powershell script to ping multiple ip addresses

Taken fromhttps://social.technet.microsoft.com/wiki/contents/articles/52396.powershell-ping-list-of-ip-addresses.aspx 

Note that we're using System.Net.NetworkInformation.Ping in these examples. However, you could also use the Test-Connection Jump PowerShell cmdlet or some other command maybe

script----------------------------------

Start-Transcript -Path .\log.txt

(Get-Content .\IPAddresses.txt) | ForEach {Write-Host $_, "-", ([System.Net.NetworkInformation.Ping]::new().Send($_)).Status}

Stop-Transcript

script----------------------------------

input file--------------------------------

1.1.1.1

8.8.8.8

8.8.4.4

input file--------------------------------

pfsense

pfsense is open source firewall for linux

Can be run on any x86 machine with 2 (preferably intel) NICs 

It can be of interest to business because the company https://www.netgate.com/ creates hardware and can also provide support.

It can also be virtualised in VMware etc.

Sample business 7000 users 

Used pair of Netgate 7100 in HA

Each 7100 costs like $1200 so $2400 for the pair

Put that price up against similar setup from Cisco/Palo/Sonicwall

pfsense is the project

pfsense+ is a product a few hundred bucks a year for a support, can be increase for lower SLA

tnsr is a netgate product for faster routing at datacentre level. pfsense is all GUI, tnsr is all CLI.

Limitations

The main thing its missing the full SSL traffic inspection. It can do it but it doesn't work well. Not many firewalls can do the SSL inspection on

You need to put bypass in for cert pinning like google / paypal etc

How many customers running cisco/palo are actually doing full SSL decryption ?

Can't go bigger than 10gig interface but probably not an issue for the target SME's.

80-100 concurrent VPN users. 

Investigating high CPU usage on cisco ASA

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113185-asaperformance.html


http://www.tunnelsup.com/troubleshooting-high-cpu-on-a-cisco-asa

For FTD

show process cpu-usage sorted non-zero

show conn | include .*INSIDE .*DMZ

sh cpu usage

Generate TS file during issues, TAC said its ok to do but seems like it would push your CPU higher maybe there is a separate CPU for TS file generation.

awk commands

The awk action is inside braces {}

ps | awk '{print $1}''

Default separator is spaces

Change it to , for csv

awk -F ","

Change to : for passwd file

awk -F ":"

awk -F ":" '{print $1}' /etc/passwd

Print out multiple columns

awk -F ":" '{print $1 $6 $7}' /etc/passwd

Add some tabs between outputs to make it more readable

awk -F ":" '{print $1"\t"$6"\t"$7}' /etc/passwd

Change the field separator

Work on data that has : as field separator

But output the data with - as the field separator 

awk 'BEGIN{FS=":" OFS="-"} {print $1,$6,$7}' /etc/password

Print the last column

awk -F "/" '/^\//' {print $NF} /etc/shells | uniq | sort

the /'s need to be escaped \/dev

df | awk '/\/dev\/loop/' {print $1"\t"$2}

Find all the /bin/fish running

ps -ef | awk '{if ($NF == "/bin/fish") print $0}'

For loop

awk 'BEGIN {for 1=1; i<=10; i++) print "The square root of", i, "is", i*i';}'

Matching a pattern

awk '$1 ~ /^[b,c]/ {print $0}' .bashrc

awk 'match ($0, /mystring/' {print $0}'' numbered.txt

Print a section (NR number of records, line numbers)

between lines 7 and 11

df | awk 'NR==7, NR==11 {print NR, $0}'

Getting a line count

awk 'END {print NR}' /etc/shells