Network

Target: (Server with storage): 10.10.10.2/24Client: 10.10.10.1/24 Target: Install iSCSI Utils if not available Edit targets.conf Paste the configuration below, change target name based on your needs Enable tgtd service Start the service Note: If you don’t want any volume group to be automatically recognized by the operating system of the target, please filter the volume […]

Let’s say we want to add reverse DNS delegation for the IP block 123.234.12.0/24 The first step of the configuration is on the nameserver, BIND on our case. Create the relevant reverse DNS file on /var/named/rev and then edit the file: cd /var/named/rev touch 123.234.12 vim 123.234.12 The file contents should be like the following: […]

Before iOS revision 12.4 you were having access-lists and debug facility to get a clue about the packets passing through an interface. Now it is fairly easy to get packets and even export them as .pcap to analyse within a few easy steps. First thing to do is, create an access-list based on your requirements: […]

The best thing about CentOS 7 is, it has a super easy firewall built-in. I recommend you not to disable the firewall. To check the active zones: [root@rh7 ~]# firewall-cmd –get-active-zones public interfaces: enp1s0f0 To get available service names: [root@rh7 ~]# firewall-cmd –get-services RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps […]

Suddenly you realized that external SIP phones stop working without any reason, you should be avare of Cisco routers get stuck sometimes. There is a trick to solve the issue with two commands, but first of all be sure that the sip is not registered through arterisk cli: Type on your asterisk: asterisk -rvvvvv and […]

Even though this seems an easy task, when you add IP’s with different gateways, you have to route the IP’s for the correct gateways. Let’s say you have two networks, 192.168.80.128/25 192.168.90.128/25 This means your gateways are 192.168.80.129, 192.168.90.129 and you have these IP addresses respectively : 192.168.80.130-254, 192.168.90.130-254 Lets assign the 192.168.80.x IP’s to […]

In our case, we were using postfix via iRedMail and every incoming mail had a delay around 7 minutes. The problem was fixed by disabling the chroot operation in the settings. Edit the file /etc/postfix/master.cf It probably looks like this # ============================================================= # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) […]

This can get quite important when your mail server is blacklisted, or if you somehow want to simply change the outgoing IP address. First of all, check that you DO have another ip address on another interface at the server. Either by ifconfig or anything else. To change the outgoing IP on a postfix mail […]

Sometimes when writing your bash scripts, you may need some information about the network, such as the IP addresses, both IPv4 and IPv6, broadcast addresses, netmasks and such. There are two very basic ways of getting the necessary information in Linux systems, you should either choose the ip addr show method, and parse what’s coming […]

Even though it sounds like a simple problem, a lot of our customers have asked the question why they can’t get back ping responses from their MS Windows servers. The problem is simple, because on most flavors of MS Windows boxes, the firewall has disabled ICMP requests by default. To enable it, go to Start […]

Introduction Routing is the process of finding the route to a destination, and routing protocols determine how a router updates its route information. A router is attached to two or more networks, and its primary function is receiving IP packets through one network interface and forwarding them through another. The packets can travel through a […]

Below I’ll describe a couple of nice methods to generate passwords using Python and Bash. Actually there are a lot of ways you can accomplish this especially with bash, but using the /dev/urandom file seems to be the most clever one. The /dev/urandom device doesn’t only generate read-friendly characters, so it’s best to filter out […]

Earlier we’ve discussed target specification in detail. But it is almost as import to choose your method to scan the target host. Nmap can scan in various algorithms, we should choose wisely considering the network, operating system and firewalls. Even though we usually don’t know what network architecture or operating system the target is affiliated […]

Every now and then, we need to scan ports as system administrators, even if the target machine is owned by us or not. To achieve this, nmap is the well known and reliable tool which is available for almost every platform. But to use nmap, we need to understand the background of it a little. […]

At the beginning of the year 2011, we decided to apply the IPv6 configuration to our data center (VeriTeknik) and requested our IPv6 block from RIPE. RIRs give out /32 blocks to LIRs at the first assignment. This article describes basic Cisco IPv6 configuration. The Preparation Steps Request your IPv6 Addresses from your RIR or […]

If it appears to be all (***) instead of your mail hostname and if you get, “550 Sorry, your HELO/EHLO greeting must resolve (#5.7.1)” error when sending mail to your mail server from outside, run the following command in your CISCO firewall: no fixup protocol smtp 25 and save with the “wr mem” command