will.brien + networking   171

Footgun Prevention with AWS VPC Subnetting and Addressing
In AWS, where you don’t have to worry about broadcast domains and all that crap, you do networking differently. For a start, when you create your VPC, you don’t carefully size it for what you need right now (your Wordpress on EC2 tutorial, for example): you size it so that you avoid problems in the future. That means: going big! Cloud networks are, in this way, totally different to non-cloud networks.
aws  networking  reference  tutorials  sysadmin 
july 2017 by will.brien
How to find and check my IP address
Whoer.net is a service aimed at verifying the information your computer sends to the web.

It is perfect for checking proxy or socks servers, providing information about your VPN server and scanning black lists for your IP address. The service shows whether your computer enables Flash and Java, as well as its language and system settings, OS and web-browser, define the DNS etc.

The main and the most powerful side of our service is the interactive checking by Java, Flash and WebRTC, allowing to detect the actual system settings and its weaknesses, which can be used by third-party resources to find out the information about your computer.

For your convenience, we have set up two versions of our website: light and extended (for displaying additional information).
vpn  privacy  security  reference  sysadmin  networking 
may 2017 by will.brien
Quick fix for an early Internet problem lives on a quarter-century later
There is another dangerous possibility lurking in BGP, what Madory calls the “dystopian possibility” that some network — perhaps in a moment when international hostilities are spilling into cyberspace — intentionally claims control of sections of the Internet that don’t belong to it.

Such a move would confuse the world’s routers, which would have to choose between rival claims to the same blocks of Internet addresses. The overall network, unable to discern truth amid competing claims, could fracture into rival fiefdoms.

This would be the Internet’s equivalent of “the nuclear option,” an escalation of hostilities that’s technically possible but perhaps hard to imagine — at least in times of relative peace. The consequences for the functioning of the Internet as a seamless global network could be impossible to reverse.

“It could kind of just devolve,” Madory says. “What keeps it from devolving? Nothing.”
history  networking  security  internet 
june 2015 by will.brien
How to enable and disable SMBv1, SMBv2, and SMBv3 in Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012
To enable SMBv1 on the SMB server, run the following cmdlet:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB1 -Type DWORD -Value 1 -Force

To enable SMBv2 and SMBv3 on the SMB server, run the following cmdlet:

Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters" SMB2 -Type DWORD -Value 1 -Force
windows  sysadmin  samba  networking  reference 
november 2014 by will.brien
Timeline of computer viruses and worms - Wikipedia, the free encyclopedia
This timeline of computer viruses and worms presents a chronology of noteworthy computer viruses, computer worms, trojan horses, similar malicious software, related research and events.
history  computers  technology  reference  virus  networking  wikipedia 
november 2013 by will.brien
PRISM Break: software and service alternatives to help increase your privacy
In almost all cases, only free software is allowed to be featured on PRISM Break. The only exception is when free software offers no viable alternative to proprietary software. "Web search" is the only category with this exception currently.

Quality over quantity. PRISM Break strives to promote the best open source applications. Ease of use, stability, and performance matter. This is the first time many people are looking to leave their proprietary walled gardens. Let's make it a good experience for them. If you're writing a privacy-minded FOSS app, please finish it before asking PRISM Break to promote it.
software  security  sysadmin  privacy  internet  reference  networking  linux 
september 2013 by will.brien
IPTraf - An IP Network Monitor
IPTraf is a console-based network statistics utility for Linux. It gathers a variety of figures such as TCP connection packet and byte counts, interface statistics and activity indicators, TCP/UDP traffic breakdowns, and LAN station packet and byte counts.
linux  cli  sysadmin  networking  tools  work 
december 2012 by will.brien
CIPB - Create Country ACL
To create your Access Control Lists select a country or countries, choose the format of your list and click create. Your results will appear in this column.

Select Format:
CIDR Netmask IP Range
.htaccess Deny .htaccess Allow
Decimal/CIDR Cisco ACL PeerGuardian2
Web.config deny Web.config allow
iptables  reference  lists  work  sysadmin  security  networking  linux  htaccess  cisco  bittorrent 
november 2012 by will.brien
pfSense Open Source Firewall Distribution - Home
pfSense is a free, open source customized distribution of FreeBSD tailored for use as a firewall and router. In addition to being a powerful, flexible firewalling and routing platform, it includes a long list of related features and a package system allowing further expandability without adding bloat and potential security vulnerabilities to the base distribution. pfSense is a popular project with more than 1 million downloads since its inception, and proven in countless installations ranging from small home networks protecting a PC and an Xbox to large corporations, universities and other organizations protecting thousands of network devices.
networking  iptables  firewall  sysadmin  router  security 
november 2012 by will.brien
Improving your resolv.conf file - Curator
The resolver can load up to 3 name servers. If your server needs to find the mx record of gmail.com, it will first need to resolve gmail.com locally.

