Archive for the Category » Network «

Tuesday, September 30th, 2008 | Author:

Now, this is interesting for you iPhone folks. Check Point is providing IPsec VPN client for iPhone.

Link


Friday, December 28th, 2007 | Author:

I managed to get hold of a Linksys WUSB54GC USB wireless-g adapter and a burnt copy of Backtrack 2 with Aircrack-ng.

So let’s get started then..Back Track 2 loaded with the rt73 drivers.

The following commands is to get your WUSB54GC dongle into the monitor/injection mode.

“ifconfig rausb0 up”

“iwconfig rausb0 mode monitor channel 1 rate 1M”

“iwpriv rausb0 forceprism 1”

“iwpriv rausb0 rfmontx 1”

more…

Monday, October 08th, 2007 | Author:

I was trying out JanusVM in my VMware server. It’s a linux based OS with this few key components, openVPN, Squid, privoxy and Tor, packaged neatly into a VMware “appliance”.

Basically it provides a layer of security and privacy for most TCP based applications, like IM, web browsing, etc, even DNS requests are passed through Tor. Most importantly, it provides you with access to sites that are filtered off by your ISP transparent proxies.

more…

Monday, December 19th, 2005 | Author:

Having a “small” problem with HSRP.

ASCII Network Diagram

[switch-a1]--[router-a1]--[ISP 1 Cloud]--[router-b1]--[switch-b1]--- Active Link
|          |                           |              |
[switch-a2]--[router-a2]--[ISP 1 Cloud]--[router-b1]--[switch-b2]--- Standby Link

I configured HSRP all on devices. My problem is, when a switch-a1 fails, router-a1 fails over to router-a2. but router-b1 will not fail over as the link between router-a1 and router-b1 via ISP 1 is still up.

I tried HSRP tracking, but the best tracking method I found is IP Route Reachability.
Track shows the object is up if the gateway to that network is still in your routing table.

so even configuring “track 100 ip route 10.2.2.2/32 reachability” doesn’t work, as the gateway is added manually as a static route.

Sample Config from Cisco.

more…

Category: Network, Technical  | Comments off
Wednesday, December 14th, 2005 | Author:

By default, Microsoft RPC allocate ports from 1024 – 65535.

To restrict them to 5000 – 5100, Use the Registry entries below.

— cut here —
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet]
“Ports”=hex(7):35,00,30,00,30,00,30,00,2d,00,35,00,31,00,30,00,30,00,00,00,00, 00
“PortsInternetAvailable”=”Y”
“UseInternetPorts”=”Y”

— cut here

Category: Network, Security, Systems, Technical  | Comments off
Friday, October 14th, 2005 | Author:

Another issue I have with Cisco PIX 7.0.

I have a server connecting to the PIX DMZ interface with the IP of 172.17.1.1. This server is translated to an Inside IP 10.1.1.1 and to an Outside internet routable IP.

When VPN users connect from outside, they want to access the DMZ server via the 10.1.1.1 IP not the 172 IP.

They are able to connect to any host on the inside but unable to connect to the translated IP.

This is the static statement.
static (dmz,inside) 10.1.1.1 172.17.1.1 netmask 255.255.255.255

My Networks
Inside : 10.1.1.0/24
DMZ : 172.17.1.0/24
VPN Pool : 192.168.0.0/24

I posted this question at Cisco NetPro forum, and I got this reply,

more…

Category: Firewall, Network, Technical  | Comments off
Sunday, October 09th, 2005 | Author:

Configuring L2TP over IPSec for both Cisco PIX and Cisco Router on the Customer side.

Tricky things uncovered.
According to the documentation provided on how the L2TP is to be configured:

vpdn enable

!

vpdn-group 1
accept-dialin
protocol l2tp
virtual-template 1
terminate-from hostname BB-GGSN1
local name CPE-L2TP-Router
l2tp tunnel password 0 secret
!

interface Virtual-Template1
ip unnumbered FastEthernet0
peer default ip address pool l2tp-pool01
ppp authentication pap
!

ip local pool l2tp-pool01 10.9.2.201 10.9.2.220

For the curious souls like me, how the hell the router knows who’s BB-GGSN1.. so I added:

more…

Category: Firewall, Network, Security, Technical  | Comments off