Author's details

Date registered: 25th July 2015

Latest posts

  1. Information Security RISK response strategies — 2nd February 2021
  2. Time to crack passwords — 2nd March 2020
  3. Connection throttling iRule — 23rd February 2020
  4. IPSec VPN on Cisco ASA — 6th April 2019
  5. Palo Alto WildFire explained — 6th April 2019

Author's posts listings

Feb 02

Information Security RISK response strategies

  Risk Mitigation    Risk mitigation is the practice of the elimination of, or the significant decrease in the level of risk presented. Examples of risk mitigation can be seen in everyday life and are readily apparent in the information technology world. Risk Mitigation involves applying appropriate control to reduce risk. For example, to lessen …

Continue reading »

Mar 02

Time to crack passwords

Below table represents estimated time to crack passwords based on passphrase lenght and complexity.   Of course time may differ depending on number of factors like: Using dictionary words in passwords may allow almost instant crack ( for example if “rainbow tables” are beign used) Hardwa used (CPU/GPU power, RAM etc.) Application used to crack …

Continue reading »

Feb 23

Connection throttling iRule

In some cases there’s a need to introduce rate limiting based on number of connections over period of time. Out of the box F5 allow you to set rate limit based on concurrent connections which is useful option, but not always provide functionality business require.   Solution to this problem can be solved by using …

Continue reading »

Apr 06

IPSec VPN on Cisco ASA


Below is shown example of typical L2L IPSec VPN tunnel configuration on Cisco ASA firewall.   Note: There additional steps required to make VPN tunnel working: NAT configuration IKE protocol enabled on interface facing other end of VPN tunnel Properly configured routing table   Remember to save configuration when you done   TIP: Use “packet …

Continue reading »

Apr 06

Palo Alto WildFire explained


Palo Alto WildFire® provides detection and prevention of zero-day malware using a combination of malware sandboxing and signature-based detection and blocking of malware. WildFire extends the capabilities of Palo Alto Networks next-generation firewalls to identify and block targeted and unknown malware. With WildFire you get immediate automated protections across the platform, stopping malware, malicious URLs, …

Continue reading »

Apr 06

Palo Alto (PanOS) CLI Reference


Mar 25

Cyber Security Terminology

  A Access Definition: The ability and means to communicate with or otherwise interact with a system, to use system resources to handle information, to gain knowledge of the information the system contains, or to control system components and functions. From: CNSSI 4009   Access and identity management Definition: The methods and processes used to …

Continue reading »

Mar 18

How to log all requests with headers and VIP name in F5 LTM

In some cases, especially during troubleshooting it may be useful to create custom logging iRule to log information about requests to specific VIP. Of course you could simply use “Request Logging” profile in LTM, but using iRule will allow you to tag logs so you can find specific requests easier and most importantly log more …

Continue reading »

Apr 23

DNS and name services on Centos 7/RedHat 7

Here are some useful information about DNS and name services on Centos 7/RedHat 7. DNS related files and directories: Local DNS resolution static mappings: /etc/hosts-local Local host’s assigned name: /etc/hostname DNS configuration file: /etc/resolv.conf Commands: hostname host geteng hosts hostnamectl

Apr 23

Yum (Redhat 7/Centos 7)

Yum and RPM relationship RPM install packages, but does not care about required dependencies and that’s when Yum becomes handy. Yum is a front end for RPM, it will download and install package and all necessary dependencies for application to run correctly. Yum related directories and files: Yum config: /etc/yum.conf Contains containing repo locator files: …

Continue reading »

Older posts «