Translate

Thursday, 21 December 2017

Dynamic Routing on ASA #RIP V2

Hello and welcome to the tutorial on building up the Cisco ASA step by step.



In this tutorial we will learn how to configure dynamic routing protocol (RIPv2) along with route filtering and neighbor authentication on the Cisco ASA.


Basic Routing Information







Static routing was always an painful
& manual work  to  do.
Every time the topology changed, we
need to go and add the routes  manually every where so that the traffic can be forwarded to the next hop.

To automate the process we use dynamic routing protocols like :
RIP
OSPF
EIGRP


Each of them Static or Dynamic have their own use case and important on the required point.

Routing Information Protocol (RIP) V2


 RIP is a distance-vector routing protocol.
It uses hop count as the metric for path selection.
RIP V2 uses 224.0.0.9 as an multicast IP addresses and has a AD value of 120.

The ASA supports both RIP Version 1 and RIP Version 2.

As compared to RIP Version 1 Version 2 now sends the subnet mask with the routing update and also supports variable-length subnet masks.

RIP Version 2 now also supports neighbor authentication when routing updates are exchanged.
This authentication ensures that the ASA receives reliable routing information from a trusted source.



Requirement:

We have to configure RIPV2 on ASA such as :
All the internal LAN IP addresses on Internal network, on DMZ network and on DMZ 2 network can be found in routing map of ASA.




Commands:

ASA# configure terminal
ASA(config)# router rip
ASA(config-router)# version 2
ASA(config-router)# no auto-summary
ASA(config-router)# network 192.168.1.0
ASA(config-router)# network 192.168.2.0
ASA(config-router)# network 192.168.3.0



 Route Filtering:

Configure route filtering such as DMZ router will not be given any RIP  updates:




Commands:

 ASA(config)# router rip
ASA(config-router)# passive-interface DMZ





 Neighbor Authentication:
Configure route Authentication such as no routing will be exchanged until both ASA and DMZ Router Authenticate each other.


Commands:

 ASA# configure terminal
ASA(config)# int gigabitEthernet 1
ASA(config-if)# rip authentication mode md5
ASA(config-if)# rip authentication key OnionS key_id 1




Youtube Channel                Facebook Group

Onion Secure                       Onion Secure




SIEM

Security Information & Event Management



Security information and event management (SIEM) is an approach to security management that seeks to provide a holistic view of an organization’s information technology.
It and practice of collecting, monitoring, analyzing and co-relating security logs from security devices for event management.

Logs can be collected from sources like Antivirus, IPS-IDS, Firewalls, AD, Routers, Switches, Mail & Web gateways, Proxy's etc.

SIEM generally is an software agent running on the security devices that are to be monitored. The agent then sends security logs to centralized server which is an log collector from where the logs are been monitored by SOC team for log co-relation and incident management.

The SIEM shows a typical console which can include reports, charts and also real-time information.

Working of SIEM

Devices and computer applications generally creates events
which can be application events, security events or even
hardware events. These are kept in event logs.
They are the list which says all the happening one by one in
line.
SIEM agent uses protocols like Syslog or SNMP to transport
this events to the SIEM log collector. 

Features of SIEM

Data Aggregation:
SIEM aggregates security events in form a log from various 
security and non security devices for data monitoring and
 event management purpose.

Co-relation:
SIEM looks for common links between events to make a 
meaningful event.
Logs from different sources are co-related for making a 
single event

Alerting:
Alerting is the main feature of SIEM, once the collected logs
are co-related to create a security event, alerting is the
next step. The operations team has to be alerted for the
incoming threat.

Dashboards:
SIEM also provides with informational charts and diagrams
in a dashboard manner which makes things easy to
understand.

Youtube Channel              Facebook Group

Onion Secure                    Onion Secure

Friday, 8 December 2017

Confidetiality Intigrity Availability



Confidentiality, Integrity and Availability, also known as  the CIA triad.

Its an model design which guides the organization to design its security policies.
It is these three principles that often get exploited through varying degrees of exploits/attacks.


Confidentiality

 

Its an measures undertaken to ensure confidentiality by
preventing sensitive information from reaching the wrong
people, while making sure that the right people can in fact
get it.


If we are bank and our user wants to access the account via banks web, how can we provide confidentiality to his data. 



The answer will be via User name and password, he has to ensure the privacy of the password so that his data remains confidential.

Other confidentiality options can also be data encryption, sending OTP, Bio-metric verification or use of RSA tokens. 


Integrity

 


Integrity involves maintaining the consistency, accuracy,
and trustworthiness of data.
Data must not be changed in transit, and steps must be
taken to ensure that data cannot be altered by
unauthorized people.











Use of Checksum is an best example of Integrity check.
Certain value “ADG45SD78L” is been calculated by applying some algorithm on the file and then sent to the recipient along with the file.
The recipient on receiving the file again runs the same algorithm and verifies the output “ADG45SD78L” with the senders output to identify the Integrity of the File. 








