This is the second blog post in our Micro-segmentation Defined – NSX Securing “Anywhere” blog series. This blog post walks through security requirements that exist in environments with mixed workload deployment types. A mixed workload environment is one utilizing multiple application deployment models, including applications deployed on both virtual machines and legacy physical servers. We demonstrate how the necessary security requirements for mixed workload environments can be met through using VMware NSX as a platform for micro-segmentation and advanced security services. This blog focuses on the following:
Security Requirements Differ in Heterogeneous Environments
Due to the evolving threat landscape and growing sophistication of cyber-attacks and threat actors, a single static policy or blanket approach to securing modern data centers is no longer adequate. These types of policies are difficult to manage and take a narrow-focused approach to what needs to be a much broader solution. Today’s private cloud environments are comprised of a variety of workloads and deployment models, whether it be Continue reading
Are you tasked with providing IoT connectivity? Here are some things to keep in mind.
To simplify API calls etc. I created a separate GitHub repository to have a collection of phpipam API clients for different languages etc. If you created a client and want to share it head over to https://github.com/phpipam/phpipam-api-clients and share yours !
To start I created a php class to work as API client, now available in repo in php-client folder.
https://github.com/phpipam/phpipam-api-clients/tree/master/php-client
It supports all API calls, also encrypted requests are supported by setting $api_key variable in config file. Supported output formats are json/xml/array/object.
Here is a short example of working with client.
Here is a short example how to get details for specific section:
<?php
include config file and api client class file
require("api-config.php");
require("class.phpipam-api.php");
# init object with settings from config file or specify your own
$API = new phpipam_api_client ($api_url, $api_app_id, $api_key, $api_username, $api_password, $result_format);
# debug - output curl headers it some problems occur
$API->set_debug (false);
# execute call
$API->execute ("GET", "sections", array(5), "", $token_file);
# ger result
$result = $API->get_result();
Below are my solutions to the level 2 of the forensics lab game zero. The solutions to the level 1 of the game are posted here.
1. Find way to reset root's account password and retrieve flag from /root/flag.txt
Reboot the VM and press 'e ' edit inside the Grub menu screen. Add command init=/bin/bash at the end of the line starting with linux and press F10. Thne mount file system as read-write.
root@(none):/# mount -n -o remount,rw /
Change password for user root.
root@(none):/# passwd
root@(none):/# cat /root/flag.txt
8d55761dfafe912daa2fa6c38e05435093f7f636
root@(none):/# echo -n '8d55761dfafe912daa2fa6c38e05435093f7f636' | sha1sum
0166bc38c1165d0ba783ea722b84ed3a0d2547f8
Restart the virtual machine and switch to the root account.
2. There is a memory dump of the windows machine is stored in file /root/memdump.mem. Find the flag among commands executed on that machine
Find info about our memory dump with imageinfo plugin.
root@debian1989:/home/kassad# python /opt/tools/volatility-2.4/vol.py imageinfo -f /root/memdump.mem | grep Profile
Volatility Foundation Volatility Framework 2.4
Suggested Profile(s) : Win7SP0x86, Win7SP1x86
To avoid typing chosen profile --profile=Win7SP1x86 every time vol.py is called, export the profile.
root@debian1989:/home/kassad# export VOLATILITY_PROFILE=Win7SP1x86
To avoid typing path to memory dump file, export memory dump location so you do not need to add argument -f Continue reading
The post BGP and asymmetric routing appeared first on Noction.