Network

26Dec 2015

Before iOS revision 12.4 you were having access-lists and debug facility to get a clue about the packets passing through an interface. Now it is fairly easy to get packets and even export them as .pcap to analyse within a few easy steps. First thing to do is, create an access-list based on your requirements: […]

12May 2015

The best thing about CentOS 7 is, it has a super easy firewall built-in. I recommend you not to disable the firewall. To check the active zones: [root@rh7 ~]# firewall-cmd –get-active-zones public interfaces: enp1s0f0 To get available service names: [root@rh7 ~]# firewall-cmd –get-services RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps […]

23Apr 2014

Suddenly you realized that external SIP phones stop working without any reason, you should be avare of Cisco routers get stuck sometimes. There is a trick to solve the issue with two commands, but first of all be sure that the sip is not registered through arterisk cli: Type on your asterisk: asterisk -rvvvvv and […]

11Dec 2013

Even though this seems an easy task, when you add IP’s with different gateways, you have to route the IP’s for the correct gateways. Let’s say you have two networks, 192.168.80.128/25 192.168.90.128/25 This means your gateways are 192.168.80.129, 192.168.90.129 and you have these IP addresses respectively : 192.168.80.130-254, 192.168.90.130-254 Lets assign the 192.168.80.x IP’s to […]

21Aug 2013

In our case, we were using postfix via iRedMail and every incoming mail had a delay around 7 minutes. The problem was fixed by disabling the chroot operation in the settings. Edit the file /etc/postfix/master.cf It probably looks like this # ============================================================= # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) […]

21Aug 2013

This can get quite important when your mail server is blacklisted, or if you somehow want to simply change the outgoing IP address. First of all, check that you DO have another ip address on another interface at the server. Either by ifconfig or anything else. To change the outgoing IP on a postfix mail […]

16Mar 2013

Everything started with a few queries of isc.org thrugh open DNS servers located at our data center. Searching through the net we found that we are not the victims but a part of  uncomprimised sources of  a huge DDoS attack. A 60 byte query will turn into 50 times larger data directed to victims IP […]

22Jan 2013

Here on this article we’ll discuss some basic methods to quickly apply to the iptables service so that you can basically get things running up. First of all, there are a couple of ways to edit the iptables infrastructure. One way is to use the /sbin/iptables binary file to append each line, or you can […]

26Nov 2012

Sometimes when writing your bash scripts, you may need some information about the network, such as the IP addresses, both IPv4 and IPv6, broadcast addresses, netmasks and such. There are two very basic ways of getting the necessary information in Linux systems, you should either choose the ip addr show method, and parse what’s coming […]

25Jun 2012

Even though it sounds like a simple problem, a lot of our customers have asked the question why they can’t get back ping responses from their MS Windows servers. The problem is simple, because on most flavors of MS Windows boxes, the firewall has disabled ICMP requests by default. To enable it, go to Start […]

22May 2012

Introduction Routing is the process of finding the route to a destination, and routing protocols determine how a router updates its route information. A router is attached to two or more networks, and its primary function is receiving IP packets through one network interface and forwarding them through another. The packets can travel through a […]

17May 2012

Below I’ll describe a couple of nice methods to generate passwords using Python and Bash. Actually there are a lot of ways you can accomplish this especially with bash, but using the /dev/urandom file seems to be the most clever one. The /dev/urandom device doesn’t only generate read-friendly characters, so it’s best to filter out […]

07May 2012

Earlier we’ve discussed target specification in detail. But it is almost as import to choose your method to scan the target host. Nmap can scan in various algorithms, we should choose wisely considering the network, operating system and firewalls. Even though we usually don’t know what network architecture or operating system the target is affiliated […]

02May 2012

Every now and then, we need to scan ports as system administrators, even if the target machine is owned by us or not. To achieve this, nmap is the well known and reliable tool which is available for almost every platform. But to use nmap, we need to understand the background of it a little. […]

02May 2012

The beauty of having multiple IP addresses on a single server is that you can run several services with different addressing. This way you can announce your FTP service on a different address and your HTTP on another. Below I’ll describe how to achieve this in Debian based and Red Hat based distros seperately. Using […]

18Jul 2011

In the beginning of the year 2011, we decided to apply IPv6 configuration to our data center (VeriTeknik) and requested our IPv6 block from RIPE. RIRs give out /32 blocks to LIRs at the first assignment. The Preperation Steps Request your IPv6 Addresses from your RIR or LIR Add IPv6 Route to your AS number […]

22Apr 2011

If it appears to be all (***) instead of your mail hostname and if you get, “550 Sorry, your HELO/EHLO greeting must resolve (#5.7.1)” error when sending mail to your mail server from outside, run the following command in your CISCO firewall: no fixup protocol smtp 25 and save with the “wr mem” command