githubfoam

## data center cheat sheet
------------------------------------------------------------------------------------------
#ChatGPT

An Automatic Transfer Switch (ATS) is a device used in electrical systems to automatically switch power sources between primary and secondary power supplies in case of a power outage or voltage drop. Its primary function is to ensure uninterrupted power supply to critical equipment or loads by seamlessly transferring power between two sources.

Functionality of ATS:
Dual Power Sources: ATS devices typically connect to two separate power sources, such as the primary utility power and a backup generator or secondary power feed.

Automatic Switching: Monitors the primary power source, and in the event of a power failure or abnormal voltage, the ATS swiftly switches the load to the secondary power source without manual intervention.

## fortigate waf cheat sheet
#=====================================================================
Enable the web application firewall

Enable the web application firewall:

    Go to System > Feature Visibility.
    Under Security Features, enable Web Application Firewall.
    Click Apply.
#=====================================================================
The web application firewall feature is only available when the policy inspection mode is proxy-based.

## apache cheat sheet
==========================================================================================================
#apache 2.4.10 on windows server 2012 data center.
#\apache\conf\extra\httpd-ssl

#The -ALL option disables all SSL/TLS protocols initially.
#The +TLSv1.2 and +TLSv1.3 options then selectively enable the TLS 1.2 and TLS 1.3 protocols.
SSLProtocol -ALL +TLSv1.2 +TLSv1.3

#this configuration directly specifies that Apache should use TLS 1.2 and TLS 1.3 for secure communications.
#It doesn't explicitly disable any other SSL or TLS versions, but it indicates the preferred versions.

## IIS cheat sheet
==========================================================================================================
reset IIS without having to reboot the whole server
iisreset
==========================================================================================================
To check if IIS (Internet Information Services) is running on a Windows Server 2019 Standard server, you can use several methods, including the graphical user interface (GUI) and command-line tools. Here are two common methods:

Method 1: Using the GUI (Server Manager)

Log In: Log in to the Windows Server 2019 Standard using an account with administrative privileges.

## ansible networking cheat sheet
--------------------------------------------------------------------------------------------------------------------
This error occurs because the SSH server (your Cisco switch) only supports weak key exchange algorithms, such as diffie-hellman-group1-sha1, which are disabled by default in modern OpenSSH clients for security reasons.
Solution: Enable Legacy Key Exchange Algorithm in SSH

You can override the default SSH settings and explicitly allow diffie-hellman-group1-sha1 by adding the -o KexAlgorithms=+diffie-hellman-group1-sha1 option.
🔹 Updated sshpass Command

while read switch; do
    sshpass -p 'yourpassword' ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 -o StrictHostKeyChecking=no admin@$switch exit
done < switches.txt

## windows 11 cheat sheet
#=====================================================================
solution A generated by ms copilot
solution B generated by deepseek

According to this requirement, compare these two solutions; solution A and Solution B; advise

This is requirement

On Windows 1o, there are two folders with several folders and files, and these folders also have files and folders with an unspecified depth. Folder A has 5486 files,789 folders; folder B has 4689 files, 713 folders. You want to merge folder A and Folder B without duplicating folders and files into folder C. Explain how to do this

## dell switch S404 8cheat sheet
#=====================================================================
https://ansible-dellos-docs.readthedocs.io/en/latest/index.html
#=====================================================================
The dellemc.os9 collection supports Enable Mode (Privilege Escalation). This page offers details on how to use Enable Mode on OS9 in Ansible
https://docs.ansible.com/ansible/latest/network/user_guide/platform_dellos9.html
#=====================================================================
This collection includes the Ansible modules, plugins and roles needed to provision and manage Dell EMC PowerSwitch platforms running Dell EMC OS9. Sample playbooks and documentation are also included to show how the collection can be used.
https://github.com/ansible-collections/dellemc.os9/tree/main
#=====================================================================

## fortigate - HA mode cheat sheet
#=====================================================================
#how to power off fortigate cluster
#unplug the power cables as there is no power buttons

shut down first the secondary(backup unit)
Unit-1 # execute ha manage 1                 {To switch to the backup unit}
Unit-2 $                                     {Now on the backup unit}
Unit-2 $ execute shutdown                    {To shut down the backup unit}
This operation will shutdown the system !
Do you want to continue? (y/n)y

## ubuntu forensics cheat sheet
============================================================================
FOR577: LINUX Incident Response and Threat Hunting
https://www.sans.org/cyber-security-courses/linux-threat-hunting-incident-response/
============================================================================
#ChatGPT

Determining the precise date and time when ClamAV was installed on an Ubuntu Linux system might require a bit of sleuthing, as Linux doesn't typically log installation timestamps by default. However, you can use system logs and package manager records to get an idea of when ClamAV was installed:

Method 1: Checking Package Installation Logs
APT Logs:

## Investigation Path - command and control (C2 or C&C)
==========================================================================================================
#https://attack.mitre.org/tactics/TA0011/
Tactics/Techniques
Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses
==========================================================================================================
#ChatGPT
As an incident response security engineer detecting a command and control (C2/C&C) attack on a host, you can use the MITRE ATT&CK Navigator as a helpful tool to aid in your incident response efforts. The MITRE ATT&CK Navigator is a web-based tool that allows you to visualize and track adversary techniques, tactics, and procedures in real-time. Here's how you
	------------------------------------------------------------------------------------------
	#ChatGPT

	An Automatic Transfer Switch (ATS) is a device used in electrical systems to automatically switch power sources between primary and secondary power supplies in case of a power outage or voltage drop. Its primary function is to ensure uninterrupted power supply to critical equipment or loads by seamlessly transferring power between two sources.

