• Best VPN Service

    Top VPNs that Unlock Netflix, provide Secure Torrenting, Strong Encryption, Fast Downloads, DNS Leak Protection, Identity Protection and have Cheap VPN prices.

    read more

    Hyper-V Concepts

    It's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
    Read more

Hot Downloads

Free Live Demo Webinar: Windows Server 2019 in Action

Posted in Other Articles

Free Live Demo Webinar: Windows Server 2019 in Action - 5.0 out of 5 based on 1 vote

windows server 2019 webinarSo you’ve heard all about Windows Server 2019 - now you can see it in action in a live demo webinar on November 8th! The last WS2019 webinar by Altaro was hugely popular with over 4,500 IT pros registering for the event. Feedback from gathered with that webinar and the most popular features will now be tested live by Microsoft MVP Andy Syrewicze. And you’re invited!

This deep-dive webinar will focus on:

  • Windows Admin Center
  • Containers on Windows Server
  • Storage Migration Service
  • Windows Subsystem for Linux
  • And more!

Demo webinars are a really great way to see a product in action before you decide to take the plunge yourself. It enables you to see the strengths and weaknesses first-hand and also ask questions that might relate specifically to your own environment. With the demand so high, the webinar is presented live twice on November 8th to help as many people benefit as possible.

altaro windows server 2019 in action webinar

The first session is at 2pm CET/8am EST/5am PST and the second is at 7pm CET/1pm EST/10am PST. With the record number of attendees for the last webinar, some people were unable to attend the sessions which were maxed out. It is advised you save your seat early for this webinar to keep informed and ensure you don’t miss the live event.

Save your seat: https://goo.gl/2RKrSe

Easily Convert Cisco Autonomous - Standalone AP to Lightweight Mode & Register it to a Cisco WLC Controller

Posted in Cisco Wireless

Easily Convert Cisco Autonomous - Standalone AP to Lightweight Mode & Register it to a Cisco WLC Controller - 5.0 out of 5 based on 1 vote

cisco wireless controller ap conversionThis article explains how to convert a local or remote Autonomous / Standalone Cisco Aironet Access Point to Lightweight and register it to a Cisco WLC Controller. Included are detailed steps, commands, full text logs of the conversion process and screenshots to ensure an easy and successful upgrade - WLC registration.

Topics covered in this article:

Restrictions & Considerations when Converting Autonomous APs to Lightweight Mode

Converting an Autonomous AP to Lightweight Mode is a straight forward process however it is important to keep a few things in mind before performing the conversion procedure as there are some restrictions users should be aware of.

Depending on the level of experience some of these notes/restrictions might be considered basic or redundant knowledge. For sake of simplicity we are presenting them in bullet format:

  • All Cisco lightweight access points are capable of supporting up to 16 BSSIDs per radio and a total of 16 WLANs per access point.
  • Access points converted to lightweight mode require a DHCP server to obtain an IP address and discover the WLC via DNS or IP broadcast.
  • Lightweight access points do not support Wireless Domain Services (WDS). All lightweight APs communicate with the WLC.
  • Lightweight AP console port provides read-only access to the AP.

The Different Type of Access Point Image Files (k9w8 & rcvk9w8)

Before we begin the conversion process it is necessary to download the CAPWAP software file that matches the Access Point to be converted. These files can be downloaded from Cisco’s website and usually require an active Smartnet contract. Alternatively, a search on the web might reveal other sources from which they can be downloaded.

There are two type of AP CAPWAP software files we can download and install:

  • Fully functional CAPWAP Image file (full image) – Identified by the k9w8 string in their filename and are usually large in size (10-20Mb). Once loaded, the AP is able to join the WLC and download its configuration. Example file name: ap3g1-k9w8-tar.152-4.JB6.tar
  • Recovery mode CAPWAP Image file – Identified by the rcvk9w8 string in their filename. These are smaller in size (5-8Mb) and used to help the AP boot and join the controller so it can then download the full image from the WLC. Example filename: ap3g1-rcvk9w8-tar.152-4.JB6.tar

Regardless of the type of image loaded during the conversion process, the AP will always download the full image from the WLC as soon as it joins. The only exception to this rule is when the fully functional CAPWAP image file loaded on the AP is the same version as the one contained in the WLC.

