Posts

Showing posts from August, 2010

My Virtual Network Topo

Image
My virtual network topology to pratice lab: I used vyatta for router of network, because it use a liite of memory, ( more than cisco, junOS), and i can integrate with VMware network, it is very flexible. This is OpenVPN logical topo for my lab: I have completed a half of this lab, hix. (VPN tunnel between 2 server). Now i am tring to bridge to use internal network. Add this is video config lab topo to use: ( ip of centos, debian,, routing, nat on vyataa) Part1: http://www.mediafire.com/?e4u3161qwa649h4 Part2: http://www.mediafire.com/?yoe61ho7cbc9y2c ------------------------------------------------------------ Thanks for reading -------------------------------------------------------------------------- All my Lab: Linux Lab -- window and Cisco Lab to be continued - I will update more.

OpenVPN. Tun Lab

Lab1: Tun Client to server: Step1: No Security: Window Client: # OpenVPN server remote 192.168.19.100 # Tunnel mode dev tun # IP addresses ifconfig 220.110.1.1 220.110.1.2 # Cipher mode cipher none # Authentication mode auth none # Log verbosity verb 2 CentOS server: # Tunnel mode dev tun # IP addresses ifconfig 220.110.1.2 220.110.1.1 # Cipher mode cipher none # Authentication mode auth none # Log verbosity verb 2 Lab2: Tun Preshare Key In previous entry Lab3: Tun SSL/TLS Build cert + key on server You can find script in /usr/share/doc/openvpn/easy-rsa.... If don`t have. you can copy from openvpn source code Edit vars Then chmod 700 * . ./vars ./clean-all ./build-ca ./build-key-server server ./build-dh ./build-key-pass client Window Client: # TLS mode - client tls-client # openVPN server remote 192.168.19.100 # Tunnel mode dev tun # IP addresses ifconfig 220.110.1.1 220.110.1.2 # CA certificate ca "ca.crt" # client cer

OpenVPN. Configuration file

If run automatic: *.conf for linux *.opvn for M$ and file location: M$: "C:\Program Files\OpenVPN\config\" Linux: /etc/openvpn In config file: CLIENT/SERVER DESIGNATION:     SERVER: Don`t need any things     CLIENT:     # SERVER IP ADDRESS     remote 100.0.0.1     # TUNNEL MODE:     TUN or TAP tunnel.     # ETHERNET OR IP TUNNEL     # "dev tun" will create a routed IP tunnel     dev tun     # "dev tap" will create an Ethernet tunnel     dev tap     # use "dev tun" or "dev tap" but not both TUNNEL PORT:     # TCP OR UDP TUNNEL     # TCP tunnel     proto tcp     # UDP tunnel is recommended     proto udp     # use TCP or UDP but not both     #     # TCP OR UDP PORT     port 1194 OpenVPN security: Transparent tunnel:     OpenVPN just tunnels the data without authentication, confidentiality, or integrity. In other words there is no security checks whatsoever, and the data can be read as it passes through th

OpenVPN. Sample Connection

Today, i have started openvpn. This soft use SSL to create connection ( not IpSec). To install openvpn not sample, because it not in centOS responsible, so we must: #wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm #rpm -Uvh epel-release-5-3.noarch.rpm #yum install openvpn It is lite soft, but very usefull. Now i have installed openvpn on window XP. I so easy ( more than centOS, hix). To test connection between xp and centos, i use file sample.ovpn in sample-config folder of OpenVPN on XP. XP had real IP: 192.168.19.50, I used IP 10.3.0.1 for xp in this connection, and CentOS had real IP: 192.168.19.100, IP for VPN is 10.3.0.20. I edited: remote ifconfig So you can test OpenVPN Video: http://www.mediafire.com/?hzbw4dzn43pcwdv ------------------------------------------------------------ Thanks for reading -------------------------------------------------------------------------- All my Lab: Linux Lab -

My Hard Cert

Image
Sáng đẹp trời mắt nhắm mắt mở ra cửa. Thấy cửa bị kẹt, đá pát vào cửa rơi ra 2 cái mail =)). Ui, 2 cái đến cùng 1 lúc mới sợ. Cái mong chờ nhất: 1 đống M$:  Bonus của Ci$co:   Bonus của mình =)): ------------------------------------------------------------ Thanks for reading -------------------------------------------------------------------------- All my Lab: Linux Lab -- window and Cisco Lab to be continued - I will update more.

Auto startx, auto network, auto any in Backtrack 4

Hôm nay tập tành xài Backtrack. Trước đó có xài bản Backtrack 4 beta, muốn install lên HDD chạy cho nhanh + update exploit. Đọc thấy lằng nhằg ( pải fdisk + format...) Thấy có bản Release for Back Hat. Pentest -> Exploit -< Black Hat. Hay. Down về, login vs root/toor Run start, vào KDE nghịch. Install thêm cái Vmware tool để căng màn hình cho đẹp :D Gặp vấn đề card mạng ko tự nhận, pải restart lại ( chắc nó ko start auto). Vấn đề thứ  là ko tự động vào GUI. Lên search thấy cách đổi /etc/event.d/rc-default + change file rc để start network auto. => Nhớ là backtrack có mỗi mình dùng, ko cần mutiply user => phí công chỉnh rc. Nhớ tiếp là có file .bash_profile. vim /root/.bash_profile /etc/init.d/networking restart startx H thì login vào cái nó tự đá mình vào GUI, net sẵn sàng. Bài học là có những cái đơn giản quá mà ích lợi to lớn, thành ra ta ko để ý. ------------------------------------------------------------ Thanks for reading ---------------------------------