Archive

Archive for August, 2005

Potpourri

August 29, 2005 Leave a comment

OpenVPN:
http://www.movement3.com/docs/openVPN.html

Installing Gentoo Linux:
http://www.movement3.com/docs/install_gentoo.html

A small script to have ZoneEdit’s DNS service work with a cisco box

Crontab entry:
30 */2 * * * cd /home/username/scripts/zoneedit/; ./zoneedit_update.pl > /dev/null 2>&1

hero ~ # cat /home/username/scripts/zoneedit/zoneedit_update.pl
#!/usr/bin/perl

$username = “username”;
$password = “password”;

$ip = `snmpwalk 10.10.1.1 -v1 -c snmp-string 1.3.6.1.4.1.9.2.4.1.1.1 | grep -i DHCP | awk ‘ {print \$1}’ | cut -c 37-55`;
$ip =~ s/\n//;

$test = `python zoneclient.py -a $ip $username $password domain.com,sub.domain.com,www3.domain.com`;

A small note: I recently was using a 2912 switch and every time I woke my laptop up from sleep, it timed out while connecting back to the network. I would have to wait about 30 seconds for it to work again. The fix was to set the ports to portfast.

Categories: Misc

DansGuardian

August 10, 2005 1 comment

DansGuardian does a really nice job of blocking domains or even content (text) on a webpage. Also check out:
http://www.censornet.com/

workstation
|
————————————-
| Linux Server, running two services
| DansGuardian port 8000
| Squid port 8080
————————————–
|
Router

Updated access-list, the other one didn’t account for https
access-list 112 permit tcp host 10.10.1.2 any eq 80
access-list 112 permit tcp host 10.10.1.2 any eq 443
access-list 112 deny tcp any any eq 80 log-input
access-list 112 deny tcp any any eq 443 log-input
access-list 112 permit ip any any

Basic config
# the port that DansGuardian listens to.
filterport = 8000

# the ip of the proxy (default is the loopback – i.e. this server)
proxyip = 10.10.1.2

# the port DansGuardian connects to proxy on
proxyport = 8080

# accessdeniedaddress is the address of your web server to which the cgi
# dansguardian reporting script was copied
# Do NOT change from the default if you are not using the cgi.
#
accessdeniedaddress = ‘http://10.10.1.2/cgi-bin/dansguardian.pl’

bannedsitelist = ‘/etc/dansguardian/bannedsitelist’

Categories: Networking

SPAN

August 1, 2005 Leave a comment

Switched port analyzer inspects traffic generated by VLANs or specificed source ports. Local to the switch.

Remote SPAN, the network admin can be anywhere on the Layer 2 network.

http://www.networkintrusion.co.uk/switch.htm

Categories: Networking