	Functionality of ATS:
	Dual Power Sources: ATS devices typically connect to two separate power sources, such as the primary utility power and a backup generator or secondary power feed.

	Automatic Switching: Monitors the primary power source, and in the event of a power failure or abnormal voltage, the ATS swiftly switches the load to the secondary power source without manual intervention.
	#=====================================================================
	Enable the web application firewall

	Enable the web application firewall:

	Go to System > Feature Visibility.
	Under Security Features, enable Web Application Firewall.
	Click Apply.
	#=====================================================================
	The web application firewall feature is only available when the policy inspection mode is proxy-based.
	==========================================================================================================
	#apache 2.4.10 on windows server 2012 data center.
	#\apache\conf\extra\httpd-ssl

	#The -ALL option disables all SSL/TLS protocols initially.
	#The +TLSv1.2 and +TLSv1.3 options then selectively enable the TLS 1.2 and TLS 1.3 protocols.
	SSLProtocol -ALL +TLSv1.2 +TLSv1.3

	#this configuration directly specifies that Apache should use TLS 1.2 and TLS 1.3 for secure communications.
	#It doesn't explicitly disable any other SSL or TLS versions, but it indicates the preferred versions.
	==========================================================================================================
	reset IIS without having to reboot the whole server
	iisreset
	==========================================================================================================
	To check if IIS (Internet Information Services) is running on a Windows Server 2019 Standard server, you can use several methods, including the graphical user interface (GUI) and command-line tools. Here are two common methods:

	Method 1: Using the GUI (Server Manager)

	Log In: Log in to the Windows Server 2019 Standard using an account with administrative privileges.
	--------------------------------------------------------------------------------------------------------------------
	This error occurs because the SSH server (your Cisco switch) only supports weak key exchange algorithms, such as diffie-hellman-group1-sha1, which are disabled by default in modern OpenSSH clients for security reasons.
	Solution: Enable Legacy Key Exchange Algorithm in SSH

	You can override the default SSH settings and explicitly allow diffie-hellman-group1-sha1 by adding the -o KexAlgorithms=+diffie-hellman-group1-sha1 option.
	🔹 Updated sshpass Command

	while read switch; do
	sshpass -p 'yourpassword' ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 -o StrictHostKeyChecking=no admin@$switch exit
	done < switches.txt
	#=====================================================================
	solution A generated by ms copilot
	solution B generated by deepseek

	According to this requirement, compare these two solutions; solution A and Solution B; advise

	This is requirement

	On Windows 1o, there are two folders with several folders and files, and these folders also have files and folders with an unspecified depth. Folder A has 5486 files,789 folders; folder B has 4689 files, 713 folders. You want to merge folder A and Folder B without duplicating folders and files into folder C. Explain how to do this
	#=====================================================================
	https://ansible-dellos-docs.readthedocs.io/en/latest/index.html
	#=====================================================================
	The dellemc.os9 collection supports Enable Mode (Privilege Escalation). This page offers details on how to use Enable Mode on OS9 in Ansible
	https://docs.ansible.com/ansible/latest/network/user_guide/platform_dellos9.html
	#=====================================================================
	This collection includes the Ansible modules, plugins and roles needed to provision and manage Dell EMC PowerSwitch platforms running Dell EMC OS9. Sample playbooks and documentation are also included to show how the collection can be used.
	https://github.com/ansible-collections/dellemc.os9/tree/main
	#=====================================================================
	#=====================================================================
	#how to power off fortigate cluster
	#unplug the power cables as there is no power buttons

	shut down first the secondary(backup unit)
	Unit-1 # execute ha manage 1 {To switch to the backup unit}
	Unit-2 $ {Now on the backup unit}
	Unit-2 $ execute shutdown {To shut down the backup unit}
	This operation will shutdown the system !
	Do you want to continue? (y/n)y
	============================================================================
	FOR577: LINUX Incident Response and Threat Hunting
	https://www.sans.org/cyber-security-courses/linux-threat-hunting-incident-response/
	============================================================================
	#ChatGPT

	Determining the precise date and time when ClamAV was installed on an Ubuntu Linux system might require a bit of sleuthing, as Linux doesn't typically log installation timestamps by default. However, you can use system logs and package manager records to get an idea of when ClamAV was installed:

	Method 1: Checking Package Installation Logs
	APT Logs:
	==========================================================================================================
	#https://attack.mitre.org/tactics/TA0011/
	Tactics/Techniques
	Command and Control consists of techniques that adversaries may use to communicate with systems under their control within a victim network. Adversaries commonly attempt to mimic normal, expected traffic to avoid detection. There are many ways an adversary can establish command and control with various levels of stealth depending on the victim’s network structure and defenses
	==========================================================================================================
	#ChatGPT
	As an incident response security engineer detecting a command and control (C2/C&C) attack on a host, you can use the MITRE ATT&CK Navigator as a helpful tool to aid in your incident response efforts. The MITRE ATT&CK Navigator is a web-based tool that allows you to visualize and track adversary techniques, tactics, and procedures in real-time. Here's how you