Wednesday, June 20, 2018

CISCO ASA Firewall and VPN Tips and Tricks

This post is to collect some useful commands used in my ASA configuration. Not a step by step guide and not for specific configuration, mostly they are for troubleshooting purpose. I found them are usful, hopefully you too. 



1. Clear VPN Configuration: 

clear configure crypto map VPN_AAAA


2. Debug and show commands:

Enable logging:

ciscoasa#terminal monitor
ciscoasa(config)# logging buffer-size 1048576
ciscoasa(config)# logging buffered 7
ciscoasa(config)# logging monitor 7
ciscoasa(config)# debug crypto condition peer 10.10.10.10
ciscoasaa(config)#
ciscoasa(config)# debug crypto ipsec 127


Monday, June 11, 2018

Steps to Troubleshoot an Infected Computer

Today received a report from user, computer is slow and seems have been infected with unknown virus or malware. No special symptoms except slow.

1. Check task manager and resource monitor

There is a process smss.exe which description is "Microsoft ? Console Based Script Host " using almost 75% CPU all the time.

From task manager, I found system was rebooted a couple of hours ago at very early morning and user was not around.

Also, no matter how you ended this process, it will come back in 10 seconds and take your CPU away and use about 4M your memory.



Saturday, May 26, 2018

CISO Leadership Overview

Cyber Security Mind Map Examples:
  • 网络安全绪论
  • 扫描与防御技术
  • 口令破解及防御技术
  • 拒绝服务供给与防御技术
  • Web及防御技术
  • 计算机病毒
  • 网络安全发展与未来
  • SANS Cisco Mind Map
  • 企业安全工作要点思维导图
Free Cloud Mind Map Website: Mind Mup2 - https://drive.mindmup.com/

A CISO (Chief Information Security Officer) has a complex role within a company. They have a wide array of tasks to perform, that involves many differing parts, which the average individual is not always aware of.

CISO Mind Map is an overview of responsibilities and ever expanding role of the CISO.  This Security Leadership poster made by SANS shows exactly the matters a CISO needs to mind when creating a world class IT Security team. It also highlights the essential features necessary of a Security Operations Centre (SOC).


Wednesday, April 18, 2018

Gartner's Magic Quadrant for Public Cloud Infrastructure Managed Services Providers (2018, 2017)

What are Public Cloud Infrastructure Managed Service Providers?

Public cloud infrastructure as a service (IaaS) delivers compute, storage and network resources in a self-service, highly automated fashion. The leading public cloud IaaS providers also offer platform as a service (PaaS) capabilities and other cloud software infrastructure services as part of an integrated IaaS+PaaS offering

This Gartner magic quadrant report analyzed vendors in the market and states that “a public cloud infrastructure managed service provider (MSP), in the context of this Magic Quadrant, is an MSP that offers managed services and professional services related to infrastructure and platform operations for one or more hyperscale integrated infrastructure-as-a-service (IaaS)+platform-as-a-service (PaaS) providers.”

2018
Three Vendors are in Leaders Quadrant:
  • Accenture
  • Cloudreach
  • Rackspace
This is the second consecutive year in which Accenture was recognized as a Leader in the Gartner report.

Tuesday, April 17, 2018

Install OpenVAS on Ubuntu


OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks' commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.

1. Install dependencies

OpenVAS Virtual Appliance / GreenBone Installation

OpenVAS Framework
The GSM Community Edition is a derivate of the GSM ONE and allows a quick and easy option on Windows, Linux or Mac to give the solution a trial. No particular know-how is needed.
In contrast to the commercial solution the Community Feed instead of the Greenbone Security Feed is used. Also some management functions like for TLS certificates are not included. Feed updates happen on a regular basis, but the system itself can not be updated. The commercial version can be updated seamless and also includes access to the Greenbone Support.
The Community Edition as well as the GSM ONE are designed for use with a laptop. The full feature set for a vulnerability management process (schedules, alarms, sensors) are only available with the bigger GSM models (see here for an overview) and can be obtained from Greenbone as an evaluation unit.

1. OpenVAS / GreenBone Installation Video




Saturday, April 14, 2018

Metasploit Installation on Windows 7 and 10

The Metasploit Framework (MSF) is far more than just a collection of exploits. It’s an infrastructure that you can build upon and utilize for your custom needs. This allows you to concentrate on your unique environment, and not have to reinvent the wheel. I consider the MSF to be one of the single most useful auditing tools freely available to security professionals today. From a wide array of commercial grade exploits and an extensive exploit development environment, all the way to network information gathering tools and web vulnerability plugins, the Metasploit Framework provides a truly impressive work environment.

1. Installation on Windows 7
Youtube Video: