Terminal Gain $>_

Payment Card Industry Standards and Regulations.

2009-06-29T17:29:00.000-07:00

The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Inc. International, to help facilitate the broad adoption of consistent data security measures on a global basis.

The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data.

The PCI Security Standards Council will enhance the PCI DSS as needed to ensure that the standard includes any new or modified requirements necessary to mitigate emerging payment security risks, while continuing to foster wide-scale adoption.

Ongoing development of the standard will provide for feedback from the Advisory Board and other participating organizations. All key stakeholders are encouraged to provide input, during the creation and review of proposed additions or modifications to the PCI DSS.

The core of the PCI DSS is a group of principles and accompanying requirements, around which the specific elements of the DSS are organized:

Build and Maintain a Secure Network.
Requirement 1: Install and maintain a firewall configuration to protect cardholder data.
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters .

Protect Cardholder Data.
Requirement 3: Protect stored cardholder data.
Requirement 4: Encrypt transmission of cardholder data across open, public networks.

Maintain a Vulnerability Management Program.
Requirement 5: Use and regularly update anti-virus software.
Requirement 6: Develop and maintain secure systems and applications.

Implement Strong Access Control Measures.
Requirement 7: Restrict access to cardholder data by business need-to-know.
Requirement 8: Assign a unique ID to each person with computer access.
Requirement 9: Restrict physical access to cardholder data.

Regularly Monitor and Test Networks.
Requirement 10: Track and monitor all access to network resources and cardholder data. Requirement 11: Regularly test security systems and processes.

Maintain an Information Security Policy.
Requirement 12: Maintain a policy that addresses information security.

For more info and to download the supporting documentation and other documents visit https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml.

Internet Protocol and IP Addresses Overview

2009-06-27T17:28:00.000-07:00

Every machine on the Internet or a private network has a unique identifying number.
This is called an Internet Protocol Address, or IP Address.

To a computer, an IP address would look something like this, 11011000.00011011.00111101.10001001.
The above number is written in binary form but in order to make it easier for people to interact with and remember the IP address, it is translated in decimal form.

In decimal form the above address would look like 216.27.61.137.
Before we move forward lets define what an octet is.

An octet is a group of 8 digits, usually 1's and 0's that make up part of the IP address. Each IP address has 4 groups of 1's and 0's or 4 octets. Each number represents a bit and of course 8 bits equal a byte.
There are 3 valid classes of IP addresses, Class A, B and C.
The range of the first octet of a class A IP address is from 1 to 126, valid network numbers are from 1.0.0.0 to 126.0.0.0, the number of networks that are possible in this class is 126, 2^7 -2. The number of hosts that can belong to each network is 16777214 or 2^24 - 2.
The range of the first octet of a class B IP address is from 128 to 191, valid network numbers are from 128.1.0.0 to 191.254.0.0, the number of networks that are possible in this class is 16382. (2^14 -2). The number of hosts that can belong to each network is 65534 or 2^16 - 2.
The range of the first octet of a class C IP address is from 192 to 223, valid network numbers are from 192.0.1.0 to 223.255.254.0, the number of networks that are possible in this class is 2097150. (2^21 -2). The number of hosts that can belong to each network is 254 or 2^8 - 2.
Notice that as the number of networks in each class increases, the number of hosts that each of the networks can accommodate decreases. This is because each network has a address of 32 bits or 4 bytes. Each byte is the same as 8 bits or an octet.
In terms of bits and bytes, a class A IP address has an 8 bit network address and a 24 bit host address. A class B IP address has 16 bit network address and 16 bit host address. Finally, a class C IP address has a 24 bit network address and 8 bit host address.
In the above calculations you might have noticed that each calculation is composed of the number 2 to the power of a number not greater than 32 minus 2.
Example:
In order to find out how many networks and hosts are possible for a class A network we perform the following calculations.
First, we know it's a class A Network. By definition the network part of the IP address must be 8 bits long and we also know that an IP address cannot be more than 32 bits long so 32 - 8 is 24. The host part of the network is 24 bits long. 2^8 - 2 = Number of Networks, 2^24 - 2 = Number of hosts each network.
Why the - 2?
You must subtract 2 IP addresses from each calculation because 1 is used as the broadcast address and the other as the Network ID.
Normally and IP address is accompanied by a subnet mask. The subnet mask helps a computer determine how many hosts are in the network.
Class A subnet mask is 255.0.0.0.Class B subnet mask is 255.255.0.0.Class C subnet mask is 255.255.255.0.

