Flex VPN Reference

Only IKEv2Unified configScalableServer/ClientCA Server recommended Prereq 1 – CA Server/Client: Server: ip domain-name cisco.com crypto key generate rsa modulus 1024 ip http server crypto pki server CA crypto pki trustpoint CA issuer-name O=CISCO L=SanJose C=US grant auto sh crypto pki certificates Client: ip domain-name cisco.com crypto key generate rsa modulus Read more…

GetVPN Reference

Does not support IKEv2. Only IKE v1. Does not have an overlay routing protocol or tunnel. Encrypts data in the underlay itself. Since there’s no overlay tunnel you don’t need additional subnets created. Centralized policy management. Policies in one place and pushed to all clients. The Keyserver. Components:-GM (Group Member)-KS Read more…

Bro 2.6 and FreeBSD

Using FreeBSD 12 RELEASE disc1https://download.freebsd.org/ftp/releases/amd64/amd64/ISO-IMAGES/12.0/ Once the system is up, install the packages below. # fetch ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/12.0-RELEASE/src.txz# tar -C / -xzvf src.txz# portsnap fetch && portsnap extract# pkg update -f && pkg upgrade && pkg install -y open-vm-tools sudo vim htop py27-pip git netmap lua51 gmake gzip bro Additional system Read more…

Bypassing Google Fiber

Google doesn’t allow you to bridge their network box so you would have to double NAT and double port forward. Maybe some people are fine with that, but I hate it. Luckily, it’s really easy to bypass. Default: fiber_line –> fiber_to_ethernet_jack –> Google_Network_Box The Google Fiber network box powers the Read more…

AMDGPU Pro on Debian

Ubuntu, RHEL and Suse are now the only “supported” distros when it comes to the proprietary AMD GPU drivers. Historically, nvidia has always had the worst opensource driver for linux, but some would argue the best closed source driver. AMD has been the other way around. Opensource AMD GPU drivers Read more…

CALDERA

The folks at MITRE have created yet another awesome tool.  CALDERA uses the ATT&CK model to simulate adversary behavior. It’s a great way to generate logs for hunting, or see how your detection stacks up.  Here’s how I got it going. I pretty much just followed along with the instructions Read more…