There’s a built in cheat for VPN configurations. It can be tough to remember every step involved. This makes it super easy. Just type vpnsetup ? from config mode, select the type and steps, and the firewall will give you example configs and all steps involved for every type of Read more…
A quick howto on ZBPF. Its not difficult, but can get really confusing when the configs start to grow. I always try to name the entries with the easiest detail possible. Like if it’s an http class map specifically, i name it HTTP_CLASS_MAP so it’s easy to grep. Sticking to Read more…
Continuing on the bind RPZ stuff. If you need to build a walled garden, Inetsim would be great for that. It runs fake services and will serve up anything you ask it for. Great for studying malware. CentOS 7 this time. cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/netwwork-scripts/ifcfg-eth0:0 Edit eth0:0 and change the IP Read more…
RPZ Specification: https://kb.isc.org/getAttach/22/AA-00512/rpz.pdf When doing lookups on hosts, my nameserver recursively resolves it. If the response matches what is in the RPZ zone files, the nameserver will send whatever is set back to the client. This is great for low cost malicious activity blocking. . for NXDOMAIN *. For Read more…
#Kind of a funny way to accomplish this, but it’s the only way I could get pf_ring to build and actually work. #CentOS 6.6. #Install EPEL.http://mirror.umd.edu/fedora/epel/6/i386/repoview/epel-release.html sudo yum install git swig python-devel byacc kernel-devel libtool automake make autoconf pcre-devel flex bison byacc gcc gcc-c++ zlib-devel numactl numactl-devel If you’re using Read more…
CentOS 6.6 First enable passwordless SSHsshkeygen if you haven’t already cat .ssh/id_rsa.pub Copy that to /root/.ssh/authorized_keys on the new system. Then change permissions chmod 700 ~/.sshchmod 600 ~/.ssh/authorized_keys #Install EPEL.http://mirror.umd.edu/fedora/epel/6/i386/repoview/epel-release.html sudo yum install cmake swig python-devel byacc kernel-devel libtool subversion automake make autoconf pcre-devel libpcap-devel libpcap flex Read more…
The purpose of this post is to create a system from where network installations can occur. A remote system will boot to the network, receive IP information from a DHCP server and boot Linux from a TFTP server. The TFTP server will provide the required packages for a Linux install. Read more…
All of the gui driven iso to usb programs were not working correctly for me on CentOS. This document outlines steps to make a CentOS 6 install usb stick. What you need: An 8GB or higher usb stick ( I like corsair voyagers )CentOS 6.6 DVD 1, 2 and Net Read more…
I have 2 ASA 5510s and an IPS 4240 on the way. I can do most of the stuff in the classes and workbooks with the gear I already have. I’ll use rack rental for the Wifi, ISE and other stuff that requires more recent hardware or hard to get Read more…
All done on Ubuntu 12 server. Pretty much followed this guide: https://code.google.com/p/collective-intelligence-framework/wiki/ServerInstall_Ubuntu12_v1 Ran into a few issues… Had to force some perl modules. cpanm Net::Abuse::Utils –force And version 1.7 of Linux::Cpuinfo wouldn’t install. Just removed the @1.7. cpanm git://github.com/gitpan/Linux-Cpuinfo.git –force Then you have to grab this Cpuinfo.pm and place it Read more…