Recent Updates Page 2 Toggle Comment Threads | Keyboard Shortcuts

  • elguber 11:16 on 28 April 2012 Permalink | Reply
    Tags: ,   

    Bigip LTM commands 

    I have been playing arround with Bigip and I think that there are some interesting commands:

    #Checking persistance

    (More …)

    Advertisements
     
  • elguber 19:09 on 20 April 2012 Permalink | Reply
    Tags:   

    Security? No, please! 

    In the last couple of months I have been working in different scenariosI notice that people is not taking care of some basic security aspects. 

    For example:

    • We were working in a network issue. An engineer was requested to check a server log. After a few seconds this person wrote in a multichat conversation: “C0n$0le7” :S . To hide this big mistake, he wrote down “fjkfslfadslfjsljf”. Because I¨m just curious,  I decided to check from my computer the access to this server. Was not so difficult to gain access. I did an appointment to try the day after and this guy did not change the password and 1 week later password is still the same!!!!!
     
     
     
    • Another example. 01:00 am, another network incident. I was on-call and this is the situation:

    PersonA: “We have problem in this device, could you please help us?”.

    Me: ” We are not supporting this device could you please call the people in charge?”

    PersonA: “Could you please help us anyway….?”

    Me: “I don´t have rights to access this device”

    PersonA: ” I already sent to you an email with root account”

    Me: :S

    PersonA: Please.

    Me: Let me try…. 

          ……….

          After some checkings…. done!

    PersonA: Thank you. 

    Me: No problem

    I did an appointment to check this password some weeks later and….. babum!! it works!!

     
    • Scenario 3. During another issue in which I was trying to explain to the ingeneer in charge of a server how to configure the server…. (yes it is true!!) I requested to him a user and password to do some test with a test user. This guy told me: ” Use mine, but please don´t share with anyone”. This was 6 months ago and still today I can access this server!!!!!

     

     

     
  • elguber 14:47 on 17 September 2011 Permalink | Reply
    Tags:   

    Checkpoint command line 

    IPSO commands

    newimage Installs IPSO OS from the local machine
    newpkg -m localhost Check Point package Install
    clish IPSO OS CLI
    ipsctl -a displays all of the IPSO Settings and Values
    ipsctl -a ifphys:eth-s5p1:errors|more display errors on eth-s5p1
    ipsctl -w net:ip:tcp:default_mss 1460 Change MSS to 1460
    netstat 1 shows network stats every second
    ipsofwd list displays ipso properties (flowpath, etc)
    ipsofwd slowpath turns off flows (flowpath turns back on)
    fsck -fyb 32 check the file system on a flash based nokia (KB 1355433)

    Bootmgr

    printenv print environment variables
    install install an image across the network
    boot boot  an image

    clish commands

    show useful-stats Shows Disk, VRRP, RAM summary
    show package all List all packages
    show package active List active packages
    show package inactive List inactive packages
    show images Show installed images
    show image current Show current image
    delete image [name] Delete image
    set hostname testbox Set Hostname
    set date timezone-city “Greenwich (GMT)” Set Timezone
    set static-route default nexthop gateway address 192.168.29.2 priority 1 on Set default gateway
    set static-route 10.2.2.15/32 nexthop gateway address 192.168.0.1 on Add static routes
    hostname testbox Set hostname
    set package name name [on | off] Set package name
    add arpproxy address 192.168.1.1 macaddress 0:a0:1b:3e:33:f1 Add Proxy arp
    add ntp server 10.1.1.2 version 3 prefer yes Add an NTP server
    add package media local name [opt/packages/IPSO-3.9.tgz] Add package
    add host name testbox ipv4 192.168.29.54 Set hostname assignment
     
  • elguber 0:46 on 20 March 2011 Permalink | Reply  

    Loadbalancing 

    I my last post, I told that I would be using BIGIP’s soon. Now, BIGIP is one of my best friends. Even being my first contact 2 months ago… I could tell you that I will become an expert. I use to manage BIGIP LTM 9.4 and some new devices that I’ve updated. Even formatting partitions 🙂
    I am really enjoying with my job.
    It is a good idea, at least to update a bit more this blog, to explain some of the issues or successfull histories with my BIGIP configurations.
    At this point, sometimes I’m thinking in next certification step 🙂
    We will see….!!

