1
More Annotations
3
3
Favourite Annotations
2
6
Text
NETWORK AND SECURITY gunzip -c 10.176.101.247-08-05-2019-message.log.gz | grep "184.26.143.177" >>BIT NETWORK AND SECURITY: CISCO BRANCH OFFICE SHARING INTERNET This is an example of creating a MPLS network using EIGRP and BGP. Headquarters (or where Internet Egress is) router eigrp 1 red NETWORK AND SECURITY: CISCO DMVPN DMVPN - Dynamic Multi-point VPN is very useful in connecting remote offices together using the Public Internet, it also compliments an existing MPLS implementation in that it can provide immediate fun fun fun .message.log # to run this as a service you would enter systemctl enable rsyslog (however this is Kali so do you want it on all the time) this will work on any NIX as long as you're using Rsyslog user@host
failover.
NETWORK AND SECURITY: LINUX Building out a Syslog server to support a Cisco ASA, this will work for any number of Cisco devices but the ASA is the example On the NETWORK AND SECURITY: SNMP V3 CISCO DEVICES # For a router or Switch not able to use a named ACL ip access-list standard 99 permit host XX.XX.XX.XX log permit XX.XX.XX.XX log NETWORK AND SECURITY: LINUX CRON JOB WITH RSYNC Linux servers have the ability to run scheduled tasks, this is called a Cron job. With the Cron job anything command you run from the command line can be run as quickly as every 1 minute or as long in between as you desire NETWORK AND SECURITY: CISCO ROUTER PASSWORD RECOVERY Password Recovery Cisco Router / Factory Reset connect console cable to computer and router settings use Putty local connect power on NETWORK AND SECURITY: FEBRUARY 2016 apt-get install heirloom-mailx apt-get install bsd-mailx apt-get install postfix vi /etc/postfix/main.cf ** replace what is in there with ** smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination NETWORK AND SECURITY: 2012 Within the Cisco Switch we can locate what port a host is connected to with only having the IP address. The host machine's IP address is192.168.1.252
NETWORK AND SECURITY: AUGUST 2013 Security rules should be added for security this is only for settingup Remote Access
NETWORK AND SECURITY gunzip -c 10.176.101.247-08-05-2019-message.log.gz | grep "184.26.143.177" >>BIT NETWORK AND SECURITY: CISCO BRANCH OFFICE SHARING INTERNET This is an example of creating a MPLS network using EIGRP and BGP. Headquarters (or where Internet Egress is) router eigrp 1 red NETWORK AND SECURITY: CISCO DMVPN DMVPN - Dynamic Multi-point VPN is very useful in connecting remote offices together using the Public Internet, it also compliments an existing MPLS implementation in that it can provide immediatefailover.
NETWORK AND SECURITY: LINUX Building out a Syslog server to support a Cisco ASA, this will work for any number of Cisco devices but the ASA is the example On the NETWORK AND SECURITY: SNMP V3 CISCO DEVICES # For a router or Switch not able to use a named ACL ip access-list standard 99 permit host XX.XX.XX.XX log permit XX.XX.XX.XX log NETWORK AND SECURITY: LINUX CRON JOB WITH RSYNC Linux servers have the ability to run scheduled tasks, this is called a Cron job. With the Cron job anything command you run from the command line can be run as quickly as every 1 minute or as long in between as you desire NETWORK AND SECURITY: CISCO ROUTER PASSWORD RECOVERY Password Recovery Cisco Router / Factory Reset connect console cable to computer and router settings use Putty local connect power on NETWORK AND SECURITY: FEBRUARY 2016 apt-get install heirloom-mailx apt-get install bsd-mailx apt-get install postfix vi /etc/postfix/main.cf ** replace what is in there with ** smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination NETWORK AND SECURITY: 2012 Within the Cisco Switch we can locate what port a host is connected to with only having the IP address. The host machine's IP address is192.168.1.252
NETWORK AND SECURITY: AUGUST 2013 Security rules should be added for security this is only for settingup Remote Access