using a resolver from resolv.conf

dig @8.8.8.8 gmail.com -t mx +short

result: alt1.gmail-smtp-in.l.google.com
connect to alt1.gmail-smtp-in.l.google.com

dig @8.8.4.4 alt1.gmail-smtp-in.l.google.com +short

result: 209.85.227.27
connect to 209.85.227.27:25

Optimized resolv.conf

nameserver 8.8.8.8
nameserver 8.8.4.4
nameserver 4.2.2.2
option rotate
option timeout:1
linux  cli  dns  sysadmin  networking  reference  work 
october 2012 by will.brien
Certificates
To set up a secure server using public-key cryptography, in most cases, you send your certificate request (including your public key), proof of your company's identity, and payment to a CA. The CA verifies the certificate request and your identity, and then sends back a certificate for your secure server. Alternatively, you can create your own self-signed certificate.
linux  debian  ubuntu  security  sysadmin  apache  http  web  networking  work 
august 2012 by will.brien
Going Colo (Pinboard Blog)
I had a short list of requirements when I started looking for colocation:

A quarter rack of space.
100 Mbps dedicated. I wanted to avoid having to monitor and throttle my own Internet use. A capped, dedicated link meant one less thing to configure.
Round-the-clock physical access to my stuff, so I could fix and tinker as necessary.
Somewhere reachable by car within a few hours.
Low seismic risk.

Unforunately, it's not possible to get #2, #4 and #5 at the same time in California. The only place where data centers will not plummet into the sea when the Big One hits is Sacramento, and bandwidth prices there are extremely high, on the order of $20/Mbps.

So I decided to eat it, seismically speaking. I would try to mitigate the risk by hosting in two locations, each within driving distance from home. I reasoned that the risk of an earthquake big enough to affect two data centers was negligible compared to the risk of general equipment failure, so it was better to host somewhere shaky but reachable.
hardware  diy  reference  sysadmin  networking  pinboard 
june 2012 by will.brien
Atoptool.nl
Atop is an ASCII full-screen performance monitor that is capable of reporting the activity of all processes (even if processes have finished during the interval), daily logging of system and process activity for long-term analysis, highlighting overloaded system resources by using colors, etc. At regular intervals, it shows system-level activity related to the CPU, memory, swap, disks, and network layers, and for every active process it shows the CPU utilization, the memory growth, priority, username, state, and exit code.
linux  sysadmin  tools  cli  networking  work 
june 2012 by will.brien
httpbin(1): HTTP Client Testing Service
Testing an HTTP Library can become difficult sometimes. PostBin.org is fantastic for testing POST requests, but not much else. This exists to cover all kinds of HTTP scenarios. Additional endpoints are being considered (e.g. /deflate).

All endpoint responses are JSON-encoded.
http  networking  testing  python  web 
june 2012 by will.brien
The case of the 500-mile email
I was beginning to wonder if I had lost my sanity. I tried emailing a friend who lived in North Carolina, but whose ISP was in Seattle. Thankfully, it failed. If the problem had had to do with the geography of the human recipient and not his mail server, I think I would have broken down in tears.
sysadmin  humour  email  linux  networking 
may 2012 by will.brien
Shrubbery Networks, Inc. - RANCID
RANCID monitors a router's (or more generally a device's) configuration, including software and hardware (cards, serial numbers, etc) and uses CVS (Concurrent Version System) or Subversion to maintain history of changes.
networking  sysadmin  security  versioncontrol  cisco  pix  linux  work 
april 2012 by will.brien
ettercap
Ettercap is a suite for man in the middle attacks on LAN. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.

It supports active and passive dissection of many protocols (even ciphered ones) and includes many feature for network and host analysis.
linux  windows  macintosh  security  sysadmin  software  utilities  networking  proxy 
february 2012 by will.brien
Captive portal - Wikipedia, the free encyclopedia
The captive portal technique forces an HTTP client on a network to see a special web page (usually for authentication purposes) before using the Internet normally. A captive portal turns a Web browser into an authentication device.[1] This is done by intercepting all packets, regardless of address or port, until the user opens a browser and tries to access the Internet. At that time the browser is redirected to a web page which may require authentication and/or payment, or simply display an acceptable use policy and require the user to agree. Captive portals are used at many Wi-Fi hotspots, and can be used to control wired access (e.g. apartment houses, hotel rooms, business centers, "open" Ethernet jacks) as well.

Since the login page itself must be presented to the client, either that login page is locally stored in the gateway, or the web server hosting that page must be "whitelisted" via a walled garden to bypass the authentication process. Depending on the feature set of the gateway, multiple web servers can be whitelisted (say for iframes or links within the login page). In addition to whitelisting the URLs of web hosts, some gateways can whitelist TCP ports. The MAC address of attached clients can also be set to bypass the login process.
wikipedia  wireless  sysadmin  networking  security  dns  proxy  iptables  work 
february 2012 by will.brien
Support Details | Tech Support Management
Simply send a properly formatted URL with recipient, sender, or both to have the form above prefilled with information.
sysadmin  tools  freelancing  work  networking 
january 2012 by will.brien
Exploring the Internet
In July 1991, Carl Malamud flew out from Boulder, Colorado, a place he describes as "closer to Kansas than I'd like." He had just finished writing Stacks, which we were distributing as The INTEROP Book to conference attendees, and wanted to present us his latest proposal.

He met me at breakfast and presented me with a pith helmet plastered over with Interop logos. "What Interop Company really needs," he explained, "is an Official Internet Explorer."

His proposal was to fly three times around the world, visit as many sites as possible, and write what he was calling "a technical travelogue." The catch, of course, is he wanted me to foot the bill for travel expenses.

