Author: MICHAL

Technology

Proxmox node out of cluster

I was replacing drives and memory in one of servers and out of a sudden node was unable to start. When finally it booted it was gone out of cluster. Weird. This node has been installed on SSD drive which had 2 years or constant runtime. Debian prompted with some file system issue at one and another time. After few reboots finally it booted successfuly but node was unable to communicate properly with other cluster members. I tried to start time synchro from the stratch to no avail. I pulled out other drives than this one with operating system without

Security

KeeneticOS PPTP VPN server

If you own this router then you might be interested how to setup VPN Server. I am personally interested in a way of how to do this using CLI only. It looks easy however there is one odd settings you should be aware of. To start with, it will be PPTP VPN server, but as far as I know this KeeneticOS can set up also OpenVPN and possibly WireGuard, but as always PPTP is the easiest to configure. Start with logging into the box. It might sound obvious, but there are plenty of hardware which requires now unsuported algorithms and

Security

PPTP VPN on Wive-NG router

On Wive-NG router when talking about VPN you have either PPP or WireGuard. As PPP is first listed so I tried it before trying WireGuard. Here are my thoughts. Configuration is pretty simple. In the router menu, go to Services – VPN Server. Then select PPTP protocol. In the Users section create new user with login and password and that’s all from the server side. From the client side it is also pretty simple. First install pptp-linux: Next thing is to fill configuration file with settings as follows: With this configuration it is time to activate connection: To disable connection:

Technology

Ubuntu resize LVM

During installation Ubuntu will create LVM with half of the space available. In order to expand it to whole space available you need to extend logical volume and expand file system as follow:s

Security

EcoRouter 2008 change user password

Possibility that you own or operate EcoRouter 2008 with EcoBNGOS are very low. However just in case you will have to work with this one it will be useful to know at least some basic commands. I choose user password change as it is the most important thing at first glace after setup, so: After this logout and login again to check if it is working. On some routers there might be a problem with not enough disk space to save configuration change, that’s why you need to also check if the change has been applied properly.

Security

MikroTik RouterOS 7.5 change default DNS

Want to change default DNS for the network in MikroTik’s RouterOS CLI? You can use web UI but it could have some issues preventing from configuration save, so it is nice to know how to use it via CLI. First login into the box and then: Change X with the network number of your preference. You can show them using print command at /ip/dhcp-server/network level. Last thing: the option that may prevent from configuration save on UI is DHCP Option Set. When empty (for various reasons) then you need to go to CLI to do the job. It is the

Security

airodump-ng and aireplay-ng to deauthenticate clients from access point

Disconnecting wireless clients from access points The problem The nature of wireless networking is quite problematic because transmission goes over air and can be intercepted by anyone. Of course there is data packet stream encryption. But deauthentication frames are not encrypted and can be forged. It’s applicable to IEEE 802.11 standard. However if your device is capable of 802.11w standard amendment then the management frames are protected from forging, however in various devices this option is disabled by default even if they support it. In case of your device check manual for default settings. It’s worth enabling this option. Not

Security

Suricata IDS/IPS on pfSense

Detecting and preventing threats Introduction To provide security in a network you can deploy IDS or IPS systems. The difference is on the second letter, D stands for detection and P for prevention. First you start a system in IDS mode and only then you configure it to become IPS system. Enabling Suricata in IPS mode from the start could be confusing. It is advisable to see what’s going on first on a network to be sure not to generate too many false-positive alerts and blocks. Why IDS/IPS? You may ask why do I need intrusion detection or prevention system.

Technology

Geo location with Filebeat on Elasticsearch 7, HAProxy and NGINX

Display geo location map for NGINX traffic logs in Kibana Summary There are 3 things to remember and configure in order to have geo location map working: Use “forwardfor” option on pfSense HAProxy TLS frontend Enable filebeat NGINX module and point particular log files Define custom NGINX log format This guide relates to Ubuntu Linux setup. Elasticsearch 7 First install Elasticsearch 7 as follows. Note: for more resilent setup install more than one Elasticsearch server node and enable basic security. For sake of clarity I will skip these two aspects which will be covered by another article. Kibana Then install