- Details
- Written by Jon Moore
I am working to have a network setup using as much open-sourced software as possible. This website is a perfect example; Linux Webserver and Joomla, and Open-source website framework. The next thing on my list of open-source softrwares is a good UTM Firewall device. For the uninitiated, UTM stands for Unified Threat Management. As opposed to just a basic firewall that blocks and allows traffic, I want something that offers a complete package, with Site-to-Site (IPSec) VPN, Client-to-Site (Remote Access) VPN, and easy-to-use management. There are a number of options that would possibly fit this bill. Here is a rundown of the Firewalls I have found and how they do/don't work.
- Details
- Written by Jon Moore
At work we have a lab network. And while one would think that the lab network would be more permissive than the corporate network, in all reality, it's less permissive. MAYBE it's the same, but I doubt it. I wanted to find out what ports were open to the outside world so I could find out how I can access any kind of server(s) at home. From the lab network, it is very easy to perform the scan with nmap. But what about the responses? I had (and still have) a web server running at the time, and while I was certain it would respond to ports 22, 80, and 443; that still leaves another 65,532 other possible ports. How do I get my server to just blindly respond to all those other ports, without having any real applications installed/running?
After much trouble, I eventually found a scapy script to do exactly what I wanted, just blindly respond to any packets on any/all ports! Read on for more details...
Read more: ACK-ALL Scapy Script
- Details
- Written by Jon Moore
In my ongoing desire to determine who/what/when/where/why my server had previously been compromised, I continue my analysis with the messages files and some other /var/log files.
Read more: Forensics File Analysis 4: messages
- Details
- Written by Jon Moore
In this article, we go over setting up a site-to-site VPN between a Check Point Gateway and a Sophos UTM Home Edition device.
Check Point is the leader in Next-Generation Firewalls. While there can be a bit of a (steep) learning curve with their products, they are leading edge, and very powerful. The biggest downside to Check Point is cost. They are quite expensive, both in terms of products and support. But you get what you pay for, and when you pay top dollar, you really do get top product. But what about the regular Joe, home/small business owner who doesn't have that kind of cash? Or what about small, non/not-for-profit organizations?
Read more: Check Point to Sophos UTM 9 VPN
- Details
- Written by Jon Moore
In a bit of a panic, I moved all kinds of grub files, without fully realizing the consequences later on... In any case, I am going over the files that I do have, and noting what differences may exist. If there's anything that would cause my booting problems, it is likely the bootloader, grub.
Read more: Forensics File Analysis 3: grubs
Page 5 of 7
- You are here:
-
Home
- Network Security