UK / Europe Highlights and Oktoberfest

This trip pretty much included the highlights of europe and Oktoberfest. Fast paced but managed to see a lot in the time allocated!

Countries Covered (no visa’s required):

• England
• France
• Italy
• Germany
• Switzerland
• Austria
• Croatia
• Slovenia
• Czech Republic
• Netherlands
• Belgium
• Monaco
• Vatican City
• Spain
• Malaysia
• Singapore

Highlights!

Big Ben | London Eye | London Bridge | Eiffel Tower | Colosseum | Leaning tower of Pisa | Mona Lisa | Sistine Chapel | Amsterdam Red Light District| Pantheon Rome | Oktoberfest | Mozart’s house | Mauthausen Gusen | Brighton Beach | Berlin Wall | Stone Henge | Windsor Castle | Notre Dame |Arch de Triomphe | Champs d’Elysees | Trevi Fountain | Walhalla temple | Sacré-Cœur Basilica | Venus de Milo |  Statue of David

Ground work

Itinerary

18 AUG - NEWCASTLE TO SYDNEY to LONDON (Depart SYD 4:40PM - British Airways)
19 AUG - LONDON Arrive 6:35 AM | Accommodation: Friends / Family
20 AUG - LONDON |Accommodation: Friends / Family
21 AUG - LONDON | Accommodation: Friends / Family
22 AUG - LONDON | Accommodation: Friends / Family
23 AUG - LONDON | Accommodation: Friends / Family
24 AUG - LONDON | Accommodation: Friends / Family
25 AUG - LONDON TOP DECK (Depart 7:00am) | Accommodation: Campanile Bagnolet
26 AUG - PARIS - Sight Seeing | Accommodation: Campanile Bagnolet
27 AUG - PARIS TO SWISS ALPS, SWITZERLAND | Accommodation: Hotel Rigi First
28 AUG - SWISS ALPS - Day Trip to Lucerne | Accommodation: Hotel Rigi First
29 AUG - SWISS ALPS TO FRENCH RIVIERA, FRANCE | Accommodation: Kyriad Gare
30 AUG - FRENCH RIVIERA | Accommodation: Kyriad Gare
31 AUG - FRENCH RIVIERA TO FLORENCE, ITALY | Accommodation: Columbus Hotel
01 SEP - FLORENCE TO ROME | Accommodation: Hotel Beethoven
02 SEP - ROME | Accommodation: Hotel Beethoven
03 SEP - ROME TO VENICE | Accommodation: Hotel Centrale
04 SEP - VENICE | Accommodation: Hotel Centrale
05 SEP - VENICE TO PAG ISLAND, CROATIA | Accommodation: Hotel Loza
06 SEP - PAG ISLAND | Accommodation: Hotel Loza
07 SEP - PAG ISLAND TO LJUBLJANA, SLOVENIA | Accommodation: Ljubljana Resort Hotel & Camping
08 SEP - LJUBLJANA TO SALZBURG, AUSTRIA | Accommodation: Hotel Haunsperger hof
09 SEP - SALZBURG TO PRAGUE, CZECH REPUBLIC | Accommodation: Hotel ILF
10 SEP - PRAGUE | Accommodation: Hotel ILF
11 SEP - PRAGUE TO BERLIN, GERMANY | Accommodation: Hotel Aurum
12 SEP - BERLIN | Accommodation: Hotel Aurum
13 SEP - BERLIN TO AMSTERDAM, NETHERLANDS | Accommodation: Amstel Botel
14 SEP - AMSTERDAM | Accommodation: Amstel Botel
15 SEP - AMSTERDAM TO LONDON, ENGLAND (Arrive 9:00pm)
16 SEP - LONDON | Accommodation: Best Western Mornington
17 SEP - LONDON | Accommodation: Best Western Mornington
18 SEP - LONDON to MUNICH, GERMANY (Depart 1:15PM)| Accommodation: Friends / Family
19 SEP - MUNICH, GERMANY | Accommodation: Friends / Family
20 SEP - MUNICH OKTOBERFEST | Accommodation: Friends / Family
21 SEP - MUNICH OKTOBERFEST | Accommodation: Friends / Family
22 SEP - REGENSBURG | Accommodation: Friends / Family
23 SEP - REGENSBURG | Accommodation: Friends / Family
24 SEP - REGENSBURG TO DUSSELDORF, GERMANY | Accommodation: Friends / Family
25 SEP - DUSSELDORF / COLOGNE | Accommodation: Friends / Family
26 SEP - DUSSELDORF TO BARCELONA, SPAIN (Depart 3:15PM)| Accommodation: Yellow Nest Hostel
27 SEP - BARCELONA | Accommodation: Yellow Nest Hostel
28 SEP - BARCELONA | Accommodation: Yellow Nest Hostel
29 SEP - BARCELONA | Accommodation: Friends / Family
30 SEP - BARCELONA TO LONDON, ENGLAND (Depart 1:50PM)| Accommodation: Central Park Hotel
01 OCT - LONDON to KENT, ENGLAND | Accommodation: Friends / Family
02 OCT - KENT / BRIGHTON | Accommodation: Friends / Family
03 OCT - LONDON TO SINGAPORE TO KLANG, MALAYSIA (Depart LON 8:30PM) | Accommodation: Friends / Family
04 OCT - KLANG | Accommodation: Friends / Family
05 OCT - KLANG | Accommodation: Friends / Family
06 OCT - KLANG | Accommodation: Friends / Family
07 OCT - KLANG TO SINGAPORE TO SYDNEY, AUSTRALIA  (Depart SIN 7:50PM)
08 OCT - SYDNEY TO NEWCASTLE, AUSTRALIA  - 6:10 AM