     
  • elguber 12:51 on 29 January 2011 Permalink | Reply
    Tags: BigIP,   

    F5 – BigIP 

    If you are going to talk about load balancing, you should not forget F5 networks. At the moment, it is being quite new for me but I am happy learning and discovering the powerful of this kind of devices.

    F5 is offering the opportunity to learn about BIG-IP LTM with a free on-line course. You can find the link below:

    https://f5.learn.com/learncenter.asp?id=178412&sessionid=3-47799FE5-A4FB-49C4-9F02-205F8B7AACA9&page=3

    In my case, I will be using F5 in a couple of …. days?? 🙂 I don’t know but soon.
    At the moment… I only can tell you that I have been enjoying with the above course, playing with the lab 🙂

    I will talk about BigIP in coming posts.

     
  • elguber 17:23 on 16 January 2011 Permalink | Reply
    Tags: , juniper, learning   

    Discovering any more??? 

    After the Friday’s meeting I think that I should keep studing any more about Juniper too. It is not only Checkpoint. The thing is, should I get enough experience to start or just be familiar, play a bit and then, it is just time. I mean, once you have studied a bit and then, if you see every day those new technologies, I think that in a couple of months I could play with it. Of course, I need a good start. Good teacher and good material. Just read about it, it is not enough. What’s the best? A good course or a good teacher? A good course with a good teacher. 🙂
    I hope in this coming weeks I will start with “something”. Whatever!

     
  • elguber 14:52 on 9 January 2011 Permalink | Reply
    Tags: , firewall   

    Discovering Checkpoint 

    I’ve started in my new role few days ago and I am excited with this job. That’s the job that I was looking for and finally I got it! 🙂 At the moment I am rewieving some documentation about Checkpoint firewalls. I’ve registered in the checkpoint website to download a checkpoint iso and play arround. I guess that my new challenge is get the CCSA(Checkpoint Certified Security Administrator). At the moment, I only been watching some videos and playing with the VM(Virtual Machine).
    The lab is as follow:
    1 Check_Point_VPN-1_R65_VE Virtual Machine with 4 virtual adapters
    2 Windows 2008 server with Smartcenter, SmartView Monitor and SmartView Tracker installed on it. It is a bit limitated because is a trial but it is ok to know how to create rules, policiesa and so on.
    3 Solaris VM

    That’s all. I didn’t touch so much the Solaris machine but I think that there is enought time during this coming year.
    Just tell you that Checkpoint are the most important firewalls currently in the security environment.

    As I told before, I am happy with my new job.

     
  • elguber 22:41 on 16 December 2010 Permalink | Reply
    Tags: , W.Richard Stevens   

    TCP/IP Ilustrated, Volume 1 


    I paid £29.99 (40% off) 🙂
    This is the last book acquired by me. I recomend this book 100%. If you want to understand in deep about TCP/IP, this is a good book. I do not know another ones but this one explains in a good manner all this matter. I do not recommend to beginners. A minimum background in networking is recommended to get some benefit reading this book.
    The author is W. Richard Stevens, one of the most famous writers in networking topics. Books written by him:
    1990 – UNIX Network Programming – ISBN 0-13-949876-1
    1992 – Advanced Programming in the UNIX Environment – ISBN 0-201-56317-7
    1994 – TCP/IP Illustrated, Volume 1: The Protocols – ISBN 0-201-63346-9
    1995 – TCP/IP Illustrated, Volume 2: The Implementation (with Gary R. Wright) – ISBN 0-201-63354-X
    1996 – TCP/IP Illustrated, Volume 3: TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols – ISBN 0-201-63495-3
    1998 – UNIX Network Programming, Volume 1, Second Edition: Networking APIs: Sockets and XTI – ISBN 0-13-490012-X
    1999 – UNIX Network Programming, Volume 2, Second Edition: Interprocess Communications – ISBN 0-13-081081-9
    2003 – UNIX Network Programming Volume 1, Third Edition: The Sockets Networking API – ISBN 0-13-141155-1 (with Bill Fenner, and Andrew M. Rudoff)
    2005 – Advanced Programming in the UNIX Environment, Second Edition – ISBN 0-32-152594-9 (with Stephen A. Rago)

