Password Policies – Appropriate Security Techniques

How are passwords stolen? What are common password flaws? What are the security techniques to enhance the security of passwords respectively the security of the login-services? What authentication methods provide long-term security? How often should a password be changed? Which methods achieve good security while not being too complicated to be used by end-users? This … Continue reading Password Policies – Appropriate Security Techniques

Password Generator Options for KeePass

This is a short post in which I show the options I am using when generating random passwords with the Password Generator that ships with the password safe KeePass. The character set should be as big as possible while not containing letters that could confuse the end-user. Of course, all upper- & lower-case alphabetic characters … Continue reading Password Generator Options for KeePass

More Capture Details III

Another update of the Ultimate PCAP is available. Again, there are some special new packets in there which I want to point out here. Feel free to download the newest version to examine those new protocols and packets by yourself. Featuring: SNMPv3, WoL, IPMI, HSRP, Zabbix, Pile of Poo, and Packet Comments. ✅

Scanning SSH Servers

For administrative purposes, SSH is used quite often. Almost everyone in IT knows it. Keywords: OpenSSH, simply using “ssh <hostname>” on your machine, PuTTY for Windows, username + password or public key authentication, TCP port 22, simple firewall rules, ignoring the fingerprints ?‍♂️, SCP and SFTP. That’s it – basically. However, it gets much more … Continue reading Scanning SSH Servers

Pi-hole Installation Guide

You probably know already the concept of the Pi-hole. If not: It’s a (forwarding) DNS server that you can install on your private network at home. All your clients, incl. every single smartphone, tablet, laptop, and IoT devices such as smart TVs or light bulb bridges, can use this Pi-hole service as their DNS server. … Continue reading Pi-hole Installation Guide

Capturing – because I can: IS-IS, GLBP, VRRP

I am constantly trying to add more protocols to the Ultimate PCAP. Hence I used some time in my (old) Cisco lab to configure and capture the following protocols: IS-IS, GLBP, and VRRP. And since Alexis La Goutte sent me some CAPWAP traffic, this protocol is also added. All packets are now found in another update … Continue reading Capturing – because I can: IS-IS, GLBP, VRRP

Route-Based VPN Tunnel FortiGate <-> Cisco ASA

More than 6 years ago (!) I published a tutorial on how to set up an IPsec VPN tunnel between a FortiGate firewall and a Cisco ASA. As time flies by, ASA is now able to terminate route-based VPN tunnels (which is great!), we have IKEv2 running everywhere and enhanced security proposals. Hence, it’s time … Continue reading Route-Based VPN Tunnel FortiGate <-> Cisco ASA

Route-Based VPN Tunnel Palo Alto <-> Cisco ASA

More than 6 years ago (!) I published a tutorial on how to set up an IPsec VPN tunnel between a Palo Alto Networks firewall and a Cisco ASA. As time flies by, ASA is now able to terminate route-based VPN tunnels (which is great!), we have IKEv2 running everywhere and enhanced security proposals. Hence, … Continue reading Route-Based VPN Tunnel Palo Alto <-> Cisco ASA

More Capture Details

In the previous post, I released my Ultimate PCAP which includes every single pcap I had so far on my blog. But that’s not all: I have some packets in there that were not yet published up to now. That is, here are some more details about those (probably well-known) protocols. These are:

Intro to NetworkMiner

This is a guest blogpost by Erik Hjelmvik, an expert in network forensics and network security monitoring at NETRESEC. Wireshark is the default goto tool for analyzing captured network traffic for most network engineers. But there are a few other free and open source alternatives that are sometimes overlooked, one of which is NetworkMiner (disclaimer: … Continue reading Intro to NetworkMiner

CLI Commands for Troubleshooting Infoblox

With Infoblox you’re almost doing everything through the WebUI on the Infoblox Grid Master. At least the daily business such as adding/changing/deleting/moving/whatever DNS, DHCP, and IPAM stuff. Even troubleshooting is almost done through this HTTPS-based GUI. However, some circumstances require the use of the CLI on an Infoblox appliance/VM, called “Remote Console Access” aka SSH. … Continue reading CLI Commands for Troubleshooting Infoblox