Availability

 

Availability concept is to make sure that the services of an
organization are available.
The data is always available to legitimate users and not
blocked my any means


It may happen that we provided 
confidentiality, we maintained the integrity but the data only is not available.



So there can be a case where our server gets under DDOS attack.
DDOS is an sophisticated attack where attackers attack in group resulting into full utilization of the resources.
In such cases if our legitimate user tries to access the server, he will be shown server down.

We have to take all the necessary actions to make sure the resource or data which we are sharing is always available. 

Thank you friends for reading the blog post describing CIA
Now let’s continue our journey and meet in the upcoming blog


Youtube Channel          Facebook Group

Onion Secure                 Onion Secure

Sunday, 29 October 2017

Users and User Group in Linux

Hello and welcome you to our video tutorial “Linux for Beginners”.
Today in this tutorial we will  be learning about User and User groups in Linux.



Types of Users


There are three types of  Users in Linux
Administrative (root)
Regular  user 
Service user





The Linux administrative root account is automatically created when you install Linux, and it has administrative privileges for all services on Linux Operating System.
The root account is also known as super user.




Regular users have the necessary privileges to perform standard tasks on a Linux computer such as running word processors, databases, and Web browsers. 
They can store files in their own home directories. 
Since regular users do not normally have administrative privileges, they cannot accidentally delete critical operating system configuration files.




Services such as Apache, Squid, mail, games, and printing have their own individual service accounts.
These accounts exist to allow each of these services to interact with your computer.


User Identification Number


Each user on Linux system is assigned  a unique user identification number, also known as a UID. 
UIDs below 500 are reserved for system users such as the root user and service users.

This is an snapshot of a server user page showing user created on the server


In the image if we zoom ahead we can see user has been created for FTP service which is an service user.


The user is assigned 14 as User Identification Number


The user is also assigned a Group Identification Number as 50


User Groups

A user group is an group of one or more users.
A user can be member of one of more user groups.
In Linux when a user is added, a private user group(primary group) is created which is his default group.
The group is created by default with his own name and he will always belong to that group.

Thank you friends for reading the blog post on Users and User Groups in Linux
Now let’s continue our journey and meet In the next tutorial.


Also check my YouTube channel for Audio Visual and tutorials on other topics also.


YouTube Channel         Facebook Group

Onion Secure                Onion Secure

Files & File System in Linux

Hello and welcome you to our video tutorial “Linux for Beginners”.

Today in this tutorial we will  be learning something about Files and File System in Linux.



Files in Linux

In Linux everything is a file, if something is not a file, it is a process.

There are some special files that are more than just files(named pipes and sockets etc), but to keep it simple, we can say that everything is a file.

Here normal files are files, directory's are files as they are
files with more files in them.

Programs, services, texts, images, and all others are files.
Even Input and output devices, and generally all devices are considered to be files.

File Types

Regular Files:
Images, videos, executable files, programs etc.
They contain normal data, for example text files, Most files are just files which are called regular files.

Directories :
These are files that are lists of other files.

Character devices  & Block devices :
Character and block device files allow users and programs to communicate with hardware peripheral devices.
Block devices are similar to character devices.
They mostly govern hardware as hard drives, memory.



Links:
Link are shortcuts as we create in windows, its an system to make a file or directory visible in multiple parts of the system.

Sockets:
Its an special file type, similar to TCP/IP sockets, we can see as an logical endpoint for communication.
We can send and receive things on a socket.

Named pipes:
Act more or less like sockets and form a way for processes to communicate with each other.

Disk Partition

There are two kinds of major partitions on a Linux system:
Data partition:
Normal Linux system data, including the root partition containing all the data to start up and run the system.

Swap partition:
Expansion of the computer's physical memory, extra
memory on hard disk.

File system Layout

In Linux,  files are in a tree structure which starts with the root directory. This root directory start the file system,  and  it further branches out various other subdirectories.

What directories actually contains ?



/bin
Common programs, shared by the system, the system administrator and the users.

/boot
The startup files and the kernel is present here.

/dev
Contains references to all the CPU peripheral hardware.

/etc
Most important system configuration files are in /etc, this directory contains data similar to those in the Control Panel in Windows

/home
Home directories of the common users.
 
/lib
Library files, includes files for all kinds of programs
needed by the system and the users.

/lost+found
Every partition has a lost+found in its upper directory. Files that were saved during failures are here.

/misc
For miscellaneous purposes.



/opt
Typically contains extra and third party software.

/root
The administrative user's home directory. Mind the difference between /, the root directory and /root, the home directory of the root user.

/tmp
Temporary space for use by the system, cleaned upon reboot, so don't use this for saving any work!

/usr
Programs, libraries, documentation etc. for all user-related programs.

