Posted by David • Sep 27th, 2014 10:10:12 pm - Subscribe | Mood: Studying | Music: No music
If you have never used Fail2Ban on your Linux distro. I would greatly recommended it, especially if you seeing a lot of traffic trying to brute force your standard SSH connection.
1. Do not SSH on port 22
2. Do not use root
3. Disable root
But this entry is not on good practices on SSH connections, but rather how to remove a ban that Fail2Ban may have done to block you, a client, or a connection that was not intended to be blocked.
Begin by doing the following:
1. iptables -L (Do you see your ip in this list?)
2. iptables -D fail2ban-ssh -s xxx.xxx.xxx.xxx -j DROP
3. Where you see xxx.xxx.xxx.xxx add the IP that is banned.
4. Now verify that your IP is no longer in the list: iptables -L
That's it! Your IP should now be removed! To prevent this from happening again, navigate to the follow path and add your IP address to the safe list:
1. cd /etc/fail2ban
2. vi fail.conf
3. Now locate: # "ignoreip" can be an IP address, a CIDR mask or a DNS host
4. Add your IP address to this list
5. Now save with a :x
I hope this helps you, if you have questions drop me a comment below.
Posted by David • Sep 24th, 2014 10:02:53 am - Subscribe | Mood: good | Music: No Music
This entry explains how to extract Adobe Flash PDF file to a common Adobe PDF file that does not have flash.
If you have come across this issues, it may be due to a notification that states that Adobe Flash is required to open this Adobe PDF file. Well naturally your thinking a potential virus or malware infection right? Well you should, but I won't get into that.
So if you do receive a message that states that you need to upgrade your version of Acrobat to view the Adobe Flash PDF I would like you to do the following steps, to avoid having to upgrade.
1. Begin by opening the Adobe PDF file.
2. Highlight ALL documents by pressing CTRL+A
3. Go to: File > Extract from Portfolio
4. Now fine a destination to save the files.
5. Once done, hit ok and the files will begin converting to PDF (with NO flash)
This will save you a call to your IT help desk, and prevent others from having to upgrade they're Acrobat / PDF Readers.
Posted by David • Sep 8th, 2014 6:56:40 pm - Subscribe | Mood: good | Music: Final Fantasy IV Piano Collection
This afternoon I purchased myself a Cisco ASA 5505 (EOL) for my home network. My quest is to become a proficient system administrator, and perhaps one day a full stack admin...so I figured it would be a good idea to get some of the gear.
Now then, I have worked on the Cisco ASA 5510 & 5505, but the changes that I have made to it we're fairly easy to do. Open ports, edit ip addressing, and manage traffic But there is so much more to the ASA that I am interested in knowing so I figured I would jump in feet first by screwing up my own network and not someone elses. Here is a little background on the purchase.
Cisco ASA 5505-UL-BUN-K9 Security Plus Firewall Unlimited Users 25 SSL/IPSec VPN
Firewall is in perfect working order, no scratches on chassis.
2 Power supplies and cords
Cisco Adaptive Security Appliance Software Version 8.4(2)
Device Manager Version 6.4(5)
Hardware: ASA5505, 512 MB RAM, CPU Geode 500 MHz
Internal ATA Compact Flash, 128MB
BIOS Flash M50FW016 @ 0xfff00000, 2048KB
Licensed features for this platform:
Maximum Physical Interfaces : 8 perpetual
VLANs : 20 DMZ Unrestricted
Dual ISPs : Enabled perpetual
VLAN Trunk Ports : 8 perpetual
Inside Hosts : Unlimited perpetual
Failover : Active/Standby perpetual
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
AnyConnect Premium Peers : 2 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 25 perpetual
Total VPN Peers : 25 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
This platform has an ASA 5505 Security Plus license.
Running Permanent Activation Key:
Configuration register is 0x1
Configuration has not been modified since last system restart.
Have one? Or have any suggestions for me? Leave me a comment.
Posted by David • Aug 31st, 2014 12:37:34 am - Subscribe | Mood: good | Music: FF IV Orchestra
This is a new type of entry, much like my Linux postings that I have recently been doing, but in these blogs I will be posting about things that made me uncomfortable, but I did them anyways. Success's & failures.
Well most of you know me as a web developer, but I do other things than web dev. In this past year I have taken myself outside of my comfort level and broaden my knowledge in other areas.
"If it scares you, you should probably do it."
This week I was asked to open a specific port on an Cisco ASA 5510, and also configure a Windows Server to adhere to that port on the ASA. I am unable to get into specifics but I can tell you that this was outside of my scope, but I welcomed it.
That day (Thursday) I successfully con figured the server to listen to the non-traditional port and also configured the router allow the broadcasting of it. After a reboot of the server and an outside internet connection I was able to establish a connection. SUCCESS!
The next day I received notice that certain users were not able to connect to certain shares on the server. To top it off one of them was in a upper level position. EEK!
After finding the issue, and finding the solution I relayed my concerns to my sysadmin and he was able to get the disk share re-established. At which point I simply remapped my end users on the client ends. (not all had to be remapped)
I guess in the end, the configuration issues that I made to the Cisco ASA 5510 (router) and the reboot of the server was not my doing, but the fact that I was able to get the connection re-established was.
I embrace change, tasks like this regurgitate me. In the mean time I plan on continuing my knowledge with the ASA and seek other tasks as received. It is in my hopes to one day be a full stack administrator, in the mean time...let's all get out of our comfort level, and do something that scares us.
If it scares you, you should probably do it.
Posted by David • Aug 27th, 2014 10:00:21 pm - Subscribe | Mood: good | Music: No music
Today I was mentioned on the Daily Tech News Show podcast for August 27, 2014. I submitted a press release regarding Seagate is now shipping an 8 TB 3.5-inch hard drive with a SATA 6 gigabit-per-second interface.
I really enjoy this show, and not all the links I submit to the show are read or mentioned, but I really enjoy sharing content with the masses as you know by all my entries.
...and yes Dan Patterson | danpatterson.com, you said my name correctly. Thanks!