I recently programmed Python scripts that send a predefined message to all my Facebook friends. The friend.py script detects all the friend links and returns them to send_message_fb.py as a list. The config.py script contains the links of the friends that should be excluded from receiving the message. The message is also defined in the […] Continue reading...
Ipfixprobe is a project created by CESNET. CESNET is an association of universities and the Academy of Sciences of the Czech Republic that operates and develops a national e-infrastructure for science, research and education, including a computer network, computing grids, data repositories, collaborative environments and offering a wide range of services. Ipfixprobe, as its name […] Continue reading...
The purpose of this guide is to provide a procedure that you can use to upgrade the RouterOS system (packages) and firmware (bootloader) from version 6 to version 7. If you already have a RouterOS version 6 system, upgrading to the latest version 7 is really easy and can be done from CLI. First, we […] Continue reading...
Nprobe includes both a NetFlow v5/v9/IPFIX probe and collector. In a probe mode, nProbe captures packets on an interface and exports flows to a flow collector (Noction Flow Analyzer, Ntop etc.). If configured in a collector mode, it collects flows from other device such as routers/switches and export them via TCP streaming to Syslog, Splunk […] Continue reading...
The purpose of this guide is to discuss the next steps after installing Noction Flow Analyzer (NFA) on Ubuntu Linux. In addition, we will test some of the new features available in the latest version 21.11.0. Let's start where the previous article on installing NFA ended. We have our NFA version 21.10.0 installed on Ubuntu […] Continue reading...
The goal of this guide is to create a minimalistic and virtualized laboratory infrastructure in a home environment so that everyone can become familiar with all the features that the Noction Flow Analyzer (NFA) provides before actually deploying the NFA in the enterprise network. Our home network consists of two key components - nProbe Pro […] Continue reading...
I was recently asked to create a script that should calculate the hash values of all files on remote computers. The collection must be done in parallel on all computers. My choice fell on Bash because it allows to quickly collect hashes using a combination of SSH, sshpass, find and hash (coreutils package). The collect_hashes.sh script […] Continue reading...
Wi-Fi 6 also known as 802.11ax is the latest generation of 802.11 WiFi standard and the successor of Wi-Fi 5 aka 802.11ac. Wi-Fi 6 increases user throughput by more efficient spectrum usage, provides larger signal coverage and reduces the power consumption. In the following section, we will discuss the significant improvements of Wi-Fi 6 over […] Continue reading...
In the previous tutorial, we installed and configured a brand new MikroTik hAP ac³ router for connection to the Internet. We also improved the overall security of the router by implementing simple steps to harden it. These include things like disabling unused services, enabling HTTPS for device management, updating RouterOS, and reconfiguring the firewall rules. […] Continue reading...
This tutorial will help you install and configure the MikroTik hAP ac³ dual-band wireless router for home use. In terms of hardware, the router is an excellent device offerening 5 Gigabit Ethernet ports and has two high gain wireless antennas with outstanding coverage. Operating system - RouterOS is preinstalled and licensed (Layer 4) which never […] Continue reading...
The WPA/WPA2 4-way authentication handshake between AP (authenticator) and client (supplicant) is used to generate encryption keys. These keys are then used to encrypt data sent over wireless medium. In the previous tutorial, we installed the aircrack-ng suite to capture and crack the 4-way authentication handshake to obtain passphrase needed to access a wireless network. […] Continue reading...
So far, we have discussed both the manual and Docker methods of installing VyControl. The manual method consists of cloning the VyOS git repository and installing Python dependencies in a virtual environment. The Docker method is based on downloding VyControl Docker image from Docker hub and launching the container. In both cases, VyOS controller is […] Continue reading...
VyControl project is a single frontend interface to manage a single or multiple VyoS servers. It was developed by Roberto Berto and is written in Django/Python. It currently supports firewall and static routes configuration. Additional features are planned such as IPSEC, openvpn and basic dynamic routing. My goal is to provide easy-to-reproduce installation steps so […] Continue reading...
Docker really makes it easier to create, deploy, and run applications by using containers, and containers allow a developer to package up an application with all of the parts it needs, such as libraries and other dependencies, and ship it all out as one package [1]. I would like to share the script vyos-docker-install.sh, which […] Continue reading...
This tutorial illustrates cracking of pre-shared key which is needed to gain an access to a WPA/WPA2 network. Instead of explaining the theory behind the attack, I focus on providing commands that you can easily copy and paste and penetrate the network. However, I strongly recommend getting a background to this topic by studying online […] Continue reading...
Recently I wrote simple encryption and decryption programs in Python to practice my coding skills. The first cipher_encrypt utility takes the clear_text.txt file as input. It first capitalizes all letters and then encrypts the text with the Rail fence cipher. The number of rows can be set using the variable k. The result of the […] Continue reading...
I recently came across the Python script pokus.py which implements a ransomware function. The code is written for demonstration purposes only, so it completely lacks obfuscation techniques. The goal is to identify the vulnerability that is intentionally implemented in the code so we can restore the attached file - private.gif.rsw (the file is compressed by […] Continue reading...
Remotely triggered black hole (RTBH) filtering is a technique that provides the ability to drop undesirable traffic before it enters a protected network. It is commonly used for the mitigation of distributed-denial-of-service (DDoS) and DoS attacks. We have covered a configuration of source and destination RTBH for Cisco IOS-XR in a previous tutorial. A trigger […] Continue reading...
Remotely triggered black hole (RTBH) filtering is a technique that provides the ability to drop undesirable traffic before it enters a protected network. It is used for the mitigation of distributed-denial-of-service (DDoS) and DoS attacks. We will show configuration of destination and source RTBH for Cisco IOS-XR in a network depicted on the Picture 1. […] Continue reading...
BGP FlowSpec is an another Multiptocol-BGP extension with SAFI 133. Created for the purpose of DoS and DDoS attacks mitigation, it brings a new NLRI that collects 12 types of L3 and L4 information. These information creates a flow which defines criteria used for matching DDoS parameters. For instance, a flow can match victim's IP, […] Continue reading...