Sponsorised links
This month
April 2008
Sponsorised links
March 2008
SSH dynamic port forwarding with SOCKS
by camel
SSH has numerous uses beyond just logging into a remote system. In particular, SSH allows you to forward ports from one machine to another, tunnelling traffic through the secure SSH connection. This provides a convenient means of accessing a service hosted behind a firewall, or one blocked by an outgoing firewall.
However, forwarding an individual port still requires you to change where your program connects, telling it to use a non-standard port on localhost rather than the standard port on the remote machine, and it requires a separate port forward for each machine you want to access. Dynamic port forwarding via SOCKS provides a more convenient alternative.
The examples in this article assume that you reside behind a restrictive firewall which does not allow outgoing SMTP connections except to a designated mail server. You want to connect to a different mail server, mail.example.net, on port 25. You have an SSH account on a machine shell.example.org, which does not reside within the restrictive firewall and can thus access port 25 on mail.example.net.
January 2008
Zork[Yy]'s log : Connaissez-vous qpsmtpd ?...
by camel
& 1 other
qpsmtpd est un serveur SMTP très léger et très modulaire qui se base sur le principe des plugins et des hooks qu’il peut appeller à chaque instant du protocole SMTP : mail from, rcpt to, data, ... Le principe est de lancer qpsmtpd à l’écoute du port SMTP (25), charge à lui ensuite de faire les vérifications d’usage (beaucoup de plugins sont livrés dans le produit de base pour ce type d’opérations) pour ensuite relayer au serveur de messagerie qui écoutera sur un autre port (2525) par exemple. En gros qpsmtpd joue le rôle de firewall ou de frontal mail avant d’entrer dans l’infrastructure de la messagerie interne.
L’avantage de cette technique est de pouvoir développer un plugin maison, avec des hooks à appeler selon ses besoins : on peut introduire des règles métiers sur les mails : vérification de l’existence du compte, vérification de l’expéditeur selon des règles qui nous sont propres, etc…et de couper la transaction SMTP avant même de recevoir le message : gain de temps et de ressources pour le serveur MTA en bout de chaîne.
SSL-Explorer: The World's First Browser-Based, Open Source SSL VPN
by Elryk
SSL-Explorer est une solution VPN SSL entièrement sécurisé. Il permet d'accéder, en toute sécurité depuis un simple navigateur, à des partages Windows, à des tunnels SSL, à un Intranet ou encore à des applications Java.
Possibilité de l'utiliser avec UltraVNC.
December 2007
fwknop: Single Packet Authorization
by camel
& 1 other
fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter (fwknop supports both iptables on Linux systems and ipfw on FreeBSD and Mac OS X systems) and libpcap.
November 2007
Firewall Builder
by lecyborg
Firewall Builder is multi-platform firewall configuration and management tool. It consists of a GUI and set of policy compilers for various firewall platforms. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations. Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX. Technical summary of features supported by the policy compilers for all platforms can be found in the section "Modules" (see menu on the left).
Being truly vendor-neutral, Firewall Builder can generate configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
IPtables log analizer
by lecyborg
IPTables log analizer (TODO : find a nice name for it) displays Linux 2.4 iptables logs (rejected, acepted, masqueraded packets...) in a nice HTML page (it support rough netfilter logs but also Shorewall and Suse Firewall logs).
This page shall be easy to read and understand to reduce the manual analysis time.
This page containts statistics on packets and links to more detailled information on a given host, port, domain and so on.
firewall Eyes : iptables log analysis tool
by lecyborg
Firewall Eyes est un outil d'analyse de logs en temps réel pour le pare-feu iptables. Grâce à une interface Web, vous visualisez et supervisez simplement et efficacement l'activité réseau traversant votre firewall.
Vous détectez aisément les activités suspectes et ajustez votre politique de sécurité.
October 2007
Smoothwall router on XenEnterprise - community.smoothwall.org
by lecyborg
Howto run smoothwall on Xen.
WebSitePulse Releases an Upgraded Website Test behind the Great Firewall of China
by picink
In response to the increased need and interest from webmasters, IT managers and business operators, WebSitePulse has upgraded the Website Test behind the Great Firewall of China to provide them with useful information in determining how their websites are seen from visitors and users located in China.
Protect Your Network from spamming, scanning, harvesting and dDoS attacks with DROP List
by camel
DROP (Don’t Route Or Peer) is an advisory “drop all traffic” list, consisting of stolen ‘zombie’ netblocks and netblocks controlled entirely by professional spammers. DROP is a tiny sub-set of the SBL designed for use by firewalls and routing equipment.
