KVM is a virtualization solution for linux largely used in enterprise environment. It’s permits to define overlay networks scalable over public network by open virtual switch. Layer 2 networks encapsulated over udp packet, by VXLAN or GRE tunnel, enable an use efficient and versatile of network infrastructure. Docker is a open platform that permits to run applications ..
The DNS is a critical service often exploited by hackers for gathering information about the company attacked or for distributed deny of service (DDOS). It’s possible to be protected from these attacks configuring opportunely the service. The actions to implement are very easy and it will be explained in this article. The laboratory implemented is described in the following picture. ..
Docker Overlay Network is a good way to create isolate layer two networks where the containers are distributed on different physical hosts. It’s possible to define two equal subnets without any overlap because the network interfaces of containers are in different namespaces. The frame between hosts are tunneled by vxlan protocol that manages until to 16777216 vlan: much ..
Network segmentation is vital in order to limit the risks for business data after a network intrusion. The goal is to make very difficult the movement of threat inside the network and to give to intruders not authorized the minimun privilege possible for avoiding the exploit of critical services for the business. By phishing campaign it’s very ..
This article shows how is possible to exploit an active directory system by a simple phishing campaign. For this scope I will use metasploit framework: you must know the password (there are different way to stole the password but it is out the scope) of a domain user and have an Active Directory with MS14-68 vulnerability. The goal is to ..
Docker is a software layer that permits to run linux application inside isolated containers on an only shared system operating. This type of virtualization is lighter, portable, scalable and easy to manage: it is an good alternative to classical virtualization approach, like xen, kvm, vmware, where every virtual machine run with its own kernel and ..
Nginx is a robust and fast reverse proxy. Haproxy is a fast application load balancer. Together can be used for publishing to internet web services in security way. For this reason this article has the objective to explain how to secure web services using nginx and haproxy. The haproxy, in addition to application load balancer functionality, has a ..
The need to trust freeipa identity management with active directory is very interesting. It permits to centralize the user management leaving in freeipa the authorization process. Very useful for system administrator to have to manage one only user account. In this context this article explains how to integrate Freeipa with Active Directory describing all the kerberos packets involved in ..
Kerberos is the protocol most used in modern authentication system. Active Directory and other Identity management (like freeipa) use it for offer a single sign-on authentication method. Of course a good kerberos understanding is necessary by system administrator. Give an answer to this need is the scope of this article. All the examples have been implemented in ..
In this article I will show how to configure Pfsense Firewall and Suricata IDS with Kibana dashboard. The explained architecture will provide a modern and functional IDS with a good graphical user interface without spending money in commercial products. The solution permit to monitor in real time attack attempts to network services and to activate, if necessary, the ..