Exploring the Internet is the result of this odyssey. This book demonstrates what many of us have long felt: the worldwide network is here. Interoperability is not some imaginary goal at vendor briefings, but a concrete part of networks all over the world.

This book is more than just a series of case studies - it is truly a technical travelogue. As we read about the worldwide spread of the Internet, we get to appreciate its diversity and its usefulness to millions. This is not some experimental research environment, some academic toy, it is a real tool used by real people.

At that breakfast in 1991, Carl confided his hidden agenda. After going on about "global infrastructures" and other nice phrases designed to impress my senior managers, he turned to me and gave me the executive overview. "Actually, this is a very simple project," he explained. "Buy my airplane tickets and I'll try to get into as much trouble as I can. Then I'll write a book."

Here it is.

Dan Lynch
Founder and President
Interop Company
history  internet  networking  reference  education  government 
january 2012 by will.brien
IP Range - Ip Address Range Lookup - Ip Range Finder
We are proud to offer you not only web based IP lookup tool but also IP Address Ranges Lookup tool.

By IP Address Location you can obtain easily the latest IP ranges for any Country.

The IP address ranges can be displayed in two formats i.e. :

46.36.198.121 - 46.36.198.125

or CIDR format
46.36.198.121/32
46.36.198.122/31
46.36.198.124/31

These examples indicate that all IP address between 46.36.198.121 - 46.36.198.125 belong into certain IP range for searched Country. In our example to Andorra.

You can chose optionally prefix allow or deny if you would like to place IP addresses into your htaccess/database file.

All IP ranges are sorted by country and country code! Note that if size over 50 K, then is .txt.gz (zipped) file returned for searched country

* IP Address Database updated on 01 December, 2011

* We have upgraded our IP range tools and you can now chose IP ranges in CIDR, block IP range and IP addresses list format.
sysadmin  security  networking  apache  htaccess  work 
january 2012 by will.brien
Deprecated Linux networking commands and their replacements
Specifically, the deprecated Linux networking commands in question are: arp, ifconfig, iptunnel, iwconfig, nameif, netstat, and route. These programs (except iwconfig) are included in the net-tools package that has been unmaintained for years. The functionality provided by several of these utilities has been reproduced and improved in the new iproute2 suite, primarily by using its new ip command. The iproute2 software code and documentation are available from the Linux Foundation.
linux  networking  cli  sysadmin  work 
january 2012 by will.brien
Chapter 27. Desktop Profile Management
Roaming profiles are feared by some, hated by a few, loved by many, and a godsend for some administrators.

Roaming profiles allow an administrator to make available a consistent user desktop as the user moves from one machine to another. This chapter provides much information regarding how to configure and manage roaming profiles.

While roaming profiles might sound like nirvana to some, they are a real and tangible problem to others. In particular, users of mobile computing tools, where often there may not be a sustained network connection, are often better served by purely local profiles. This chapter provides information to help the Samba administrator deal with those situations.
linux  windows  cli  sysadmin  networking  samba  work 
november 2011 by will.brien
Netcat cheat sheet
It is possible to save the data which is send to you or you can give netcat a file which should be sended when a connection is made.
Here is an example on how to save the data which is being send by the server:

$ nc h.ackack.net 80 > response
# you can now send data but you won't see the output from the server because it is being redirected to a file.
$ nc ackack.net 80 > response
HEAD / HTTP/0.1

$ cat response
HTTP/1.1 200 OK
Date: <timestamp>
Server: Apache
Last-Modified: <timestamp>
Accept-Ranges: bytes
Content-Length: 3383
Connection: close
Content-Type: text/html
networking  sysadmin  firewall  apache  linux  cli  reference  tutorials  work 
july 2011 by will.brien
Fstab - blag.wiki.aktivix.org
Some authorities suggest putting the User ID and Group ID in the options, though I didn't find that it was nececcsary. It would look like this (obviously using your own numbers from /etc/passwd). You can substitute your username and group name for you ID numbers.

//server/share /home/mountdirectory cifs username=smbusername,password=smbpassword,nocase,noperm,uid=1000,gid=1000,file_mode=0777,dir_mode=0777 0 0

Without the noperm option you will get weird permission errors, at least if the Samba share is on a Linux server or in a Mac share folder with SMB enabled.
linux  windows  cli  sysadmin  networking  samba  work 
april 2011 by will.brien
The Linux Virtual Server Project - Linux Server Cluster for Load Balancing
The Linux Virtual Server is a highly scalable and highly available server built on a cluster of real servers, with the load balancer running on the Linux operating system. The architecture of the server cluster is fully transparent to end users, and the users interact as if it were a single high-performance virtual server.