Cisco AP Autonomous to Lightweight Conversion Process

First download a fully functional or recovery mode CAPWAP file suitable for the AP model. In our example we will be converting a Cisco 3502 AP and decided to download the appropriate recovery mode file: ap3g1-rcvk9w8-tar.152-4.JB6.tar .

Acunetix Enterprise: Find Website - Web Application Vulnerabilities & Security Flaws Before Hackers Do

Posted in Web Application Vulnerability Scanners

Acunetix Enterprise: Find Website - Web Application Vulnerabilities & Security Flaws Before Hackers Do - 5.0 out of 5 based on 2 votes

acunetix vulnerability scanner on pcSecurity researchers disagree about the percentage of vulnerable websites, but most concur that it’s way too high. Despite their long history, attackers continue to use cross-site scripting (XSS), SQL injection and more to successfully compromise sites and web applications. In today’s era of cloud-based and on-premises web applications that connect directly into the organization - it’s more important than ever to take a step back and consider the risk of web & security vulnerabilities that can leave your organization open to hackers.

As web applications scale, manual security assessments can become time-consuming and challenging to process while outsourcing these tasks won’t always provide the desired result. In many cases, a degree of automation is the way forward, and the decision becomes which web vulnerability scanner to choose.

Firewall.cx has written extensively about the pros of web vulnerability scanners, popular tools, and good common security practices. Despite this, we keep coming back to Acunetix, and it recently received a major upgrade. Version 12 of the enterprise-grade security tool is a significant leap forward that deserves an in-depth assessment.

Founded in 2005, Acunetix was designed to replicate hackers, yet catch vulnerabilities before they do. The leaps and bounds since its release have led to use in government, military, and banking, as well as partnership with Microsoft and AWS.

Before we dive in our in-depth analysis let’s take a look at the topics covered:

A free trial version can be downloaded from: http://www.acunetix.com/vulnerability-scanner/download/

Installing and Using Acunetix 12 Enterprise

When it comes to sheet usability, it’s easy to see why. While most readers will have no problems with complex setups, it’s always nice to avoid the hassle. Acunetix’s installation is a matter of creating an admin account, entering the license key, and choosing a port.

acunetix enterprise installation

All told, it took a matter of minutes to get up and running and didn’t require any additional configuration or restarts. For Enterprise customers, multi-engine deployment is also available, allowing for more simultaneous scans. As you’d expect, the setup is a little more complex, but still only requires a single line in command prompt and some additional registration inside Acunetix. Once configured, users can set targets to only scan with a specific engine and can push past the normal limit of 25 simultaneous scans.

However, many organizations will still want to setup user accounts for different roles. The software has three different account types for Tech Admins, Testers, and Auditors:

How to Perform TCP SYN Flood DoS Attack & Detect it with Wireshark - Kali Linux hping3

Posted in Network Protocol Analyzers

How to Perform TCP SYN Flood DoS Attack & Detect it with Wireshark - Kali Linux hping3 - 4.2 out of 5 based on 5 votes

wireshark logoThis article will help you understand TCP SYN Flood Attacks, show how to perform a SYN Flood Attack (DoS attack) using Kali Linux & hping3 and correctly identify one using the Wireshark protocol analyser. We’ve included all necessary screenshots and easy to follow instructions that will ensure an enjoyable learning experience for both beginners and advanced IT professionals.

DoS attacks are simple to carry out, can cause serious downtime, and aren’t always obvious. In a SYN flood attack, a malicious party exploits the TCP protocol 3-way handshake to quickly cause service and network disruptions, ultimately leading to an Denial of Service (DoS) Attack. These type of attacks can easily take admins by surprise and can become challenging to identify. Luckily tools like Wireshark makes it an easy process to capture and verify any suspicions of a DoS Attack.

Here’s an overview of what’s covered:

There’s plenty of interesting information to cover so let’s get right into it.

How TCP SYN Flood Attacks Work

When a client attempts to connect to a server using the TCP protocol e.g (HTTP or HTTPS), it is first required to perform a three-way handshake before any data is exchanged between the two. Since the three-way TCP handshake is always initiated by the client it sends a SYN packet to the server.

 tcp 3 way handshake

The server next replies acknowledging the request and at the same time sends its own SYN request – this is the SYN-ACK packet. The finally the client sends an ACK packet which confirms both two hosts agree to create a connection. The connection is therefore established and data can be transferred between them.

Read our TCP Overview article for more information on the 3-way handshake

In a SYN flood, the attacker sends a high volume of SYN packets to the server using spoofed IP addresses causing the server to send a reply (SYN-ACK) and leave its ports half-open, awaiting for a reply from a host that doesn’t exist:

Performing a TCP SYN flood attack

In a simpler, direct attack (without IP spoofing), the attacker will simply use firewall rules to discard SYN-ACK packets before they reach him. By flooding a target with SYN packets and not responding (ACK), an attacker can easily overwhelm the target’s resources. In this state, the target struggles to handle traffic which in turn will increase CPU usage and memory consumption ultimately leading to the exhaustion of its resources (CPU and RAM). At this point the server will no longer be able to serve legitimate client requests and ultimately lead to a Denial-of-Service.

How to Perform a TCP SYN Flood Attack with Kali Linux & hping3

However, to test if you can detect this type of a DoS attack, you must be able to perform one. The simplest way is via a Kali Linux and more specifically the hping3, a popular TCP penetration testing tool included in Kali Linux.

Alternatively Linux users can install hping3 in their existing Linux distribution using the command:

# sudo apt-get install hping3

In most cases, attackers will use hping or another tool to spoof IP random addresses, so that’s what we’re going to focus on.  The line below lets us start and direct the SYN flood attack to our target (192.168.1.159): 

Configuring Cisco WLC Link Aggregation (LAG) with Port-Channel EtherChannel. LAG Restrictions for WLC Models

Posted in Cisco Wireless

Configuring Cisco WLC Link Aggregation (LAG) with Port-Channel EtherChannel. LAG Restrictions for WLC Models - 5.0 out of 5 based on 1 vote

Cisco Wireless Controllers (WLC) support the configuration of Link Aggregation (IEEE 802.3ad - LAG) which bundles the controller ports into a single port channel. This helps simplify the configuration of the WLC interface ports, increase available bandwidth between the wireless and wired network, provide load-balancing capabilities between physical WLC ports and increase port redundancy.

To learn more about WLC interfaces refer to our article Cisco WLC Interfaces, Ports & Their Functionality article

The diagram below shows an example of a WLC 2504 with ports P1 and P2 in a LAG configuration connecting to a Cisco Catalyst or Nexus switch. In the configuration below WLC ports P1 and P2 are aggregated to provide a total of 2Gbps bandwidth:

WLC LAG Configuration with Cisco Nexus and Catalyst Switch

Let’s take a quick look of what’s covered:

Link Aggregation Restrictions - Considerations

While LAG is the preferred method of connecting the WLC to the network there however a number of restrictions we need to be aware of to ensure we don’t stumble into any unpleasant surprises.

  • On 2504 and 3504 WLCs you can bundle all 4 ports into a single link.
  • On 5508 WLC you can bundle up to 8 ports into a single link.
  • Link Aggregation Control Protocol (LACP) or Cisco proprietary Port Aggregation Protocol (PAgP) are not supported by the WLC. Port-Channel members must be set unconditionally to LAG (shown in the configuration below).
  • Only one LAG Group is supported per WLC, you can therefore connect a WLC only to one switch unless using VSS (Catalyst) or vPC (Nexus) technologies.
  • When LAG is enabled, if a single link fails, traffic is automatically switched to the other links.
  • After enabling LAG the WLC must be rebooted.
  • When enabling LAG, all dynamic AP manager interfaces and untagged interfaces will be deleted. (See related article WLC Interfaces – Logical Interfaces)
  • After enabling LAG, all Virtual Interfaces use the LAG interface. No backup port (under the Virtual Interface settings) is configurable:

wlc virtual interfaces with and without lag port channelClick to enlarge

Wireless Controller LAG Configuration – Enabling LAG

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup