This is the syntax to use to test SMTP relays. Commands are in bold:
telnet x.x.x.x 25
HELO mydomain.com
250 mobile.yourdomain.com Hello mydomain.com ([129.0.52.74]), pleased to meet you Read more…
This script is a simple, interactive way to backup and date-stamp your juniper Netscreen ISG/SSG (ScreenOS) firewall configurations. The script copies the configurations from the firewall using scp. Configurations older than one day ( -mtime +1) are archived off to a bz2 compressed file. Archives older than 60 days ( -mtime +60 ) are removed from the disk.
The usage is: nsb.sh [ip address / hostname of Netscreen]. (VIEW SCRIPT)
This aide-memoir describes and compares NAT configuration (Identity NAT, NAT Exemption/Identity NAT and also compares the syntax between ASA version 8.4.2 and below. There are some considerable differences to the syntax and some of the better-known commands have been deprecated. Read more…
It should be noted that many algorithms require the Cisco IOS to have access to the cleartext password.
The Vigenere algorithm is used to obfuscate the passwords (not really encrypt them as there is no encryption key) in order to prevent “shoulder surfing” from exposing passwords to someone who briefly looks at a running configuration.
If, however, someone gets hold of the configuration they can easily retrieve the passwords using the reverse translation of the Vigenere algorithm.
An aide-memoir:
ScreenOS-> undebug all
ScreenOS-> clear db Read more…
Debug flow basic
shows the flow of traffic through the firewall, allowing for troubleshooting route selection, policy selection, any address translation and whether the packet is received or dropped by the firewall. Read more…
This post describes the tasks required for a basic configuration of the Cisco ASA. Please note that he smaller Cisco ASA 5505 has an 8-port 10/100 switch which operates at Layer 2 only. So you can not configure the physical ports as Layer 3 routed ports, you need to create VLAN interfaces. By default, interface Ethernet0/0 is assigned to VLAN 2 and it’s the outside (internet-facing or untrusted)interface. The remaining seven interfaces (Ethernet0/1 to 0/7) are assigned to VLAN 1 Read more…
Another personal aide-memoir for SSL testing:
This method uses OpenSSL to create public/private keys pair and submit the public key to a Certificate Signing Authority to be signed by that CA. The procedure uses various methods to test certificates and SSL connections to web servers: Read more…
Attacks on Asterisk-based telephony systems are not uncommon. This video explains how to mitigate some attack vectors:
Read more…
Another Aide memoir:
UNIX SECURITY TECHNICAL IMPLEMENTATION GUIDE
Version 5, Release 1
Can be downloaded from: http://iase.disa.mil/stigs/downloads/pdf/unix-stig-v5r1.pdf