The Linux Virtual Server as an advanced load balancing solution can be used to build highly scalable and highly available network services, such as scalable web, cache, mail, ftp, media and VoIP services.
software  linux  networking  sysadmin  virtualisation  opensource  apache  voip 
april 2011 by will.brien
HAProxy - The Reliable, High Performance TCP/HTTP Load Balancer
HAProxy is a free, very fast and reliable solution offering high availability, load balancing, and proxying for TCP and HTTP-based applications. It is particularly suited for web sites crawling under very high loads while needing persistence or Layer7 processing. Supporting tens of thousands of connections is clearly realistic with todays hardware. Its mode of operation makes its integration into existing architectures very easy and riskless, while still offering the possibility not to expose fragile web servers to the Net, such as below :
software  linux  networking  sysadmin  virtualisation  opensource  apache  voip 
april 2011 by will.brien
Quagga Software Routing Suite
Quagga is a routing software package that provides TCP/IP based routing services with routing protocols support such as RIPv1, RIPv2, RIPng, OSPFv2, OSPFv3, BGP-4, and BGP-4+ (see section Supported RFCs). Quagga also supports special BGP Route Reflector and Route Server behavior. In addition to traditional IPv4 routing protocols, Quagga also supports IPv6 routing protocols. With SNMP daemon which supports SMUX protocol, Quagga provides routing protocol MIBs (see section SNMP Support).

Quagga uses an advanced software architecture to provide you with a high quality, multi server routing engine. Quagga has an interactive user interface for each routing protocol and supports common client commands. Due to this design, you can add new protocol daemons to Quagga easily. You can use Quagga library as your program's client user interface.

Quagga is distributed under the GNU General Public License.
sysadmin  networking  snmp  router  work  linux  cli 
march 2011 by will.brien
loads.in
loads.in gives you the possibility to see how fast your (or any) website loads in a real browser from over 50 locations worldwide.

If you have a worldwide audience, or your site is hosted in a different country from where your visitors live, it is useful to see how long it takes to load your web pages. With loads.in you simply enter the full URL of the page you want to check, and the page is retreived by a browser at a random location. For each subsequent check you can choose a specific location and browser profile.

As a result you will be presented with:

* The load time of the web page.
* Snapshots of the webpage at different times during load.
* Errors or warnings if they occur.
* A complete timing break down of all elements of your page in a waterfall chart.
* The possibility to download the timing results in the Http Archive (HAR) format.

loads.in is a unique and free tool:

* Checks your site with real browsers.
* Choose from Safari, Chrome, Internet Explorer or FireFox browser profiles.
* Checks your site from over 50 locations.
* Provides snapshots and waterfall charts for each check.

loads.in is powered by the WatchMouse performance monitoring service.
sysadmin  networking  apache  tools  work 
march 2011 by will.brien
What's My DNS? Global DNS Propagation Checker
whatsmydns.net is an online service that allows you to instantly perform a DNS lookup to check a hostnames current IP Address and other DNS information against a selection of random name servers around the world. This is especially useful to check the current state of DNS propagation after making changes to your domains zones.
dns  reference  sysadmin  networking  utilities  search  work 
february 2011 by will.brien
SMTP tar pit feature for Microsoft Windows Server 2003
The tar pit feature can be enabled and configured by setting a registry key. To do this, follow these steps.

Note If the TarpitTime registry entry does not exist, Exchange behaves as if the value of this registry entry were set to 0. When the registry entry has a value of 0, there is no delay when the SMTP address verification responses are sent.

1. Click Start, click Run, type regedit in the Open box, and then click OK.
2. Locate and then click to select the following registry subkey:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SMTPSVC\Parameters
3. On the Edit menu, point to New, and then click DWORD Value.
4. Type TarpitTime as the registry entry name, and then press ENTER.
5. On the Edit menu, click Modify.
6. Click Decimal.
7. In the Value data box, type the number of seconds that you want to delay SMTP address verification responses for each address that does not exist. Then, click OK. For example, type 5, and then click OK. This delays SMTP address verification responses for 5 seconds.
8. Quit Registry Editor.
9. Restart the Simple Mail Transport Protocol (SMTP) service.
windows  smtp  exchange  email  networking  sysadmin  tutorials  work 
february 2011 by will.brien
MaraDNS - a security-aware DNS server
MaraDNS is a package that implements the Domain Name Service (DNS), an essential internet service. MaraDNS has the following advantages:

* Secure. MaraDNS has a strong security history. For example, MaraDNS has always randomized, using a secure random number generator, the Query ID and source port of DNS queries; and was never vulnerable to the "new" cache poisoning attack.

* Supported. MaraDNS has a long history of being maintained and updated. Actively developed since 2001, MaraDNS continues to be supported: The most recent release was done on September 25, 2010. Deadwood, the recursive code that will become part of MaraDNS 2.0, is currently stable code.

* Easy to use. A basic recursive configuration needs only a single three-line configuration file. A basic authoritative configuration needs only a four-line configuration file and a one-line zone file. MaraDNS is fully documented, with both easy-to-follow tutorials and a complete and up-to-date reference manual.
dns  networking  security  sysadmin  software  linux  unix  opensource  internet 
november 2010 by will.brien
Integrating Squid and Samba3 with NTLM authentication
Some permissions need to be set in order for the new squid user to access everything else it needs. One of the most important places is the pipe that winbind uses to contact the domain. Squid must have access to this pipe so it can also contact the domain.

