Currently this is the our office network. We currently have a single Public ip from the ISP and we have created a single Private ip network behind the NAT as shown below : public ip ( WAN ) – 122.x.x.1, gateway ip ( LAN ) – 10.0.0.1 client machines or servers ips range from – … Read more
We host a remote access tool called Simple Help. It allows us to access our clients computers and assist them with problems. I can log into it from my remote workstation, and connect to a clients workstation via our server. Then upon a successfully UDP connection Simple Help will try to “upgrade” the connection and … Read more
We have a Web infrastructure with a farm of Web Servers. They are behind a loadbalancer which does SSL offload. We also have a IPS and obviously a set of firewalls. Now, for security reason we have been asked to look into the possibility of adding a reverse proxy. I insist this is for security … Read more
I am trying to find an inbuilt solution on a Cisco Catayst 3750X Switch to scan all traffic routed from one VLAN to another for malicious code. The situation is that we currently have a development environment which is currently being redesigned to upgrade the network infrastructure to use the 3750X switches to manage server … Read more
I’m looking for a solid method to block unwanted TCP/IP traffic. On my linux machine iptables and ipset seem to offer a nice way to do so. Until now I’ve done this: ipset create ipsok hash:net maxelem (result of wc -l for my cidr list in a file) ipset add <network address> And made sure … Read more
I have the following topology: Click here, unfortunently I don’t have enough rep to post images Essentially I would like the packet flow to go from PC1, to the Core Switch, to the Edge Switch, and to the Firewall. I need to “bump the wire” to force traffic through the IPS. Ideally I would put … Read more
I’m trying to write a Snort rule to look for SSNs. Due to the limitations of the appliance in place I can not use the pre-processor settings. How intense would it be to run a PCRE rule for SSNs? This would essentially perform a regex comparison on every packet which seems pretty intensive. Answer Are … Read more
I want to restrict access to docker container ports just from specified IPs. I set up iptables rules with ipset. I have exposed the port 8888. The requests from port 8888 are forwarded to simple docker web server. I defined ipset with white list IP addresses. ipset create testfilter iphash ipset add testfilter 192.168.52.65 Then … Read more
I’m trying to add two more DNS servers to our pool to have more reliability under load and avoid losing visitors due to attacks or hardware issues. Since we have many websites setup to point at ns1.domain.com and ns2.domain.com, I’ve been wondering if it’s possible to point ns1.domain.com to 2 different machines, and do the … Read more
Unfortunately Snort doesn’t release rules update 2.8.6 since 2017. All customer should upgrade to 2.9. But 2.9 is X64 and my OS is Fedora X86. I need to update my Snort 2.8.6 signatures. Is there any source to get update or any solution that convert 2.9 rules to 2.8.6? Answer AttributionSource : Link , Question … Read more