How to Administer a Headless Solaris Server

2009-06-07T17:24:00.000-07:00

I only confirmed this with Sun Ultra 5/10 workstations but I'm sure that in some form or another it's true for all Sun workstations and servers.
If, during boot up, a Sun workstation or server does not detect an input device such as a keyboard or mouse, the console will be redirected to COM 1. This is helpful when trying to install Solaris from scratch on a headless server.
A null modem cable and terminal emulation software such as putty is also needed.

How To Change the Monitor Resolution on Solaris 10

2009-05-28T17:26:00.000-07:00

Fbconfig is the utility that you can use to change the monitor resolution on a Solaris 10 workstation.

Typing fbconfig -res \? will yield a list of valid resolutions, some of them will have a * , these are the resolutions that your monitor does not support.

If you execute the fbconfig command from the console with the wrong parameters, your monitor might become unreadable. All is not lost, ssh into the Solaris 10 box and issue the fbconfig command along with a safe resolution. Most of the time the changes will take place immediately if you issue the "now" option.

fbconfig -res 1152x900x66 try - the system will test the 1152x900x66 resolution for 10 seconds, ctrl+c will stop the test and revert the changes. typing no at the end of the 10 seconds will also have the same result.

fbconfig -res 1152x900x66 now - the system will set the resolution to 1152x900x66 without any sort of test. This change cannot be undone without reissuing the fbconfig command again along with a safe resolution.

Depending on the type of graphics card, also take a look at m64config and ffbconfig.

Here is the manual...
--------------------------------------------------------
fbconfig [-list] [-dev devname abbreviation][-res video-mode] [-propt] [-prconf] [-help]

-list List installed and configurable frame buffers

Usage:
ffbconfig [-dev devname] [-file machine system ][-res video-mode [now] [noconfirm] [nocheck] [try]][-deflinear true false] [-defoverlay true false][-linearorder first last] [-overlayorder first last][-expvis enable disable] [-sov enable disable][-maxwids n] [-extovl enable disable][-g gamma-correction value] [-gfile filename][-defaults][-propt] [-prconf] [-help] -dev device to configure.

Default: /dev/fbs/ffb0-file which OWconfig file to update.
Default: machine-res video-mode to set on device.

-res \? will show list of possible video modes.

-deflinear If true, default visual will be linear visual. Default: false.

-defoverlay If true, default visual will be overlay visual. Default: false.

-linearorder If "first", linear visuals will be selected before non-linear visuals. Default: last.

-overlayorder If "first", overlay visual will be selected before non-overlay visual. Default: last.

-expvis If enabled, OpenGL Visual Expansion will be enabled. Default: disabled.

-sov If enabled, Server Overlay Visuals will be available. Default: disabled.

-maxwids number of WIDs to allocate. This option is availble only if extended overlay mode is disabled. Must be between 1 and 64 and an even power of two. Default: 32.

-extovl If enabled, Extended Overlay Mode is enabled. In the Extended Overlay Mode,
-maxwid option is not available. Default: enabled.

-g Gamma Correction Value Default: 2.220000.

-gfile Filename of the file containing Gamma Correction Table.

-defaults set all options for specified device back to default values (except for -dev).
-propt print out current option settings.

