Here is a general guide to creating and IPsec tunnel between two Cisco routers. This can also be applied to other devices as the concepts the same, but your configuration on those devices might be a little different.
Basic Configuration of Routers
Assign IP Addresses: Ensure both routers have IP Addresses assigned to their interfaces
Configure Routing: Setup Routing (static or dynamic) so the routers know how to reach each other.
Configure ISAKMP (IKE) Policy
ISAKMP (Internet Security Association and Key Management Protocol) policies define how the routers will establish the Phase 1 security associations (SA’s)
Set ISAKMP Policy: Define encryption (AES/3DES), hash (SHA,MD5), authentication (pre-shared keys), group (Deffie-Hellman group), and lifetime values.
The crypto map binds the previous elements together and applies them to the interface.
Create crypto map: Associate the ISAKMP policy, transform set, peer and ACL.
R1(config)# crypto map MYMAP 10 ipsec-isakmp R1(config-crypto-map)# set peer [peer IP address] R1(config-crypto-map)# set transform-set MYSET R1(config-crypto-map)# match address 100
Apply Crypto Map to the Interface
Bind to the Interface: Apply the crypto map to the interface facing the remote site.
Verify configuration: Use these commands like “show crypto isakmp sa”, “show crypto ipsec sa” to check the status of the tunnels
This is a very generic guide on establishing an IPsec tunnel between two Cisco Routers, your requirements might be different. Thanks for reading and leave a comment to hack the WordPress gods.
Here is how I setup and configure SFTP on my Ubuntu server.
Install the OpenSSH Server:
If you haven’t already installed the SSH server, you can do so with the below command.
sudo apt update
sudo apt install openssh-server
Let’s now verify SSH service is running.
sudo systemctl status ssh
Let’s configure SFTP
By default, any user with SSH access to the server can use SFTP to access their home directories. If you want to restrict SFTP users to their home directory, you should “chroot” them.
Let’s edit the SSh configuration file:
sudo nano /etc/ssh/ssh_config
add the following at the bottom of the file:
Match Group sftpusers
ChrootDirectory %h
ForceCommand internal-sftp
AllowTcpForwarding no
PasswordAuthentication yes
Save and close the file.
Let’s create the sftpusers group and a user account and then add them to the group.
Now, the user will be chrooted into their home directory when they log in with SFTP and they won’t be able to navigate outside of it. It’s important to remember that when chroot with SFTP, you must always ensure that the chroot directory and all of it’s parent directories remain owned by ‘root’ and are not writable by the chrooted user. If this is not the case, then the chroot environment could be bypassed leading to security issues.
Open Hyper-V Manager: Go to the start menu, search for “Hyper-V Manager,” and launch it.
Select the VM: In the left-hand pane, locate the virtual machine you would like to export. Right click on it and open the context menu and then click on “export”.
Choose the Export Path: In the “Export Virtual Machine” wizard, you’ll be prompted to select an export path. Choose a location where you want to save the exported VM, preferably on a drive with sufficient space!
Choose Export Options: In this step, you will have the option to choose whether you want to export the VM’s snapshots as well. You can choose to export all snapshots or just he running state. Select the appropriate option based on your needs and click “Next”.
Complete the Export: Review the settings on the summary page and click “Finish” to begin the export.
Monitor the Export Progress: The export process may take some time depending on the size of the VM and it’s associated files. You will want to monitor the progress through the Hyper-V Manager.
Once the export is completed, you will have a copy of the VM in the folder you specified. This exported VM can be imported into another Hyper-V host or it could serve as a backup of the original VM.
The export of the VM only creates a copy of the virtual machine configuration and its associated files. It does not remove or affect the original VM in any way. Thanks again for reading this far, I hope this article answered some of your questions.
In today’s digital landscape, online advertisements have inundated our browsing experience, often interrupting our activities and compromising our privacy. However, users now have a robust tool at their disposal to reclaim control over their online environment. Enter Pi-hole, an innovative network-wide ad-blocking solution. This article explores the workings of Pi-hole, its benefits, and how it revolutionizes ad-blocking, offering users a seamless browsing experience free from intrusive ads.
What is Pi-hole? Pi-hole is an open-source software developed to function as a network-wide ad-blocker. It operates on devices such as Raspberry Pi or any Linux-based system and intercepts domain requests made by devices within the network, preventing ads from reaching the users’ devices altogether. By blocking ads at the DNS (Domain Name System) level, Pi-hole effectively removes ads across all connected devices, including smartphones, tablets, computers, and even smart TVs.
How does Pi-hole work? Pi-hole operates as a DNS sinkhole, employing a blacklist of known ad-serving domains to filter out ad requests. When a device within the network attempts to connect to an ad-serving domain, Pi-hole intercepts the request and blocks it, ensuring that the ad never reaches the user’s screen. By acting as a centralized ad-blocker, Pi-hole offers a network-wide solution that eliminates the need for individual ad-blocking software on each device.
