Assisting 11813835 developers since 2005.

Web Designer, Open Source, Loyal, Dad.  

Read More »

Remove Banned IP from Fail2Ban on Ubuntu / Raspberry Pi

Posted by David  •  Sep 27th, 2014 10:10:12 pm - Subscribe | Mood: Studying | Music: No music

If you have never used Fail2Ban on your Linux distro. I would greatly recommended it, especially if you seeing a lot of traffic trying to brute force your standard SSH connection.

Good practice:
1. Do not SSH on port 22
2. Do not use root
3. Disable root

But this entry is not on good practices on SSH connections, but rather how to remove a ban that Fail2Ban may have done to block you, a client, or a connection that was not intended to be blocked.



Begin by doing the following:
1. iptables -L (Do you see your ip in this list?)
2. iptables -D fail2ban-ssh -s xxx.xxx.xxx.xxx -j DROP
3. Where you see xxx.xxx.xxx.xxx add the IP that is banned.
4. Now verify that your IP is no longer in the list: iptables -L



That's it! Your IP should now be removed! To prevent this from happening again, navigate to the follow path and add your IP address to the safe list:

1. cd /etc/fail2ban
2. vi fail.conf
3. Now locate: # "ignoreip" can be an IP address, a CIDR mask or a DNS host
4. Add your IP address to this list
5. Now save with a :x

I hope this helps you, if you have questions drop me a comment below.

Comments 0  •  Sep 27th, 2014 10:10:12 pm - Subscribe  •  Tweet this entry | Post a comment


How to Remove Flash from Adobe PDF Document

Posted by David  •  Sep 24th, 2014 10:02:53 am - Subscribe | Mood: good | Music: No Music

This entry explains how to extract Adobe Flash PDF file to a common Adobe PDF file that does not have flash.

If you have come across this issues, it may be due to a notification that states that Adobe Flash is required to open this Adobe PDF file. Well naturally your thinking a potential virus or malware infection right? Well you should, but I won't get into that.



So if you do receive a message that states that you need to upgrade your version of Acrobat to view the Adobe Flash PDF I would like you to do the following steps, to avoid having to upgrade.

1. Begin by opening the Adobe PDF file.
2. Highlight ALL documents by pressing CTRL+A
3. Go to: File > Extract from Portfolio
4. Now fine a destination to save the files.
5. Once done, hit ok and the files will begin converting to PDF (with NO flash)



This will save you a call to your IT help desk, and prevent others from having to upgrade they're Acrobat / PDF Readers.

Comments 0  •  Sep 24th, 2014 10:02:53 am - Subscribe  •  Tweet this entry | Post a comment


Cisco ASA 5505 UL-BUN-K9 Sec+ Firewall

Posted by David  •  Sep 8th, 2014 6:56:40 pm - Subscribe | Mood: good | Music: Final Fantasy IV Piano Collection

This afternoon I purchased myself a Cisco ASA 5505 (EOL) for my home network. My quest is to become a proficient system administrator, and perhaps one day a full stack admin...so I figured it would be a good idea to get some of the gear.

Now then, I have worked on the Cisco ASA 5510 & 5505, but the changes that I have made to it we're fairly easy to do. Open ports, edit ip addressing, and manage traffic But there is so much more to the ASA that I am interested in knowing so I figured I would jump in feet first by screwing up my own network and not someone elses. Here is a little background on the purchase.



Cisco ASA 5505-UL-BUN-K9 Security Plus Firewall Unlimited Users 25 SSL/IPSec VPN
quote:
Firewall is in perfect working order, no scratches on chassis.
ASA 5505
2 Power supplies and cords
Console cable
Ethernet cable

Cisco Adaptive Security Appliance Software Version 8.4(2)
Device Manager Version 6.4(5)

Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB

Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 20 DMZ Unrestricted
Dual ISPs : Enabled perpetual
VLAN Trunk Ports : 8 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Standby perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 25 perpetual
Total VPN Peers : 25 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual

This platform has an ASA 5505 Security Plus license.

Serial Number:
Running Permanent Activation Key:
Configuration register is 0x1
Configuration has not been modified since last system restart.
ASA#

Have one? Or have any suggestions for me? Leave me a comment.

Comments 0  •  Sep 8th, 2014 6:56:40 pm - Subscribe  •  Tweet this entry | Post a comment


If It Scares You: Cisco ASA 5510

Posted by David  •  Aug 31st, 2014 12:37:34 am - Subscribe | Mood: good | Music: FF IV Orchestra

This is a new type of entry, much like my Linux postings that I have recently been doing, but in these blogs I will be posting about things that made me uncomfortable, but I did them anyways. Success's & failures.

Well most of you know me as a web developer, but I do other things than web dev. In this past year I have taken myself outside of my comfort level and broaden my knowledge in other areas.


"If it scares you, you should probably do it."


This week I was asked to open a specific port on an Cisco ASA 5510, and also configure a Windows Server to adhere to that port on the ASA. I am unable to get into specifics but I can tell you that this was outside of my scope, but I welcomed it.

Success
That day (Thursday) I successfully con figured the server to listen to the non-traditional port and also configured the router allow the broadcasting of it. After a reboot of the server and an outside internet connection I was able to establish a connection. SUCCESS!

Issues
The next day I received notice that certain users were not able to connect to certain shares on the server. To top it off one of them was in a upper level position. EEK!

Solution
After finding the issue, and finding the solution I relayed my concerns to my sysadmin and he was able to get the disk share re-established. At which point I simply remapped my end users on the client ends. (not all had to be remapped)

I guess in the end, the configuration issues that I made to the Cisco ASA 5510 (router) and the reboot of the server was not my doing, but the fact that I was able to get the connection re-established was.

I embrace change, tasks like this regurgitate me. In the mean time I plan on continuing my knowledge with the ASA and seek other tasks as received. It is in my hopes to one day be a full stack administrator, in the mean time...let's all get out of our comfort level, and do something that scares us.

If it scares you, you should probably do it.

Comments 0  •  Aug 31st, 2014 12:37:34 am - Subscribe  •  Tweet this entry | Post a comment


Mentioned: News From You on Daily Tech News Show - Aug. 27, 2014

Posted by David  •  Aug 27th, 2014 10:00:21 pm - Subscribe | Mood: good | Music: No music

Today I was mentioned on the Daily Tech News Show podcast for August 27, 2014. I submitted a press release regarding Seagate is now shipping an 8 TB 3.5-inch hard drive with a SATA 6 gigabit-per-second interface.

I really enjoy this show, and not all the links I submit to the show are read or mentioned, but I really enjoy sharing content with the masses as you know by all my entries. happy.gif


...and yes Dan Patterson | danpatterson.com, you said my name correctly. Thanks!

Comments 0  •  Aug 27th, 2014 10:00:21 pm - Subscribe  •  Tweet this entry | Post a comment



Image Gallery

Badges


Amazon Wishlist Stumble Upon Toolbar
Internet Blogs - Blog Top Sites Internet Blogs - Blog Top Sites Technology

About Me

avatar

@davidpolanco
iPhone: 29.513522,-98.565523 Web Designer, Open Source, Loyal, Dad. Learn more...