-prconf print out device hardware configuration.
-help print out this message.
---------------------------------------------------------------

How to Install a Graphics Adapter on Sun Sparc Systems

2009-05-23T17:22:00.000-07:00

Shutdown the system.
Install the the graphics adapter.
Start the system.
At the EEPROM (OpenBoot) type stop+A.
At the OK prompt type show-displays.
Choose a display - Normally each display will have a letter corresponding to it. (I chose b).
Type setenv output-device ctrl+y - This will set the system to use the new graphics adapter. Control + Y will paste in the graphics adapter's name.
Type reset to restart.
Connect monitor and wait for the system to start up.

Turn Off Keyboard Beep

2009-05-18T17:16:00.000-07:00

From Infrequently asked Solaris questions @ http://www.columbia.edu/~rtt2101/iaoq/#I.A1

How do I disable that annoying beep?

Method 1 - /usr/openwin/bin/xset b 0

Method 2 - /usr/openwin/bin/xset b off

Method 3 - /usr/openwin/bin/xset -b

Other Methods:

If you're working with bash insert bell-style none in your ~/.inputrc or /etc/inputrc.
Disconnect the PC speaker.

Managing Packages on Solaris

2009-05-10T17:23:00.000-07:00

pkgadd - transfer software packages to the system.
pkgrm - remove a package from the system.
pkginfo - display software package information.
Doing a man page look up on each one of those commands will yield further explanation.

How to Change The IP Address on a Solaris 10 Server

2009-05-01T17:26:00.000-07:00

Edit the /etc/inet/ipnodes and /etc/inet/hosts files.
Restart the servers or network service, whatever you feel confortable with.

How to Install an SSL Certificate on IIS 6.0 / Windows 2003 Server

2009-04-20T17:29:00.000-07:00

1. Open Internet Information Services (IIS) Manager.
Start -> Programs -> Administrative Tools -> Internet Information Services (IIS) Manager.

2. Expand "Web Sites".

3. Right-Click on the website on which you want to install the SSL certificate.

4. Choose properties.

5. Click on the Directory Security tab.

6. Click on Server Certificate. At this point the Web Server Certificate Wizard will start.

7. On the first step, click next.

8. Choose "Create a new certificate" and click "Next".

9. Choose " Prepare the request now, but send later" and click next.

10. Choose a name for your certificate, this does not have to be the site URL but it might make things easier in the future especially if you happen to have a lot of sites on the same server.

11. Choose the bit length of the encryption key, the default, 1024 is usually good.

12. I normally do not choose to use a cryptographic service provider. More info about cryptographic service providers can be found here. Click next.

13. Fill in the organization and Organizational Unit information. Click next.

14. Fill in the common name, if the site will be internet accessible, insert the full domain name such as www.sitename.com then click next.

15. Enter the geographical information, do not abbreviate the state name and click next.

16. Save the info to a file and click next, make sure that the information is correct and click next again then click finish. At this point the information is saved to the file, by default it is in c:\certreq.txt.

17. Open the file with notepad or another plain text editor.

18. Copy all of the text.

19. Visit the Verisign Website or another SSL certificate provider and choose the certificate that you want. In this case it would be "Secure Site: SSL Certificates" or "Secure Site Pro: True 128-Bit SSL Certificates".

20. Enter the information required and continue until you get to the " Enter Certificate Signing Request (CSR)" page.

21. On this page, under "select server platform", choose Microsoft.

22. Select Version, Windows 2003 server the version is IIS6.0

23. Paste Certificate Signing Request (CSR), obtained from your server, this is the text copied from c:\certreq.txt.

24. Select Usage, in this case, choose "web server" and click "continue".

25. Enter the challenge phrase and reminder question, click next, accept the agreement.

26. The SSL certificate will be emailed to you.

27. Once the email is received with the attached certificate, copy everything from and including -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----.

28. Save this in a text file and put it on the server on which you need to install the certificate.

29. go back to IIS manager.

