Archive

Category Archives for "Brezular’s Blog"

Ipfixprobe Installation and Testing

Ipfixprobe is a project created by CESNET. CESNET is an association of universities and the Academy of Sciences of the Czech Republic that operates and develops a national e-infrastructure for science, research and education, including a computer network, computing grids, data repositories, collaborative environments and offering a wide range of services. Ipfixprobe, as its name […]
Continue reading...

Collect hashes from remote computers

I was recently asked to create a script that should calculate the hash values of all files on remote computers. The collection must be done in parallel on all computers.  My choice fell on Bash because it allows to quickly collect hashes using a combination of SSH, sshpass, find and hash (coreutils package). The collect_hashes.sh script […]
Continue reading...

MikroTik RouterOS Advanced Configuration

In the previous tutorial, we installed and configured a brand new MikroTik hAP ac³ router for connection to the Internet. We also improved the overall security of the router by implementing simple steps to harden it. These include things like disabling unused services, enabling HTTPS for device management, updating RouterOS, and reconfiguring the firewall rules. […]
Continue reading...

Initial Setup of MikroTik hAP ac³ Router

This tutorial will help you install and configure the MikroTik hAP ac³ dual-band wireless router for home use. In terms of hardware, the router is an excellent device offerening 5 Gigabit Ethernet ports and has two high gain wireless antennas with outstanding coverage. Operating system - RouterOS is preinstalled and licensed (Layer 4) which never […]
Continue reading...

Cracking WPA/WPA2 Pre-shared Key Using GPU

The WPA/WPA2 4-way authentication handshake between AP (authenticator) and client (supplicant) is used to generate encryption keys. These keys are then used to encrypt data sent over wireless medium. In the previous tutorial, we installed the aircrack-ng suite to capture and crack the 4-way authentication handshake to obtain passphrase needed to access a wireless network. […]
Continue reading...

VyControl – Web UI for VyOS Firewall

VyControl project is a single frontend interface to manage a single or multiple VyoS servers. It was developed by Roberto Berto and is written in Django/Python. It currently supports firewall and static routes configuration. Additional features are planned such as IPSEC, openvpn and basic dynamic routing. My goal is to provide easy-to-reproduce installation steps so […]
Continue reading...

Docker Installation on VyOS

Docker really makes it easier to create, deploy, and run applications by using containers, and containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package [1]. I would like to share the script vyos-docker-install.sh, which […]
Continue reading...

Remotely Triggered Black Hole Filtering

Remotely triggered black hole (RTBH) filtering is a technique that provides the ability to drop undesirable traffic before it enters a protected network. It is used for the mitigation of distributed-denial-of-service (DDoS) and DoS attacks. We will show configuration of destination and source RTBH for Cisco IOS-XR in a network depicted on the Picture 1. […]
Continue reading...

BGP FlowSpec on Arista vEOS

BGP FlowSpec is an another Multiptocol-BGP extension with SAFI 133. Created for the purpose of DoS and DDoS attacks mitigation, it brings a new NLRI that collects 12 types of L3 and L4 information. These information creates a flow which defines criteria used for matching DDoS parameters. For instance, a flow can match victim's IP, […]
Continue reading...
1 2 3 7