Listing 14. Setting permission on the winbind pipe

root# chown root:squid /var/cache/samba/winbindd_privileged
root# chmod 750 /var/cache/samba/winbindd_privileged
linux  windows  squid  samba  sysadmin  security  networking  proxy  tutorials  reference  work 
april 2010 by will.brien
How to join Ubuntu/Samba to a Windows 2003 Active Directory domain
[global]
security = ADS
realm = MYCOMPANY.LOCAL
workgroup = mycompany
password server = obelix.mycompany.local
wins support = no
wins server = 10.0.20.202
invalid users = root
# Winbind settings
idmap uid = 10000-20000
idmap gid = 10000-20000
# For testing
debuglevel = 2
linux  windows  squid  samba  sysadmin  security  networking  proxy  tutorials  reference  faq  work 
april 2010 by will.brien
Samba/Kerberos - Community Ubuntu Documentation
Another way to configure Kerberos is to simply edit the /etc/krb5.conf file by hand. This approach allows greater customization of the file, but lacks the automation of the krb5-config package. Both paths take you to the same destination.
linux  ubuntu  windows  squid  samba  sysadmin  security  networking  proxy  tutorials  reference  faq  work 
april 2010 by will.brien
WeOCR Project Home
WeOCR is a platform for Web-enabled OCR (Optical Character Reader/Recognition) systems that enables people to use character recognition over networks. A WeOCR server receives document images from users, recognize texts in the images, and return recognition results to the users. WeOCR does not have its own character recognition engine. Instead, it is intended to accommodate various character recognition engines. WeOCR provides a simplified user interface so that more people can benefit from OCR easily.

Although some people would worry about the privacy of their documents, we think there are still a lot of applications of OCR in which privacy does not matter. We hope WeOCR will expand the range of OCR applications further.
software  linux  networking  opensource  ocr  documentation 
december 2009 by will.brien
Documentation
Airpwn works by spoofing 802.11 packets to look as if they came from a legitimate access point (AP). When you use a traditional 802.11 network, you are communicating all your data to the AP, and all responses come from the AP. One drawback of wireless networks is that all the data you send to the AP is in fact broadcast to every other computer in your general area. By eavesdropping on the data you send to the AP and spoofing a response from the AP, airpwn can appear to be whatever computer you are communicating with. (This is similar, but not identical to a classic man-in-the-middle attack.)
software  hardware  wireless  security  sysadmin  firewall  networking  utilities 
december 2009 by will.brien
How To Test Exchange SMTP operations using Telnet
3. Issue the following smtp command sequence

helo <your domain name><enter>
response should be as follows
250 OK

mail from: <your Email Address><enter>
response should be as follows
250 OK - mail from <your Email address>

rcpt to: <recipient address><enter>
response should be as follows
250 OK - Recipient <recipient address>

data<enter>
response should be as follows
354 Send data. End with CRLF.CRLF

To: <recipient's display name><enter>
From: <your display name><enter>
Subject: <Subject field of Email message><enter>
<Enter you body text><enter><enter> . <enter>
response should be as follows
250 OK

quit<enter>
email  smtp  linux  windows  exchange  sysadmin  networking  reference 
december 2009 by will.brien
Welcome - netboot.me
netboot.me is a service that allows you to boot nearly any operating system or utility on any computer with a wired internet connection - without having to know ahead of time what you'll want to boot. Once you can netboot.me, you never need to update your boot disk again!

netboot.me works through the magic of netbooting. There are a number of ways to boot a computer with netboot.me. The simplest is to download a bootable image and burn it to a CD, USB memory stick, or floppy disk. Boot off it on any networked computer, and it will automatically fetch the latest boot options from netboot.me and let you choose from dozens of installation, recovery, testing, portable desktop and other tools. You can also start netboot.me from any computer running gPXE, or from any netbootable computer with some simple tweaks to your DHCP server.
linux  windows  distro  software  sysadmin  networking  opensource  work 
november 2009 by will.brien
Warriors of the Net
Did you ever wonder how the Internet works? How does a router look like? What color does a IP packet have? How does a IP packet travel through firewall. All the answers and many more can be found in the Warriors of the net move. It is available in many different languages. It is the prefect tool for introducing Internet to novice users. It helps the newcomers visualize how the Net works. It is free to download for non commercial use.
education  tutorials  internet  technology  networking  video  history 
november 2009 by will.brien
Home of The Irish Reporting And Information Security Service
Welcome to the Irish Reporting and Information Security Service. IRISS-CERT is Ireland's first CSIRT (Computer Security Incident Response Team) to provide services to all users within Ireland. We provide a range of services and information that you can use to better protect your information systems and to make the Irish Internet space a safer environment for all.

Our goal is to provide a range of high quality information security based services to aid Irish based organisations and citizens to better secure their information technology facilities and services in accordance with industry recognised standards and compliance requirements, to provide high quality research services on current and potential information security threats, to provide information security prevention, response and mitigation strategies and to become a recognised centre of information security excellence for national and international organisations to refer to.
ireland  security  sysadmin  organisations  networking  documentation  work 
october 2009 by will.brien
WolfBoy’s blog » Tweaking the NSS4000 (1.12) firmware upgrade
Adjust web interface for root-squash

The file ‘rootfs’ is a squashfs. You can unsquash it by using:

sudo unsquashfs rootfs

You will have to do this as root (or sudo). Now a directory squashfs-root is made containing all files.

