OpenWRT in Vmware as a light weight router and virtual host
OpenWrt is a Linux distribution for embedded devices and provides a fully writable filesystem with package management. Also for me, it is perfect for running OpenWRT as a small router…
FTP Active mode vs Passive Mode
Traffic flow for Active mode and Passive mode: 1. Active FTP : command : client >1023 -> server 21 data : client >1023 <- server 20Running ftp command from client…
Close Cisco IOS TCP Ports 23, 2002, 4002, 6002, and 9002 from Network Ports Scanning
Just found my Cisco 1921 has same problem on ports 2002, 4002, 6002 and 9002, as described on this post. Symptoms: Some Cisco Cisco Routers (1900/2900 Series) are answering to…
Tripwire Enterprise 8.3 Basic Configuration Steps
Tripwire Enterprise is a security configuration management suite whose Policy Management, Integrity Management, and Remediation Management capabilities stand-alone or work together in a comprehensive, tightly integrated SCM solution. Five Key…
Linux : find big file in the all directories
1. Juniper Firewall find . -type f -size +10000 -exec ls -lh {} ; Sample output: root@FW% find . -type f -size +10000 -exec ls -lh {} ; -rw-r–r– 1…
Cisco VPN LAB 3 : A Simple DMVPN Configuration Example
1. Topology a. Rack is from IOU v5. This lab will use seven routers to complete whole DMVPN configuration and test. b. network topology. It is drew from gliffy website…
IPSec VPN Basic Configuration between two ASA 8.4.2
ASA1# sh ver Cisco Adaptive Security Appliance Software Version 8.4(2) Compiled on Wed 15-Jun-11 18:17 by buildersSystem image file is “Unknown, monitor mode tftp booted image”Config file at boot was…
CISCO ASA VPN Troubleshooting Tips
1. Clear VPN Configuration: clear configure crypto map VPN_AAAA 2. Debug and show commands: Enable logging: ciscoasa#terminal monitorciscoasa(config)# logging buffer-size 1048576ciscoasa(config)# logging buffered 7ciscoasa(config)# logging monitor 7ciscoasa(config)# debug crypto condition…
Script for a simple Checkpoint Firewall Integrity Check
Checkpoint Firewalls are having following important configuration files from this post: objects.C objects.C_41 objects_5_0.C rules.C rulebases.fws rulebases_5_0.fws For Integrity check, you can either monitor those files md5 value or just…
Understanding TCPDUMP Output
These examples in this post bases on Checkpoint Firewalls. In other platform, the output and command options may have a difference. Basic TCPDUMP Commands: tcpdump port 257 , <– on…
Cisco L2 L3 IOU Rack V5 (newer version from Cisco L2 L3 IOU Rack V3)
I was using Cisco L2 L3 IOU Rack V3 from flyxj for quite a while. Recently found Cisco L2 L3 IOU Rack V5. Not much difference except more devices in…
Cisco VPN LAB 4 : EZ VPN Between ASA 8.4.2, IOS Router and EZVPN Client Software
Cisco VPN Lab Series: Cisco VPN LAB 1 : Simple Easy VPN Example between Routers and Comparison with DMVPN Cisco VPN LAB 2 : IPSec VPN Example Between Two ASA…