Firewall Configuration

It's been a while since I configure a firewall for a new office setup. So here's just a review for myself as well.

The setup of firewall is still the same process for last couple of years, maybe for the last 5-10 years. The only different in my humble opinion is they improve the GUI management interface instead of using the telnet program through the console. You configure the internal IP address e.g 192.168.1.1 255.255.255.0 for your firewall, external IP address for the external interface

and set the routing in the firewall. Where the route should point to your router IP address, not the external IP of the firewall. This is a common mistake when setting up a new firewall.

For route example: IP address 0.0.0.0 point to router IP 1.2.3.4 as your gateway.

Create a test policy:

Source: ANY

Destination: ANY

Service: ANY

Please Note: You should create a GROUP for your service to manage allowed ports to get out of your network. Same approach for incoming traffic, you create a GROUP and add the ports you allow to get in to your network.

You can also use your firewall as DHCP Server. I recommend this to entrepreneurs and small business for them to save money for the time being.

Comments

Alternative Social Networks

If you are planning to create your social network e.g. similar to Facebook. Here's a short list of alternative software's: Open Source and Free http://buddypress.org/ - Wordpress (Open Source and Free) http://elgg.org/ - (Open Source and Free) Commercial Social Networks software http://www.socialengine.com/ ($299 Stand Alone, $29/mo Cloud) http://www.jomsocial.com/ (run with Joomla, need to know CMS) http://www.boonex.com/ (very expensive, $399 for Standard) http://www.anahitapolis.com/ http://www.oxwall.org/ http://sharetronix.com/ http://www.moosocial.com/ http://www.jcow.net/ http://phpdolphin.com http://www.grou.ps (from free to Commercial, I left my networks and they are selling it http://www.phpfox.com/ (I used this before, it's hard to maintain. I moved to NING but left too after it was sold to another company) http://www.ning.com (I don't recommend using this service, it's hard to export your data when it's time to move) S

Whaddya know more?

Learning Vulnerability Scanning by KING.NET

Learning Vulnerability Scanning is fun and easy. So I hope you enjoy reading this short how to guide on how to use vulnerability scanning to secure your servers and networks. NMAP is the swiss tool that you need to learn if you're serious in Cyber Security profession. The NMAP tool can be use with NSE scripting (Nmap Scripting Engine) to automate your tasks. For example using NSE Script using a single vulnerability (cold fusion) to scan our test lab machine. root@kali:~# nmap -v -p 80 --script http-vuln-cve2010-2861 10.11.1.220 Starting Nmap 6.47 ( http://nmap.org ) at 2016-07-22 17:34 EDT NSE: Loaded 1 scripts for scanning. NSE: Script Pre-scanning. Initiating ARP Ping Scan at 17:34 Scanning 10.11.1.220 [1 port] Completed ARP Ping Scan at 17:34, 0.04s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 17:34 Completed Parallel DNS resolution of 1 host. at 17:35, 13.01s elapsed Initiating SYN Stealth Scan at 17:35 Scanning 10.11.1.220 [1 port] Comp

Whaddya know more?

Micah 3:4

Then shall they cry to the Lord, and he will not hear them: and he will hide his face from them at that time, as they have behaved wickedly in their devices. Micah 3:4 from Douay-Rheims Bible. https://Acknowledgement.com

Whaddya know more?

Whaddya.com

Search This Blog