Cheat sheet : Installing Snorby 2.2 with Apache2 and Suricata with Barnyard2 on Ubuntu 10.x
After spending a few hours fighting a battle against Snorby and Apache2 + Passenger, I finally managed to get it to run properly on my Ubunty 10.x box (32bit). Looking back, I figured I might not be the only one who is having issues with this.
So I decided to publish the notes I took while setting everything up, and as a little bonus, explain how to install and configure Suricata as well (configured in combination with barnyard2 which will pick up local logs and send them to the remote MySQL server).
Continue reading
Script to backup Cisco switches via telnet / tftp
A couple of days ago, I have released a small perl script to back up Cisco IOS based switches via telnet. I know there are a couple of similar scripts available on the internet, but most of them either use the “expect” functionality (which does not work all the time), or use SendKeys (which only [...]
WPA TKIP cracked in a minute – time to move on to WPA2
Just a quick note to let you know that 2 Japanese scientists (from Hiroshima and Kobe Universities) have found a practical way to crack WPA TKIP in about one minute, using a technique called “Beck-Tews”. This technique is not new. It has been discovered by some Germans back in november, but was somewhat limited in [...]
Spread the word ! nmap 5 released
Insecure.org has released a new major version of the free, open source “nmap” security scanner. (Don’t just call nmap a port scanner – Thanks to many improvements over the last years, nmap has become an excellent security scanner). Visit http://nmap.org/5/ for more information about this new version. Although there are roughly 600 updates in this [...]
Juniper ScreenOS : Active/Passive clustering
Introduction In this blog post, I’ll show the easy steps to set up a screenOS based active/passive cluster. I’m not going to discuss the configuration of active/active clusters because, in my opinion, this configuration is only needed in rare circumstances and may introduce some weird behaviour issues. Furthermore, active/passive clusters have been working quite well [...]
Juniper ScreenOS : default route manipulations and redistributions
The default route or “route of last resort” is an important route in most present inter-network connectivity configurations. It contains all public and private routes possible and is responsible for directing traffic to a next hop when no better route is found. In most cases, it is used to allow networks to access the internet, [...]
Juniper ScreenOS : defeating iBGP full mesh requirement using route reflectors and confederations
As explained in one of my earlier posts, one of the requirements to successfully setup and operate an iBGP configuration is that all iBGP clients need to have a BGP connection to all other iBGP clients. (= full mesh). This is required because an iBGP device only exchanges information about its own networks and it [...]
Cheatsheet : Cracking WPA2 PSK with Backtrack 4, aircrack-ng and John The Ripper
Basic steps : Put interface in monitor mode Find wireless network (protected with WPA2 and a Pre Shared Key) Capture all packets Wait until you see a client and deauthenticate the client, so the handshake can be captured Crack the key using a dictionary file (or via John The Ripper) I’ll use a Dlink [...]
Cheatsheet : Cracking WEP with Backtrack 4 and aircrack-ng
I know, there a probably already a zillion number of websites that show how to crack WEP. So I guess this will be website zillion+1 learning how to audit your own WEP security. To be honest, the main reason I’m putting this info on this blog because I just wanted it as a quick reference- [...]
Juniper Screenos : Redundant multi-exitpoint ISP routing failover using multiple vrouters, multiple OSPF areas and eBGP
Introduction As you most likely already know, Juniper screenOS supports a couple of dynamic routing protocols (OSPF, BGP, RIP). These protocols can be used to build very powerful and redundant networks, however there are some screenos specific issues with these implementations, and these issues may introduce a little bit of complexity in the design and [...]