30. Right-Click on the website on which you want to install the SSL certificate.

31. Choose properties.

32. Click on the Directory Security tab.

33. Click on Server Certificate. At this point the Web Server Certificate Wizard will start.

34. On the first step, click next.

35. Choose "Process the pending request and install the certificate" and click "Next".

36. Browse the newly created .cer file which contains the information from Verisign and click "Next".

37. Choose SSL port, keep the default value of 443 and click "Next" then Finish.
At this point the installation is complete, but there are a few more configurations that should be done.

In IIS Manager, click on the "Web Site" Tab and choose advanced.Under " Multiple SSL identities for this Web site, choose "add".From the dropdown, choose the IP address that the site is running on and for the SSL port, insert 443. This is the port that the SSL protocol listens on by default.

Click "ok", then "ok" again.

The installation should now be complete.To test, point a browser to https://www.yoursitenamewithssl.com.If no errors occur the SSL certificate installation was successful

AMDIDE.SYS Could Not Be Found

2009-04-15T17:21:00.000-07:00

When installing Microsoft Window 2003 with integrated service pack 1, you might receive "the file amdide.sys could not be found" error.
I experienced while installing Windows 2003 with integrated sp1 on a Dell PowerEdge 1750.
To get around this issue, install Windows 2003 without the integrated service pack, then install the service pack 1.

Where Spam Got Its Name

2009-03-27T17:20:00.000-07:00

http://www.youtube.com/watch?v=ODshB09FQ8w

Domain Information Grouper.

2009-03-15T17:27:00.000-07:00

OK, this is a cheap post.
I feel like I cheated by taking a man page and posting it. My company seems to be getting more and more M$ centric so I hardly ever use DIG because it's not very handy without having to logon to a *nix box. DIG seems way more simple to use than NSLOOKUP so if anyone finds a good DIG port for windows or cygwin, please let me know.

Common valid query types:
Address Records (A)Canonical Name Records (CNAME)Mail Exchange Records (MX)Pointer Records (PTR)Name Server Records (NS)Start Of Authority Records (SOA)Text Record (TXT)Well Known Service (WKS)

More reference material can be found at here and the DOMAIN ADMINISTRATORS OPERATIONS GUIDE put forth by the Network Working Group RFC-1033 can be found here.
---------------------------------------------------------------------------------

NAME
dig - DNS lookup utility

SYNOPSIS
dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-m] [-p port#] [-q name] [-t type] [-x addr] [-y [hmac:]name:key] [-4] [-6] [name] [type] [class] [queryopt...] dig [-h] dig [global-queryopt...] [query...]

DESCRIPTION
dig (domain information groper) is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.

Although dig is normally used with command-line arguments, it also has a batch mode of operation for reading lookup requests from a file. A brief summary of its command-line arguments and options is printed when the -h option is given. Unlike earlier versions, the BIND 9 implementation of dig allows multiple lookups to be issued from the command line.
Unless it is told to query a specific name server, dig will try each of the servers listed in /etc/resolv.conf.

When no command line arguments or options are given, dig will perform an NS query for "." (the root). It is possible to set per-user defaults for dig via ${HOME}/.digrc. This file is read and any options in it are applied before the command line arguments.