    Source: http://www.wikipedia.org

     
  • elguber 18:14 on 30 November 2010 Permalink | Reply
    Tags: BackTrack   

    Back Track 4 R2 

    One of the best pen-test, forensic and in general security tool is Back Track.
    Chronology:
    February 5, 2006 ——- BackTrack v.1.0 Beta
    May 26, 2006 ———— The BackTrack project released its first non-beta version (1.0).
    October 13, 2006 ——- BackTrack 2 first public beta released.
    November 19, 2006 —- BackTrack 2 second public beta released.
    March 6, 2007 ———— BackTrack 2 final released.
    December 17, 2007 —- BackTrack 3 first beta release.[5]
    June 19, 2008 ———— BackTrack 3 final released.
    February 11, 2009 —— BackTrack 4 first beta release. (It’s now based on Debian)
    June 19, 2009 ———— BackTrack 4 pre-final release. [6]
    January 9, 2010 ———- BackTrack 4 final release.
    May 8, 2010 ————— BackTrack 4 R1 release
    November 22, 2010 —- BackTrack 4 R2 release

    My first contact with this tool was in 2007 just because I was testing(I love test new soft,hard…;) ) different security tools. I remember that first problem that I got was with the wifi card. My wireless chip was not supported in version 2. Thanks to the new version was almost ready… I could play with my laptop 😉 . It was useful in that moment.

    What’s new in R2:

    • Kernel 2.6.35.8 – *Much* improved mac80211 stack.
    • USB 3.0 support.
    • New wireless cards supported.
    • All wireless Injection patches applied, maximum support for wireless attacks.
    • Even *faster* desktop environment.
    • Revamped Fluxbox environment for the KDE challenged.
    • Metasploit rebuilt from scratch, MySQL db_drivers working out of the box.
    • Updated old packages, added new ones, and removed obsolete ones.
    • New BackTrack Wiki with better documentation and support.
     
  • elguber 0:09 on 27 November 2010 Permalink | Reply
    Tags: Fedora 14   

    Fedora 14 

    “Fedora 14 (Laughlin)” is already running in my laptop. I have upgraded from v12 to v14.
    The only issue was with the /boot disk space. In versions 13 and 14 the recomended /boot size is 500 Mb and in previous versions were 200 MB. If you want to upgrade your system and have the same problem within the /boot partition, follow the instructions:

    1. Create a file that takes up enough space that there is insufficient remaining disk space for preupgrade to download kernel and initrd.img. That means we need to fill up /boot. Here’s how to do that as root:

    # dd if=/dev/zero of=/boot/preupgrade_filler bs=1M count=170

    1. Install the newest available version of image:Package-x-generic-16.pngpreupgrade.
    2. Run preupgrade from a command prompt or the Run Application dialog. Provide the requested password for root authorization.
    3. On the Choose desired release screen, enable unstable test releases.
    4. Choose Rawhide from the list of available upgrade targets, then click Apply.
    5. While downloading, preupgrade should warn that it failed to download installer data. Click quit for that.
    6. Next, change the amount of available disk space on the /boot partition by reducing the size of the /boot/preupgrade_filler file to 100MB. This should leave sufficient room for preupgrade to download the kernel and initrd.img but not enough room to download install.img. Once again, use the dd command:

    # dd if=/dev/zero of=/boot/preupgrade_filler bs=1M count=100

    1. Re-run preupgrade. When prompted, click Yes to resume your upgrade.
    2. While downloading, preupgrade should warn that there wasn’t enough space to download install.img but it can be downloaded after reboot if you have a wired network connection. Click continue for that.
    3. When preupgrade is done don’t reboot immediately. Instead, remove the /boot/preupgrade_filler file and make sure your computer is connected to the network via an ethernet cable.

    # rm /boot/preupgrade_filler

    1. Click reboot.

    Laptop: DELL XPS M1330
    Intel(R) Core(TM)2 Duo CPU T7300 @ 2.00 Ghz
    2GB shared3 Dual Channel 667MHz DDR2 SDRAM
    160GB configured with 7200 RPM SATA hard drive
    128MB NVIDIA® GeForce® 8400M GS

    Source: http://fedoraproject.org

     
c
Compose new post
j
Next post/Next comment
k
Previous post/Previous comment
r
Reply
e
Edit
o
Show/Hide comments
t
Go to top
l
Go to login
h
Show/Hide help
shift + esc
Cancel