02 Oct 09 Security Consultant – Man In The Middle Attacks (MITM)
A Man In The Middle (MITM) attack is a popular network based attack in order to hijack a connection or to sniff traffic. A MITM attack actually covers a variety of different methods. A MITM attack is literally positioning yourself as the attacker between the two communicating parties. Whether you do that via an ARP attack, some type of cryptographic attack, or a physical attack depends on the requirements and scenario. As a security consultant it is important to ensure that the network and it’s communications are as secure as possible against this type of attack. I will cover a simple physical MITM attack, then an ARP attack, and then prevention techniques.
(more…)
Tags: arp, arp attack, arp poisoning, cryptographic attack, default gateway, gateway, layer 2, layer 3, man in the middle, managed switch, MITM, network bridge, nic, openvpn, router, Security Consultant, self signed certificate, SSL, switch
02 Jul 08 Bandwidth Limiting HOWTO with linux, tc and iproute2
I’ve recently optimized the scripts used for bandwidth management in one of our UK facilities and I thought I’d post a quick howto on it.
My setup here is a live feed entering eth0 on this linux router and leaving eth1 into a switch connected to a collection of other servers. This is set up as an unrestricted public router, routing between a /30 on eth0 and a /24 on eth1.
Note: We can’t in any way restrict the amount of traffic that eth0 receives from the outside, so instead we restrict how fast eth0 sends data out, the same applies the other way round. So, if we want to limit the amount of data that the local servers can send, we shape the router’s external interface (eth0). If we want to limit the amount of data that the local servers can receive, we shape the router’s internal interface (eth1)
(more…)
Tags: 100mbit, 10mbit, 95th percential, 95th percentile, Add new tag, apt-get, bandwidth management, bmon, bulk, classes, datacenter, debian, external interface, htb, interactive, internal interface, iproute2, Linux, percentile, priority, qdisc, restrict traffic, router, routing, switch, tc, traffic shaping
26 May 08 Custom linux router, routing, split access and more..
So, now I have got this router set up and working, it was time to customize it somewhat.
In terms of networking, we have 3 10/100 ethernet ports and one wireless adapter, and this is set up as follows:
Internet comes in to eth1 and eth2, both of which have public IPs. eth0 which is another ethernet interface is bridged with ath0 which is my wireless interface (in master mode, with WPA-PSK/TKIP with hostap running) to form br-lan, whos IP is 192.168.100.1and is connected via a switch to feed the LAN PCs
I’m using a pretty simple netfilter masquerade script in use with this for NAT.
(more…)
Tags: bridge, ethernet, hostap, IP, load balance, multiple providers, router, split access, upnp, wireless, wpa
26 May 08 Custom linux router, the story..
I have two separate internet providers, two separate static ranges, one from each provider, and a LAN. The purpose of the exercise here was to split traffic between the two providers on an equal 50/50 basis.
(more…)
Tags: Linux, mikrotik, minipci, openwrt, picolcd, router, routerboard 532a, usb, wireless
|
I'm Adam Palmer, and I'm a PHP Programmer, Web Security Consultant, and Linux Consultant.
I run 'APNIC Solutions Ltd' and spend most of my time consulting, managing server clusters, and writing PHP, whilst what little spare time I have is dedicated to playing with gadgets.
|
