• Hyper-V Concepts

    It's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
    Read more

    OSPF Routing Protocol

    Introduction to the OSPF protocol. Understand OSPF Basics, Areas, Concepts, various OSPF tables and much more. CCNA to CCNP level.

    read more

Hot Downloads

How to Configure Email Alerts in GFI LanGuard 2015 – Automating Alerts in GFI LanGuard

Posted in GFI LanGuard: Network Security Scanner

One of the most important features in any network security monitoring and patch management application such as GFI’s LanGuard is the ability to automate tasks e.g automatic network scanning, email alerts etc. This allows IT Administrators, Network Engineers, IT Managers and other IT Department members, continue working on other important matters while they have their peace of mind that the security application is keeping things under control and will alert them instantly upon any changes detected within the network or even vulnerability status of the hosts monitored.

Download your copy LanGuard 2015 Network Security / Vulnerability Scanner and Patch Management system for a limited time only!

GFI LanGuard’s email alerting feature can be easily accessed either from the main Dashboard where usually the Alerting Options notification warning appears at the bottom of the screen:


Figure 1. GFI LanGuard email alerting Option Notification

Or alternatively, by selecting Configuration from the main menu and then Alerting Options from the left side area below:

How to Scan Your Network and Discover Unpatched, Vulnerable, High-Risk Servers or Workstations using GFI LanGuard 2015

Posted in GFI LanGuard: Network Security Scanner

How to Scan Your Network and Discover Unpatched, Vulnerable, High-Risk Servers or Workstations using GFI LanGuard 2015 - 5.0 out of 5 based on 2 votes

gfi-languard-scan-network-and-discover-vulnerable-unpatched-high-risk-systems-1aThis article shows how any IT Administrator, network engineer or security auditor can quickly scan a network using GFI’s LanGuard and identify the different systems such as Windows, Linux, Android etc. More importantly, we’ll show how to uncover vulnerable, unpatched or high-risk Windows systems including Windows Server 2003, Windows Server 2008, Windows Server 2012 R2, Domain Controllers, Linux Servers such as RedHat Enterprise, CentOS, Ubuntu, Debian, openSuse, Fedora, any type of Windows workstation (XP, Vista, 7, 8, 8.1,10) and Apple OS X.

GFI’s LanGuard is a swiss-army knife that combines a network security tool, vulnerability scanner and patching management system all in one package. Using the network scanning functionality, LanGuard will automatically scan the whole network and use the provided credentials to log into every located host and discover additional vulnerabilities.

Download your copy LanGuard 2015 Network Security / Vulnerability Scanner and Patch Management system for a limited time only!

To begin, we launch GFI LanGuard and at the startup screen, select the Scan Tab as shown below:


Figure 1. Launching GFI LanGuard 2015

Next, in the Scan Target section, select Custom target properties (box with dots) and click on Add new rule. This will bring us to the final window where we can add any IP address range or CIDR subnet:

How To Detect ARP Attacks & ARP Flooding With Colasoft Capsa Network Analyzer

Posted in Capsa Network Analyzer

How To Detect ARP Attacks & ARP Flooding With Colasoft Capsa Network Analyzer - 5.0 out of 5 based on 4 votes

ARP attacks and ARP flooding are common problems small and large networks are faced with. ARP attacks target specific hosts by using their MAC address and responding on their behalf, while at the same time flooding the network with ARP requests. ARP attacks are frequently used for 'Man-in-the-middle' attacks, causing serious security threats, loss of confidential information and should be therefore quickly identified and mitigated.

During ARP attacks, users usually experience slow communication on the network and especially when communicating with the host that is being targeted by the attack.

In this article, we will show you how to detect ARP attacks and ARP flooding using a network analyzer such as Colasoft Capsa.

Colasoft Capsa has one great advantage – the ability to identify and present suspicious ARP attacks without any additional processing, which makes identifying, mitigating and troubleshooting much easier.

Download your copy of Colasoft Capsa and discover how easy it is to identify network & security related problems.

The Diagnosis tab provides real-time information and is extremely handy in identifying potential threats, as shown in the screenshot below:


Figure 1. ARP Scan and ARP Storm detected by Capsa's Diagnosis section.

Under the Diagnosis tab, users can click on the Events area and select any suspicious events. When these events are selected, analysis of them (MAC address information in our case) will be displayed on the right as shown above.

In addition to the above analysis, Capsa also provides a dedicated ARP Attack tab, which is used to verify the offending hosts and type of attack as shown below:

What is Cross-site Scripting (XSS)? Why XSS is a Threat, how does XSS Work? Different Types of XSS Attacks

Posted in Netsparker

What is Cross-site Scripting (XSS)? Why XSS is a Threat, how does XSS Work? Different Types of XSS Attacks - 5.0 out of 5 based on 1 vote

understanding-xss-cross-site-scripting-attacks-and-types-of-xss-exploits-1Part one of our two-part series on Cross-site scripting (XSS) explains what are XSS attacks. We also take a close look on how XSS exploits work (urls, cookies, web cache etc.) and analyze their impact on business websiteswebservers, using real examples of popular sites that were hit using different XSS exploits. We also talk about the different type of XSS attacks that make website users very difficult to identify and detect them. Part-two will provide a Cross-site scripting attack example, talk about the different type of XSS vulnerabilities and explain how to identify XSS vulnerabilities in your web applications & web servers.

Websites operate typically with two sides to them: the backend and frontend. On the backend, there are the familiar layers of systems that generate the elements for the frontend – the web application service, language renderer (e.g. PHP or Python), database, and so forth. These areas are commonly the ones most focused on when it comes to securing a website, and rightfully so. Some of the most damaging hacks in history were a result of successful attacks on the backend systems. But the frontend, where things like HTML, CSS, and most especially JavaScript exist – is equally susceptible to attack, with considerable fallout as well.

Find Website Vulnerabilities and Exploits with Netsparker Cloud - Register Now!

Cross-site scripting, which is more commonly known as XSS, focuses the attack against the user of the website more than the website itself. These attacks utilize the user's browser by having their client execute rogue frontend code that has not been validated or sanitized by the website. The attacker leverages the user to complete their attack, with the user often being the intended victim (such as by injecting code to infect their computer). The user loads a trusted website, the rogue script is injected somehow, and when the page is rendered by their browser that rogue script is executed. With more websites performing their actions as browser-rendered code instead of in Flash or with static pages, it is easy to see why XSS can be a significant threat.

Why is XSS a threat, and how does it work?

How to Reconstruct HTTP Packets/Data & Monitor HTTP User Activity with NChronos

Posted in nChronos Forensic Analysis

How to Reconstruct HTTP Packets/Data & Monitor HTTP User Activity with NChronos - 5.0 out of 5 based on 5 votes

HTTP reconstruction is an advanced network security feature offered by nChronos version 4.3.0 and later. nChronos is a Network Forensic Analysis application that captures packets/data around the clock. With HTTP reconstruction, network security engineers and IT managers can uncover suspicious user web activity and check user web history to examine specific HTTP incidents or HTTP data transferred in/out of the corporate network.

Download your copy of nChronos now!

Firewall.cx readers can also visit our nChronos Forensic Analysis section to gain access to more technical & network security articles covering nChronos.

Now let's take a look at how to use this new feature with Colasoft nChronos.

The HTTP reconstruction feature can be easily selected from the Link Analysis area. We first need to carefully select the time range required to be examined e.g 9th of July between 13:41 and 13:49:15. Once the time range is selected, we can move to the bottom window and select the IP Address tab to choose the IP address of interest:

nchronos-how-to-reconstruct-monitor-http-data-packets-captured-1Figure 1. Selecting our Time-Range, and IP Address of interest from Link Analysis

nChronos further allows us to filter internal and external IP addresses, to help quickly identify the IP address of interest. We selected External IP and then address

All that's required at this point is to right-click on the selected IP address and choose HTTP Packet Reconstruction from the pop-up menu. Once HTTP Packet Reconstruction is selected, a new tab will open and the reconstruction process will begin as shown below:


Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V


  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup