Digital Certificate types – faq

January 17, 2015

0

1. What is the difference between machine digital certificate and user certificate? 1.1 Answer Microsoft Windows specifically: ” Local machine certificate store This type of certificate store is local to the computer and is global to all users on the computer. This certificate store is located in the registry under the HKEY_LOCAL_MACHINE root. Current user […]

Palo Alto troubleshooting commands Part 2.

January 14, 2015

0

This is the part 2 of the troubleshooting commands that can help you better understand what and how you can troubleshoot on Palo Alto Next Generation Firewall in cli. The Part 1. can be found here. 1. Capture and logging specific traffic 2. Logging traffic for global counters 3. Updates 3.1 Applications and Threats update […]

Why do we use URL Filtering?

September 24, 2014

0

I try summarize shortly the reasons I collected on google for URL Filtering. I dont find the wikipedia page useful enough for that big topic. On wikipedia it is a part of content-control: http://en.wikipedia.org/wiki/Content-control_software. URL filtering is required to stop the users of an organization from accessing those websites that: – drains their productivity during […]

Custom Monitoring of Palo Alto with Perl and Cacti

August 30, 2014

7

1. The Global Counters The Palo Alto Firewall has released an API, that has some (not all) commands to issue through external programmable interface. This API is based on XML and makes it possible to issue specific commands with that you can check just for example some states of the firewall. Through the API it […]

Custom Monitoring of Cisco ASA with Lynx and Cacti

May 6, 2014

10

On packetpushers.net somebody wrote an articel about automatically get the outputs of show command of the cisco asa with lynx. That makes it possible to see if a specific counter for a feature, service or process or just interface counter changes, mainly increases, but you cannot see the size of the increase. In troubleshooting it […]

Query IPSEC VPNs with snmpwalk on Cisco ASA

May 5, 2014

3

The followings links can be used for the list of Cisco ASA SNMP MIBs. Cisco ASA SNMP MIBs: ftp://ftp.cisco.com/pub/mibs/supportlists/asa/asa-supportlist.html ftp://ftp.cisco.com/pub/mibs/v2/CISCO-IPSEC-FLOW-MONITOR-MIB.my OIDs Information page: http://www.mibdepot.com/cgi-bin/getmib3.cgi?win=mib_av&i=1&n=CISCO-IPSEC-FLOW-MONITOR-MIB&r=hp&f=ipsec-flow.mi2&v=v2&t=tree IKE SNMP Queries example 1. Check my IP in the firewall that terminates vpns. OID 1.3.6.1.4.1.9.9.171.1.2.3.1.3 OID NAME cikeTunRemoteValue OID Description The value of the local peer identity. If the local […]

Posted in: ASA, Cisco, Linux, Security, VPN

Triathlon Ingolstadt

February 7, 2014

0

Trainings road for triathlon/10 km running Run for your life! New road: Trainings road for triathlon/40 km biking Bike for your life!

Posted in: Uncategorized