Radovan Brezula

Author Archives: Radovan Brezula

MikroTik RouterOS Advanced Configuration

In the previous tutorial, we installed and configured a brand new MikroTik hAP ac³ router for connection to the Internet. We also improved the overall security of the router by implementing simple steps to harden it. These include things like disabling unused services, enabling HTTPS for device management, updating RouterOS, and reconfiguring the firewall rules. […]
Continue reading...

Initial Setup of MikroTik hAP ac³ Router

This tutorial will help you install and configure the MikroTik hAP ac³ dual-band wireless router for home use. In terms of hardware, the router is an excellent device offerening 5 Gigabit Ethernet ports and has two high gain wireless antennas with outstanding coverage. Operating system - RouterOS is preinstalled and licensed (Layer 4) which never […]
Continue reading...

Cracking WPA/WPA2 Pre-shared Key Using GPU

The WPA/WPA2 4-way authentication handshake between AP (authenticator) and client (supplicant) is used to generate encryption keys. These keys are then used to encrypt data sent over wireless medium. In the previous tutorial, we installed the aircrack-ng suite to capture and crack the 4-way authentication handshake to obtain passphrase needed to access a wireless network. […]
Continue reading...

VyControl – Web UI for VyOS Firewall

VyControl project is a single frontend interface to manage a single or multiple VyoS servers. It was developed by Roberto Berto and is written in Django/Python. It currently supports firewall and static routes configuration. Additional features are planned such as IPSEC, openvpn and basic dynamic routing. My goal is to provide easy-to-reproduce installation steps so […]
Continue reading...

Docker Installation on VyOS

Docker really makes it easier to create, deploy, and run applications by using containers, and containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package [1]. I would like to share the script vyos-docker-install.sh, which […]
Continue reading...

Remotely Triggered Black Hole Filtering

Remotely triggered black hole (RTBH) filtering is a technique that provides the ability to drop undesirable traffic before it enters a protected network. It is used for the mitigation of distributed-denial-of-service (DDoS) and DoS attacks. We will show configuration of destination and source RTBH for Cisco IOS-XR in a network depicted on the Picture 1. […]
Continue reading...

BGP FlowSpec on Arista vEOS

BGP FlowSpec is an another Multiptocol-BGP extension with SAFI 133. Created for the purpose of DoS and DDoS attacks mitigation, it brings a new NLRI that collects 12 types of L3 and L4 information. These information creates a flow which defines criteria used for matching DDoS parameters. For instance, a flow can match victim's IP, […]
Continue reading...

Hosting KVM Apps Inside IOS XE Virtual Service Container

Service Containers are applications that can be hosted directly on Cisco IOS XE routing platforms. Service containers are either Linux Virtual Containers (LXC) or Kernel Virtual Machine( KVM) based virtual machines. A typical Cisco service container carries a digital signature that verifies it as an authentic application from Cisco. An open service (unsigned) container is […]
Continue reading...

Urban Terror Server on Cisco CSR1000v

We have discussed the configuration of Guest Shell on Cisco CSR 1000v platform in a previous tutorial. The guest shell is a built-in Linux container with CentOS 7 installed, which can be activated on the fly when Linux applications are needed. Our lives are currently affected by SARS-CoV-2 and long-standing quarantine, so why not do […]
Continue reading...

Legacy Open Switch 0.4.0 Image

The Open Switch 0.4.0 is the legacy Open Switch version with Cisco like CLI that I used to use in my tutorials. As it can be downloaded anymore, I share the VMDK image below. Please, use the image for learning or demonstration purpose only because this Open Switch version is discontinued. Instead, use the Open Switch […]
Continue reading...

Virtual eXtensible LANs – VXLANs

The tutorial discusses configuration of VXLANs on Arista vEOS and Openvswitch virtual machines. The VXLANs extend an L2 network by connecting VLANs from multiple hosts through UDP tunnels called VXLAN segments. VXLANs use Internet Protocol (both unicast and multicast) as the transport medium. VXLAN segments are identified by a 24-bit Virtual Network Identifier (VNI). Within […]
Continue reading...

Virtual eXtensible LANs -VXLANs

The tutorial discusses configuration of VXLANs on Arista vEOS and Openvswitch virtual machines. The VXLANs extend an L2 network by connecting VLANs from multiple hosts through UDP tunnels called VXLAN segments. VXLANs use Internet Protocol (both unicast and multicast) as the transport medium. VXLAN segments are identified by a 24-bit Virtual Network Identifier (VNI). Within […]
Continue reading...

Cloning Remote Linux Machines

I would like to share the second version (1.1) of the Bash script backup_images-1.1.sh which you can use for cloning disks of remote Linux machines. The script reads IP addresses of the hosts from a file and copy the disks with dd command over SSH connection. The disks are stored on a local machine, compressed […]
Continue reading...
1 2 3 6