Change the folowing files:

squasfs-root/www/html/nfs.inc: download this file here.
squasfs-root/www/html/resources.inc: download this file here.
hardware  software  networking  storage  backup  sysadmin  cli  diy  work 
october 2009 by will.brien
inSSIDer | MetaGeek
inSSIDer is an award-winning free Wi-Fi network scanner for Windows Vista and Windows XP. Because NetStumbler doesn't work well with Vista and 64-bit XP, we built an open-source Wi-Fi network scanner designed for the current generation of Windows operating systems. A year later, inSSIDer was discussed by Lifehacker and Tekzilla!
software  windows  sysadmin  security  networking  wireless  tools  work 
october 2009 by will.brien
IrelandOffline
IrelandOffline is a voluntary lobby group campaigning for broadband internet access services in Ireland.
blogs  ireland  technology  networking  telephony  organisations 
september 2009 by will.brien
nmap: --top-ports option
So, for both TCP and UDP, it’d be:

nmap -sTU --top-ports

That’s it. Here are the options I like to use for a basic scan:

nmap -vv -O -P0 -sTUV --top-ports 1000 -oA target $target
networking  security  firewall  sysadmin  cli  linux  ubuntu  work 
september 2009 by will.brien
Country-based packet filtering with iptables
Bruteforce attacks shouldn't pose a real security risk to any server but are still annoying and clog up your logfiles. Many methods to block these break-in attempts exist, like BlockHosts, Fail2ban or rate-limiting incoming connections. However, on my search I also came across one tool for which I couldn't find an easy guide: geoip. geoip is a module for netfilter/iptables and allows you to filter packets based on the country they come from or go to. Following is a step-by-step guide on how to install geoip.

Obviously the module can also be used for other things than just blocking bruteforce attacks. For example for what the original author calls "racist routing", that is to prevent users from certain countries from accessing your webserver or whatever. But as always it's up to everyone individually what he uses it for.
xen  linux  debian  tutorials  networking  firewall  iptables  security  sysadmin  work 
september 2009 by will.brien
An introduction to custom Xen networking
I've been running Xen for a few weeks now and until now I've been happy with the default networking setup installed. Only when I decided to install Xen upon the server which is hosting this website did I need to explore the way Xen sets up networking.

Xen is pretty good at giving a working network setup for most common cases. By default it sets up virtual instances so they communicate with the network via the host's eth0 device, using NAT.
xen  linux  debian  tutorials  networking  firewall  iptables  security  sysadmin  work 
september 2009 by will.brien
Xen and the Art of Consolidation
Xen is a paravirtualization tool that allows you to run multiple virtual machines on one physical machine. It is available on a wide number of platforms and is included in recent SUSE™ distributions.

Xen refers to the virtual machines as Domains. Domains are numbered with the first domain being domain 0, the second domain 1, and so on. Domain 0 (Dom0) is special because that is the domain created when the machine is booted. Additional domains (called DomU's) are created using the xm create command from within Domain 0. Additional domains can also be created automatically at boot time by using the xendomains service.

Xen virtualizes a network interface named eth0[1]in each domain. In Dom0, Xen also creates a bridge (xenbr0) and a number of virtual interfaces as shown in the following diagram.
xen  linux  debian  tutorials  networking  firewall  iptables  security  sysadmin  work 
september 2009 by will.brien
XenNetworking - Xen Wiki
Packet flow in bridging (By Ernst Bachman)

Packet arrives at hardware, is handled by dom0 Ethernet driver and appears on peth0. peth0 is bound to to the bridge, so its passed to the bridge from there. This step is run on Ethernet level, no IP addresses are set on peth0 or bridge.

Now the bridge distributes the packet, just like a switch would. Filtering at this stage would be possible with ebtables.

Now there's a number of vifX.Y connected to the bridge, it decides where to put the packet based on the receiver's MAC.

The vif interface puts the packet into Xen, which then puts the packet back to the domain the vif leads to (its also done that way for dom0, hence the vif0.0->(v)eth0 pair).

The target device in the dom0/domU finally has an IP address, you can apply iptables filtering here.
xen  linux  debian  tutorials  networking  firewall  iptables  security  sysadmin  work 
september 2009 by will.brien
DeleGate
DeleGate is a multi-purpose application level gateway, or a proxy server which runs on multiple platforms (Unix, Windows, MacOS X and OS/2). DeleGate mediates communication of various protocols (HTTP, FTP, NNTP, SMTP, POP, IMAP, LDAP, Telnet, SOCKS, DNS, etc.), applying cache and conversion for mediated data, controlling access from clients and routing toward servers. It translates protocols between clients and servers, applying SSL(TLS) to arbitrary protocols, converting between IPv4 and IPv6, merging several servers into a single server view with aliasing and filtering. Born as a tiny proxy for Gopher in March 1994, it has steadily grown into a general purpose proxy server. Besides being a proxy, DeleGate can be used as a simple origin server for some protocols (HTTP, FTP and NNTP).
unix  linux  ubuntu  windows  software  networking  firewall  proxy  dns  utilities  sysadmin  security  work  apache  smtp  email 
august 2009 by will.brien
Peer Block
PeerBlock is a new version (aka a "fork") of the popular Peer Guardian 2 software. It blocks "known bad" computers from accessing yours, for example governments, corporate entities, and those flagged for anti-p2p activities. Peer Block maintains the functionality of the original Peer Guardian 2 program, but includes fixes for various issues that remain unaddressed in the latest (~2 year old) version of PG2.

PeerBlock supports Windows XP, Vista, and Win7 - and maybe Windows 2000 too, though nobody's been testing that - in both 32- and 64-bit flavors.

