CentOS 7 Firewall Sheet

The best thing about CentOS 7 is, it has a super easy firewall built-in. I recommend you not to disable the firewall. To check the active zones: [root@rh7 ~]# firewall-cmd –get-active-zones public interfaces: enp1s0f0 To get available service names: [root@rh7 ~]# firewall-cmd –get-services RH-Satellite-6 amanda-client bacula bacula-client dhcp dhcpv6 dhcpv6-client dns ftp high-availability http https imaps […]

Read More

Snort rules for isc.org and ripe.net DNS Amplification Attacks

Everything started with a few queries of isc.org thrugh open DNS servers located at our data center. Searching through the net we found that we are not the victims but a part of  uncomprimised sources of  a huge DDoS attack. A 60 byte query will turn into 50 times larger data directed to victims IP […]

Read More

Firewall Settings With IpTables on CentOS and RedHat

Here on this article we’ll discuss some basic methods to quickly apply to the iptables service so that you can basically get things running up. First of all, there are a couple of ways to edit the iptables infrastructure. One way is to use the /sbin/iptables binary file to append each line, or you can […]

Read More

Can’t Get Ping Responses from MS Windows Servers

Even though it sounds like a simple problem, a lot of our customers have asked the question why they can’t get back ping responses from their MS Windows servers. The problem is simple, because on most flavors of MS Windows boxes, the firewall has disabled ICMP requests by default. To enable it, go to Start […]

Read More

Password Generation in UNIX

Below I’ll describe a couple of nice methods to generate passwords using Python and Bash. Actually there are a lot of ways you can accomplish this especially with bash, but using the /dev/urandom file seems to be the most clever one. The /dev/urandom device doesn’t only generate read-friendly characters, so it’s best to filter out […]

Read More

Nmap : Scanning Methods

Earlier we’ve discussed target specification in detail. But it is almost as import to choose your method to scan the target host. Nmap can scan in various algorithms, we should choose wisely considering the network, operating system and firewalls. Even though we usually don’t know what network architecture or operating system the target is affiliated […]

Read More

Nmap : Target Specification in Detail

Every now and then, we need to scan ports as system administrators, even if the target machine is owned by us or not. To achieve this, nmap is the well known and reliable tool which is available for almost every platform. But to use nmap, we need to understand the background of it a little. […]

Read More

Cisco PIX & ASA Host name in greeting fix

If it appears to be all (***) instead of your mail hostname and if you get, “550 Sorry, your HELO/EHLO greeting must resolve (#5.7.1)” error when sending mail to your mail server from outside, run the following command in your CISCO firewall: no fixup protocol smtp 25 and save with the “wr mem” command Related […]

Read More