Adding extra fields to Fail2Ban mails

Posted on .


I needed fail2ban to give the full hostname in an email and not just the short system name to reduce ambiguity.

To do this I copied the action “sendmail-whois” to “local_sendmail-whois”

And then adjusted /etc/fail2ban/actions.d/sendmail-whois.conf by editing the actionstart, actionstop and actionban sections. These simply run the sendmail command with the given Subject, Date, From, To and body. I swapped uname -n with <hostname> and adjusted the format for each section.

I then added this new action to jail.conf

By default I use the “action_” action, which doesn’t send an email. And then in the jails that I do want an email I just put


Modifying an initrd

Posted on .

Extract

Recreate

Elevated/Admin Notepad++ Context Menu

Posted on .

I use NotePad++ on Windows and sometimes it is a little frustrating when UAC gets in the way of my editing some files. I have to manually load NotePad++ as Administrator, and try again.

This INF file will install an extra context menu called “Edit with NotePad++ (elevated)”.
notepad_elevated_context_menu

Once downloaded, right click the file and choose Install.

Note: The install script assumes NotePad++ is at “C:\Program Files (x86)\Notepad++\notepad++.exe”. You can adjust the location in the install script by editing the very last line.

Download
  NotepadppElevated.inf (1.3 KiB, 2,363 hits)

(tested on Windows 7 x64)

Logoff Disconnected Users From Remote Desktop via batch-file

Posted on .

I would like to log-off some users after they have disconnected. Windows has this feature built-in, you can find it at the user-properties “Sessions” tab.

However I have found this feature to be unreliable. Whether it is set to log-off disconnected users at 1 minute or 5 minutes, during isolated tests it works fine, but when in production it has failed multiple times in the last few months with disconnected sessions lingering for hours before noticed.

I found this command-line code to log-off all disconnected users. It seemed to fit the purpose. It uses “quser” to get the list of logged on users, writes them to a file, finds the ones that are disconnected and uses “rwinsta” to log them off. Pretty neat.

I felt I could improve on it though. I saw it didn’t really need to write to a temporary file, and just use internal variables. I also wanted it to connect to multiple servers and be able to list specific users to be logged off.

This can then be added to an elevated scheduled task that runs every X minutes to check for disconnected users.

This is working for Windows Server 2008 R2 and Windows Server 2012.

Disconnect listed users:
(adjust the list of servers and users)

Disconnect all users:
(adjust the list of servers)

Teamspeak 3 – Server Admin Query privilege key

Posted on .

In order to add a user as “Server Admin Query”, login via telnet as “serveradmin” and get a privilege token with the following command:

You will need to select which virtualserver the token should be generated with first with use sid=[server id].

Example: