Tuesday, July 9, 2019

CyberArk Notes

High Level Design


Thursday, June 27, 2019

VanDyke SecureCRT and Putty Usage Tips and Tricks

VanDyke SecureCRT provides  IT pros a very user-friendly client to manage command line devices and SSH hosts with. Connecting to devices securely is one thing, and there are other products that can achieve this goal, but with SecureCRT, multiple connections can be managed in tabs to allow you to work between sessions without changing windows.

Here are some my favourite settings to customize SecureCRT:

1. Edit Default Settings for terminal Emulation
If you are using Linux devices, please choose Linux as your Terminal. For network / security devices, use VT100 will be best choice.

I also like to set Scrollback Buffer to 5000. If you choose ANSI color, the appearance color will be depending on the color codes sent by the remote application.


Saturday, June 22, 2019

Cyber Security TRA (Threat and Risk Assessment) Resources Research


What is Risk:
Risk = Threat x Vulnerability x Asset

The enterprise risk assessment and enterprise risk management processes comprise the heart of the information security framework. These are the processes that establish the rules and guidelines of the security policy while transforming the objectives of an information security framework into specific plans for the implementation of key controls and mechanisms that minimize threats and vulnerabilities. Each part of the technology infrastructure should be assessed for its risk profile. From that assessment, a determination should be made to effectively and efficiently allocate the organization’s time and money toward achieving the most appropriate and best employed overall security policies. The process of performing such a risk assessment can be quite complex and should take into account secondary and other effects of action (or inaction) when deciding how to address security for the various IT resources.

Friday, June 21, 2019

Symantec ATP (Advance Threat Protection) EDR Configuration Notes

I am working on Symantec ATP , which new name is EDR. Here lists some of experience I learned from this set up. It is still updating.


YouTube Video:


Wednesday, June 19, 2019

Common Used Excel Formulas


一、数字处理

1、取绝对值
  =ABS(数字)
  2、取整
  =INT(数字)
  3、四舍五入
  =ROUND(数字,小数位数)

二、判断公式

1、把公式产生的错误值显示为空
  公式:C2
  =IFERROR(A2/B2,"")
  说明:如果是错误值则显示为空,否则正常显示。


Monday, June 10, 2019

How to Enable Root Account and Enable Username/password Access in GCP


By default, Google Compute Engine offers the browser-based Google Cloud Platform Console tool that lets you manage your Google Compute Engine resources through a graphical interface. Use the GCP Console to manage your resources if you prefer using a user-interface through the browser.

In the GCP documentation setting up ssh keys  which shows how to set up your own ssh key to access all your virtual machines in GCP. here's the summary of steps:
  1. Generate your keys using ssh-keygen or PuTTYgen for Windows, if you haven't already.
  2. Copy the contents of your public key. If you just generated this key, it can probably be found in a file named id_rsa.pub.
  3. Log in to the Developers Console.
  4. In the navigation, Compute->Compute Engine->Metadata.
  5. Click the SSH Keys tab.
  6. Click the Edit button.
  7. In the empty input box at the bottom of the list, enter the corresponding public key, in the following format: 

    <protocol> <public-key> [email protected] 

    This makes your public key automatically available to all of your instances in that project. To add multiple keys, list each key on a new line.
  8. Click Done to save your changes. 

    It can take several minutes before the key is inserted into the instance. Try connecting with ssh to your instance. If it is successful, your key has been propagated to the instance.

Sunday, June 9, 2019

Using Portainer to Deploy Guacamole Docker- Web-based Remote Access Gateway

Apache Guacamole is a clientless remote desktop gateway. It has been called clientless gateway because no plugins or client software are required. The utility offers a HTML5 interface that is used to start remote sessions. There is no other special client software need to be installed as long as you have a browser. The following popular protocols are supported, VNC, RDP, SSH, Telnet.

Architecture
Guacamole consists of the following components:
Guacamole architecture
  • Guacamole Server (Tomcat Servlet Container)
  • Guacamole Proxy Server (guacd), establishes remote connections
  • Remote hosts – accessible via protocols above
A Guacamole server can contact multiple proxy servers. Using this, it is possible to access desktops in multiple network segments using one frontend.

In this post, I am gong to present a way to set up Guacamole server in Azure free tier cloud VM. I am using docker technology with the help from Docker Web UI Portainer, to deploy a Guacamole docker into a Linux virtual machine.