Flights

I flew between Australia and England using British Airways booked through Jetabroad. No major reason for flying British Airways except they transited via Singapore on the way home which made it easier for a stop over in Malaysia and they had a special on at the time. I used the following sites when hunting for cheap flights, also when booking check the flight time since it can vary a lot!

http://www.jetabroad.com.au/
http://www.webjet.com.au/flights/london/
http://www.farecompare.com

I would also recommend making a stopover on the way back since going over your all excited for holidaying, but on the way back who wants to go back to work! Plus it helps re-adjust to the time zone.

For interconnecting flights within europe I used the following sites:

http://www.ryanair.com
http://www.easyjet.com
http://www.cheapflights.co.uk
http://www.opodo.co.ukhttp://www.ebookers.com/

When flying in and out of London to europe, its heaps cheaper to fly from Stansted Airport or Gatwick Airport. You cannot catch the tube to these airports like Heathrow however there are trains which take about 30 ~ 1 hour to or from London. NOTE these trains usually stop running at about 12am

Gatwick Express: Arrives / Departs:  London Victoria train station – Cost £16

Stansted Express: Arrives / Departs:  London Liverpool Street train station – Cost £21 (Free wi-fi)

Tours

2 companies which are pretty good for traveling, sightseeing and partying are TOP DECK and CONTIKI they both pretty much do the exact same sights but small differences in places to stay and cities visited. I chose Top Deck Europe Uncovered this time round since it left at the right time and did Berlin instead of Munich since I knew I was going to visit that city for Oktoberfest! Usually these companies will do discounts on their trips so keep an eye out on their websites!

Also Top Deck seems a bit more chilled with maybe less people on the bus and an older crowd (mid to late 20s). Contiki has more people on the bus and maybe younger people keen to get loose every night, just depends on what your after!

Oktoberfest

Most people think you need to buy a ticket or book a table at Oktoberfest which is not the case. Booking a table in one of the beer halls would be great however i believe you need to do this 1 year in advance. The best way to do it is as follows:

• Go during a weekday, there is heaps of people on a weekday and I would hate to think what it is like on the weekend!
• Getting to and from is best done via U-Bahn (Train). The stop to get off at is Theresienwiese
• Get there early or around lunch time. Usually you can get a table inside the beer hall up until 5pm. At this time tables are cleared for people with bookings.
• Try and get a table just outside the beer halls at 5pm or just before. This is the best option for eating dinner since you can get hendl (Roast chicken) or haxen (Pork Knuckle) after dinner you can choose to keep drinking or ride some rides!
• The festival usually wraps up about 11pm at night.

