Author Archives: Googs

detectify – Free Website Vulnerability Scanning

Posted on 24/02/2015 by Googs

Detectify is a cloud based security scanner (SaaS) offering a free tire for non-commercial use on a single domain. The sign up process is painless with the most difficult tasking being having to verify ownership of the domain you are … Continue reading →

Posted in Tips+Tricks | Leave a comment

Outbound traffic on UDP port 3544

Posted on 22/02/2015 by Googs

While reviewing firewall logs I observed unexpected outbound communication attempts on UDP 3544 from a newly deployed Windows 7 installation. “…..dstip=“157.56.144.215” proto=“17” length=“89” tos=“0x00” prec=“0x00” ttl=“127” srcport=“64379” dstport=“3544“…..” After quick a quick Google search it became apparent that … Continue reading →

Posted in Security, Tips+Tricks | Leave a comment

Need a cheap ( or free) SSL certificate for a non-production site?

Posted on 30/04/2013 by Googs

Building a demo website or deploying a new application and need to secure communication via SSL? For example, when installing OwnCloud you may want to ensure that your personal files are being sent and received securely no mater where you are … Continue reading →

Posted in Security, Server, Tips+Tricks | Tagged apache, free ssl certificate, startssl | 1 Comment

Check the certificate configuration of SSL webserver

Posted on 24/04/2013 by Googs

Qualys have provided a very useful tool for checking that the SSL side of your website is correctly configured. The SSL Server Test can be found here. The tool is available free of charge and will carry out a real-time … Continue reading →

Posted in Security, Server | Tagged qualys ssl certificate check | Leave a comment

Add enable secret to Cisco switch

Posted on 20/02/2013 by Googs

enable secret 0 <followed by password> In order to access the device manager, an enable secret is then required

Posted in Tips+Tricks | Leave a comment

Commands to edit iptables

Posted on 05/01/2013 by Googs

To view the current rules and also view the rule ID use the following: iptables -L -n –line-numbers or iptables -nL -v –line-numbers To delete a rule use: iptables -D INPUT X (where x is the ID … Continue reading →

Posted in Handy Linux Commands, Security, Tips+Tricks | Leave a comment

Force complete website to HTTPS

Posted on 04/01/2013 by Googs

` The below can be added to the httpd.conf file for best performance as the whole site is being redirected to https (can also be added to a .htaccess file). The result is that when a client connects to the … Continue reading →

Posted in Handy Linux Commands, Tips+Tricks | Leave a comment

Copy file permissions from one file to another!!!

Posted on 03/01/2013 by Googs

As the subject says the following can be used to copy the permission settings from one file to another chmod –reference <reference-file> <target-file> Example: chmod –reference <tobecopied.txt> <destination.txt>

Posted in Handy Linux Commands | Leave a comment

Change auth-ports on Fortigate

Posted on 22/12/2012 by Googs

When using a a transparent vdom and an identity based policy to authenticate users on non standard ports (i.e. when users are using the explicit proxy on port 8080) it is neccessary to change the ports the Fortigate expects http … Continue reading →

Posted in Fortigate, Tips+Tricks | Leave a comment

Verify ldap bind username used for FSSO

Posted on 21/12/2012 by Googs

A common source of failure for an ldap lookup when using a regular bind is incorrect user cn On the DC verify by running following command dsquery user -name “username”