Following the good will by Google many other providers made their DNS servers available to us without any limitations as recursive resolvers. As they do not announce it widely enough you may not have heard abouth them, here is the list of these DNS servers: OpenDNS/Cisco Umbrella: 208.67 …
ip address - Manage IP address(es) on interfaces ip route - Manage routing table ip link - Link Management Interface Grouping. ip neighbor - Managing ARP table Tunnel interfaces GRE NOTE: All the commands below take effect immediately after you hit Enter, and do NOT survive reboot. ip address - Manage IP address(es …
It has passed somewhat unnoticed but Google have made available to us their free, accessible to all NTP servers. I have been using their DNS servers for years without any issues so will trust their NTP ones as well. So far works just fine. For a single server we can …
The firewall-cmd doesn't have an option to show all zones and to which one the server interfaces belong, so here is a one-line to show that: #for ii in `ls /usr/lib/firewalld/zones/`; do echo ${ii%%.xml}: ; firewall-cmd --zone=${ii%%.xml} --list-interfaces; done The output: block: dmz: drop: external …
Trying out Amazon AWS Glacier with fastglacier.com as the upload GUI app I looked at few SHA256 sum calculating tools, and found this one by Jesse Kornblum to be the best for Windows. It has some quite useful options like recursive folders calculation, file size limitation, reading file names …
I've been seeing this for some time so you will see it soon too. We speak here mostly about SNMP probes coming from a set of very specific IPs. If you do a search on IP you get to the webpage below http://critical.io (web site is not up …
Time-based access-lists in Cisco world are available since ... last century for sure. But is it possible that Linux doesn't have anything like that ? No way - of course it can do and do it better. Here is how . Access control based on time of the day is available via pam module …
Domain records are most visible vulnerable and many time crucial asset of the company. Attackers need not break your firewall protection, find and develop exploits for software running on your server to cut off your company from mails - it is enough for them to cause a change of MX record …
Today I'll bring you two tips to secure SSH access to the Checkpoint firewall/Linux server beyond firewall rules itself. SSH access is the most powerful way to own the firewall so it should be secured to the paranoid level and even then it is never enough. Tip 1 Change …
As I said already ( here and here ) for gathering Netflow data, especially with security in mind, I deem Nfsen/nfdump to be the best. And with some easy 2-minutes tweaking I can always make it do exactly what I want. By default when you configure Cisco to export both ingress …