Accommodation

When accommodation wasn’t taken care of by top deck or I was not staying with family and friends, the following websites were used to assist with accommodation booking:

http://www.hostelbookers.com/
http://www.booking.com/
The following accommodation was chosen for each city.

London (Bayswater area was nice!)

Best Western Mornington - 2 Nights
Very nice hotel close to where top deck does pickup and drop off. Also has a laundry mat in the next street across and free WI-FI though a bit more expensive.
Central Park Hotel - 1 Night
Closer yet to Bayswater / Queensway tube station than Best Western though not as nice and no free internet, flip side is its a lot cheaper!

Barcelona

Yellow Nest Hostel - 3 Nights
Easily the sickest hostel I have stayed in not sure what it was about it but was easy to meet people. Stayed in a 12 room mixed dorm, had a games room and organised dinners / pub crawls which was sweet! Clean and nice!

On the ground

$$$$$$$

As always i find the best way to manage money in another country is just by working out the currency difference from a currency exchange and withdrawing it using a visa card from an ATM, you do end up paying a cash fee but the convenience is soo good!

I met a few people using this credit card which had no fees! Sounded too good to be true so i did some research. Turns out it does exist, only downside is that it charges interest from the day of withdrawal

http://www.28degreescard.com.au

Getting around

Getting around in London the only way is the tube! Top Deck handled pretty much all of the other interconnecting travel however knowing each cities public transport system is handy see below for each cities transport map!

• London
• Paris
• Rome
• Prague
• Berlin
• Barcelona

Beware!!

Out of all the places I have been, Europe (Especially Paris and Barcelona) seems to have the most scams and con artists! If there is anywhere you need to be more vigilant in looking after your stuff its here! Two chicks and myself had issues with pick pockets. If you are careful (keep your wallet in your front pocket / have a money belt) you should be OK. Best advice is don’t carry any more money then you are willing to loose!!

Young, frequently attractive women coming up to tourists with pledge sheets. They pretend to be deaf people collecting money for one charity or another. These scammers frequent tourist areas and are generally harmless. If you simply ignore them they will leave you alone. I was walking down the street next to a few of these girls then suddenly they start talking to each other! Talk about dodgy, if you want to give to charity then give to a registered one!

Beware of touristy areas where there are gambling stands with people playing. The guys standing and playing are accomplices of the person manning the booth. They usually play with 3 black rubber coins to guess the one with a white piece of paper stuck underneath. They will time it to catch your attention as your walking past. You can never win at that as they switch hands and do not let you open it yourself, also while the person manning the booth talks the guys “watching” can switch the coins. They usually operate in crowded places, don’t be fooled!

Another thing to be wary of is people asking where do you come from with strings in their hand. They will make small talk with you while tying a friendship band around your finger. After that they will demand money from you.

The subway is a hotbed for pickpocketing activity, which can range from simple opportunistic thefts to coordinated attacks. Be especially wary on the subway platforms at Sants train station (Barcelona) going to the airport. A group of men / man will start to board the train and stand in the door way while you attempt to enter a subway car. They may ask you questions to distract you like “Does this train go to the airport” or “how many stops until the airport”. These men / man may not look like your stereotypical pick pocket, again don’t carry more than your willing to loose or keep your wallet in hard to reach places.

Once they take stuff, they quickly return to the platform and walk off calmly while you are trapped in the departing subway as they make sure they exit just before the doors cannot be reopened. Violence in these situations is rare, and in most cases the goal of the thieves is to rob you undetected.

Cost

Travel Insurance = $243.00AUD (TID - 10% DISCOUNT CODES: SPRING2011 WINTER2011 TIDTHANKS)Flights to/from Australia = $2182.44AUD (Jetabroad)Connecting flights = $831.30AUD (Lufthansa | Air Berlin| Easy Jet | Air Asia )Accommodation = $782AUD (all places listed above)Tours =  $3843AUD ($3736 Topdeck + $107 Sightseeing Tours London)

Food

Pretty much the same price as Australia if you don’t convert it. For example mac donalds costs about $10 and eating in a restaurant could be between $15 ~ $40 beers are about $5 however you need to budget in the currency of the country you are going to.

