Subscribe:
RSS feed
-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
On a small router like Netgear WNR3500L we can install and use many security open source tools. I tested the followings free softwares just for fun: – Snort – Nmap – Tcptraceroute – Hping I do not know What performance degradation I could expect if those are running on the router, but there are some […]
November 5, 2011
1. Netgear has new routers with more CPU and memory Unfortunately the strongest router has at this time no ddwrt support. Model CPU RAM Flash Interface WLAN WNR3500L 480 MHz BCM4718 MIPS® 74K 64 MB 8 MB 5 GigEthernet 802.11 b/g/n 2.4 GHz WNR3500L v2 480 MHz MIPS® 74K 128 MB 128 MB 5 GigEthernet […]
November 5, 2011
By default there is no SWAP on the ddwrt routers, in case you need it you have to setup it on your own, but that is not so complicated, just read the documentations. Source documentation: http://www.dd-wrt.com/wiki/index.php/Linux_SWAP#Requirements Here is what I have done: 1. Create a file for the swap root@mygateway:/# dd if=/dev/zero of=/mnt/myswap.swp bs=1k count=80000 […]
September 20, 2011
In this example I configured a Site-to-Site VPN between 2 Fortigate boxes. It was realised with route based VPN and not with policy based VPN. I route everything through the tunnel here. Topology: ntp server and syslog server 192.168.1.159/24 | 192.168.1.1/24 (internal) myfirewall3 3.3.3.1/24 (wan) | 3.3.3.2 router 2.2.2.2 | 2.2.2.1 (wan) myfirewall1 1.1 Upgrade […]
August 22, 2011
For the fw monitor Checkpoint has wrote a dokumentation with the name fw_monitor_rev1_01.pdf. This document is old and – I guess – was never updated with the missing features that can be used to filter with fw monitor. There is a table that I got actually from the site: http://yurisk.info/2009/12/12/fw-monitor-command-reference/ I just copy it here […]
August 22, 2011
The users connects with Anyconnect client with IPSec to the ASA firewall. Lets say we have 2 Certificate Authorities (with the issuername IssuerA and IssuerB) and the users are mapped to tunnel-groups according to the issuer. A user called Terry Wood needs SSL as he works in a Hotel and the local proxy enables only […]
August 9, 2011
To debug a checkpoint firewall is not a big deal, but to understand the output is in many cases imposible for those NOT working at Checkpoint. I write here not about the exact analysation with debugging, just a ‘how to collect the required informations’ that may speed up the troubleshooting. 1. Reset the debugs to […]
July 18, 2011
With my requirements for any networking layer 3 device I collected the basic commands that we have to know or you will not be able to manage your fortigate. Okay, okay this is a bullshit, I just update this page since it is the number one post on my site.. :-) 1.0 Check the basic […]
July 17, 2011
In the old version of cisco firewalls – Version 6.x – it was not possible to disable nat control. After that cisco gave us the possibility to control it on our own with the command nat-control. This year in Version 8.3 not only the command nat-control, but the commands global, static and alias were deleted […]
itsecworks 
November 6, 2011
1