NETWORK AND SECURITY: 2015 Nagios notes There are 3 files that I work with # plugins /usr/local/nagios/libexec # tell Nagios where to look for files /usr/local/nagios/etc vi nagios.cfg NETWORK AND SECURITY: CENTOS 7 INSTALLING OBSERVIUM CentOS 7 Installing Observium. As you copy and paste the below ensure each line goes in with no issues, if there are any issues correct it before moving on or you will have issues further down. You have 2 options: Disable the Firewall and SELinux. or. NETWORK AND SECURITY: CISCO ROUTER/SWITCH BANNER MOTD Every Network device to include Desktops, Servers, Routers, Switches an Firewalls should include an indicator upon login that the device a users is about to log into is company property and if they are not allowed to login then don't. NETWORK AND SECURITY: 2015-12-20 Nagios notes There are 3 files that I work with # plugins /usr/local/nagios/libexec # tell Nagios where to look for files /usr/local/nagios/etc vi nagios.cfg NETWORK AND SECURITY: 2014-01-05 VRF is typically used in MPLS networks, however VRF-lite is used on routers and Layer 3 Switches. For example you have a /22 network (4 - /24 networks) 10.100.0.0, 10.100.1.0, 10.100.2.0 & 10.100.3.0 and you want 10.100.3.0/24 to have a different default gateway you would use a NETWORK AND SECURITY: CHECKPOINT CREATE A STATIC ROUTE CheckPoint is a Router as well as a Firewall From the Command Line (In Expert Mode) route add -host 10.234.56.35 gateway 192.168.199.2 The above command will not survive a reboot, this is only temporary to make it permanent it is best to use the Sysconfig utility. NETWORK AND SECURITY: 2012-11-11 HSRP allows 2 routers or 2 switches to act as one for routing purposes. The below example assumes the Vlans are already completed. Switch #1 has the higher priority so this one will be the active one for the vlan, the increment level is 10 so Switch #2 has been set to105.
NETWORK AND SECURITY: 2015-11-22 yum install httpd php -y yum install gcc glibc glibc-common make gd gd-devel net-snmp -y useradd nagios groupadd nagcmd usermod -G nagcmd nagios usermod -G nagcmd apache NETWORK AND SECURITY: 2012-11-18 Uptime for this control processor is 16 hours, 1 minute. System returned to ROM by reload ß The reason for a reboot. System restarted at 20:56:01 UTC Mon Nov 19 2012 ß The time the Switch was restarted. System image file is "bootflash:cat4500e-universalk9npe.SPA.03.03.01.SG.151-1.SG1.bin" ßVersion of software on Switch. NETWORK AND SECURITY: 2013-09-01 Linux servers have the ability to run scheduled tasks, this is called a Cron job. With the Cron job anything command you run from the command line can be run as quickly as every 1 minute or as long in between as you desire NETWORK AND SECURITY THURSDAY, JANUARY 30, 2020 CHECKPOINT UPGRADE VIA CLIidle 120
expert mode
df -h ensure there is enough disk space create a temporary directory (example: /var/migration) Upload CheckPoint package via SFTP to Mgmt/Gateway to /var/migration go to the new directory via CLI gtar -zxvf./UnixInstallScript
at January 30, 2020
No comments:
Links to this post
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Firewalls
VARIOUS LINUX COMMANDS # split a column into 5,000 lines split -l 5000 test file # take a column of stuff and make one line comma separated awk -vs1= '{S=S?S OFS s1 $0 s1:s1 $0 s1} END{print S}' OFS=, original > BLOCK_URL # add a /32 to the end of each line awk '{print $0,"/32"}' MALWARE >MALWARE_CIDR # remove space between IP and /32 tr -d ' ' < MALWARE_CIDR > MALWARE_CIDR2 # remove # in a file sed 's/#//g' SWRX_IPor
cat foo.txt | tr -s ' ' |cut -d ' ' -f1 # remove everything after .date ex -sc '%s/\(\.date\).*/\1/' -c x SWRX_DOMAIN # add something to the end of each line sed 's/$/ log/' ACL > ACL_UPDATE # to view and grep something in a .gz file gunzip -c 10.176.101.247-08-05-2019-message.log.gz | grep "184.26.143.177" >>BIT # copy ssh key to server ssh-copy-id -i id_rsa.pub adrianw@10.176.101.47 # Find and AS # for a specific Site (Company) http://networktools.nl/asinfo # how to look up all the IP’s in text whois -h whois.radb.net -- '-i origin AS15169' | grep ^route >>YOUTUBE_IP
# nmap scan for ssh-able computers nmap -sS -p 22 192.168.10.0/24 >WHODIS cat WHODIS | grep "Nmap scan report for" # nmap scan for ICMP nmap -sP 10.176.101.0/24 >WHODIS cat WHODIS | grep "Nmap scan report for" Want to see what IP is pining you Ip a | grep net <— this is to find out what the interface name ison your server
tcpdump -i ens192 icmp <— this command will show you who is pingingyou
Find a file over 1GB in size find . -size +1G -exec ls -lh {} \+ Scan for any server based on CVE database with nmap! First: wget https: //raw.githubusercontent (.) com / vulnersCom / nmap-vulners / master / vulners.nse -O /usr/share/nmap/scripts/vulners.nse && nmap--script-updatedb
Then:
nmap -sV --script vulnersat January 30, 2020
No comments:
Links to this post
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Linux
RSYSLOG KALI LINUX
vi /etc/rsyslog.d/remote.conf # Enter the below in the file!
