001_Security

Using 2 internet links with Juniper screenos Firewalls to separate traffic (pbr) and apply traffic shaping

Published October 19, 2008 |

Scenario : you have 1 Juniper firewall, which has 2 internet connections : an expensive but reliable 4Mbit connection, and a fast, less expensive, but less reliable 20Mbit connection. Goal : use the reliable connection for smtp traffic (1Mbit) and http traffic (3Mbit), and route all other internet traffic over the other connection The techniques […]

Posted in 001_Security, Juniper, Networking | Tagged access-list, action-group, extended, gbw, how-to-monitor-traffic-shaping-in-juniper-firewall, internet, internet isp, isp, Juniper, juniper-multiple-internet-connections-configuration, juniper-on-2-internet, juniper-with-2-isp, match-group, mbw, multiple isp, pbr, policy based routing, screenos, setup-default-route-on-one-isp-on-juniper, traffic shaping

Using OSPF on Juniper Netscreen Firewalls

Published October 19, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

Introduction to OSPF OSPF is a link-state (dynamic) routing protocol that operates within an autonomous system. OSPF falls within the group of Interior Gateway Protocols. Devices that use OSPF will advertise link state information. The devices generate Link State Advertisements (LSA’s) for directly connected links, and will forward LSAs received from other devices to ensure […]

Posted in 001_Security, Juniper, Networking | Tagged abr, access-list, area, area 0.0.0.0, asbr, designated, dijkstra, injection, Juniper, lsa, lsdb, netscreen, not-so-stubby, open shortest path first, ospf, redistribute, redistribution, route-map, screenos, stub

Free Tool – Cisco Ironport C350 Safelist / Blocklist merge utility

Published July 27, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

If you have multiple Cisco Ironport C350 devices, you may have noticed that safelist / blocklist entries are bound to an individual device. So if your Ironport devices are both installed to handle incoming mails, end users need to manage safelists/blocklists on both devices in order to be sure that both devices operate in the […]

Posted in 001_Security, Cisco, My Free Tools, Networking | Tagged add-user-to-ironport-c350, backing-up-ironport-configuration, backup, backup-ironport-config, blocklist, c350, Cisco, free tool, iron-port-serial-number-with-cli, ironport, ironport-blacklist-entries, ironport-c350, ironport-c350-manual, ironport-c350-serial-manual, ironport-config-file-tool, merge, not-able-view-safelist, safelist, step-by-step-configuration-of-ironport-c350, sync

Free tool – Attachment filtering with Exchange 2007/2010 (custom transport agent)

Published July 21, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

Keywords : microsoft exchange 2007 attachment size filtering quarantine block reject small zip files attached When messaging admins need to implement some sort of attachment filtering, they mostly think about antivirus products, or using transport rules in Exchange 2007. I have discovered that not a lot of antivirus products nor the Exchange 2007 built-in functionalities […]

Posted in 001_Security, MS Exchange, My Free Tools | Tagged attachment filter, attachment-filter-exchange-2010-stand-alone, attachment-size-filtering-exchange-edge, deny-attachments-in-exchange-2010, edge-exchange-2010-allow-attachments, exchange-2010-allow-zip-files, exchange-2010-attachment-filtering, exchange-2010-html-tags-empty-body, exchange-2010-quarentined-encrypted-zip, exchange-2010-scripting-examples-for-attachments, exchange-create-rules-to-filter-outbound-attachments, exchange-transport-rule-save-attachment, free tool, how-to-get-attachment-filtered-exchange-2010-no-edge, html-attachments-exchange-2010, manag-attachment-filter, MS Exchange, ms-exchange-2010-allow-attachments-wit-cer, my-exchange-2007-is-quarantine-rar-messages, transport agent

Windows 2008 PKI / Certificate Authority (AD CS) basics

Published July 14, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

Keywords : Windows 2008 PKI Certificate Authority certutil certreq template root CA Enterprise CA convert pfx to pem generate custom certificate request subject alternate name san attribute Today’s blog post targets the deployment of a Windows 2008 server based Certificate Authority (AD CS) and will discuss some common scenario’s where certificates are used / required. […]

Posted in 001_Security, Active Directory, Certificates, MS Exchange, Windows Server | Tagged 2008, aia, backup, ca, capolicy.inf, certificate authority, certreq, certutil, common name, convert to pem, cp, crl, csp, custom request, distribution point, import-exchangecertificate, issuing, key recovation, keytool, lifetime, new-exchangecertificate, ocsp, root, san, software key storage provider, standalone, subject alternate name, validity, x.509

Building IPSec VPN with Juniper Netscreen ScreenOS (CJFV)

Published June 25, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

A few days ago, I have posted some ScreenOS basics on this blog. Today, it is time to take it one step further and to look at setting up and especially troubleshooting IPSec VPN’s with Juniper Netscreen devices. The need for VPN A VPN can be defined as the simulation of a private connection by […]

Posted in 001_Security, Juniper, Networking | Tagged 3des, aes, aggressive mode, asic, cjfv, dh, diffie hellman, hmac, ike, ipsec, isakmp, Juniper, main mode, netscreen, phase 1, phase 2, policy based, proxy id, psk, route based, screenos, sha, vpn

Juniper Firewall ScreenOS Basics (CJFV)

Published June 22, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

ScreenOS Concepts & Terminology The following document is based on ScreenOS v5.4.0r7.0 – Interface = connection to a specific subnet. An interface is assigned an IP address only if firewall is operating in L3 mode. Default interface names can vary on different Netscreen devices. – Zone : logical grouping of subnets and interfaces. All devices […]

Posted in 001_Security, Juniper, Networking | Tagged basic, block-intra-subnet-traffic-juniper, change-route-juniper-batch-file, cjfv, copy-image-from-ssg-firewall-to-tftp, how-to-recover-a-password-on-a-juniper-firewall, Juniper, juniper-firewall-policy-to-monitor-multiple-subnets, juniper-firewall-screenos-get-policy, juniper-firewall-set-service-ping, juniper-screenos-policy, nat-many-to-one-juniper-gui, netscreen, scp-disabled-for-root-juniper, screenos, screenos-get-time, screenos-nat-table, screenosdefault-policylog, set-filter-juniper-ssg, ssg5-config-file-scp-download

Free tool – PVE pcap statistics collector

Published May 25, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

Keywords : Wireshark Out Of Memory tcpdump statistics pcap The story I’m about to tell may sound familiar to most of you. You’ve been asked to gather some bandwidth utilization statistics on one of your servers. You’ve installed Wireshark on the server to capture all traffic, or you’ve used linux’ tcpdump to capture all traffic. […]

Posted in 001_Security, My Free Tools, Networking | Tagged bandwidth, calculate-bandwidth-of-pcap, claculate-pcap-file-size, create-statistics-from-pcap, free tool, network utilization, out of memory, pcap, pcap-file-packet-size, pcap-file-statistics, pcap-generate-stat, pcap-statistics, psexec-v1-83-suite, statistic-file-pcap, statistics, statistics-pcap, stats-from-pcap, stats-pcap, tcpdump, wireshark

Securing Windows Server 2008 and Active Directory

Published April 18, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

According to Microsoft, Windows Server 2008 is the most secure Windows server version ever. Windows 2008 does include many features that will help increase overall security of the OS, or assist you with securing AD, the network, etc. Most of the features/roles available in Windows 2008 are not being installed in a default installation of […]

Posted in 001_Security, Active Directory, Windows Server | Tagged 001_Security, 2008, Active Directory, disable-ip-source-routing-windows-2008, fine grained password policies, gpo, gpoaccelerator, group policy, hardening, hardening-windows-server-2008, high-security-dc-inf-windows-2008, logon-banner-displaying-warning-message-windows-server-2008, perforrouterdiscovery-server-2008, scw, securing-active-directory-accounts-2008, securing-and-auditing-windows-active-directory-domains, securing-windows-server-2008, security configuration wizard, what-is-the-role-of-server-operator-in-member-servers, windows

Free tool – PVE SMTP Open Relay Tester

Published April 4, 2008 |

By Peter Van Eeckhoutte (corelanc0d3r)

I have decided to make some of my old (and new) tools and scripts available to the community. The first (6 years old but still useful) tool is my SMTP Open Relay Tester. This small standalone Windows console application (no installation, no dll’s) will test if a given smtp server accepts third party relays or […]

Posted in 001_Security, MS Exchange | Tagged app-to-test-open-relay, backtrack-open-relay, free tool, free-smtp-relay-for-testing, mail-relay-test-php-download, open relay, open-relay-tester, open-relay-tool, open-relay-tool-download, openrelaytester, smtp, smtp-open-relay, smtp-open-relay-scanning-tool, smtp-open-relay-tutorial, smtp-open-relay-with-backtrack, smtp-relay-test-tool-freeware, test, test-for-open-remay-tools-smtp-backtrack, tool-for-testing-an-open-relay-download, tool-to-test-smtp-relay

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Using 2 internet links with Juniper screenos Firewalls to separate traffic (pbr) and apply traffic shaping

Using OSPF on Juniper Netscreen Firewalls

Free Tool – Cisco Ironport C350 Safelist / Blocklist merge utility

Free tool – Attachment filtering with Exchange 2007/2010 (custom transport agent)

Windows 2008 PKI / Certificate Authority (AD CS) basics

Building IPSec VPN with Juniper Netscreen ScreenOS (CJFV)

Juniper Firewall ScreenOS Basics (CJFV)

Free tool – PVE pcap statistics collector

Free tool – PVE SMTP Open Relay Tester

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!