The IN and CH class names overlap with the IN and CH top level domains names. Either use the -t and -c options to specify the type and class, use the -q the specify the domain name, or use "IN." and "CH." when looking up these top level domains.
SIMPLE USAGE A typical invocation of dig looks like:
dig @server name type
where:
server is the name or IP address of the name server to query. This can be an IPv4 address in dotted-decimal notation or an IPv6 address in colon-delimited notation. When the supplied server argument is a hostname, dig resolves that name before querying that name server. If no server argument is provided, dig consults /etc/resolv.conf and queries the name servers listed there. The reply from the name server that responds is displayed.
name is the name of the resource record that is to be looked up.
type indicates what type of query is required â ANY, A, MX, SIG, etc. type can be any valid query type. If no type argument is supplied, dig will perform a lookup for an A record. OPTIONS The -b option sets the source IP address of the query to address. This must be a valid address on one of the hostâs network interfaces or "0.0.0.0" or "::". An optional port may be specified by appending "#"
The default query class (IN for internet) is overridden by the -c option. class is any valid class, such as HS for Hesiod records or CH for Chaosnet records.
The -f option makes dig operate in batch mode by reading a list of lookup requests to process from the file filename. The file contains a number of queries, one per line. Each entry in the file should be organized in the same way they would be presented as queries to dig using the command-line interface.
The -m option enables memory usage debugging.
If a non-standard port number is to be queried, the -p option is used. port# is the port number that dig will send its queries instead of the standard DNS port number 53. This option would be used to test a name server that has been configured to listen for queries on a non-standard port number.
The -4 option forces dig to only use IPv4 query transport. The -6 option forces dig to only use IPv6 query transport.
The -t option sets the query type to type. It can be any valid query type which is supported in BIND 9. The default query type is "A", unless the -x option is supplied to indicate a reverse lookup. A zone transfer can be requested by specifying a type of AXFR. When an incremental zone transfer (IXFR) is required, type is set to ixfr=N. The incremental zone transfer will contain the changes made to the zone since the serial number in the zoneâs SOA record was N.
The -q option sets the query name to name. This useful do distinguish the name from other arguments.
Reverse lookups â mapping addresses to names â are simplified by the -x option. addr is an IPv4 address in dotted-decimal notation, or a colon-delimited IPv6 address. When this option is used, there is no need to provide the name, class and type arguments. dig automatically performs a lookup for a name like 11.12.13.10.in-addr.arpa and sets the query type and class to PTR and IN respectively. By default, IPv6 addresses are looked up using nibble format under the IP6.ARPA domain. To use the older RFC1886 method using the IP6.INT domain specify the -i option. Bit string labels (RFC2874) are now experimental and are not attempted.
To sign the DNS queries sent by dig and their responses using transaction signatures (TSIG), specify a TSIG key file using the -k option. You can also specify the TSIG key itself on the command line using the -y option; hmac is the type of the TSIG, default HMAC-MD5, name is the name of the TSIG key and key is the actual key. The key is a base-64 encoded string, typically generated by dnssec-keygen(8). Caution should be taken when using the -y option on multi-user systems as the key can be visible in the output from ps(1) or in the shellâs history file. When using TSIG authentication with dig, the name server that is queried needs to know the key and algorithm that is being used. In BIND, this is done by providing appropriate key and server statements in named.conf.
QUERY OPTIONS dig provides a number of query options which affect the way in which lookups are made and the results displayed. Some of these set or reset flag bits in the query header, some determine which sections of the answer get printed, and others determine the timeout and retry strategies.
Each query option is identified by a keyword preceded by a plus sign (+). Some keywords set or reset an option. These may be preceded by the string no to negate the meaning of that keyword. Other keywords assign values to options like the timeout interval. They have the form +keyword=value. The query options are:
+[no]tcp Use [do not use] TCP when querying name servers. The default behavior is to use UDP unless an AXFR or IXFR query is requested, in which case a TCP connection is used.
+[no]vc Use [do not use] TCP when querying name servers. This alternate syntax to +[no]tcp is provided for backwards compatibility. The "vc" stands for "virtual circuit".
+[no]ignore Ignore truncation in UDP responses instead of retrying with TCP. By default, TCP retries are performed.
+domain=somename Set the search list to contain the single domain somename, as if specified in a domain directive in /etc/resolv.conf, and enable search list processing as if the +search option were given.
+[no]search Use [do not use] the search list defined by the searchlist or domain directive in resolv.conf (if any). The search list is not used by default.
+[no]showsearch Perform [do not perform] a search showing intermediate results.
+[no]defname Deprecated, treated as a synonym for +[no]search
+[no]aaonly Sets the "aa" flag in the query.
+[no]aaflag A synonym for +[no]aaonly.
+[no]adflag Set [do not set] the AD (authentic data) bit in the query. The AD bit currently has a standard meaning only in responses, not in queries, but the ability to set the bit in the query is provided for completeness.
+[no]cdflag Set [do not set] the CD (checking disabled) bit in the query. This requests the server to not perform DNSSEC validation of responses.
+[no]cl Display [do not display] the CLASS when printing the record.
+[no]ttlid Display [do not display] the TTL when printing the record.
+[no]recurse Toggle the setting of the RD (recursion desired) bit in the query. This bit is set by default, which means dig normally sends recursive queries. Recursion is automatically disabled when the +nssearch or +trace query options are used.
