Posts

Showing posts from August, 2010

My Virtual Network Topo

Image
My virtual network topology to pratice lab:

I used vyatta for router of network, because it use a liite of memory, ( more than cisco, junOS), and i can integrate with VMware network, it is very flexible.

This is OpenVPN logical topo for my lab:
I have completed a half of this lab, hix. (VPN tunnel between 2 server). Now i am tring to bridge to use internal network.
Add this is video config lab topo to use: ( ip of centos, debian,, routing, nat on vyataa)
Part1: http://www.mediafire.com/?e4u3161qwa649h4
Part2: http://www.mediafire.com/?yoe61ho7cbc9y2c
------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.

OpenVPN. Tun Lab

Lab1: Tun Client to server:
Step1: No Security:
Window Client:
# OpenVPN server
remote 192.168.19.100
# Tunnel mode
dev tun
# IP addresses
ifconfig 220.110.1.1 220.110.1.2
# Cipher mode
cipher none
# Authentication mode
auth none
# Log verbosity
verb 2
CentOS server:
# Tunnel mode
dev tun
# IP addresses
ifconfig 220.110.1.2 220.110.1.1
# Cipher mode
cipher none
# Authentication mode
auth none
# Log verbosity
verb 2 Lab2: Tun Preshare Key
In previous entry
Lab3: Tun SSL/TLS
Build cert + key on server
You can find script in /usr/share/doc/openvpn/easy-rsa....
If don`t have. you can copy from openvpn source code
Edit vars
Then
chmod 700 *
. ./vars
./clean-all
./build-ca
./build-key-server server
./build-dh
./build-key-pass client Window Client:
# TLS mode - client
tls-client
# openVPN server
remote 192.168.19.100
# Tunnel mode
dev tun
# IP addresses
ifconfig 220.110.1.1 220.110.1.2
# CA certificate
ca "ca.crt"
# client certificate
cert "client.crt"
# client private ke…

OpenVPN. Configuration file

If run automatic:
*.conf for linux *.opvn for M$
and file location:
M$: "C:\Program Files\OpenVPN\config\"
Linux: /etc/openvpn
In config file:
CLIENT/SERVER DESIGNATION:
    SERVER: Don`t need any things
    CLIENT:
    # SERVER IP ADDRESS
    remote 100.0.0.1
    # TUNNEL MODE:
    TUN or TAP tunnel.
    # ETHERNET OR IP TUNNEL
    # "dev tun" will create a routed IP tunnel
    dev tun
    # "dev tap" will create an Ethernet tunnel
    dev tap
    # use "dev tun" or "dev tap" but not both TUNNEL PORT:
    # TCP OR UDP TUNNEL
    # TCP tunnel
    proto tcp
    # UDP tunnel is recommended
    proto udp
    # use TCP or UDP but not both
    #
    # TCP OR UDP PORT
    port 1194 OpenVPN security:
Transparent tunnel:
    OpenVPN just tunnels the data without authentication, confidentiality, or integrity. In other words there is no security checks whatsoever, and the data can be read as it passes through the tunnel.
    # Client AND Serve…

OpenVPN. Sample Connection

Today, i have started openvpn. This soft use SSL to create connection ( not IpSec). To install openvpn not sample, because it not in centOS responsible, so we must:
#wget http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-3.noarch.rpm
#rpm -Uvh epel-release-5-3.noarch.rpm
#yum install openvpn It is lite soft, but very usefull. Now i have installed openvpn on window XP. I so easy ( more than centOS, hix). To test connection between xp and centos, i use file sample.ovpn in sample-config folder of OpenVPN on XP.
XP had real IP: 192.168.19.50, I used IP 10.3.0.1 for xp in this connection, and CentOS had real IP: 192.168.19.100, IP for VPN is 10.3.0.20.
I edited:
remote
ifconfig
So you can test OpenVPN
Video: http://www.mediafire.com/?hzbw4dzn43pcwdv
------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window …

My Hard Cert

Image
Sáng đẹp trời mắt nhắm mắt mở ra cửa. Thấy cửa bị kẹt, đá pát vào cửa rơi ra 2 cái mail =)).
Ui, 2 cái đến cùng 1 lúc mới sợ.
Cái mong chờ nhất:
1 đống M$:


 Bonus của Ci$co: Bonus của mình =)):
------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.

Auto startx, auto network, auto any in Backtrack 4

Hôm nay tập tành xài Backtrack. Trước đó có xài bản Backtrack 4 beta, muốn install lên HDD chạy cho nhanh + update exploit. Đọc thấy lằng nhằg ( pải fdisk + format...)
Thấy có bản Release for Back Hat. Pentest -> Exploit -< Black Hat. Hay.
Down về, login vs root/toor
Run start, vào KDE nghịch. Install thêm cái Vmware tool để căng màn hình cho đẹp :D
Gặp vấn đề card mạng ko tự nhận, pải restart lại ( chắc nó ko start auto).
Vấn đề thứ  là ko tự động vào GUI. Lên search thấy cách đổi /etc/event.d/rc-default + change file rc để start network auto.
=> Nhớ là backtrack có mỗi mình dùng, ko cần mutiply user => phí công chỉnh rc. Nhớ tiếp là có file .bash_profile.
vim /root/.bash_profile
/etc/init.d/networking restart
startx
H thì login vào cái nó tự đá mình vào GUI, net sẵn sàng. Bài học là có những cái đơn giản quá mà ích lợi to lớn, thành ra ta ko để ý.
------------------------------------------------------------
Thanks for reading
---------------------------------------------…