This document discusses using SSH and PPP to create a simple VPN, or virtual private network, between two sites without using a dedicated private network connection. It describes how SSH can be used to securely tunnel the PPP connection over the public internet, acting as a transport. A script called footunnel is presented that automates setting up this VPN by starting SSH and PPP and monitoring the connection. Examples of using it for remote access from home or work are given.
In this workshop we will make a brief introduction to the basics of networking: IP addresses, MAC addresses, DNS, DHCP. Concepts as a router, gateway and firewall are explained. Then we will see in practice how to share files on a local network (NFS, Samba), establish a FTP connection, or log on to another (Linux) machine remotely (SSH, VNC, RDP). Finally, we review some useful networking tools like ping, netstat, lookup, port scan, traceroute, whois.
In this workshop we will make a brief introduction to the basics of networking: IP addresses, MAC addresses, DNS, DHCP. Concepts as a router, gateway and firewall are explained. Then we will see in practice how to share files on a local network (NFS, Samba), establish a FTP connection, or log on to another (Linux) machine remotely (SSH, VNC, RDP). Finally, we review some useful networking tools like ping, netstat, lookup, port scan, traceroute, whois.
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
As you might know, Cisco ASA can not terminate GRE tunnels. However, you can pass GRE traffic through a Cisco ASA 5500 firewall as described in this tutorial.
TCP Intercept was developed to protect servers and other resources from Denial-of-Service (DoS)
attacks, specifically TCP SYN attacks.
Just as the name says, TCP Intercept captures incoming TCP requests. Instead of allowing direct access
to the server, TCP Intercept acts as an intermediary, establishing a connection to the server on behalf of
the requesting client.
TCP Intercept will block a client if too many incoming connections are attempted.
Syslog Centralization Logging with Windows ~ A techXpress GuideAbhishek Kumar
Syslog Centralization Logging with Windows ~ A techXpress Guide ~ Setting up a centralized Syslog Server to get EventLogs from all Windows Hosts for analysis
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
As you might know, Cisco ASA can not terminate GRE tunnels. However, you can pass GRE traffic through a Cisco ASA 5500 firewall as described in this tutorial.
TCP Intercept was developed to protect servers and other resources from Denial-of-Service (DoS)
attacks, specifically TCP SYN attacks.
Just as the name says, TCP Intercept captures incoming TCP requests. Instead of allowing direct access
to the server, TCP Intercept acts as an intermediary, establishing a connection to the server on behalf of
the requesting client.
TCP Intercept will block a client if too many incoming connections are attempted.
Syslog Centralization Logging with Windows ~ A techXpress GuideAbhishek Kumar
Syslog Centralization Logging with Windows ~ A techXpress Guide ~ Setting up a centralized Syslog Server to get EventLogs from all Windows Hosts for analysis
Using Secure Shell on Linux: What Everyone Should KnowNovell
Secure Shell, or SSH, is a network protocol that allows data to be exchanged over a secure channel. SSH is much more than just data being passed over the wire. SSH can be used to tunnel traffic and specific ports or applications across multiple servers. SSH is a must for anyone using Linux. If you haven't used SSH, then you have not used Linux!
This session is designed for all technical staff or decision makers curious about great Linux tools and making access to Windows services, remote desktops and remote servers easier and less complicated. During this session, we will demonstrate techniques to tunnel RDP sessions, SOAP sessions and HTTP sessions between remote systems.
Overview of VPN protocols.
VPNs (Virtual Private Networks) are often viewed from the perspective of security with the goal of providing authentication and confidentiality.
However, the primary purpose of VPNs is to connect 2 topologically separated private networks over a public network (typically the Internet).
VPNs basically hook a network logically into another network so that both appear as one private local network.
Security is a possible add-on to VPNs. In many cases it makes perfectly sense to secure the VPNs communication over the unsecure public network.
VPN protocols typically employ a tunnel where data packets of the local network are encapsulated in an outer protocol for transmission over the public network.
The most important VPN protocols are IPSec, PPTP and L2TP. In recent years SSL/TLS based VPNs such as OpenVPN have gained widespread adoption.
Nagios Conference 2013 - Leland Lammert - Nagios in a Multi-Platform EnviornmentNagios
Leland Lammert's presentation on Nagios in a Multi-Platform Enviornment.
The presentation was given during the Nagios World Conference North America held Sept 20-Oct 2nd, 2013 in Saint Paul, MN. For more information on the conference (including photos and videos), visit: http://go.nagios.com/nwcna
The two LANs are protected from the Internet by firewalls, so a user on LAN A can't get to LAN B, at least not without making a hole in the firewall that could be a security hole.
The VPN puts routable connections inside the firewalls, so that traffic between the LANs travels within a protected tunnel.
Each of these deserve their own presentation. IPSec is the preferred solution, but can be difficult to configure. CIPE is a good solution. PPTP is also a good solution, but the most prevalent implementation lacks quality and the security it is supposed to provide. This presentation focuses on SSH and PPP.
If you are not using a secure mechanism for connecting to your home system across the Internet, you should! SSH is freely available and provides a good level of security.
The above is the performance between a 400MHz PII and a 533 MHz VIA Mini-ITX system. When run between the 400 MHz system and an Athlon 1800 system, the time for the tranfer was about half (i.e., 3 seconds for no VPN, and 30 for the VPN), but instead of CPU load on the sender being ~50%, it was 99%.
In this example, a firewall appliance is used to forward the SSH port to a system on the LAN that will accept the SSH connection and act as one end of the tunnel. Note that unless this node is configured as the router for the external subnet for the wireless LAN, this node should be acting as a NAT, thus all traffic coming through the tunnel will appear to all other systems to be coming from System X.