+[no]nssearch When this option is set, dig attempts to find the authoritative name servers for the zone containing the name being looked up and display the SOA record that each name server has for the zone.
+[no]trace Toggle tracing of the delegation path from the root name servers for the name being looked up. Tracing is disabled by default. When tracing is enabled, dig makes iterative queries to resolve the name being looked up. It will follow referrals from the root servers, showing the answer from each server that was used to resolve the lookup.
+[no]cmd Toggles the printing of the initial comment in the output identifying the version of dig and the query options that have been applied. This comment is printed by default.
+[no]short Provide a terse answer. The default is to print the answer in a verbose form.
+[no]identify Show [or do not show] the IP address and port number that supplied the answer when the +short option is enabled. If short form answers are requested, the default is not to show the source address and port number of the server that provided the answer.
+[no]comments Toggle the display of comment lines in the output. The default is to print comments.
+[no]stats This query option toggles the printing of statistics: when the query was made, the size of the reply and so on. The default behavior is to print the query statistics.
+[no]qr Print [do not print] the query as it is sent. By default, the query is not printed.
+[no]question Print [do not print] the question section of a query when an answer is returned. The default is to print the question section as a comment.
+[no]answer Display [do not display] the answer section of a reply. The default is to display it.
+[no]authority Display [do not display] the authority section of a reply. The default is to display it.
+[no]additional Display [do not display] the additional section of a reply. The default is to display it.
+[no]all Set or clear all display flags.
+time=T Sets the timeout for a query to T seconds. The default timeout is 5 seconds. An attempt to set T to less than 1 will result in a query timeout of 1 second being applied.
+tries=T Sets the number of times to try UDP queries to server to T instead of the default, 3. If T is less than or equal to zero, the number of tries is silently rounded up to 1.
+retry=T Sets the number of times to retry UDP queries to server to T instead of the default, 2. Unlike +tries, this does not include the initial query.
+ndots=D Set the number of dots that have to appear in name to D for it to be considered absolute. The default value is that defined using the ndots statement in /etc/resolv.conf, or 1 if no ndots statement is present. Names with fewer dots are interpreted as relative names and will be searched for in the domains listed in the search or domain directive in /etc/resolv.conf.
+bufsize=B Set the UDP message buffer size advertised using EDNS0 to B bytes. The maximum and minimum sizes of this buffer are 65535 and 0 respectively. Values outside this range are rounded up or down appropriately. Values other than zero will cause a EDNS query to be sent.
+edns=# Specify the EDNS version to query with. Valid values are 0 to 255. Setting the EDNS version will cause a EDNS query to be sent. +noedns clears the remembered EDNS version.
+[no]multiline Print records like the SOA records in a verbose multi-line format with human-readable comments. The default is to print each record on a single line, to facilitate machine parsing of the dig output.
+[no]fail Do not try the next server if you receive a SERVFAIL. The default is to not try the next server which is the reverse of normal stub resolver behavior.
+[no]besteffort Attempt to display the contents of messages which are malformed. The default is to not display malformed answers.
+[no]dnssec Requests DNSSEC records be sent by setting the DNSSEC OK bit (DO) in the OPT record in the additional section of the query.
+[no]sigchase Chase DNSSEC signature chains. Requires dig be compiled with -DDIG_SIGCHASE.
+trusted-key=#### Specifies a file containing trusted keys to be used with +sigchase. Each DNSKEY record must be on its own line.
If not specified dig will look for /etc/trusted-key.key then trusted-key.key in the current directory.
Requires dig be compiled with -DDIG_SIGCHASE.
+[no]topdown When chasing DNSSEC signature chains perform a top-down validation. Requires dig be compiled with -DDIG_SIGCHASE.
+[no]nsid Include an EDNS name server ID request when sending a query.
MULTIPLE QUERIES The BIND 9 implementation of dig supports specifying multiple queries on the command line (in addition to supporting the -f batch file option). Each of those queries can be supplied with its own set of flags, options and query options.
In this case, each query argument represent an individual query in the command-line syntax described above. Each consists of any of the standard options and flags, the name to be looked up, an optional query type and class and any query options that should be applied to that query.
A global set of query options, which should be applied to all queries, can also be supplied. These global query options must precede the first tuple of name, class, type, options, flags, and query options supplied on the command line. Any global query options (except the +[no]cmd option) can be overridden by a query-specific set of query options. For example:
dig +qr www.isc.org any -x 127.0.0.1 isc.org ns +noqr
shows how dig could be used from the command line to make three lookups: an ANY query for www.isc.org, a reverse lookup of 127.0.0.1 and a query for the NS records of isc.org. A global query option of +qr is applied, so that dig shows the initial query it made for each lookup. The final query has a local query option of +noqr which means that dig will not print the initial querywhen it looks up the NS records for isc.org.
IDN SUPPORT If dig has been built with IDN (internationalized domain name) support, it can accept and display non-ASCII domain names. dig appropriately converts character encoding of domain name before sending a request to DNS server or displaying a reply from the server. If youâd like to turn off the IDN support for some reason, defines the IDN_DISABLE environment variable. The IDN support is disabled if the variable is set when dig runs.
FILES /etc/resolv.conf
${HOME}/.digrc
SEE ALSO host(1), named(8), dnssec-keygen(8), RFC1035.
BUGS There are probably too many query options.
COPYRIGHT Copyright Â© 2004-2008 Internet Systems Consortium, Inc. ("ISC") Copyright Â© 2000-2003 Internet Software Consortium.

