51 Security

CVE-2015-0235: GHOST – A Critical Vulnerability in the Glibc Library

2015-02-02 Jon

GHOST is a ‘buffer overflow’ bug affecting the gethostbyname() and gethostbyname2() function calls in the glibc library. If a remote attacker can make an application call to gethostbyname() or gethostbyname2(),…

Network

Build NTP Windows Server for Network Devices (not Win32Time)

2015-01-21 Jon

Based on Cisco Document (ID108076) Troubelshoot Network Time Protocol (NTP), Cisco devices are not able to Sync NTP to W32 Based Time Service. “Windows W32Time shows that it is an…

Juniper

Configuration DHCP Relay in routing instance on Juniper SRX Devices

2015-01-19 Jon

I was having DHCP Relay configured on SRX 240H Cluster devices, it was quite straightforward experience, and Juniper KB 15755 covered all points when I first configured it. It was…

Juniper VPN

Using PKI Build Route-Based IPSec VPN between Juniper SRX

2015-01-16 Jon

There was a task to change IPSec authentication method from Pre-share key to PKI Certification based. It used on SRX240H and SRX1400 firewalls. This post records the steps and troubleshooting…

Juniper

Monitoring Juniper SRX Firewall CPU, Memory and Flow Session Information from PRTG

2015-01-15 Jon

While using PRTG to monitor our firewalls, we found by default it could not poll Juniper SRX’s CPU and flow information with auto discovery method. From command line, we are…

SIEM

Archive Juniper STRM (IBM Qradar) Logs to remote server

2015-01-07 Jon

Our Juniper STRM is running out of space after receiving more and more logs from Check Point management server and Juniper NSM. Since my STRM 500 only has about 400G…

SIEM

Installation Steps of LOG Storm Free Virtual SIEM Appliance

2015-01-06 Jon

I was reading the Top 47 Log Management Tools from ProfitBricks’ blog. During quick scanning the key features and cost, I decided to give LOG Storm a try. This post…

Palo Alto

Configure Palo Alto VM 6.0.0 in Vmware Workstation and ESXi

2015-01-03 Jon

Palo Alto Networks has developed Virtualized Firewalls VM series to run in virtual environment. Here is the list for supported hypervisors from its website: The VM-Series supports the exact same…

Software

Bypass China GFW

2015-01-03 Jon

It becomes harder and harder to surf Western Internet Websites from China such as Youtube, facebook, Google. Here are some ways I found to bypass it. 1. Hole at GFW-…

VPN

Certificate Import Failed with “% Failed to parse or verify imported certificate” because of Verisign Using new Intermediate CA Certs G4

2014-12-15 Jon

Symptoms: Worked on IPSec VPN Certificate for whole morning to try to import a certificate, finally gave up to ask support from Verisign. I did this many times and had…

VPN

Certification based Cisco IPSec VPN Down caused by ‘signature invalid’

2014-12-13 Jon

Symptom: Recently, I were troubleshooting a IPSec VPN using Certificate issue. One IPSec VPN router got rebooted then IPSec tunnel was not able to be re-build. It tested fine with…

Cisco

Cisco ACS Lab2: Use Tacacs+ to do Authentication and Authorization with ACS 5.6

2014-12-05 Jon

Previous Lab1: Cisco ACS Lab1: Installing and Configuring ACS 5.6 in ESXi and GNS3This Lab2 will use cisco router to connect with ACS 5.6 and use Tacacs+ protocol to complete…

51 Security

Latest Post