Many thanks to the original developers of Peer Guardian! You've created a great piece of software, one that served us all well for many years. Hopefully at some point we'll be able to merge the changes coming to Peer Block back into PG2/PG3, but for now I'll be happy just with a piece of software that works well on my new Windows 7 64-bit machine.
software  windows  firewall  networking  security  privacy  utilities  bittorrent 
august 2009 by will.brien
A Tcpdump Tutorial / Primer (danielmiessler.com | study)
Tcpdump is the premier network analysis tool for information security professionals. Having a solid grasp of this über-powerful application is mandatory for anyone desiring a thorough understanding of TCP/IP. Many prefer to use higher level analysis tools such as Wireshark, but I believe this to usually be a mistake.

In a discipline so dependent on a true understanding of concepts vs. rote learning, it's important to stay fluent in the underlying mechanics of the TCP/IP suite. A thorough grasp of these protocols allows one to troubleshoot at a level far beyond the average analyst, but mastery of the protocols is only possible through continued exposure to them.

... for this reason I strongly advocate using tcpdump instead of other tools whenever possible.
software  security  sysadmin  networking  firewall  cli  linux  ubuntu  tutorials  reference 
july 2009 by will.brien
SonicWALL Global VPN Client Download Site
Welcome to the SonicWALL Global VPN Client download site. For secure wireless access to your SonicWALL wireless product, you will need to download and install the client locally on your system.
windows  sysadmin  software  work  security  networking  firewall  vpn 
march 2009 by will.brien
Hacking WD MyBook World Ed: Hacks & Tutorials
Here is a complete list of links to hacks and howto's for the Western Digital MyBook World Edition.
tutorials  linux  hardware  networking  storage  television  mythtv  samba  nas 
january 2009 by will.brien
IPtables Examples
These rulesets are in iptables-save format. I have written some simple documentation of the iptables-save format. I use this format for several reasons: it ensures there are no other rules in iptables, it loads faster, it avoids the possibility of a race condition that most iptables scripts have (although the race window would be about 1ms for most rulesets).
sysadmin  reference  faq  linux  security  networking  firewall  documentation  iptables 
december 2008 by will.brien
Anonymous LDAP operations in Windows 2003 AD
Why you might want to enable anonymous binds? Usually this is desired when you need to provide an easy access to a subset of information stored in AD to 3rd party applications that are not capable of authenticating to AD or the information is intended to be in public domain from the beginning and you are storing it in AD. The scenarios are infinite, but before enabling anonymous operations make sure that you truly understand the implications of this action – the change (though reversible) does increase the security risks to your environment.
windows  sysadmin  work  reference  networking  ldap  proxy  squid  samba 
december 2008 by will.brien
SeattleLinuxChix:  Tutorials - Samba
[share] comment = public share path = /usr/Pubshare browseable = yes guest ok = no writeable = yes create mask = 770 directory = 770 #force user = bob #force group = public delete read only = yes
sysadmin  reference  linux  networking  samba 
december 2008 by will.brien
Configuring Squid on Linux to authenticate with Active Directory
This document describes how to configure Squid to authenticate with a Windows Active Directory and only allow Internet Access to users that are members of a particular Windows security/domain group.
sysadmin  linux  ubuntu  networking  ldap  proxy  documentation  squid 
december 2008 by will.brien
DNS Quick Check
CheckDNS.net is a real time test engine to check your DNS delegation, DNS Servers, Mail and Web Servers. CheckDNS.net gives you an overview on your domains state with a detailed and easy to read DNS report.
sysadmin  security  reference  dns  networking  work 
november 2008 by will.brien
Yuuguu - The free remote desktop and screen sharing tool
What is Yuuguu? By far the easiest way to share your screen, host online meetings and work in real time on the same documents over the web. What’s more, it’s free.

* It’s free to download and to use for up to 30 participants
* Secure to use
* Easily share your screen
* Share control of the same screen
* PC, Mac and Linux compatible
* Global conference calling (Land line based)
* Instant messaging
* See when contacts are online
* Automatic updates
windows  macintosh  software  vnc  sysadmin  networking  im 
november 2008 by will.brien
rdiff-backup
rdiff-backup backs up one directory to another, possibly over a network. The target directory ends up a copy of the source directory, but extra reverse diffs are stored in a special subdirectory of that target directory, so you can still recover files lost some time ago. The idea is to combine the best features of a mirror and an incremental backup. rdiff-backup also preserves subdirectories, hard links, dev files, permissions, uid/gid ownership, modification times, extended attributes, acls, and resource forks. Also, rdiff-backup can operate in a bandwidth efficient manner over a pipe, like rsync. Thus you can use rdiff-backup and ssh to securely back a hard drive up to a remote location, and only the differences will be transmitted. Finally, rdiff-backup is easy to use and settings have sensical defaults.
sysadmin  linux  networking  rsync  unix  ssh  storage 
october 2008 by will.brien
UC Sniffer
A VoIP Sniffer and security tool with some new features!
linux  voip  telephony  software  security  networking 
september 2008 by will.brien
Tomato Firmware
Tomato is a small, lean and simple replacement firmware for Linksys' WRT54G/GL/GS, Buffalo WHR-G54S/WHR-HP-G54 and other Broadcom-based routers. It features a new easy to use GUI, a new bandwidth usage monitor, more advanced QOS and access restrictions, enables new wireless features such as WDS and wireless client modes, raises the limits on maximum connections for P2P, allows you to run your custom scripts or telnet/ssh in and do all sorts of things like re-program the SES/AOSS button, adds wireless site survey to see your wifi neighbors, and more.
linux  hardware  wireless  router  firewall  networking  sysadmin  security 
august 2008 by will.brien
Nikto2
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.

