[REFURBISHED] Cisco ASA 5505 10-User Bundle Firewall - 6 x 10/100Base-TX LAN, 2 x 10/100Base-TX PoE LAN - 1 x SSC
Orange County Computer Consultant
- Orange County Computer Security Consultant
- Orange County Computer Consultant helps small businesses with networking, installations and small business software.
Sunday, February 06, 2011
Cisco Aironet
Cisco Aironet 1130AG Series IEEE 802.11a/b/g access points provide high-capacity, high-security, enterprise-class features in an unobtrusive, office-class design, delivering WLAN access with the lowest total cost of ownership. With high-performing dual IEEE 802.11a and 802.11g radios, the Cisco Aironet 1130AG Series provides a combined capacity of up to 108 Mbps to meet the needs of growing WLANs. Hardware-assisted Advanced Encryption Standard (AES) or temporal key integrity protocol (TKIP) encryption provides uncompromised support for interoperable IEEE 802.11i, Wi-Fi Protected Access 2 (WPA2) or WPA security. Orderable supporting either Cisco IOS Software, or the Lightweight Access Point Protocol (LWAPP), the Cisco Aironet 1130AG Series uses radio and network management features for simplified deployment, along with built-in omnidirectional antennas that provide robust and predictable WLAN coverage for offices and similar RF environments. In addition, when running Cisco IOS Software the Cisco Aironet 1130AG Series supports both access point and workgroup bridge functionality. The competitively priced Cisco Aironet 1130AG Series is ready to install and easy to manage, reducing the cost of deployment and ongoing maintenance.
CCNA class notes.
Long before desktop computers with sophisticated graphical interfaces existed, people used text-based systems which were often just display terminals physically attached to a central computer. Once networks were available, people needed a way to remotely access the computer systems in the same manner that they did with the directly attached terminals.
Telnet was developed to meet that need. Telnet dates back to the early 1970s and is among the oldest of the Application layer protocols and services in the TCP/IP suite. Telnet provides a standard method of emulating text-based terminal devices over the data network. Both the protocol itself and the client software that implements the protocol are commonly referred to as Telnet.
Appropriately enough, a connection using Telnet is called a Virtual Terminal (VTY) session, or connection. Rather than using a physical device to connect to the server, Telnet uses software to create a virtual device that provides the same features of a terminal session with access to the server command line interface (CLI).
To support Telnet client connections, the server runs a service called the Telnet daemon. A virtual terminal connection is established from an end device using a Telnet client application. Most operating systems include an Application layer Telnet client. On a Microsoft Windows PC, Telnet can be run from the command prompt. Other common terminal applications that run as Telnet clients are HyperTerminal, Minicom, and TeraTerm.
Once a Telnet connection is established, users can perform any authorized function on the server, just as if they were using a command line session on the server itself. If authorized, they can start and stop processes, configure the device, and even shut down the system
Telnet is a client/server protocol and it specifies how a VTY session is established and terminated. It also provides the syntax and order of the commands used to initiate the Telnet session, as well as control commands that can be issued during a session. Each Telnet command consists of at least two bytes. The first byte is a special character called the Interpret as Command (IAC) character. As its name implies, the IAC defines the next byte as a command rather than text.
Some sample Telnet protocol commands include:
Are You There (AYT) - Lets the user request that something appear on the terminal screen to indicate that the VTY session is active.
Erase Line (EL) - Deletes all text from the current line.
Interrupt Process (IP) - Suspends, interrupts, aborts, or terminates the process to which the Virtual Terminal is connected. For example, if a user started a program on the Telnet server via the VTY, he or she could send an IP command to stop the program.
While the Telnet protocol supports user authentication, it does not support the transport of encrypted data. All data exchanged during a Telnet sessions is transported as plain text across the network. This means that the data can be intercepted and easily understood.
If security is a concern, the Secure Shell (SSH) protocol offers an alternate and secure method for server access. SSH provides the structure for secure remote login and other secure network services. It also provides stronger authentication than Telnet and supports the transport of session data using encryption. As a best practice, network professionals should always use SSH in place of Telnet, whenever possible.
Later in this course, we will use Telnet and SSH to access and configure network devices over the lab network.
The Application layer is responsible for directly accessing the underlying processes that manage and deliver communication to the human network. This layer serves as the source and destination of communications across data networks.
The Application layer applications, protocols, and services enable users to interact with the data network in a way that is meaningful and effective.
