Archive for the ‘Networking’ Category

h1

m0n0wall Vs PfSense embedded security systems

January 20, 2008

I’ve found a great report about this BSD based security distros. Enjoy it ๐Ÿ˜€

ย http://www.bsdcan.org/2006/papers/BSD_Firewalling.pdf

h1

Windows XP and WPA2 wireless cipher

December 19, 2007

Finally, i’ve installed DD-WRT in my Fonera :D. After this, i put a WPA2-AES key, but i tried to connect through a Windows XP (SP2) computer and i couldn’t connect!!!

After a google searchs, i found some information about the issue.Basically Windows XP need a patch to support the IEEE 802.11i which had the WPA2 instructions…

Just install it, and reboot your system.

Patch for Wi-Fi Protected Access 2 (WPA2) on Windows XP

Remember, you must get the patch in your OS language o it will not work.

h1

How to: Telnet server

November 24, 2007

Today i’ve done a telnet server in one of my computers… I’m conscious that telnet isn’t a safe way to access a server through, but i just wanted to learn something about this application , furthermore i did it into my LAN. Ok, lets go install it! (You must login as root user)

apt-get install telnetd netkit-inetd

Maybe, the system ask you to install “openbsd-inetd” or “inetutils-inetd, i chose the second and it works fine.

Before this, you should start the server

/usr/sbin/in.telnetd

Now the telnet server is running and you can access it through a telnet cliente like ssh in linux or PuTTy in Windows.

Here we’ve a screen capture of a Telnet login in Ethereal/Wireshark. ๐Ÿ˜‰
ethereal_telnetjoin.jpg

h1

Redirecting a port to a local machine inside our network

November 22, 2007

If we want to redirect a port (Like the http port) to one of our network machine we should use this IPTables rule:

iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 80 -j DNAT --to-destination 192.168.0.x

iptables -t nat -A POSTROUTING -p tcp -d 192.168.0.x --dport 80 -j SNAT --to-source 192.168.0.y

h1

Setting up a SSH tunnel

July 22, 2007

Hi again!

If we need a through our LAN to use, for example, a protocol which it’s locked by a BOFH ๐Ÿ˜‰ or send some personal data through a insecure protocol, we would use a SSH Tunnel using a SSH client like PuTTy (On win32) or openSSH (*NIX systems).

Ok, We’re in a LAN which 80 port it’s closed and that really sucks!. We’ve the IP of a server without restriction over the 80 port. Then, we’re going to do a tunnel with this server and send the 80 port data encrypted through the SSH port (I suppose this port is open! [Default port 22]).

We must open PuTTy and go to this screen

ย After this, we must connect to the server

When we’re connected to the server, we must login in and the tunnel has been stablished ๐Ÿ˜€

Ok, now we need to say to the internet browser that it needs to connect through the Tunnel, to this, open your favourite browser (Firefox 4ever ;’) ) and open the connection settings. A window like this will be opened.

ย If you’ve made all the steps, your SSH Tunnel are running now :D.

h1

Links: Firewall.cx a great networking webpage

July 7, 2007

I discovered this webpage, and have some networking stuff, from basic things to advanced. There’re some information about networking protocols, software and some things of Cisco Systems.

In conclusion, one of the greatest networking webpages i’ve ever seen ๐Ÿ˜€

(click over the logo to access)

h1

IPTables: Deny Messenger access

July 3, 2007

We can use the next rule to deny MSN Messenger access in our LAN. You must have Kernel 2.6.14 with the IPTables STRING module:

iptables -I FORWARD -p tcp -m string --string "VER " --from 51 --to 56 --algo bm -j REJECT

The STRING module search into the packet a text string. The “from” “to” parameters means the TCP header end and end of data.

Source: VivaLinux!