This brief note covers getting an SSL certificate registered with Thawte onto a Cisco router running IOS.
1. Create the Trustpoint
This binds the SSL cert to the CA (Certificate Authority) which in this case is Thawte. The subject is where you will specify all the usual bits you need in the cert. Also ensure that fqdn [...]
Just a quick note about sftp.
It makes good security sense to change the ssh port on servers that are Internet accessable. To take advantage of this using ssh is quite straight forward as their is a parameter -p to support this eg:
ssh -p 3432 mick@mickvaites.com
Unfortunately the same is not true for sftp (secure file transfer). [...]
Note to self:
These are the ssh escape commands from within an ssh connected session.
%~?
Supported escape sequences:
~. – terminate connection (and any multiplexed sessions)
~B – send a BREAK to the remote system
~C – open a command line
~R – Request rekey (SSH protocol 2 only)
~^Z – suspend ssh
~# – list forwarded [...]
As mentioned in my profile I am studying for my CCIE Voice Lab exam. Well I have been plagued by a problem with phones not registering when using Rented Lab Kit and physical IP phones in my home POD.
My POD is connected to the Rented Lab Equipment over an encrypted link that is also NAT’d.
One [...]
Read the rest of this entry »Not new information but all the same useful for either secure traffic or bypassing web cache restrictions.
First example is a socks proxy to allow you to secure web traffic over a wifi link or just avoiding web caching filters.
From unix, linux, *BSD or MacOSX type in :
ssh -N name@ssh_server -D 9999
or from windows download plink.exe [...]
At the core of all investigation in relation to a networks is the need to sniff packets. If you have a switch with SPAN port capabilities then you can listen in from where ever you wish. However if for whatever reason this is not practical a network wiretap may be the answer.
From the PC under [...]
I was looking to install some remote services to my server connected to my home ADSL line. The problem I have is that I have got a dynamic IP address with my DSL line. After trying a number of the public services with varying degrees of sucess and flexibility I decided to build my own [...]
Read the rest of this entry »New Security Certificate Announced !!!
You have your ethical hacker the next must have certificate.
http://www.asscert.com
There are a number of ways of tackling spam coming into an ISPs mail servers each with it’s own issues.
1. Sender Verification.
Prior to an email being allowed to enter your mail server; the mail server associated with the senders domain is looked up and a “ring back” is attempted to see if the mail server [...]