Applications are computer programs with which the user interacts and which initiate the data transfer process at the user's request.
Services are background programs that provide the connection between the Application layer and the lower layers of the networking model.
Protocols provide a structure of agreed-upon rules and processes that ensure services running on one particular device can send and receive data from a range of different network devices.
Delivery of data over the network can be requested from a server by a client, or between devices that operate in a peer-to-peer arrangement, where the client/server relationship is established according to which device is the source and destination at that time. Messages are exchanged between the Application layer services at each end device in accordance with the protocol specifications to establish and use these relationships.
Protocols like HTTP, for example, support the delivery of web pages to end devices. SMTP/POP protocols support sending and receiving e-mail. SMB enables users to share files. DNS resolves the human legible names used to refer to network resources into numeric addresses usable by the network.
The Application layer is responsible for directly accessing the underlying processes that manage and deliver communication to the human network. This layer serves as the source and destination of communications across data networks.
The Application layer applications, protocols, and services enable users to interact with the data network in a way that is meaningful and effective.
Applications are computer programs with which the user interacts and which initiate the data transfer process at the user's request.
Services are background programs that provide the connection between the Application layer and the lower layers of the networking model.
Protocols provide a structure of agreed-upon rules and processes that ensure services running on one particular device can send and receive data from a range of different network devices.
Delivery of data over the network can be requested from a server by a client, or between devices that operate in a peer-to-peer arrangement, where the client/server relationship is established according to which device is the source and destination at that time. Messages are exchanged between the Application layer services at each end device in accordance with the protocol specifications to establish and use these relationships.
Protocols like HTTP, for example, support the delivery of web pages to end devices. SMTP/POP protocols support sending and receiving e-mail. SMB enables users to share files. DNS resolves the human legible names used to refer to network resources into numeric addresses usable by the network..
Telnet was developed to meet that need. Telnet dates back to the early 1970s and is among the oldest of the Application layer protocols and services in the TCP/IP suite. Telnet provides a standard method of emulating text-based terminal devices over the data network. Both the protocol itself and the client software that implements the protocol are commonly referred to as Telnet.
Appropriately enough, a connection using Telnet is called a Virtual Terminal (VTY) session, or connection. Rather than using a physical device to connect to the server, Telnet uses software to create a virtual device that provides the same features of a terminal session with access to the server command line interface (CLI).
To support Telnet client connections, the server runs a service called the Telnet daemon. A virtual terminal connection is established from an end device using a Telnet client application. Most operating systems include an Application layer Telnet client. On a Microsoft Windows PC, Telnet can be run from the command prompt. Other common terminal applications that run as Telnet clients are HyperTerminal, Minicom, and TeraTerm.
Once a Telnet connection is established, users can perform any authorized function on the server, just as if they were using a command line session on the server itself. If authorized, they can start and stop processes, configure the device, and even shut down the system
Telnet is a client/server protocol and it specifies how a VTY session is established and terminated. It also provides the syntax and order of the commands used to initiate the Telnet session, as well as control commands that can be issued during a session. Each Telnet command consists of at least two bytes. The first byte is a special character called the Interpret as Command (IAC) character. As its name implies, the IAC defines the next byte as a command rather than text.
Some sample Telnet protocol commands include:
Are You There (AYT) - Lets the user request that something appear on the terminal screen to indicate that the VTY session is active.
Erase Line (EL) - Deletes all text from the current line.
Interrupt Process (IP) - Suspends, interrupts, aborts, or terminates the process to which the Virtual Terminal is connected. For example, if a user started a program on the Telnet server via the VTY, he or she could send an IP command to stop the program.
While the Telnet protocol supports user authentication, it does not support the transport of encrypted data. All data exchanged during a Telnet sessions is transported as plain text across the network. This means that the data can be intercepted and easily understood.
If security is a concern, the Secure Shell (SSH) protocol offers an alternate and secure method for server access. SSH provides the structure for secure remote login and other secure network services. It also provides stronger authentication than Telnet and supports the transport of session data using encryption. As a best practice, network professionals should always use SSH in place of Telnet, whenever possible.
Later in this course, we will use Telnet and SSH to access and configure network devices over the lab network.
The Application layer is responsible for directly accessing the underlying processes that manage and deliver communication to the human network. This layer serves as the source and destination of communications across data networks.
The Application layer applications, protocols, and services enable users to interact with the data network in a way that is meaningful and effective.
Applications are computer programs with which the user interacts and which initiate the data transfer process at the user's request.
Services are background programs that provide the connection between the Application layer and the lower layers of the networking model.
Protocols provide a structure of agreed-upon rules and processes that ensure services running on one particular device can send and receive data from a range of different network devices.
Delivery of data over the network can be requested from a server by a client, or between devices that operate in a peer-to-peer arrangement, where the client/server relationship is established according to which device is the source and destination at that time. Messages are exchanged between the Application layer services at each end device in accordance with the protocol specifications to establish and use these relationships.
Protocols like HTTP, for example, support the delivery of web pages to end devices. SMTP/POP protocols support sending and receiving e-mail. SMB enables users to share files. DNS resolves the human legible names used to refer to network resources into numeric addresses usable by the network.
The Application layer is responsible for directly accessing the underlying processes that manage and deliver communication to the human network. This layer serves as the source and destination of communications across data networks.
The Application layer applications, protocols, and services enable users to interact with the data network in a way that is meaningful and effective.
Applications are computer programs with which the user interacts and which initiate the data transfer process at the user's request.
Services are background programs that provide the connection between the Application layer and the lower layers of the networking model.
Protocols provide a structure of agreed-upon rules and processes that ensure services running on one particular device can send and receive data from a range of different network devices.
Delivery of data over the network can be requested from a server by a client, or between devices that operate in a peer-to-peer arrangement, where the client/server relationship is established according to which device is the source and destination at that time. Messages are exchanged between the Application layer services at each end device in accordance with the protocol specifications to establish and use these relationships.
Protocols like HTTP, for example, support the delivery of web pages to end devices. SMTP/POP protocols support sending and receiving e-mail. SMB enables users to share files. DNS resolves the human legible names used to refer to network resources into numeric addresses usable by the network..
What is Nmap?
I use nmap for port scanning. I also use nmap to detect what services are running. Nmap is easy to use once you get the syntax down. Nmap was created by Fyodor. I plan to upload some videos to Youtube thus year to show how to use nmap. Here is a description from the nmap website.
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), and a utility for comparing scan results (Ndiff).
Nmap was named “Security Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in eight movies, including The Matrix Reloaded, Die Hard 4, and The Bourne Ultimatum.
Nmap ("Network Mapper") is a free and open source (license) utility for network exploration or security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are avalable for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer (Zenmap), a flexible data transfer, redirection, and debugging tool (Ncat), and a utility for comparing scan results (Ndiff).
Nmap was named “Security Product of the Year” by Linux Journal, Info World, LinuxQuestions.Org, and Codetalker Digest. It was even featured in eight movies, including The Matrix Reloaded, Die Hard 4, and The Bourne Ultimatum.
What is Tor?
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
Tor can also be used when penetration testing. Tor can use multiple proxies to hide your source address. there are plugins for Firefox. This tool is as easy to use as clicking a button.
Tor can also be used when penetration testing. Tor can use multiple proxies to hide your source address. there are plugins for Firefox. This tool is as easy to use as clicking a button.
Command Line Kung Fu
I came across a blog today that I thought was interesting. I'm always looking for ways to be more productive in a shell. I use Bash for most Linux commands.
Wireshark protocol analysis
I use Wireshark for packet analysis. I use this in my CCNA class and with clients. Wireshark can analyze hundreds of protocols. The Wireshark interface is simple to use. It can follow TCP streams. This is usefull for grabbing passwords that are not encrypted.
Backtrack
I use Backtrack for penetration testing. it has most of the tools I need. For anyone interested in security assesments feel free to email me.
Playing with Scappy.
Scapy is a powerful interactive packet manipulation program. It is able to forge or decode packets of a wide number of protocols, send them on the wire, capture them, match requests and replies, and much more. It can easily handle most classical tasks like scanning, tracerouting, probing, unit tests, attacks or network discovery (it can replace hping, 85% of nmap, arpspoof, arp-sk, arping, tcpdump, tethereal, p0f, etc.). It also performs very well at a lot of other specific tasks that most other tools can't handle, like sending invalid frames, injecting your own 802.11 frames, combining technics (VLAN hopping+ARP cache poisoning, VOIP decoding on WEP encrypted channel, ...), etc. See interactive tutorial and the quick demo: an interactive session (some examples may be outdated).
The text above was copied from the Scappy website.
I like the fact that I can manipulate packets with this program.
The text above was copied from the Scappy website.
I like the fact that I can manipulate packets with this program.
Saturday, February 05, 2011
Nikto
Hello world. It's 2011. Things are going good. I have been studying penetration testing. I'm currently enrolled in college studying for my CCNA. I will be posting my notes on this blog.
Nikto is a web vulnerabilty scanner.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Nikto is a web vulnerabilty scanner.
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6400 potentially dangerous files/CGIs, checks for outdated versions of over 1000 servers, and version specific problems on over 270 servers. It also checks for server configuration items such as the presence of multiple index files, HTTP server options, and will attempt to identify installed web servers and software. Scan items and plugins are frequently updated and can be automatically updated.
Tuesday, June 29, 2010
Update
I cannot beleive it has been a year since I posted last. I have a new son Jeremiah.My son Alexander is getting big.
I'm trying to network as much as possible. I'm on Facebook and Linkedin. I'm looking for clients that need managed security services and remote support. Phuture Networks now has a associate that can instal VoIP solutions to your small business.
I'm trying to network as much as possible. I'm on Facebook and Linkedin. I'm looking for clients that need managed security services and remote support. Phuture Networks now has a associate that can instal VoIP solutions to your small business.
Wednesday, April 22, 2009
Things on my mind today
I went to a job fair. It was basically a waste of time. Every company wanted you to apply online. I'm already doing that. I do everything online. I read about several technologies, games, and toys today at the library. I went to learn more about NAS or network attached storage and RAID levels. I feel these are fundamental skills to know. I also want to increase my reasoning and logical abilities so Im going to start playing more puzzles. I read about KENKEN a math game, unlike Sudoku you do math. I also read about game theory and how it ties to everything. I read about a article about cryptoanalyst in Wired. It talked about the CIA and Langley. It was a good article.
Friday, April 03, 2009
TGIF
It's Friday about 11:00AM. I just got done washing dishes, how exciting. I'm excited about going to work. I really like my job. I will be working on the website today. I have a ton of ideas to get some more traffic. If any one needs any help with computer consulting or repair in the Orange County area give me a call.
Thursday, April 02, 2009
Content Development and website advice
Today I had a good day at work. I wrote some content on loan modifications. I advised my boss on how to optimize his website better to get more traffic. I talked about blogging, podcasting and even getting some video on You Tube. I love security, but the economy is so bad right now I'm willing to take on new ventures. I downloaded MAMP today to learn PHP and MySQL. I need to keep my blog updated more. Its 11:49 and I want a Red Bull. My one month year old son is up and crying. The joys of parenthood.
Wednesday, January 07, 2009
A new year
Phuture Networks is planning on obtaining more client's this year. Phuture Networks wants to focus on prospecting and delivering the best service possible to our clients.
Monday, September 08, 2008
Panasonic BB-HGW700A Network Camera Management System with Router
Network setup is simple, as the camera management system automatically configures up to 16 Panasonic network cameras (IP address, port number, etc.), enables Internet access, creates a custom portal page and enables multi-level security control. A customized, flexible network for your computing environment is made possible by 802.11b/g wireless communication as well as four switched Ethernet connections. The system automatically configures the network connection for up to 128 computers or devices, and additional devices can be manually added.The camera management system's built-in firewall helps protect every network computer from hackers. Use the system with a Virtual Private Network (VPN) server to access a corporate or secure network. You can also customize the firewall to best suit the needs of your home or small business.The BB-HGW700A automatically adds the image from up to 16 cameras on a single web page which can be used from a local network or even the Internet. For easy access, just click a camera image on the camera portal page and that camera's individual screen will open allowing you to view and control that camera easily.
SonicWALL SSL-VPN 200 VPN Gateway
SonicWall SSL-VPN 200 Appliance
The SonicWALL SSL-VPN 200 provides small organizations with a simple, cost-effective alternative to traditional remote access products with one that requires no pre-installed client software.
Utilizing only a standard Web browser, users can easily and securely access e-mail, files, intranets, applications, remote desktops, servers and other resources on the corporate LAN from any location. Because there’s no need for a pre-installed or “fat” VPN client, you’re freed from the tasks of deploying, configuring and updating software, reducing maintenance and support costs. Additionally, granular access controls enable you to extend connectivity beyond your organization by providing trusted partners and customers with remote access to specific and defined resources. SonicWALL SSL-VPN solutions integrate seamlessly into virtually any network topology to deliver powerful, scalable and affordable remote access to corporate resources.