/var
Storage for all variable files and temporary files
created by users, such as log files, the mail queue,
the print spooler area, space for temporary storage
of files downloaded from the Internet, or to keep an
image of a CD before burning it.



Thank you friends for reading the blog post on files and files system in Linux
Now we are very clear about them. 
Now let’s continue our journey and meet In the next tutorial.

Also check my YouTube channel for Audio Visual and tutorials on other topics also.


YouTube Channel   Facebook Group
Onion Secure YT   Onion Secure FB





Monday, 23 October 2017

Linux Distros

Welcome to the second blogpost in the series "Linux for Beginners".
Today we will be learning about Linux Distros.


You may have heard from black screen guys that we have this or that distro.
So what actually distro  are ?




Here we will understand what are Linux distors and how many are they.


As we studied earlier that Linux is an open source kernel, it is used by many organizations profit and non profit.
These guys take the liberty of the open source kernel to program the OS as per their requirement.
This different types of Linux OS are called as distros or Linux distributions.

So How many distributions are out there?



There are hundreds of Linux operating systems or distributions available over the Internet.


These distros are always designed with a specific purpose.

There is an distro customized for web server(Apache)
There is an distro customized for proxy(Squid)
There is an distro customized for Pen testing(Kali)
There is also an distro customized for Desktop version(Ubuntu)



Lets us see few example:




Debian
It is extremely stable, and this makes it ideal for servers.



Ubuntu
Is the second most used Linux OS and normally seen as desktop OS.

Damn Vulnerable Linux
This intention OS is to bundled all broken, ill-configured, outdated, and exploitable software that will makes it vulnerable to attacks.
Its aims to train Linux Admins


Red Hat Enterprise Linux
It has evolved from Red Hat Linux which was discontinued in 2004.
It is a commercial Distro and very popular among its clientele.

CentOS
It is a free enterprise class Operating system and is based heavily on Red Hat enterprise distro.
It’s is an Most used Linux Distribution for enterprise and web servers.


Adnroid
This is the latest example of one of the most popular smartphone based Linux Distribution
.



So which is the Best Linux Distribution !



Is it Redhat
Is it Ubuntu
It it Cento OS
or
Is it Android

No, each Linux distribution is built for a specific purpose  to meet the demands of its target users.


Thank you friends for reading the blog post on Linux Distros.
Now we are very clear what are Linux destroys
Now let’s continue our journey and meet In The next tutorial.

Also check my YouTube channel for Audio Visual and tutorials on other topics also.


YouTube channel      Facebook Goup 

Onion Secure            Onion Secure FB

Introduction to the Linux Operating System.

This is an first step in the long tutorial "Linux for Beginners" where we will understand what is an  Linux operating system and how it came to birth.

Before moving anywhere ahead let us first understand what is an Operating System.


Operating System (OS) is an interface between a computer user and computer hardware.



It’s an software which performs all the basic tasks like
File management,
Memory management,
Process management,
Handling input and output devices

and controlling peripheral devices such as

Disk drives
Printers


So every time we switch on our computer, we can see a screen where we can perform different activities like :


Writing, reading, browsing or even watching a YouTube video.


What is it that makes the hardware work like that?

How does the hardware on your computer know that you are asking it to run a video ?
The answer is the operating system
or
the kernel which does this work.

A kernel is the program at the heart of any operating system that takes care of every fundamental communication between the computer hardware and the software.


So now it’s clear that we need an OS to work on your computer.
As a live example you are using one as you viewings this on your computer.

There are also other popular OS's like :


Windows, Apple OS X or AIX


but as a part of our learning course we will learn Linux over here.

How was Linux created ? & who created it  ?


In 1991 Linus Torvalds purchased a new IBM compatible computer
where he was using MS DOS on it, but was not happy with it and thought of using Unix.

After using Unix Torvalds thought and came up with some changes in the kernel, but was put down by the Unix community.

This was the opening of Linux, it was an start of new open source kernel named Linux.
Later many other played their part in the history and made some cool OS over Linux kernel.

What are the Advantages of Linux ?



The main advantage of Linux was as follows: 


Programmers are able to use the Linux Kernel
 in order to design their own custom operating systems.
It is an free operating system.

You do not have to spend hundreds of dollars to get the OS like Windows!





We can get millions of programs
most of them free!


Once you have Linux installed
you no longer need an antivirus!
Linux is a highly secure system









 So who use it?


Large companies like Amazon, Facebook ,and Google use Linux for their Servers.


A Linux based server could run non-stop without a reboot for years on end.

Thank you friends for reading the blog post on Introduction to Linux.
Now it would have been clear to you guys what is an Linux OS, lets meet in the next post where we will discuss about the Distributions.

Also check my YouTube channel for Audio Visual and tutorials on other topics also.

YouTube channel     Facebook Group   

Onion Secure           Onion Secure FB