Automatic backup of Netscreen configuration

I spent some time earlier automating the backups of our appliance configuration to a restricted network share and thought I’d share a simple batch script to backup the configuration from multiple Juniper Netscreen (ScreenOS) firewalls.

@echo off
REM ================================================================
REM CONFIGURATION INFO
REM ================================================================
set USERNAME=backupAccount
set PASSWORD=superSecretPassword
set CFGFILE=BackupList.txt
set DESTDIR=C:\Backups\

REM ================================================================
REM STOP CHANGING HERE OR YOU'LL BREAK SOMETHING
REM ================================================================
SET TIMESTAMP=%date:~-4,4%.%date:~-7,2%.%date:~-10,2%
for /F "tokens=1,2 delims=," %%A in (%CFGFILE%) do (
	IF NOT EXIST "%DESTDIR%%TIMESTAMP%" mkdir "%DESTDIR%%TIMESTAMP%"
	pscp -q -scp -pw %PASSWORD% %USERNAME%@%%B:ns_sys_config "%DESTDIR%%TIMESTAMP%\%%A.cfg"
)

The above will read the details of the firewalls from a CSV file (BackupList.txt) in hostname,ip address format. PSCP is then used to SCP the configuration from the firewall to the location specified in DESTDIR.

You’ll need to make sure SSH + SCP is enabled on your firewalls and that pscp is in the same directory as the script. You can find the latest version of Putty and PSCP here.

Review of PACKT publishing Cacti Network Monitoring

I recently received a copy of PACKT publishings new book titled Cacti 0.8 Network Monitoring. You can grab yourself a copy of the same chapter here.

Facts

  • 8 Chapters, 116 pages with an RRP of $34.99 US / £31.99 UK
  • The book is aimed at anyone who wants to manage a network using Cacti. No previous Cacti or Linux experience is needed

Pros

  • The book is ideal for someone who has never used a Linux or Cacti system before. It’s an ideal introduction to Cacti.
  • The instructions and illustrations are clear and concise, with no room for misinterpretation
  • Provides a good introduction to data, host and graph templates and how to use them.

Cons

  • The book is filled with poor sentence structure and typos. Given that PACKT had someone review the writing and correct mistakes, this is a real shame.
  • The book makes frequent and consistent spelling mistakes. For example, the book constantly refers to Tobi Oetiker as Tobi Oeticker
  • The first 46 pages (of 116) cover what SNMP and rrdtool are and how to install Cacti. Given the book is so short, this seems a waste when a simple aptitude install cacti would have covered it.
  • 10 pages on user management really is a waste. If you can’t figure out how to create a user on your own you really shouldn’t be setting up the network monitoring system for your organization.

Conclusion

I’m in two minds about this book. On the one hand it’s full of typos and poor English. It doesn’t go into much depth in the areas I wanted it to (Cacti XML Queries and data templates) but spends a long time on simple tasks (installing and basic configuration). On the positive side the book does provide a good introduction to SNMP and how to get started with Cacti.

All considered I think the book is suitable for someone who is looking at implementing Cacti but shouldn’t be considered a complete guide. One to avoid if endless typos are likely to get on your nerves.

Security update for SQL Server KB970892 fails to install

Over the last few days KB970892 has consitently failed to install on our SQL Servers via Windows Update. The following instructions will get it working.

Once the update fails to install, you’ll likely have to reboot as the system will be flagged as pending a reboot. Once rebooted we need to attempt to complete the SQL Server installation:

  1. Open up Add or Remove Programs, select Microsoft SQL Server 2005 and click Change
  2. On the Component Selection screen, choose Database Engine under SQL Server 2005 Instances and click Next
  3. On the Feature Maintenance screen, choose Database Engine and click Next
  4. Go through the setup wizard until the Change or Remove Instance screen. Then click Complete the suspended installation.
  5. Follow through the wizard, if you get a prompt for the files point it at your SQL SP3 installation media and continue.
[Warning]If you’re using SQL Server 2005 Express you can extract SQLEXPR32.EXE with the /x switch.

The installation will likely fail with the following error:

SQL Server Setup has encountered the following problem: [Microsoft][SQL Native Client][SQL Server]Password validation failed. The password does not meet Windows policy requirements because it is too short.. To continue, correct the problem, and then run SQL Server Setup again.

Edit C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Upgrade\sqlagent90_msdb_upgrade.sql with notepad or similar.

Change password on line 30683 to something more complex, from:
encryption by password = 'Yukon90_'
To (for example):
encryption by password = 'Yukon90_23423ASDzz}{'

Then further down, change line 30977 to reflect the same value:

From
set @exec_str = N'add signature to ' + @sp + N' by certificate [##MS_AgentSigningCertificate##] with password = ''Yukon90_'''

To
set @exec_str = N'add signature to ' + @sp + N' by certificate [##MS_AgentSigningCertificate##] with password = ''Yukon90_23423ASDzz}{'''

Cancel out of setup. Back in Add or Remove Programs choose Change again for Microsoft SQL Server 2005 continuing through the wizard as before. This time, you wont get the error and the upgrade will complete.

« Older Entries
Newer Entries »