This kickstart file configures an ESXi 5.0 installation on a server. It clears partitions on the first disk, installs ESXi using the first disk and overwrites any existing VMFS partitions. It sets the root password, reboots after installation, configures the management network interface, and configures a vSwitch with port groups.
Configure Webserver & SSL secure & redirect in SuSE Linux EnterpriseTola LENG
In this chapter you will be able:
-How to install webserver in suse linux server
-How to configure webserver
-How to hosting website and web application
-How to configure secure connection (SSL, Redirect)
Configure Webserver & SSL secure & redirect in SuSE Linux EnterpriseTola LENG
In this chapter you will be able:
-How to install webserver in suse linux server
-How to configure webserver
-How to hosting website and web application
-How to configure secure connection (SSL, Redirect)
-Configure DHCP (Create LAN Server and LAN Client) on Windows Server 2008R2
-Configure Relay on SuSE Linux Enterprise Server 11
-Allow Client Use DHCP IP for each LAN
Basic Security
@ Updates
-Update manager
-Enable automatic security updates(Update Setting)
=> Super windows => type the key word (System Setting) =>
@ Firewall
-In Ubuntu all ports are block by default
-Default firewall-ufw (turned off by default)
+sudo ufw status
+sudo ufw enable/disable
-Firestarter for graphical interface (recommanded)
+sudo apt-get install firestarter
+Preferences
@ User Accounts
-User & Groups
+Disable user guest
-Do not use root user (Disable by default)
+sudo passwd
+sudo passwd -l root (disable/changed expiry password)
-Use sudo instead of root (/etc/sudoers)
+sudo visudo OR sudo gedit /etc/sudoers(To set the privilege user authorized)
+sudo adduser tolaleng sudo
-Deleting Users
+sudo deluser canamall
-Removing world readable permission to home directory
+sudo chmod 0750 /home/username
-Locking/Unlocking user
+sudo passwd -l username (enable user expiry)
+sudo passwd -u username (disable user expiry)
-passwords
+sudo chage canamall (Set the password expiration)
+sudo chage-l canamall (show the password expiration)
@ Antivirus
-Clam TK (Under Accessories), other anti-virus
@ Unistall Applications
-Ubuntu Software Center-> Installed software section-> Select application and click remove
@ Processes
-To see processes
+ps aux or top
+system monitor(cacti, nagios,)
-
@ Logs
-Some of logs
+ /var/log/messages : general log messages
+ /var/log/boot : system boot log
+ /var/log/debug/ : debugging log messages
+ /var/log/auth.log : user login and authentication logs
+ /var/log/daemon.log : running services such as squid,ntpd and other log message to this file
+ /var/log/kern.log : kernel log file
-Viewing logs
+ tail, more, cat, less, grep
+ GNOME system log viewer
@Firewall
ufw
=> Security Host
* Create Standard User and enable user passwd (complexity password, strong passwd, passwd expired, invalid day of passwd, Lock and Unlock user, disable user Guest, )
* Secure remote network and host
-Telnet(Secure with the host and address connection)
-SSH (Secure with the authentication encryption key)
=> Security Backup (Data Hosting)
*Make a Full Backup of Your Machine
-Aptik (backup application)
-rsync (Remote synce)
-Gsync (Remote)
-Amanda
-Rsnapshot
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
As you might know, Cisco ASA can not terminate GRE tunnels. However, you can pass GRE traffic through a Cisco ASA 5500 firewall as described in this tutorial.
DNS windows server(2008R2) & linux(SLES 11)Tola LENG
In this practice you will be able:
-Configure Primary DNS and Secondary DNS
-Configure DNS zone transter
-DNS Delegation
-DNS Security zone transfer
-Configure also Linux(Sles 11) and Windows Server 2008R2
1. Setup router
//to create a name for network card
//to assign ip address to network card
//to create NAT rule
//to assign gateway
//to assign dns
//to create dhcp
2.Create login page(Hotspot)
How to link from Mikrotik to Radius server
Configure proxy firewall on SuSE Linux Enterprise Server 11Tola LENG
In this practice you will be able:
-How to install and configure the iptables and proxy firewall when we want to block the packet.
-How to allow or deny the services or packet when the client access to the Internet.
