Security Archive

« Older Entries
Newer Entries »

Tacacs + AD + CentOS = FREE | packetroute

Posted October 21, 2013 By Landis V

http://packetroute.wordpress.com/2012/12/12/tacacs-ad-centos-free/

Pretty complete guide to getting Marc Huber’s tac_plus set up on a CentOS box. Need to give this a shot in an LXC container at some point.

Be the first to comment
Filed in Cisco, Links, Linux, Networking, Projects, Security

Metasploit reading

Posted September 27, 2013 By Landis V

Metasploit Unleashed

Metasploit: The Penetration Tester’s Guide by David Kennedy

Be the first to comment
Filed in Books Poetry and Literature, Links, Security, Software

scottlinux.com | Linux Blog – Use Google Authenticator For Two-Factor SSH Authentication in Linux

Posted September 18, 2013 By Landis V

https://scottlinux.com/2013/06/02/use-google-authenticator-for-two-factor-ssh-authentication-in-linux/

Might have to give this a try.

Be the first to comment
Filed in Links, Linux, Security

Nope, mesh networks won’t stop the NSA

Posted September 16, 2013 By Landis V

http://www.networkworld.com/community/blog/nope-mesh-networks-wont-stop-nsa

Be the first to comment
Filed in Government, Internet, Links, Networking, Rights, Security, Wireless

stack your knowledge: IOS IPsec ezVPN server – part I

Posted September 11, 2013 By Landis V

http://staystack.blogspot.com/2013/04/ios-ipsec-ezvpn-server.html

Helpful article, though I wasn’t working with ezVPN.  The ‘reverse-route’ component was a critical one I was missing, though I’m pretty sure it’s still not going to get me where I need to go.   I’m attempting to get a software VPN client configuration to work with a router that’s also performing IPSec VPN in conjunction with VRF and zone firewall.  We’ve already encountered one show-stopping bug between ZBF/ZFW and NAT virtual interface (NVI), and I’m fairly sure about five steps down the road from reverse route injection that we’ve encountered yet another bug that will prove fatal in this endeavor as well.

 

No matter I guess.  Probably need to get this lab back to a more standard configuration in any case.  If you do happen to encounter a problem with ZFW, VRF, and software VPN client I’d love to hear about it in the comments.  Always nice to know you’re not the only one Cisco’s feature sets are leaving up a creek. If I get time, I’ll try to post a more detailed configuration example and steps that lead me to this conclusion.  I still haven’t completely disproven it, and haven’t run any debugs at all yet, so there’s still a slim possibility it could actually function.

Be the first to comment
Filed in Cisco, Links, Networking, Security, Technology

Encryption news: What you need to know

Posted August 21, 2013 By Landis V

http://www.networkworld.com/community/blog/encryption-news-what-you-need-know

Need to read the MIT linked article here, interesting cut from their paper.

Be the first to comment
Filed in Communications, Links, Mathematics, Security | Tagged:

Towards the perfect ruleset – Perfect_Ruleset.pdf

Posted July 31, 2013 By Landis V

http://inai.de/documents/Perfect_Ruleset.pdf

Glad I ran across this if for no more than the trace functionality.  You don’t know what you don’t know.

iptables -t raw -A PREROUTING/OUTPUT [...] -j TRACE

The whole document is worthwhile and contains some fantastic advice if you’re getting into more advanced iptables rulesets.

1 Comment. Join the Conversation
Filed in Links, Linux, Security
« Older Entries
Newer Entries »