Finally Cisco Routers to have a packet capture mechanism

Before iOS revision 12.4 you were having access-lists and debug facility to get a clue about the packets passing through an interface. Now it is fairly easy to get packets and even export them as .pcap to analyse within a few easy steps. First thing to do is, create an access-list based on your requirements: […]

Read More

CentOS 7 Firewall Sheet

The best thing about CentOS 7 is, it has a super easy firewall built-in. I recommend you not to disable the firewall. To check the active zones: [root@rh7 ~]# firewall-cmd –get-active-zones public interfaces: enp1s0f0 To get available service names: [root@rh7 ~]# firewall-cmd –get-services RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps […]

Read More

SIP NAT on Cisco IOS stop working

Suddenly you realized that external SIP phones stop working without any reason, you should be avare of Cisco routers get stuck sometimes. There is a trick to solve the issue with two commands, but first of all be sure that the sip is not registered through arterisk cli: Type on your asterisk: asterisk -rvvvvv and […]

Read More

Add Multiple Gateways to Multiple NICs on Ubuntu Server

Even though this seems an easy task, when you add IP’s with different gateways, you have to route the IP’s for the correct gateways. Let’s say you have two networks, 192.168.80.128/25 192.168.90.128/25 This means your gateways are 192.168.80.129, 192.168.90.129 and you have these IP addresses respectively : 192.168.80.130-254, 192.168.90.130-254 Lets assign the 192.168.80.x IP’s to […]

Read More

Fix Incoming Mail Delay With Postfix

In our case, we were using postfix via iRedMail and every incoming mail had a delay around 7 minutes. The problem was fixed by disabling the chroot operation in the settings. Edit the file /etc/postfix/master.cf It probably looks like this # ============================================================= # service type private unpriv chroot wakeup maxproc command # (yes) (yes) (yes) […]

Read More

Change Outgoing IP of Postfix Mail Server

This can get quite important when your mail server is blacklisted, or if you somehow want to simply change the outgoing IP address. First of all, check that you DO have another ip address on another interface at the server. Either by ifconfig or anything else. To change the outgoing IP on a postfix mail […]

Read More

Snort rules for isc.org and ripe.net DNS Amplification Attacks

Everything started with a few queries of isc.org thrugh open DNS servers located at our data center. Searching through the net we found that we are not the victims but a part of  uncomprimised sources of  a huge DDoS attack. A 60 byte query will turn into 50 times larger data directed to victims IP […]

Read More

Firewall Settings With IpTables on CentOS and RedHat

Here on this article we’ll discuss some basic methods to quickly apply to the iptables service so that you can basically get things running up. First of all, there are a couple of ways to edit the iptables infrastructure. One way is to use the /sbin/iptables binary file to append each line, or you can […]

Read More

Getting Network Information in Bash Scripts

Sometimes when writing your bash scripts, you may need some information about the network, such as the IP addresses, both IPv4 and IPv6, broadcast addresses, netmasks and such. There are two very basic ways of getting the necessary information in Linux systems, you should either choose the ip addr show method, and parse what’s coming […]

Read More

Adding New IP to DirectAdmin From Different Subnet and Gateway

Earlier I’ve posted an article describing how to add multiple ip addresses on a single network device. Even though you can add IP addresses on Direct Admin using it’s GUI, unfortunately the GUI fails if the netmask or the gateway is different. So if you have a server running Direct Admin with the IP address […]

Read More

Can’t Get Ping Responses from MS Windows Servers

Even though it sounds like a simple problem, a lot of our customers have asked the question why they can’t get back ping responses from their MS Windows servers. The problem is simple, because on most flavors of MS Windows boxes, the firewall has disabled ICMP requests by default. To enable it, go to Start […]

Read More

Routing, a Brief Introduction

Introduction Routing is the process of finding the route to a destination, and routing protocols determine how a router updates its route information. A router is attached to two or more networks, and its primary function is receiving IP packets through one network interface and forwarding them through another. The packets can travel through a […]

Read More

Nmap : Scanning Methods

Earlier we’ve discussed target specification in detail. But it is almost as import to choose your method to scan the target host. Nmap can scan in various algorithms, we should choose wisely considering the network, operating system and firewalls. Even though we usually don’t know what network architecture or operating system the target is affiliated […]

Read More

Nmap : Target Specification in Detail

Every now and then, we need to scan ports as system administrators, even if the target machine is owned by us or not. To achieve this, nmap is the well known and reliable tool which is available for almost every platform. But to use nmap, we need to understand the background of it a little. […]

Read More

Bind Multiple IP Addresses on a Single Network Card IPv4 & IPv6

The beauty of having multiple IP addresses on a single server is that you can run several services with different addressing. This way you can announce your FTP service on a different address and your HTTP on another. Below I’ll describe how to achieve this in Debian based and Red Hat based distros seperately. Using […]

Read More

Learn your IPv6 & test your IPv6 enabled site with ip6tools.com

A new service announced by VeriTeknik to help developers getting into IPv6 world. You may test your IPv6 enabled web site through ip6tools.com easily. Developers declared “new functionalities are added to my-ip6.com every passing day”

Read More

Cisco Router IPv6 Configuration

In the beginning of the year 2011, we decided to apply IPv6 configuration to our data center (VeriTeknik) and requested our IPv6 block from RIPE. RIRs give out /32 blocks to LIRs at the first assignment. The Preperation Steps Request your IPv6 Addresses from your RIR or LIR Add IPv6 Route to your AS number […]

Read More