Tola.leng mail server (sq_mail & rcmail)_q5_Tola LENG
1. Design a new network infrastructure. 3
2. Install & Configure Domain Name System: 3
a. Install DNS 3
Test mail in Webserver machine 7
3. Postfix Service: 9
a. Install Postfix 10
b. Send email test (postfix) 10
4. Configure Postfix: 12
a. Enable some option for mail server 13
b. Test Send/Receive mail 14
5. Configure Dovecot: 15
a. Download Dovecot package *.rpm 15
b. Extract *.rpm package 15
c. Configure Dovecot file 16
d. Use Mail client 17
_other User 19
6. Configure Web mail: 22
• To Configure webmail in webserver machine NOT use in mail server machine 22
a. Squirrelmail 24
Configure in Server Setting 28
Configure Vhost 34
Test Result 36
b. Roundcube 38
Create and Configure Vhost 41
Let user access 43
7. Set option change password: 46
a. Squirrelmail 47
b. Roundcube 51
8. SMTPS and POP3S to secure encryption message` 51
a. Create certificate 51
b. Configure 52
9. Configure sasl sender and receiver/smpts authentication. 63
a. Configure SMTP Authentication /SASL Sender 63
10. Create address list/group (aliases address) 67
11. User SSL to encryption connection on browser 70
12. User authentication from AD or OpenLDAP 79
Configure LDAP Server on Mail Server 80
Configure LDAP Client on mail Server 82
Restart services 87
Create user in ldap 88
Let Webserver Join Domain with Mail server LDAP 92
Enable LDAP on Squirrelmail 99
Let’s User test Authentication 104
Let ‘ user change password 107
Watching And Manipulating Your Network TrafficJosiah Ritchie
This is an intro presentation to using the powerful tools for provided for linux in the area of networking. These are command line only tools because in a good network firewall, you won't have the option of graphical tools.
Make an IPSEC VPN which will be a redundant one with two VyOS firewalls per site.
I made this document so that people who check for vpns/ipsec has a place to implement a free router/firewall appliance virtually on any hardware and have the necessity going on.
VyOS is a fork from Vyatta which happily runs on a Intel Atom based hardware with at least 256 MB RAM and a HDD with 500 GB storage.
It supports dot1q VLANs, IPSec Site-to-Site/Remote Access VPNs over GRE for B2B connectivity. It supports RIP/OSPF/BGP dynamic protocols. It has support for both interface based and zone based firewalls.
CoreOS in anger : firing up wordpress across a 3 machine CoreOS cluster Shaun Domingo
In this talk at the Sydney CoreOS meetup, I took the audience through:
a) Installation of CoreOS using VirtualBox and Vagrant
b) Items to consider when containerising your platform
c) Deploying wordpress across a CoreOS cluster.
Talk was given in OpenStack summit in Vancouver. Together with Miguel Lavalle we were talking about new features and future plans for Quality of Service in OpenStack Neutron.
-Configure DHCP (Create LAN Server and LAN Client) on Windows Server 2008R2
-Configure Relay on SuSE Linux Enterprise Server 11
-Allow Client Use DHCP IP for each LAN
Basic Security
@ Updates
-Update manager
-Enable automatic security updates(Update Setting)
=> Super windows => type the key word (System Setting) =>
@ Firewall
-In Ubuntu all ports are block by default
-Default firewall-ufw (turned off by default)
+sudo ufw status
+sudo ufw enable/disable
-Firestarter for graphical interface (recommanded)
+sudo apt-get install firestarter
+Preferences
@ User Accounts
-User & Groups
+Disable user guest
-Do not use root user (Disable by default)
+sudo passwd
+sudo passwd -l root (disable/changed expiry password)
-Use sudo instead of root (/etc/sudoers)
+sudo visudo OR sudo gedit /etc/sudoers(To set the privilege user authorized)
+sudo adduser tolaleng sudo
-Deleting Users
+sudo deluser canamall
-Removing world readable permission to home directory
+sudo chmod 0750 /home/username
-Locking/Unlocking user
+sudo passwd -l username (enable user expiry)
+sudo passwd -u username (disable user expiry)
-passwords
+sudo chage canamall (Set the password expiration)
+sudo chage-l canamall (show the password expiration)
@ Antivirus
-Clam TK (Under Accessories), other anti-virus
@ Unistall Applications
-Ubuntu Software Center-> Installed software section-> Select application and click remove
@ Processes
-To see processes
+ps aux or top
+system monitor(cacti, nagios,)
-
@ Logs
-Some of logs
+ /var/log/messages : general log messages
+ /var/log/boot : system boot log
+ /var/log/debug/ : debugging log messages
+ /var/log/auth.log : user login and authentication logs
+ /var/log/daemon.log : running services such as squid,ntpd and other log message to this file
+ /var/log/kern.log : kernel log file
-Viewing logs
+ tail, more, cat, less, grep
+ GNOME system log viewer
@Firewall
ufw
=> Security Host
* Create Standard User and enable user passwd (complexity password, strong passwd, passwd expired, invalid day of passwd, Lock and Unlock user, disable user Guest, )
* Secure remote network and host
-Telnet(Secure with the host and address connection)
-SSH (Secure with the authentication encryption key)
=> Security Backup (Data Hosting)
*Make a Full Backup of Your Machine
-Aptik (backup application)
-rsync (Remote synce)
-Gsync (Remote)
-Amanda
-Rsnapshot
Configuring GRE Tunnel Through a Cisco ASA FirewallHarris Andrea
As you might know, Cisco ASA can not terminate GRE tunnels. However, you can pass GRE traffic through a Cisco ASA 5500 firewall as described in this tutorial.