Misc

Cappuccino (Paris) = 5.20€
Heineken Brewery (Amsterdam) = 16€
Rome Metro ticket = 1€
Barcelona T-10 (10 trips) = 8.25€
Return train trip to Cannes from Nice (France) = 12€
6 x Escargot (Paris - Restaurant) = 7€
Coke a Cola (Paris - Restaurant) = 4€
Steak and Chip (Paris - Restaurant) = 13.50€
Gin + Tonic (Barcelona – Club) = 10€
Oktoberfest Stein of beer = 10€
Oktoberfest Roast chicken (Hendl) = 10€
Oktoberfest Pork Knuckle = 10€

APPROX TOTAL PRICE = $7882 + spending money ($5000 for food, partying and random expenses).

Final words.

Europe is pretty much where modern civilization began! There is more history than you can poke a stick at! From Ancient Greece to the Roman Empire, Renaissance, French Revolution, Industrial Revolution, World War I and II, Cold War and the Iron Curtain.

Not only will historical events keep you thinking but the architecture and cultural history will enlighten. Definitely a must do at some point in your life.

openvas 4 how to setup guide

Yet another how to guide to hopefully save people some time when setting up openvas4

For this guide i have installed and configured openvas4 running on centos 5.2

Installation

download and install centos which can be found here(i used centos 5.2) once installed setup your yum repositories for openvas4

[root@localhost ~]#wget -q -O - http://www.atomicorp.com/installers/atomic | sh

[root@localhost ~]#yum update

[root@localhost ~]#yum upgrade

[root@localhost ~]# yum search openvas
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * atomic: www6.atomicorp.com
 * base: mirror.optus.net
 * extras: mirror.optus.net
 * updates: mirror.optus.net
=============================== Matched: openvas ===============================
greenbone-security-assistant.i386 : GSA
openvas.noarch : The Open Vulnerability Assessment (OpenVAS) suite
openvas-administrator.i386 : The Open Vulnerability Assessment (OpenVAS)
                           : Administrator
openvas-cli.i386 : The Open Vulnerability Assessment (OpenVAS) CLI
openvas-glib2.i386 : A library of handy utility functions
openvas-glib2-devel.i386 : The GIMP ToolKit (GTK+) and GIMP Drawing Kit (GDK)
                         : support library
openvas-libraries.i386 : Support libraries for Open Vulnerability Assessment
                       : (OpenVAS) Server
openvas-libraries-devel.i386 : Development files for openvas-libraries
openvas-manager.i386 : The Open Vulnerability Assessment (OpenVAS) Manager
openvas-scanner.i386 : The Open Vulnerability Assessment (OpenVAS) Server
[root@localhost ~]#

install openvas4

[root@localhost ~]# yum install openvas
 [root@localhost ~]# yum install openvas-administrator

[root@localhost ~]# /etc/init.d/openvas-scanner status
 openvassd (pid 5796) is running...
 [root@localhost ~]# /etc/init.d/openvas-manager status
 -l (pid 4550) is running...
 [root@localhost ~]# /etc/init.d/openvas-administrator status
 -l (pid 4931) is running...
 [root@localhost ~]# /etc/init.d/gsad status
 gsad (pid 4587) is running...
 [root@localhost ~]#

Configure Openvas4

Once you have openvas4 installed and running its time to configure. Start off by creating an user which is used to access the web interface

[root@localhost ~]# openvas-adduser
Using /var/tmp as a temporary file holder.

Add a new openvassd user
---------------------------------
Login : openvas
Authentication (pass/cert) [pass] :
Login password :
Login password (again) : 

User rules
---------------
openvassd has a rules system which allows you to restrict the hosts that openva has the right to test.
For instance, you may want him to be able to scan his own host only.

Please see the openvas-adduser(8) man page for the rules syntax.