The benefits of Pi-hole
Ad-Free Browsing: Pi-hole delivers a cleaner and more enjoyable browsing experience by eradicating intrusive ads across all devices on the network. Whether you’re surfing the web or streaming content, Pi-hole ensures a seamless and uninterrupted experience.
Enhanced Privacy and Security: Pi-hole not only blocks ads but also prevents trackers and malware domains from infiltrating your network. By intercepting and blocking these potentially harmful domains, Pi-hole provides an additional layer of security and privacy protection, reducing the risk of malware infections and safeguarding your personal information.
Network-Wide Protection: With Pi-hole, every device connected to the network benefits from ad-blocking capabilities. Whether it’s your smartphone, tablet, or computer, all devices can enjoy an ad-free experience without the need for separate ad-blocking software.
Faster Browsing: By blocking ads at the DNS level, Pi-hole reduces the amount of data being transferred to your devices, resulting in faster page loading times. With less data to process, webpages load swiftly, improving overall browsing speed and efficiency.
Customization and Control: Pi-hole offers users a high level of customization and control over their ad-blocking experience. Users can add or remove domains from the blacklist, allowing them to tailor their ad-blocking preferences according to their specific needs. Pi-hole also provides detailed statistics and logs, giving users insights into the types and quantities of ads being blocked.
Pi-hole represents a groundbreaking solution in the realm of ad-blocking technology. By seamlessly blocking ads at the network level, Pi-hole offers users an uninterrupted browsing experience across all devices connected to their network. With enhanced privacy, improved security, faster page loading times, and the ability to customize and control the ad-blocking process, Pi-hole empowers users to regain control over their online environment. In an era where intrusive ads and privacy concerns prevail, Pi-hole stands as a powerful tool that revolutionizes the way we browse the internet, providing a cleaner, safer, and more enjoyable online experience for all.
I will have an article and video up shortly on how you can install and use pi-hole in your network.
To view filtered sessions in the Fortinet Command Line interface (CLI) on a FortiGate firewall, you can use the “diagnose sys session list” command after you apply the filtering options you would like to use.
Access the FortiGate CLI through SSH or console connection, you can use a program like PuTTY or a windows terminal.
Log in with your administrator credentials.
Use the “diagnose sys sessions filter” command with the desired filtering options. For example, to filter sessions sourcing from 192.168.1.10:
diagnose sys sessions filter src 192.168.1.10
After applying the filter, use the “diagnose sys session list” command to view the filtered sessions:
diagnose sys sessions list
This command will display the list of sessions that match your specified filtering criteria.
The output may be quite large, depending on the number of sessions matching the filter, but thankfully you can use additional options with the “diagnose sys session list” command to customize the output, like specifying the number of sessions to display or filtering based on specific session states.
Let’s look at an example to limit the number of displayed sessions to 100:
diagnose sys session list | head -n 100
Now lets filter our sessions that are currently in an established state.
diagnose sys sessions list | grep "ESTABLISHED"
Please remember that the cli is case-sensitive and you will need to enter the filtering parameters correctly to get accurate results.
Now that we have found the sessions that we might want to clear let’s run the below command to clear the pesky connections. Remember using this command without any filters applied will clear all sessions currently opened on the FortiGate unit, BE CAREFUL!
diagnose sys session clear
Thanks for reading and please check out our YouTube channel for more content.
In Linux, you can use the ‘ls’ command with the ‘-l’ (long format) option to display detailed information about files, including their sizes. Here’s how you can do it.
Open a terminal and navigate to the directory where the file is located (if necessary). Then, run the following command.
ls -l <filename>
Replace ‘<filename>’ with the name of the file you want to check. For example, if you want to check the size of a file named “example.txt”, you would run:
ls -l example.txt
The command will display information about the file, including its size in bytes.
If you want to display the file size in a more human-readable format, you can use the ‘-h’ (human-readable) option along with the ‘-l’ option, like this:
ls -lh <filename>
This will display the file size in a format that is easier to understand, such as kilobytes, megabytes or gigabytes depending on the file size.
If you want to check the sizes of multiple files in a directory, you can use a wildcard character ‘*’ to specify a pattern. For example, to check the sizes of all files in the current directory, you can run:
ls -l *
This will display the detailed information for all files in the directory, including their sizes.
Please remember that the ‘ls’ command shows sizes of files and not directories, please check out my other article on showing directory sizes if you would like more information. Hint it’s the ‘du’ command.
First, list connect to the switch using a console cable or Telnet to connect to the switch’s command line interface (CLI). You also might need the credentials to access the switch if they have been configured.
Enter configuration EXEC mode: once connected, enter privilege EXEC mode by typing the following command and proving the correct enable password if security has been configured.