MTR

2009-03-01T17:23:00.000-08:00

mtr is another implementation of trace route, it is included with most recent Linux distros.
There is also a port for windows which can be found at http://winmtr.sourceforge.net/.

Here is the man page.

MTR(8)
NAME
mtr - a network diagnostic tool.

SYNOPSIS
mtr [-hvrctglsni] [--help] [--version] [--report] [--report-cycles COUNT][--curses] [--split] [--raw] [--no-dns] [--gtk] [--address IP.ADD.RE.SS][--interval SECONDS] [--psize BYTES -p BYTES] HOSTNAME [PACKETSIZE]

DESCRIPTION
mtr combines the functionality of the traceroute and ping programs in a single Network diagnostic tool.
As mtr starts, it investigates the network connection between the host mtr runs on and HOSTNAME. By sending packets with purposly low TTLs. It continues to send packets with low TTL, noting the response time of the intervening routers.This allows mtr to print the response percentage and response times of the internet route to HOSTNAME. A sudden increase in packet loss or response time is often an indication of a bad (or simply overloaded) link.

OPTIONS
-h --help - Print the summary of command line argument options.
-v --version - Print the installed version of mtr.
-r --report - This option puts mtr into report mode.

When in this mode, mtr will run for the number of cycles specified by the -c option, and then print statistics and exit. This mode is useful for generating statistics about network quality. Note that each running instance of mtr generates a significant amount of network traffic. Using mtr to measure the quality of your network may result in decreased network performance.

-c COUNT --report-cycles

COUNT Use this option to set the number of pings sent to determine both the machines on the network and the reliability of those machines. Each cycle lasts one second. This option is only useful with the -r option.

3COM XM 3300

2009-02-10T17:21:00.000-08:00

The 3Com 3300 XM switch has four default users.
Each user has more priviledges over the other starting with monitor and ending with admin.

The 4 users are:
Monitor
Manager
Security
Admin.

The default passwords are monitor, manager, security respectively and Admin has no password by default.