To copy remote file to your filesystem use the following syntax:
scp your_username@remotehost.edu:foobar.txt /some/local/directory
To copy local file to remote filesystem use the following syntax:
scp foobar.txt your_username@remotehost.edu:/some/remote/directory
To copy folder to a remote filesystem use
scp -r foo your_username@remotehost.edu:/some/remote/directory/bar
Monday, February 28, 2011
Thursday, February 24, 2011
Procmon - little handy tool
Recently, I've faced a problem, when wrong GPO from old misconfigured Windows Server 2003 DC applied to newly installed Windows Server 2008. There was a lot of issues related to wrong registry and file system permissions (the only things that doesn't restore to a previous state after removing GPO), so different services, such as Terminal services, couldn't start and produced a lot of errors. The only tool that helped me was Procmon. It allows to see real-time operations of operating system, check all "Access denied" errors and much more. Now everything works just fine.
Assigning restrictions to logon locally, accessing computers from the network and other interesting user permissions on Windows
Today's task was to secure access to the Microsoft Windows 2008 server using GPO. That's an interesting topic to play with because there is a lot of different combinations exists to accomplish this. A combination of local and domain policies, NTFS permissions can be used. Here I will try to post a conclusions that arised after this work.
First of all I would like to talk about NTFS permission named "Traverse Folder". That's a very interesting permission because it allows us to tighten security to a highest level. Let's make an example. Let's say we want to access a folder under the following path: "C:\lala\dada\KEY". For user "Tony" to access folder "KEY" he has to have NTFS permissions for it, but not only for it. What about parent folders? In fact, he has to have a "Traverse Folder" permission on all the parent folders to access "KEY" folder. So we should modify all the parent folders permissions to give "Tony" access to "KEY"? Not at all. By default, GPO assign the following "User Right": "Bypass Traverse Checking" to "Administrators, Backup Operators, Users, Everyone, Local Service and Network Service" on workstations and servers and "Administrators, Authenticated Users, Everyone, Local Service, Network Service and Pre-Windows 2000 Compatible Access" on Domain Controllers.
This is the link to Microsoft support article that describes different incompatibilities that may appear after wrong modification of critical user rights like "Allow logon locally", "Access this computer from the network" etc.
First of all I would like to talk about NTFS permission named "Traverse Folder". That's a very interesting permission because it allows us to tighten security to a highest level. Let's make an example. Let's say we want to access a folder under the following path: "C:\lala\dada\KEY". For user "Tony" to access folder "KEY" he has to have NTFS permissions for it, but not only for it. What about parent folders? In fact, he has to have a "Traverse Folder" permission on all the parent folders to access "KEY" folder. So we should modify all the parent folders permissions to give "Tony" access to "KEY"? Not at all. By default, GPO assign the following "User Right": "Bypass Traverse Checking" to "Administrators, Backup Operators, Users, Everyone, Local Service and Network Service" on workstations and servers and "Administrators, Authenticated Users, Everyone, Local Service, Network Service and Pre-Windows 2000 Compatible Access" on Domain Controllers.
This is the link to Microsoft support article that describes different incompatibilities that may appear after wrong modification of critical user rights like "Allow logon locally", "Access this computer from the network" etc.
Friday, January 28, 2011
Making a router with NAT from Windows XP without enabling ICS
I've always wanted to know how to enable routing and NAT on XP box without enabling ICS (Internet Connection Sharing). Today it's time to write some lines about it. Let's begin.
1. We should enable service "Routing and Remote Access"
2. Open registry editor and navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" and set IPEnableRouter to "1"
Then, open a command prompt and type the following commands:
3. netsh routing ip nat install
4. netsh routing ip nat add interface "WAN Interface Name" full
5. netsh routing ip nat add interface "LAN Interface Name" private
I'm not sure whether computer has to be restarted after this setup, but the answer is probably "yes".
Anyway, if something doesn't agree to work - just restart the computer before panic :D
P.S. One more thing to add:
To check configured interfaces type netsh routing ip nat show interface
1. We should enable service "Routing and Remote Access"
2. Open registry editor and navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters" and set IPEnableRouter to "1"
Then, open a command prompt and type the following commands:
3. netsh routing ip nat install
4. netsh routing ip nat add interface "WAN Interface Name" full
5. netsh routing ip nat add interface "LAN Interface Name" private
I'm not sure whether computer has to be restarted after this setup, but the answer is probably "yes".
Anyway, if something doesn't agree to work - just restart the computer before panic :D
P.S. One more thing to add:
To check configured interfaces type netsh routing ip nat show interface
Friday, January 21, 2011
Cloning Virtual Machine from snapshot in virtualbox
Today I've faced an interesting task to make a new virtual machine from a snapshot of existing one in virtual box. After a little research, I've found nice guide how to do it:
To clonehd the Current State of a disk:
To clonehd the Current State of a disk:
- Open the Virtual Media Manager (Menu: File>Virtual Media Manager).
- Navigate to the hard disk you want to clone and fully expand the tree (use * key on numeric keypad).
- Find the {hexUUID}.vdi file that is attached to the VM you want to clone the Current State of.
- Click the filename to the right of the 'Location:' displayed at the bottom of the window.
- Ctrl+C / Copy to copy the text to the clipboard, which will be something like:
(path){b6441469-5ccb-418c-8fdd-73c5e1a17314}.vdi - Ctrl+V / Paste and extract the hexUUID value (removing the {} brackets) and run clonehd to clone it!
- Open the Virtual Media Manager (Menu: File>Virtual Media Manager).
- Navigate to the hard disk you want to clone and fully expand the tree (use * key on numeric keypad).
- Find the {hexUUID}.vdi file that is attached to the VM (and Snapshot) you want to clone.
- Click the filename to the right of the 'Location:' displayed at the bottom of the window.
- Ctrl+C / Copy to copy the text to the clipboard, which will be something like:
(path){75bd6ab1-ce25-4b56-aa39-7826c9ebcc93}.vdi - Ctrl+V / Paste and extract the hexUUID value (removing the {} brackets) and run clonehd to clone it!
Subscribe to:
Comments (Atom)