DNS windows server(2008R2) & linux(SLES 11)Tola LENG
In this practice you will be able:
-Configure Primary DNS and Secondary DNS
-Configure DNS zone transter
-DNS Delegation
-DNS Security zone transfer
-Configure also Linux(Sles 11) and Windows Server 2008R2
1. Setup router
//to create a name for network card
//to assign ip address to network card
//to create NAT rule
//to assign gateway
//to assign dns
//to create dhcp
2.Create login page(Hotspot)
How to link from Mikrotik to Radius server
Configure proxy firewall on SuSE Linux Enterprise Server 11Tola LENG
In this practice you will be able:
-How to install and configure the iptables and proxy firewall when we want to block the packet.
-How to allow or deny the services or packet when the client access to the Internet.
Tola.leng mail server (sq_mail & rcmail)_q5_Tola LENG
1. Design a new network infrastructure. 3
2. Install & Configure Domain Name System: 3
a. Install DNS 3
Test mail in Webserver machine 7
3. Postfix Service: 9
a. Install Postfix 10
b. Send email test (postfix) 10
4. Configure Postfix: 12
a. Enable some option for mail server 13
b. Test Send/Receive mail 14
5. Configure Dovecot: 15
a. Download Dovecot package *.rpm 15
b. Extract *.rpm package 15
c. Configure Dovecot file 16
d. Use Mail client 17
_other User 19
6. Configure Web mail: 22
• To Configure webmail in webserver machine NOT use in mail server machine 22
a. Squirrelmail 24
Configure in Server Setting 28
Configure Vhost 34
Test Result 36
b. Roundcube 38
Create and Configure Vhost 41
Let user access 43
7. Set option change password: 46
a. Squirrelmail 47
b. Roundcube 51
8. SMTPS and POP3S to secure encryption message` 51
a. Create certificate 51
b. Configure 52
9. Configure sasl sender and receiver/smpts authentication. 63
a. Configure SMTP Authentication /SASL Sender 63
10. Create address list/group (aliases address) 67
11. User SSL to encryption connection on browser 70
12. User authentication from AD or OpenLDAP 79
Configure LDAP Server on Mail Server 80
Configure LDAP Client on mail Server 82
Restart services 87
Create user in ldap 88
Let Webserver Join Domain with Mail server LDAP 92
Enable LDAP on Squirrelmail 99
Let’s User test Authentication 104
Let ‘ user change password 107
Watching And Manipulating Your Network TrafficJosiah Ritchie
This is an intro presentation to using the powerful tools for provided for linux in the area of networking. These are command line only tools because in a good network firewall, you won't have the option of graphical tools.
Make an IPSEC VPN which will be a redundant one with two VyOS firewalls per site.
I made this document so that people who check for vpns/ipsec has a place to implement a free router/firewall appliance virtually on any hardware and have the necessity going on.
VyOS is a fork from Vyatta which happily runs on a Intel Atom based hardware with at least 256 MB RAM and a HDD with 500 GB storage.
It supports dot1q VLANs, IPSec Site-to-Site/Remote Access VPNs over GRE for B2B connectivity. It supports RIP/OSPF/BGP dynamic protocols. It has support for both interface based and zone based firewalls.
CoreOS in anger : firing up wordpress across a 3 machine CoreOS cluster Shaun Domingo
In this talk at the Sydney CoreOS meetup, I took the audience through:
a) Installation of CoreOS using VirtualBox and Vagrant
b) Items to consider when containerising your platform
c) Deploying wordpress across a CoreOS cluster.
Talk was given in OpenStack summit in Vancouver. Together with Miguel Lavalle we were talking about new features and future plans for Quality of Service in OpenStack Neutron.
Palestra realizada por Toronto Garcez aka torontux durante a 3a. edição da Nullbyte Security Conference em 26 de novembro de 2016.
Resumo:
O objetivo da apresentação é demonstrar de forma prática, o passo-a-passo para criar uma botnet com roteadores wi-fi e/ou embarcados em geral. Será demonstrado o desenvolvimento de um comando e controle e a utilização de firmwares "backdorados" para tornar dispositivos em bots.
(NET301) New Capabilities for Amazon Virtual Private CloudAmazon Web Services
Amazon's Virtual Private Cloud (Amazon VPC) continues to evolve with new capabilities and enhancements. These features give you increasingly greater isolation, control, and visibility at the all-important networking layer. In this session, we review some of the latest changes, discuss their value, and describe their use cases.
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. In this talk, we discuss advanced tasks in Amazon VPC, including the implementation of VPC peering, the creation of multiple network zones, the establishment of private connections, and the use of multiple routing tables. We also provide information for current Amazon EC2-Classic network customers and help you prepare to adopt Amazon VPC.
Web Services are the mechanism or the medium of communication through which two applications / machines will exchange the data/business services irrespective of their underline architecture and the technology.
The term REST comes from Roy Fielding's PhD dissertation, published in 2000, and it stands for REpresentational State Transfer. REST by itself is not an architecture; REST is a set of constraints that, when applied to the design of a system, creates a software architectural style. If we implement all the REST guidelines outlined in Fielding's work, we end up with a system that has specific roles for data, components, hyperlinks, communication protocols, and data consumers.