Nikto is not designed as an overly stealthy tool. It will test a web server in the quickest time possible, and is fairly obvious in log files. However, there is support for LibWhisker's anti-IDS methods in case you want to give it a try (or test your IDS system).
linux  apache  java  sysadmin  security  networking  firewall  software  work 
august 2008 by will.brien
x11vnc: a VNC server for real X displays
x11vnc allows one to view remotely and interact with real X displays (i.e. a display corresponding to a physical monitor, keyboard, and mouse) with any VNC viewer. In this way it plays the role for Unix/X11 that WinVNC plays for Windows.
linux  windows  ubuntu  sysadmin  software  security  networking  ssh  vnc 
june 2008 by will.brien
Tomato Firmware
Tomato is free open source Linux-based firmware for several Broadcom-based Wi-Fi routers, including the Linksys WRT54G. The major emphasis of Tomato is on stability, speed and efficiency.
linux  router  hardware  software  sysadmin  firewall  networking  wireless  wiki  books 
march 2008 by will.brien
Securing Your Windows Small Business Server 2003 Network
This document helps you configure your Microsoft Windows Small Business Server 2003 network more securely. Completing the tasks in this document helps to protect the availability, integrity, and confidentiality of your local network.
windows  reference  security  sysadmin  networking 
january 2008 by will.brien
ip2nation - resolve IP to country
There is currently a number of companies on the internet charging for databases or files containing information about where an IP is allocated (as in which country). This information is in fact available for free at ARIN, APNIC, RIPE etcetera. Though, those files are not in any way optimized for queries and are indeed very slow. This is where ip2nation.com comes in.
apache  firewall  dns  database  maps  networking  php  mysql  internet  filtering  work 
january 2008 by will.brien
Dhcp Explorer
DhcpExplorer tool allows you to discover DHCP servers on your local subnet or LAN. This is useful for locating servers that are not supposed to be on your network ( rogue DHCP servers ) as well as checking the expected output of known servers.
windows  networking  sysadmin  software  security 
january 2008 by will.brien
vnStat - network traffic monitor for Linux
vnStat is a network traffic monitor for Linux that keeps a log of daily network traffic for the selected interface(s). vnStat isn't a packet sniffer. The traffic information is analyzed from the /proc filesystem. That way vnStat can be used even without r
networking  linux  sysadmin  software  security  utilities 
january 2008 by will.brien
Microsoft Small Business Server - Frequently Asked Questions
Welcome to Smallbizserver.Net. Numerous articles and howto's assist you in installing and maintaining Smallbusiness Server 2000 and 2003. There is a discussion forum where you can post questions, we will try to answer asap.
faq  windows  documentation  reference  sysadmin  networking  exchange  work 
december 2007 by will.brien
Mount a remote file system through ssh
SSHFS is very simple to use. The following command "sshfs user@host: mountpoint" This will mount the home directory of the user@host account into the local directory named mountpoint.
linux  ubuntu  cli  ssh  sysadmin  security  networking 
november 2007 by will.brien
ADModify.NET
ADModify is a tool that was (and is still) developed and maintaned out of our Support Services (aka PSS) team, and was created to make it easier to modify / import / export objects in Active Directory in bulk. The tool has been available on the FTP site for download for a while, but with recent release of new version (ADModify.NET or v2.0) - we have decided to create a gotdotnet workspace for it too to make it easier for you to give us feedback on it :)
windows  sysadmin  software  exchange  ldap  networking 
november 2007 by will.brien
MOVEit Freely
Free command-line FTP client. All 3 SSL modes, X.509 client certificates, passive transfers and alternate ports supported. Uses same syntax as built-in "ftp.exe" client for easy drop-in replacement.
windows  ftp  software  utilities  sysadmin  networking 
october 2007 by will.brien
FireGen
FireGen for PIX Log Analyzer 2.0 is a firewall log analyzer developed by firewall administrators. Its purpose is to replicate the steps that a "real world" firewall administrator would take in analyzing firewall logs.
firewall  cisco  pix  sysadmin  networking  utilities  windows  logs 
september 2007 by will.brien
Sample Cisco NTP configurations
Couldn't get this working until I got the correct offset... after that, *POOF* it's done.
cisco  firewall  ntp  sysadmin  networking  tutorials 
june 2007 by will.brien
Freeware utility adds or removes DNS suffixes from remote computers
Download remdns if you wish to be able to add or remove DNS suffixes from a remote computer.
software  windows  dns  networking  sysadmin 
may 2007 by will.brien
PIX: how to enable pings, etc.
For the permanent record, in case I forget what I figured out via trial/error before I found this damn thing...
networking  security  sysadmin  firewall  cisco  faq 
may 2007 by will.brien
« earlier      
per page:    204080120160

Copy this bookmark:



description:


tags: