, ldap, and odbc libraries are optional:

sudo apt-get install apache2 libapache2-mod-php5 php5-gd
sudo apt-get install libapache2-mod-security php5-ldap php5-odbc

• Restart Apache

sudo /etc/init.d/apache2 restart




============== below are optional or if you know what to do please skip ============== 

Install other software (optional)

sudo apt-get install openssh-server unattended-upgrades
sudo apt-get install unzip zip aspell-en aspell-fr aspell-de aspell-es
sudo apt-get install curl php5-curl php5-xmlrpc
sudo apt-get install clamav-base clamav-freshclam clamav

Configure Postgres (if you know what to do please skip)

• Create the database user 'webuser'.

sudo -u postgres createuser -D -A -P webuser

Enter in a NewDatabasePassword here, then answer 'N' to the question.

• Create the database 'webdb' for the user 'webuser'. Enter the password that you just created.

sudo -u postgres createdb -E utf8 -O webuser webdb

• Secure the postgresql database with an admin password.

sudo -u postgres psql template1
# ALTER USER postgres WITH PASSWORD 'NewAdminDatabasePassword';
# \q

• Edit the file '/etc/postgresql/8.1/main/pg_hba.conf' and on line 79 change the words ident sameuser to md5.

sudo nano /etc/postgresql/8.1/main/pg_hba.conf

• Restart the database:

sudo /etc/init.d/postgresql-8.1 restart

Information about Dr. Watson

Dr. Watson is a program error debugger that detects and diagnoses program errors and creates User.dmp and DrWtsn32.log files to contain the diagnostic data. In Windows NT these files are stored in the %systemroot% folder. In Windows 2000, these files are stored in the %systemdrive%\Documents and Settings\All Users\Documents\DrWatson folder. For Windows XP, these files are stored in the %systemdrive%\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson folder. The DrWtsn32.log file is appended each time a program error occurs; the User.dmp file is overwritten each time.

To turn off the Dr Watson debugger, apply the following Windows NT / Windows 2000 / Windows XP registry hack:
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug
Name: Auto
Type: REG_DWORD
Value: 0 disable
Value: 1 enable

To re-enable Dr Watson, you can change Auto back to 1 or from the command line type drwtsn -i.
To change the folder for log files, apply the following Windows NT / Windows 2000 / Windows XP registry hack:
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: LogFilePath
Type: REG_SZ

This is the registry key containing most of the values for Dr Watson including AppendToLogFile, CrashDumpFile (change from default name user.dmp), CreateCrashDump, MaximumCrashes, SoundNotification, VisualNotification, and Wavefile.
The AppendToLogFile value controls whether Dr. Watson creates a new log file or appends data to the old log file for each application error that occurs:
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: AppendToLogFile
Type: REG_DWORD
Value: 0 new
Value: 1 append

The CrashDumpFile value controls the path and filename to use when creating a crash dump file :
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: CrashDumpFile
Type: REG_EXPAND_SZ 
 
The CreateCrashDump value controls whether Dr. Watson creates a crash dump file after an application crash has occured :
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: CreateCrashDump
Type: REG_DWORD
Value: 0 disable
Value: 1 enable

The DumpAllThreads value controls whether Dr. Watson should dump the contents of all threads during an application error :
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: DumpAllThreads
Type: REG_DWORD
Value: 0 disable
Value: 1 enable

The DumpSymbols value controls whether Dr. Watson should dump the contents of the symbol tables during an application error :
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: DumpSymbols
Type: REG_DWORD
Value: 0 disable
Value: 1 enable
The SoundNotification value controls whether Dr. Watson plays a wav file when an application error occurs :
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: SoundNotification
Type: REG_DWORD
Value: 0 disable
Value: 1 enable

The WaveFile value specifies the path and filename of the wave file to be played during an application error :
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: SoundNotification
Type: REG_EXPAND_SZ 
 
The VisualNotification value controls whether Dr. Watson displays a popup message box when it encounters an application error :
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\DrWatson
Name: VisualNotification
Type: REG_DWORD
Value: 0 disable
Value: 1 enable


There are various debugger utilities besides Dr Watson. Lotus Notes replaces Dr Watson with its debugger. To switch back to Dr Watson, should another debugger be enabled, apply the following Windows NT / Windows 2000 registry hack:
Hive: HKEY_LOCAL_MACHINE
Key: SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug
Name: Debugger
Type: REG_SZ
Value: drwtsn32 -p %ld -e %ld -g