Python

This is a list of useful commands related to Python.

Jupyter notebook location

When starting jupyter notebooks on Windows the shortcut defaults to my profile directory.  To get round this create a jupyter config:

jupyter notebook --generate-config

This will be located in .jupyter\jupyter_notebook_config.py within the profile directory.

Update c.FileContentsManager.root_dir to point to the folder for notebooks

Machine learning

Frequency analysis with Python https://sites.google.com/site/haskell102/home/frequency-analysis-of-audio-file-with-python-numpy-scipy

scikit-learn documentation http://scikit-learn.org/stable/user_guide.html

Azure Machine Learning documentation

Sequential data

http://web.engr.oregonstate.edu/~tgd/publications/mlsd-ssspr.pdf

Fraud detection with Azure Stream Analytics https://azure.microsoft.com/en-us/documentation/articles/stream-analytics-real-time-fraud-detection/

Streaming analytics in Python http://matthewrocklin.com/blog/work/2014/07/04/Streaming-Analytics

Anomaly detection

Azure anomaly detection

Azure One-Class Support Vector Machine

Enable RDS RestrictedAdmin mode

Enable for incoming connections:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa
Name: DisableRestrictedAdmin
Type: REG_DWORD
Value: 0

To require for outgoing connections:

  1. Edit the Group Policy and navigate to the following node:
    Computer Configuration\Policies\Administrative Templates\System\Credentials Delegation
  2. Configure the value of “Restrict delegation of credentials to remote servers” to Enabled.

See https://blogs.technet.microsoft.com/srd/2014/06/05/an-overview-of-kb2871997/ for additional security features.

E-mail security

Validation tools:

Configuration:

F5 BIG-IP Rest API Security

I’ve been using the BIG-IP rest API to read the configuration of LTM, and I wanted to reduce the risk of accidental changes.  During my investigation I can across the post: https://devcentral.f5.com/questions/read-only-access-to-icontrol-rest-api, which showed the way to configure role based access control for the Rest API.

I wanted to create a new rule for a read only account (‘monitor’), the account is configured as Guest within BIG-IP.  In order to do this I created a new access rule you need the POST method:

curl -k -u admin:adminpass -X POST https://1.1.1.1/mgmt/shared/authz/roles -d @addRule.json

where addRule.json is:

{"name": "iControl_REST_API_monitor","userReferences":[{"link":"https://localhost/mgmt/shared/authz/users/monitor"}],"resources":[{"resourceMask":"/mgmt/tm/ltm","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*/*","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*/*/*","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*/*/*/*","restMethod":"GET"}]}

This worked fine until I discovered I did not have enough depth in rules to cover the data I wanted to retrieve. To update the rule you need the PUT method:

curl -k -u admin:adminpass -X PUT https://1.1.1.1/mgmt/shared/authz/roles/iControl_REST_API_monitor -d @updateRule.json

where updateRule.json is:

{"userReferences":[{"link":"https://localhost/mgmt/shared/authz/users/monitor"}],"resources":[{"resourceMask":"/mgmt/tm/ltm","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*/*","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*/*/*","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*/*/*/*","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*/*/*/*/*","restMethod":"GET"},{"resourceMask":"/mgmt/tm/ltm/*/*/*/*/*/*","restMethod":"GET"}]}

TMG from PowerShell

I recently had to perform an audit of TMG rules and used PowerShell to access the object model.  Below are a couple of sample commands that show accessing various parts of the TMG object model with PowerShell.

$tmg = New-Object -ComObject "FPC.Root"
$proxy = $tmg.Arrays | ? {$_.DNSName -eq "PROXY"}
($proxy.ArrayPolicy.PolicyRules | ? {$_.Name -eq "Allow Sample Sites Access"}).AccessProperties.DestinationDomainNameSets
($proxy.ArrayPolicy.PolicyRules | ? {$_.Name -eq "Allow Sample Sites Access"}).AccessProperties.UserSets
$proxy.RuleElements.DomainNameSets.Item("Sample Sites")
$proxy.RuleElements.UserSets.Item("Sample Site Access Group").Accounts

The following links are useful reference material for interpreting TMG logs: