Backtrack:  
 
showing posts tagged with 'firewall'
 
edited by on November 5th 2019, at 09:55
Ever since Windows 2000, by default, Numlock is turned off at the logon screen. This can be annoying if you use the numpad to type in (part of) your password. Luckily, you can change this behaviour through a registry fix.

The registry key to change is the same for all versions of Windows, but the value to enter is different depending on the version of Windows.

Fire up regedit.

Navigate to the key HKEY_USERS\.DEFAULT\Control Panel\Keyboard.

Look for the registry value InitialKeyboardIndicators, which needs to be changed to:Windows 7: set the value to 2

Windows 8, 8.1, 10 (older builds): set the value to 80000002

Windows 10 (newer builds): set the value to 2147483650



Note that for Win  ...
edited by on September 13th 2019, at 10:55
To quickly block traffic from/to a specific IPv4 address using iptables, you can use the commands below.

Warning!
Do not use these commands when you are already running an iptables-based firewall as this may result in unexpected results.

Block incoming traffic from a specific IP:

iptables -A INPUT -s 1.2.3.4 -j DROP

Block outgoing traffic (i.e. traffic initiated from the host itself) to a specific IP:

iptables -A OUTPUT -d 1.2.3.4 -j DROP

To block outgoing traffic to a specific port and protocol, you can also do something like this (the example below blocks DNS and HTTP):

/sbin/iptables -A OUTPUT -p tcp --dport 80 -d 1.2.3.4 -j DROP/sbin/iptables -A OUTPUT -p udp --dport 53 -d 1.2.3.4  ...
edited by on February 8th 2019, at 10:04

An excellent TechNet-article explained how rules are evaluated in Windows Firewall, specifically in what order and which rules take precedence over others.

https://social.technet.microsoft.com/wiki/contents/articles/13894.troubleshooting-windows-firewall-with-advanced-security-in-windows-server-2012.aspx#Rules_are_evaluated_in_a_specific_order

edited by on June 18th 2018, at 12:17

The actual serial number of a Barracuda NG Firewall can be obtained remotely in two ways:

  • Log on locally using NGAdmin and read the serial number from the dashboard. The serial number shown there is the actual serial number, and not the configured serial number.
  • Log on locally using SSH and run hwtool -s will also display the actual serial number.
edited by on March 22nd 2018, at 16:34
On a fresh install of Windows Server 2012R2, not joined to a domain, the first network connection (obtained through DHCP) is always treated as a Public network. Normally, when joining a domain, the network connection then becomes a Domain network, but if the server will not be joined to a domain, you probably will want to set it to Private. Unfortunately, the Public Network link in Network Center is not clickable, and thus, cannot be changed. But you can make the change anyway through the Local Security Policy.

Through Powershell (preferred method):

Look up the name of the network interface (e.g. "Local Area Connection") in the network adapters list.

Open an elevated Powershell   ...
edited by on November 9th 2015, at 10:54
You can quickly and easily enable SNMP on a Sonicwall for monitoring purposes. The instructions below are for SonicOS Enhanced, and has been tested on a NSA 2600 (although configuration should be similar on other models).

Log on to the Sonicwall through the web interface.

In the menu on the left, navigate to System → SNMP.

Check the Enable SNMP check box and click Accept.



Click the Configure button and verify/change the Get Community Name. By default, it is set to public. If you made changes, click OK.

By default, SNMP does not listen on any interface, so what's left is to enable it on one or more interfaces, depending on which interfaces, SNMP is required. Navigate to Network &r  ...
edited by on June 24th 2015, at 11:10
The logging on a FortiGate firewall is very scarse, making it difficult to troubleshoot issues. This can especially be a problem when setting up a site-to-site IPSEC VPN tunnel. Although the web interface doesn't provide much information for troubleshooting and debugging, the console does when debugging is enabled.

On most (if not, all) FortiGate appliances, you can access the console through the web interface. It usually can be found on the Dashboard (> Status).



As it says, click on the console to activate it.

Enabling debugging for all IPSEC VPNs means we enable debug mode on "IKE". This is done by the following series of commands.

If any debugging is already in progress  ...
edited by on June 5th 2015, at 14:53

A note of caution: when installing the Fortinet SSO Agent on a server, the option to secure connections from a FortiGate with a password is enabled by default, and a random password is assigned.

You have to turn off or change the password before you add the SSO agent in your Fortigate.

There's no mention of this in the manuals, so now you know...

edited by on April 28th 2015, at 15:24
This article is a quick reminder (for myself) on how to properly configure port forwarding on a Dell Sonicwall firewall.

First, create the address and services objects you need for the port forwarding. In case of multiple addresses or services, create a group and add all objects in that group.

Address object for a local server



Service group with multiple services



Predefined objects, such as the WAN IP are already present and do not have to be created again. Also, the advantage of using these predefined objects is that they are dynamic: e.g. if the WAN IP changes, the policies and rules that use this object will not have to be changed.

Once the objects are in place, they can be refer  ...
edited by on February 3rd 2015, at 10:24

Last year, around May, DynDNS.com has changed their root certificates, causing Dynamic DNS using DynDNS.com no longer to work properly. The error (Network Error) is displayed immediately after adding the account to your Sonicwall.

The easiest solution is to upgrade to the latest firmware:

  • For 5.8, this is at least 5.8.4.0;
  • For 5.9, this is anything after June 2014.

Dell Support also offers an alternative, although this only works with more recent 5.9 versions:

https://support.software.dell.com/kb/sw11246

edited by on May 29th 2013, at 12:36

Important for PPPoE connections on a Dell Sonicwall: with the current firmwares, the MTU is not automatically lowered to 1492 when using PPPoE as your WAN interface type. By default, it remains on 1500, so you need to manually adjust it to 1492.

This can be done by going in to the interface properties → Advanced, where you'll find a field to set the MTU.

edited by on February 8th 2013, at 14:03

Restarting OpenVPN on the CLI of a pfSense can be done using the following command:

echo "<?php include('openvpn.inc'); openvpn_resync_all();?>" | php -q

This issues a restart command as if you would via the web-interface.

 
showing posts tagged with 'firewall'
 
 
« December 2024»
SunMonTueWedThuFriSat
1234567
891011121314
15161718192021
22232425262728
293031    
 
Links
 
Quote
« Most people tend to avoid true conflict. Ironically this breeds more conflict. »