$FileCreateMode 0644$umask 0022
$ModLoad imudp
template(name)
template(name="remote" type="string" string="/home/rsyslog/remote/%fromhost-ip%-%$MONTH%-%$DAY%-%$YEAR%-message.log")$RuleSet remote
*.* ?remote
# *.* @10.176.101.47:514 ; this is when you want to forward all the logs to another destination also $InputUDPServerBindRuleSet remote$UDPServerRun 514
# save and quit
:wq!
!
vi /etc/rsyslog.conf # add the below entries under ## Rules ##!
# Local
$RuleSet Local
# at the bottom add this!
$DefaultRuleSet local# save and quit
:wq!
# create a directory for everything to be stored inmkdir /home/rsyslog
cd /home/rsyslog
mkdir remote
!
# start the Rsyslog services systemctl start rsyslog!
# to test the rsyslog cd /home/rsyslog/remote # you will need the IP address of the server you just built!
logger -n# now run ls -l
# you should seeat January 30, 2020
No
comments:
Links to this post
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Linux
KALI LINUX ADD USER AND ALLOW SSH # To create a new user adduser -m!
# if you want to this use to have full sudo rights usermod -a -G!
# manage the shell that the user logs into chsh -s /bin/bash!
Re-Generate ssh keys!
# We should keep a copy of the original keys in case we make a mistakeor just need them
mkdir /home/migrate/cd /home/migrate
mkdir /old_keys
!
cd /etc/ssh
!
cp *.* /home/migrate/old_keys!
# remove all entries in regards to the ssh_hostrm -rf ssh_host*
!
# this will regenerate the keys dpkg-reconfigure openssh-server!
# this is for the super paranoid ssh-keygen -t rsa -b 16384!
# This step allows login only via ssh keys vi /etc/ssh/sshd_config!
PubkeyAuthentication yes!
PasswordAuthentication no!
# now to save and quit:wq!
!
# restart the ssh service systemctl restart ssh.service!
# view the status of the ssh service systemctl status ssh.service!
from your Mac or Linux desktop!
# This will copy the ssh keys from your Mac or Linux computer to theKali Linux server
ssh-copy-id -i ~/.ssh/at January 30, 2020
No comments:
Links to this post
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Linux
THURSDAY, MARCH 9, 2017 VMWARE TOOLS ON CENTOS 6/7 MINIMAL INSTALL yum install open-vm-tools -y yum install perl gcc make kernel-headers kernek-devel -yum mount /dev/cdrom /mnt # in the Vmware console select install VMware Toolscd /mnt
# you will see something similar to the below show up # mount: block device /dev/sr0 is write-protected, mounting read-only # verify VMwareTools-X.tar.gz is availablels
# install VmwareTools to the /tmp directory cp -p VMwareTools-X.tar.gz /tmpcd /tmp
# you should see the VMwareTools.X.tar.gz file you just copied in herels
# untar the VMware-Tools file tar xzvf VMwareTools-X.tar.gz cd /vmware-tools-distrib # looking for vmware-install.plls
# there will be some questions, accept the defaults./vmware-install.pl
# when you're all done unmount the driveumount /mnt
at March 09, 2017
No comments:
Links to this post
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Linux
THURSDAY, JANUARY 5, 2017SYSTEMD AND NAGIOS
If you are running a version of Linux that uses SystemD and have problems with Nagios starting, Time to modify the config a bit: # vi /etc/systemd/system/nagios.serviceDescription=Nagios
BindTo=network.target WantedBy=multi-user.targetUser=nagios
Group=nagios
Type=simple
ExecStart=/usr/local/nagios/bin/nagios /usr/local/nagios/etc/nagios.cfg # systemctl enable /etc/systemd/system/nagios.service # systemctl start nagios # systemctl status nagios After that you need to restart the Nagios Service. # /etc/init.d/nagios restart * As always you should run the pre-flight check to ensure everything has been configured correctly /usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfgat January 05, 2017
No
comments:
Links to this post
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Linux
TUESDAY, DECEMBER 6, 2016SSH ERROR ON MAC
#when you get this error port 22: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 #run the ssh command like this ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 root@10.0.1.1 at December 06, 2016No
comments:
Links to this post
Email This
BlogThis!
Share
to Twitter
Share
to Facebook
Share
to Pinterest
Labels: Linux
Older Posts
Home
Subscribe to: Posts (Atom) CHECKPOINT UPGRADE VIA CLI idle 120 expert mode df -h ensure there is enough disk space create a temporary directory (example: /var/migration) Upload CheckPoint p...*
CentOS 7 Syslog Server for a Cisco ASA Building out a Syslog server to support a Cisco ASA, this will work for any number of Cisco devices but the ASA is the example On the ...*
CentOS 7 Installing Observium As you copy and paste the below ensure each line goes in with no issues, if there are any issues correct it before moving on or youwill ha...
*
Linux - OpenVAS
Installation of Open VAS Disable SELinux vi /etc/selinux/config SELINUX=disabled Install Wget yum install wget -y yum update -y r...SEARCH THIS BLOG
* Home
THIS IS ME.
* AW
View my complete profileBLOG ARCHIVE
* ▼ 2020 (4)
* ▼ 01/26 - 02/02(4)
* Checkpoint upgrade via CLI * Various Linux Commands * Rsyslog Kali Linux * Kali Linux add user and allow SSH* ► 2017 (2)
* ► 03/05 - 03/12(1)
* ► 01/01 - 01/08(1)
* ► 2016 (10)
* ► 12/04 - 12/11(1)
* ► 11/06 - 11/13(1)
* ► 10/16 - 10/23(1)
* ► 10/09 - 10/16(1)
* ► 05/15 - 05/22(2)
* ► 05/08 - 05/15(1)
* ► 02/07 - 02/14(1)
* ► 01/31 - 02/07(1)
* ► 01/24 - 01/31(1)
* ► 2015 (12)
* ► 12/20 - 12/27(2)
* ► 12/13 - 12/20(3)
* ► 12/06 - 12/13(2)
* ► 11/22 - 11/29(3)
* ► 08/16 - 08/23(1)
* ► 02/15 - 02/22(1)
* ► 2014 (6)
* ► 10/05 - 10/12(1)
* ► 01/26 - 02/02(1)
* ► 01/05 - 01/12(4)
* ► 2013 (18)
* ► 11/17 - 11/24(1)
* ► 09/29 - 10/06(2)
* ► 09/01 - 09/08(8)
* ► 08/25 - 09/01(5)
* ► 08/18 - 08/25(2)
* ► 2012 (27)
* ► 12/02 - 12/09(1)
* ► 11/25 - 12/02(11)
* ► 11/18 - 11/25(1)
* ► 11/11 - 11/18(13)
* ► 11/04 - 11/11(1)
TRANSLATE
Select Language▼REPORT ABUSE
LABELS
* Firewalls
* Linux
* Routers
* Switches
* Telecom
Anything here can be used by anyone at anytime. ~ AW. Simple theme. Theme images by luoman.
Powered by Blogger .ORIGINAL TEXT
Contribute a better translation -------------------------Details
2