Seamless Integration Behind Virtually Any Firewall
The SSL-VPN 200 integrates seamlessly into any network topology and can be easily deployed alongside almost any third-party firewall as a secure remote access solution. This enables you to leverage your existing network infrastructure without the need to purchase additional hardware. The benefits don’t stop there, however. When deployed with a SonicWALL Internet security appliance running SonicWALL Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, the SSL-VPN 200 enhances network integration and security. Deep packet inspection capabilities in the SonicWALL gateway decontaminate mobile user connections to prevent vulnerabilities and malicious code from being introduced into the corporate network.
Powerful SonicWALL NetExtender Technology
The SSL-VPN 200 makes remote access incredibly simple. Users require only a standard Web browser to launch a personalized Web portal that is unique to that person. From this portal, the user has access to e-mail, files, applications and internal Web sites. For more powerful capabilities such as seamless, secure access to any resource on the corporate network including servers and complex or home-grown applications, the appliance transparently pushes a downloadable thin client called NetExtender to the user's desktop or laptop.
Granular Policy Configuration Controls
Your organization includes remote users who require varying levels of access to resources on the corporate network. The SSL-VPN 200 extends secure remote access beyond remote offices and corporate controlled laptops out to network environments and remote computers that are not controlled and managed by the corporate IT department. Built-in granular access controls enable you to provide not only your employees, but also trusted contractors, partners and customers with remote access to specific and defined resources based on company policy.
The SonicWALL SSL-VPN 200 provides small organizations with a simple, cost-effective alternative to traditional remote access products with one that requires no pre-installed client software.
Utilizing only a standard Web browser, users can easily and securely access e-mail, files, intranets, applications, remote desktops, servers and other resources on the corporate LAN from any location. Because there’s no need for a pre-installed or “fat” VPN client, you’re freed from the tasks of deploying, configuring and updating software, reducing maintenance and support costs. Additionally, granular access controls enable you to extend connectivity beyond your organization by providing trusted partners and customers with remote access to specific and defined resources. SonicWALL SSL-VPN solutions integrate seamlessly into virtually any network topology to deliver powerful, scalable and affordable remote access to corporate resources.
Seamless Integration Behind Virtually Any Firewall
The SSL-VPN 200 integrates seamlessly into any network topology and can be easily deployed alongside almost any third-party firewall as a secure remote access solution. This enables you to leverage your existing network infrastructure without the need to purchase additional hardware. The benefits don’t stop there, however. When deployed with a SonicWALL Internet security appliance running SonicWALL Gateway Anti-Virus, Anti-Spyware and Intrusion Prevention Service, the SSL-VPN 200 enhances network integration and security. Deep packet inspection capabilities in the SonicWALL gateway decontaminate mobile user connections to prevent vulnerabilities and malicious code from being introduced into the corporate network.
Powerful SonicWALL NetExtender Technology
The SSL-VPN 200 makes remote access incredibly simple. Users require only a standard Web browser to launch a personalized Web portal that is unique to that person. From this portal, the user has access to e-mail, files, applications and internal Web sites. For more powerful capabilities such as seamless, secure access to any resource on the corporate network including servers and complex or home-grown applications, the appliance transparently pushes a downloadable thin client called NetExtender to the user's desktop or laptop.
Granular Policy Configuration Controls
Your organization includes remote users who require varying levels of access to resources on the corporate network. The SSL-VPN 200 extends secure remote access beyond remote offices and corporate controlled laptops out to network environments and remote computers that are not controlled and managed by the corporate IT department. Built-in granular access controls enable you to provide not only your employees, but also trusted contractors, partners and customers with remote access to specific and defined resources based on company policy.
Juniper NetScreen 5GT
Weighing in at less than 2 pounds, the NetScreen-5GT is a feature rich enterprise-class network security solution with one Untrust 10/100 Ethernet port, four Trust 10/100 Ethernet ports, a console port and a modem port. Using the same firewall, VPN, and DoS mitigation technology as NetScreen's high-end central site products, the NetScreen-5GT is fully capable of securing a remote office, retail outlet, or a broadband telecommuter. The NetScreen- 5GT supports dial-backup or dual Ethernet ports for redundant Internet connections when network uptime is business critical. The NetScreen-5GT supports embedded virus scanning using Trend Micro's antivirus technology.