Enter the rules for this user, and hit ctrl-D once you are done:
(the user can have an empty rules set)

Login             : openvas
Password          : ***********

Rules             : 

Is that ok? (y/n) [y] y
user added.
[root@localhost ~]#

I had to elevate the users privileges to be able to login and use the web interface (Greenbone security assistant)

[root@localhost ~]# openvasad --enable-modify-settings -c set_role -u openvas -r Admin
ad   main:MESSAGE:2684:2011-06-30 10h28.20 EST: The role of user openvas has been successfully changed.
[root@localhost ~]#

Update your signatures to ensure you have all the latest vulnerability tests

[root@localhost auth]# openvas-nvt-sync
[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.
[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.
[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.
[i] NVT dir: /var/lib/openvas/plugins
[i] Will use rsync
[i] Using rsync: /usr/bin/rsync
[i] Configured NVT rsync feed: rsync://feed.openvas.org:/nvt-feed
OpenVAS feed server - http://openvas.org/
This service is hosted by Intevation GmbH - http://intevation.de/
All transactions are logged.
Please report problems to admin@intevation.de

receiving file list ...
43805 files to consider
./

sent 43 bytes  received 742045 bytes  87304.47 bytes/sec
total size is 96498257  speedup is 130.04
[i] Checking dir: ok
[i] Checking MD5 checksum: ok

[root@localhost ~]# /etc/init.d/openvas-scanner restart

Add the following to cron if you would like your signatures automatically updated

#update signatures on the 27th of each month at 1am
#crontab -e
0 1 27 * * /usr/sbin/openvas-nvt-sync-cron

Using Openvas4

Once all the above is done you can setup a scan by doing the following:

browse to the openvas4 web interface on: https://localhost:9392 and log in with your credentials you created above.

Once logged in create a new target by selecting targets from the left hand menu. Fill in appropriate details (you can also use /subnet masks on the end of the network) and create target

Next create a task by selecting New Task from the left hand menu. Fill in the appropriate fields and select your newly created target. Click on create task

Once you have created your new task you can launch the scan manually by clicking on the little play icon. This will launch the scan of the target machine. You can also see the progress of this scan with the progress bar

You can also create a scan schedule which will automatically kick off your scan at the specific time / interval. To setup a schedule select schedules from the left hand menu, fill in the appropriate details and frequency then select create schedule.

To add your schedule to a task, select Tasks from the left hand menu then click on the little spanner icon to edit your task.

Change the schedule drop down to your newly created scheduled time / frequency and save task.

You can now see you cannot manually run your task, a clock icon has replaced the play button which will start your task at the specified time.

Troubleshooting

NIKTO

I had issues with nikto when scanning saying: “Could not find a valid nikto config file” so i had to create the following configuration

/etc/nikto.conf

#########################################################################################################
# CONFIG STUFF
# $Id: config.txt 94 2009-01-21 22:47:25Z deity $
#########################################################################################################

# default command line options, can't be an option that requires a value.  used for ALL runs.
# CLIOPTS=-g -a

# ports never to scan
SKIPPORTS=21 111

# User-Agent variables:
 # @VERSION     - Nikto version
 # @TESTID      - Test identifier
 # @EVASIONS    - List of active evasions
USERAGENT=Mozilla/5.00 (Nikto/@VERSION) (Evasions:@EVASIONS) (Test:@TESTID)

# RFI URL. This remote file should return a phpinfo call, for example: 
# You may use the one below, if you like.
RFIURL=http://cirt.net/rfiinc.txt?

# IDs never to alert on (Note: this only works for IDs loaded from db_tests)
#SKIPIDS=

# if Nikto is having difficulty finding the 'plugins', set the full install path here
EXECDIR=/usr/share/nikto

# The DTD
NIKTODTD=docs/nikto.dtd

# the default HTTP version to try... can/will be changed as necessary
DEFAULTHTTPVER=1.0

# Nikto can submit updated version strings to CIRT.net. It won't do this w/o permission. You should
# send updates because it makes the data better for everyone    *NO* server specific information
# such as IP or name is sent, just the relevant version information.
# UPDATES=yes   - ask before each submission if it should send
# UPDATES=no    - don't ask, don't send
# UPDATES=auto  - automatically attempt submission *without prompting*
UPDATES=yes

# Warning if MAX_WARN OK or MOVED responses are retrieved
MAX_WARN=20

# Prompt... if set to 'no' you'll never be asked for anything. Good for automation.
#PROMPTS=no

# cirt.net : set the IP so that updates can work without name resolution -- just in case
CIRT=174.142.17.165

# Proxy settings -- still must be enabled by -useproxy
#PROXYHOST=127.0.0.1
#PROXYPORT=8080
#PROXYUSER=proxyuserid
#PROXYPASS=proxypassword

# Cookies: send cookies with all requests
# Multiple can be set by separating with a semi-colon, e.g.:
# "cookie1"="cookie value";"cookie2"="cookie val"
#STATIC-COOKIE=

# The below allows you to vary which HTTP methods are used to check whether an HTTP(s) server
# is running. Some web servers, such as the autopsy web server do not implement the HEAD method
CHECKMETHODS=HEAD GET

# If you want to specify the location of any of the files, specify them here
# EXECDIR=/opt/nikto
# PLUGINDIR=/opt/nikto/plugins
# TEMPLATEDIR=/opt/nikto/templates
# DOCDIR=/opt/nikto/docs

# Default plugin macros
@@MUTATE=dictionary;subdomain
@@DEFAULT=@@ALL;-@@MUTATE;tests(report:500)

#Choose SSL libs
# Options:
# SSLeay        - use Net::SSLeay
# SSL           - use Net::SSL
# auto          - automatically choose whats available
#                 (SSLeay wins if both are available)
LW_SSL_ENGINE=auto

The following was needed to update nikto

[root@localhost nikto]# mkdir docs

[root@localhost nikto]# touch docs/CHANGES.txt
[root@localhost nikto]# nikto.pl -update

UNIX sudo guide for setting up restricted access for user accounts

another thing i was looking to setup quickly but couldn’t find anyone else with examples on the web was restricted sudo access. The below links are good examples of sudo however don’t seem to think about the implications of allowing users to have access to the passwd command. If your wondering what sudo is click here!

http://www.gratisoft.us/sudo/sample.sudoers

http://benaiah41.wordpress.com/2008/08/15/37/

Most people who know sudo know the usual ALL=(ALL) ALL in the sudoers file. Its actually possible to give restricted sudo access to commands based on user / group / server information. I have implemented it specifically for a technical ops kind of role which enables them to do basic tasks but does not give them full system access. The below implementation was done using ixSudo (A.16.00-1.7.4p6.001) on HPUXv3 however this should work on most sudo implementations. If anyone knows what versions it does / doesn’t work on feel free to contact me on your experiences!

Step 1. Install Sudo

To install sudo on HPUX:

• download the sudo package from http://software.hp.com
• swinstall -s /pathtodepot/sudodepot.depot

To install sudo on Linux or other UNIX:

• apt-get install sudo or yum install sudo depending on your flavor (linux)
• rpm -ivh /pathtorpm/sudopackage.pm (linux)
• pkgadd -d sudo (solaris)
• untar source, ./configure, make, make install

Step 2. Configure Sudo

On this version of sudo the sudoers file is located at: /opt/iexpress/sudo/etc/sudoers

Most sudoers file location is either: /etc/sudoers or /usr/local/etc/sudoers

You need to edit / vi the configuration and add the following config. Just a brief overview what is configured:

• user accounts (in the /etc/passwd file) are user1, user2, user3, user4 and leea
• a few command alias groups are configured which enables you to give users access to groups of commands (say you wanted to give uses access to printing functions, account management, etc)
• the NOPASSWD: line allows those commands to be executed without users having to supply their password
• the !/command denies the user the ability to run as root. for example you may want a user to be able to reset accounts but not change the root password. this is important since if not setup correctly you essentially are giving them root access!!!!

User_Alias    TECHOP = user1, user2, user3, user4, leea

Cmnd_Alias     PRINTING = /usr/bin/cancel, /usr/bin/enable, /usr/bin/disable,\
/usr/sbin/lpmove, /usr/sbin/accept, /usr/sbin/lpsched, /usr/sbin/lpshut

Cmnd_Alias     USERS = /usr/lbin/modprpw -k *, /usr/bin/passwd [A-z]*, !/usr/bin/passwd root

Cmnd_Alias     TECHOP_CMD = /usr/bin/passwd [A-z]*, !/usr/bin/passwd root,\
/usr/bin/crontab -l *, /usr/lbin/modprpw -x *,\
/usr/sbin/fuser, !/usr/sbin/fuser -k *,\
/usr/bin/find, !/usr/bin/find * -ok *, !/usr/bin/find * -exec *,\
!/usr/bin/find * -cpio *, !/usr/bin/find * -ncpio *,\
/usr/bin/file, /usr/bin/ls, /usr/bin/du -ks *, /opt/OV/bin/OpC/opcagt

root ALL=(ALL) ALL
TECHOP ALL=(root) NOPASSWD: /usr/bin/sudo -l
TECHOP ALL = (root) TECHOP_CMD,PRINTING, USERS

Step 3.Test Sudo

use #sudo -l to show what sudo commands are available to run under your account

hpuxserver:/home/leea# sudo -l
User leea may run the following commands on this host:
    (root) NOPASSWD: /usr/bin/sudo -l
    (root) /usr/bin/passwd [A-z]*, !/usr/bin/passwd root, /usr/bin/crontab -l
    *, /usr/lbin/modprpw -x *, /usr/sbin/fuser, !/usr/sbin/fuser -k *,
    /usr/bin/find, !/usr/bin/find * -ok *, !/usr/bin/find * -exec *,
    !/usr/bin/find * -cpio *, !/usr/bin/find * -ncpio *, /usr/bin/file,
    /usr/bin/ls, /usr/bin/du -ks *, /opt/OV/bin/OpC/opcagt, (root)
    /usr/bin/cancel, /usr/bin/enable, /usr/bin/disable, /usr/sbin/lpmove,
    /usr/sbin/accept, /usr/sbin/lpsched, /usr/sbin/lpshut, (root)
    /usr/lbin/modprpw -k *, /usr/bin/passwd [A-z]*, !/usr/bin/passwd root

below is an example of not using / using sudo (notice the permission issues when not using sudo)

hpuxserver:/home/leea# find /opt/ -mtime -1
/opt/hpsmh/data/htdocs/navfile.htm
find: cannot open /opt/hpsmh/tomcat/conf20
find: cannot open /opt/hpsmh/tomcat/conf22
find: cannot open /opt/hpsmh/tomcat/work
/opt/hpsmh/conf22/php.ini
/opt/hpsmh/conf22/mod_proxy.conf
/opt/hpsmh/conf22/smhpd.conf
/opt/hpsmh/conf22/hmmolist.map
find: cannot open /opt/sfm/bin
/opt/hpws22/apache/logs
find: cannot open /opt/hpws22/webmin/conf
find: cannot open /opt/hpws22/webmin/logs
find: cannot open /opt/hpws22/webmin/newconfig/opt
/opt/fcms/debug
find: cannot search /opt/ssh/src
find: cannot open /opt/uxprov/bin
find: cannot open /opt/swa/mx
find: cannot open /opt/swa/mxhelp
find: cannot open /opt/hpwebadmin
/opt/hpservices/cfg
/opt/hpservices/cfg/cfg2html.sh.out
/opt/hpservices/cfg/hpuxserver.html
/opt/iexpress/sudo/etc/sudoers
hpuxserver:/home/leea#

hpuxserver:/home/leea# sudo find /opt/ -mtime -1
sudo: /var/adm owned by uid 4, should be uid 0

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

    #1) Respect the privacy of others.
    #2) Think before you type.
    #3) With great power comes great responsibility.

Password:
Last successful login:       Tue Jul 12 15:52:30 EST 2011
Last authentication failure: Mon Jul 11 11:40:48 EST 2011 10.10.10.10
/opt/hpsmh/data/htdocs/navfile.htm
/opt/hpsmh/conf22/php.ini
/opt/hpsmh/conf22/mod_proxy.conf
/opt/hpsmh/conf22/smhpd.conf
/opt/hpsmh/conf22/hmmolist.map
/opt/hpws22/apache/logs
/opt/fcms/debug
/opt/hpservices/cfg
/opt/hpservices/cfg/cfg2html.sh.out
/opt/hpservices/cfg/hpuxserver.html
/opt/iexpress/sudo/etc/sudoers
hpuxserver:/home/leea#