Switch> enable
Enter global configuration mode:
Switch# configure terminal
Now let’s create an access-list using the ‘access-list’ command to create an access list that defines the allowed IP addresses or address. The following example creates an access list named “ACL-IN” that permits traffic from a specific IP address (192.168.1.100):
Switch(config)# access-list ACL-IN permit ip host 192.168.1.100 any
You can modify the IP Address and subnet to meet your requirements. The ‘any’ keyword allows traffic to any destination IP address.
Now lets apply the access list to the management interface. To secure the switch, we need to apply the access list to a management interface, such as VTY lines used for remote management. Use the below commands to apply the ACL to the VTY lines.
Switch(config)# line vty 0 15
Switch(config-line)# access-class ACL-IN in
This configuration applies the access-list “ACL-IN” to the incoming traffic on the VTY lines.
To finish up, lets save our configuration using ‘write’ or ‘wr’ or ‘copy running-config startup-config’.
Switch(config)# write
We have created an access list and applied it to the management interface of the switch. Please remember to replace the IP Address (192.168.1.100) with an IP or Subnet that you would like to have Telnet or SSH access as all other IP addresses will be denied access. Thanks again for visiting Unreal-Labs, make sure to check back soon as our content is always updating.
TShark is a command-line tool that comes bundled with Wireshark. It provides similar functionality to Wireshark but without the GUI. Below are some options for running TShark.
Make sure to add the Wireshark directory to your %Path% or run the command from the Wireshark folder under “Program Files”.
Basic TShark command:
tshark
To select and interface if you have more then one
tshark -i <interface_Name>
Capture packets to a file:
tshark -i <interface_name> -w captured.pcap
This command captures and saves them to the specified file “captured.pcap”
Read a Capture File:
tshark -r captured.pcap
This command reads the captured file “captured.pcap” and displays the packet information.
Filtering Packets:
You can apply disply filters to TShark to view specific packets. User the ‘-Y’ option followed by the filter expression.
tshark -r captured.pcap -Y "expression"
Replace “expression” with the desired filter such as “ip.addr == 192.168.0.1” to filter packets with a specific IP address.
Display summary information:
TShark can also display summary information about captured packets. User the ‘-z’ option followed by the summary type.
tshark -r captured.pcap -z "summary"
Replace “summary” with the desired summary type, such as ‘io,phs’ for the I/O and protocol hierarchy summary.
I will be adding more articles about Wireshark/TShark in the coming weeks, please stay tuned.
Today I am going to provide an example of a Robocopy script I use to copy files, retain security, attributes and provide multi-treaded copying for improved performance.
In this example, all files and subdirectories from ‘C:\DataFiles’ will be copied to the remote location on another server ‘\\RemoteServer\SharedFolder’ without deleting any files. I hope this example helps someone that needs a quick script to copy files to a local or remote location using a fast copy method. You can speed the copy up if you remove /R:1 and /W:5, robocopy will just skip over files that are locked or cannot be copied.
Robocopy (Robust File Copy) is a powerful command-line tool in Windows used for advanced file and folder copying operations. Robocopy provides more control and flexibility compared to copy commands like ‘copy’ or ‘xcopy’. Robocopy has is really useful for tasks such as mirrioring directories, backing up files, or syncing files/folders between different locations. I will provide you with some basic examples on how to use Robocopy today.
Basic Robocopy command:
robocopy <source> <destination>
This command copies files and sub-directories from the source directory to the destination directory.
Example:
robocopy C:\SourceFolder D:\DestinationFolder
This command copies all files and sub-directories from ‘C:\SourceFolder’ to ‘D:\DestinationFolder’
Mirror a directory:
robocopy <source> <destination> /MIR
The ‘/MIR’ option mirrors the source directory to the destination directory, which means it copies files and sub-directories and also removes any files or directories in the destination that no longer exist in the source.
This commands mirrors ‘C:\SourceFolder’ to ‘D:\DestinationFolder’, copying any new or changing files and deleting any files or directories in the destination that don’t exist in the source.
Copy files in restartable mode:
robocopy <source> <destination> /Z
The ‘/Z’ option enables restartable mode, which allows the copying process to resume from the point of it was interrupted.
Example:
robocopy C:\SourceFolder D:\DestinationFolder /Z
Like the examples above this command copies files from ‘C:\SourceFolder’ to ‘D:\DestinationFolder’ but this time it’s in a restartable mode.
The last example for today is how to just copy new or changed files, which will prevent files in the destination directory from being overwritten. So only files that are newer or don’t exist are going to exist in the destination folder.
I will start adding some advanced methods I use Robocopy for in a production environment, but this tool is just so handy for even backing up personal computers to a NAS or other storage device. Thanks for reading and have a wonderful day!
Unreal Labs 