Categories
Network

Squid Installation with AD authentication

In this prost we will discribe how to install squid proxy with Active Directory authentication.

The Squid installation it is done on Debian 6.0.4

Firstly, we need to configure the name server.

To connect to the server over SSH, we need to install SSH.

[blockquote align=”left” author=””]apt-get install ssh[/blockquote]

Install NTP Server:

[blockquote align=”left” author=””]apt-get install ntp-simple[/blockquote]

Edit the ntp file and add the frensh ntp servers:

Before installing squid we need to install:

  • samba used for connexion between Linux and Windows ;
  • krb5-user eand libpam-krb5 used by Kerberos for authenticating users to Active Directory
  • ntpdate : Used to synchronize date
  • winbind:used by samba to communicate with Active Directory.

After installing Kerberos, we need to synchronize the date using the command

[blockquote align=”left” author=””]sudo ntpdate 8.8.8.8[/blockquote]

After synchronizing the date, we will configure the Kerberos configuration file.

[blockquote align=”left” author=””]vi/etc/krb5.conf[/blockquote]

Now we will test Kerberos using the command:

[blockquote align=”left” author=””]sudo kinit Administrateur[/blockquote]

If doesn’t work, try to type [email protected]

And if doesn’t work try to restart the server.

After configuring Kerberos, we will start configuring samba. First, we need to stop Winbind and Samba and modify the file smb.conf:

Now, we will start samba and winbind

Join the domain:

[blockquote align=”left” author=””]sudo net ads join -U Administrateur [/blockquote]

After joining the domain, we will start squid installation:

[blockquote align=”left” author=””]-get install squid3 [/blockquote]

After installing squid, we will start squid configuration.

Categories
Network

How to configure Netscreen 5400

 In this post, we will describe the steps of configuring netscreen 5400 Firewall.

First of all, we must log to the firewall using line console with Speed 9600.

Categories
Network

Allow URL in squid using regex

In this post, we will describe how to use regex for connecting to destination web site using squid.

  1. Open the squid configuration file:

Vi /etc/squid3/squid.conf

  1. Defining the destination url

########Object Definition###################

Acl google_api url_regex ^http://ajax.googleapis.com/ajax/*

  1. Authorize access:

######################Autorization######################

http_access allow google_api

  1. After saving the configuration we will proceed to reload squid process

/etc/ini.d/squid3 reload

Categories
Network

Configure VPN site to site in netscreen device

In this post, we will describe how to configure VPN site-to-site in netscreen devices.

The screen OS used is 6.3.X

Categories
Network

Configure IPSEC VPN in netscreen Firewall

In this post, we will describe how to configure Ipsec VPN (Client-to-Site) in netscreen device.

The device version is 6.3.x.

The remote user will connect to the internal network 192.168.24.0/24

Categories
Network

Configure SNMP in Juniper Firewall

In this post, we will describe how to configure snmp in Juniper firewall

We need to create the community. It will be named : FW-Comm

Enter configuration mode, then type:

Set snmp community FW-Comm authorization read-only

After defining the community we need to define the clients IP:

Set snmp community FW-Comm clients 192.168.1.100/32

Categories
Network

Linux Server connexion through Squid

In this post, we will describe how to connect linux server to internet through proxy without authentication.

1.Firstly, we need to add this couple of line to use proxy for http, https and ftp:

Categories
Network

Windows 10 hidden Start menu

In this post we will troubleshoot the problem of start Button is not working in windows 10.

After upgrading windows 8 to windows 10, some users are faced to the problem that start menu does not open or Start Button is not working.

In order to troubleshoot this problem we will:

Firstly: Buckup your data in external disk.

Secondly:open CMD and run it as administrator.

Type the command: sfc /SCANNOW as mentioned in figure 1

Categories
Featured Network

Top free pentest tools

In this post we will present top ten free pentest tools.

1-The first tool is nmap, which is a free open source tool for network discovery and security auditing. Nmp helps to discover alive hosts in the network, opened ports and OS type.

The example bellows shows opened ports in the server 192.168.237.130 with the command: nmap 192.168.237.130

2-The second opensource tool is Wireshark. Wireshark is a network that is used for sniffing network and capture traffic with source IP, destination IP and protocol/ports

3-Next step is to launch Nessus. Nessus will be used to discover application vulnerabilities that will be used in next step.

Be careful when using Nessus with Old software/hardware it can causes system Crashes.

4-Metasploit: Metasploit is a Whole project that is developed by Rapid7. It is a security project that gives information about discovered information and helps in intrusion detection.

5-Cain and Abel: This tools allows hacker to recover various types of password by cracking encrypted passwords using dictionary or bruteforce. This tool is used also for decrypting encrypted cisco passwords. It is used also by network administrators to decrypt cisco password when it is forgotten.

Categories
Network

Configure SNMP in Netscreen Firewall

In this post, we will describe how to configure snmp in Netscreen Firewall by web interface or CLI

  1. For configuring snmp in screenos by web interface :

we should be connected with RW account.

Navigate to Configuration →Report Setting →SNMP

[blockquote align=”none” author=””]Configure Listen Port and trap port (by default listen port is 161 and trap port is 162).[/blockquote]

[blockquote align=”none” author=””]and the apply.

Now we need to configure the community.

Click new community

[/blockquote]

[blockquote align=”none” author=””]Set the community name, choose the snmp version, the server address and the trap version. Then click add.[/blockquote]

2-For configuring snmp by CLI:

set snmp community “FW-Comm” Read-Write Trap-on traffic version v2c

set snmp host “FW-Comm” 192.168.1.100/32 trap v2

set snmp port listen 161

set snmp port trap 162