The DNS is a critical service often exploited by hackers for gathering information about the company attacked or for distributed deny of service (DDOS). It’s possible to be protected from these attacks configuring opportunely the service. The actions to implement are very easy and it will be explained in this article. The laboratory implemented is described in the following picture. ..
Docker Overlay Network is a good way to create isolate layer two networks where the containers are distributed on different physical hosts. It’s possible to define two equal subnets without any overlap because the network interfaces of containers are in different namespaces. The frame between hosts are tunneled by vxlan protocol that manages until to 16777216 vlan: much ..
Network segmentation is vital in order to limit the risks for business data after a network intrusion. The goal is to make very difficult the movement of threat inside the network and to give to intruders not authorized the minimun privilege possible for avoiding the exploit of critical services for the business. By phishing campaign it’s very ..
This article shows how is possible to exploit an active directory system by a simple phishing campaign. For this scope I will use metasploit framework: you must know the password (there are different way to stole the password but it is out the scope) of a domain user and have an Active Directory with MS14-68 vulnerability. The goal is to ..
Docker is a software layer that permits to run linux application inside isolated containers on an only shared system operating. This type of virtualization is lighter, portable, scalable and easy to manage: it is an good alternative to classical virtualization approach, like xen, kvm, vmware, where every virtual machine run with its own kernel and ..
Nginx is a robust and fast reverse proxy. Haproxy is a fast application load balancer. Together can be used for publishing to internet web services in security way. For this reason this article has the objective to explain how to secure web services using nginx and haproxy. The haproxy, in addition to application load balancer functionality, has a ..
The need to trust freeipa identity management with active directory is very interesting. It permits to centralize the user management leaving in freeipa the authorization process. Very useful for system administrator to have to manage one only user account. In this context this article explains how to integrate Freeipa with Active Directory describing all the kerberos packets involved in ..
This page contains all security vulnerabilities, updates and bulletins of 2016. 2016 Security Vulnerability Bulletins GRIZZLY STEPPE – Russian Malicious Cyber Activity 29/12/2016 Mozilla Releases Security Update 29/12/2016 FTC Releases Alert on Fake Apps for Mobile Devices 23/12/2016 Cisco Releases Security Updates 22/12/2016 VMWare Releases Security Updates 20/12/2016 Apple Releases Security Updates 15/12/2016 Joomla! Releases Security Update for CMS 15/12/2016 Mozilla Releases Security ..
Kerberos is the protocol most used in modern authentication system. Active Directory and other Identity management (like freeipa) use it for offer a single sign-on authentication method. Of course a good kerberos understanding is necessary by system administrator. Give an answer to this need is the scope of this article. All the examples have been implemented in ..
In this article I will show how to configure Pfsense Firewall and Suricata IDS with Kibana dashboard. The explained architecture will provide a modern and functional IDS with a good graphical user interface without spending money in commercial products. The solution permit to monitor in real time attack attempts to network services and to activate, if necessary, the ..