Clik here to view.
Again some more protocols & variants
Again and again, I am adding some protocol samples to the Ultimate PCAP. Just for reference. And because I can. ;D HomePlug AV By coincidence, I encountered this “HomePlug AV” protocol on my home...
View ArticleClik here to view.
Palo Alto Networks Cluster “not synchronized”
For whatever reason, I had a Palo Alto Networks cluster that was not able to sync. A manual sync was not working, nor did a reboot of both devices (sequentially) help. Finally, the PAN support told me...
View ArticleClik here to view.
Cisco ESA: Mail Flow for Encryption Appliances
The Cisco Email Security Appliance (ESA) is well-known for its very good Anti-Spam features. But it completely lacks a usable implementation for mail encryption with S/MIME or OpenPGP. That is: We are...
View ArticleClik here to view.
Palo Alto: User Group Count Exceeds Threshold
We have run into an annoying situation: A hardware-dependent limit of user groups on a Palo Alto Next-Generation Firewall. That is: We cannot use more Active Directory groups at our firewalls. The...
View ArticleClik here to view.
syslog-ng with TLS: Installation Guide
Some years ago I wrote a blog post called “Basic syslog-ng Installation“. While I used it myself quite often in my labs or at the customers’ sites, it shows only basic UDP transport which is both...
View ArticleClik here to view.
Palo Alto Syslog via TLS
As we have just set up a TLS capable syslog server, let’s configure a Palo Alto Networks firewall to send syslog messages via an encrypted channel. While it was quite straightforward to configure I ran...
View ArticleClik here to view.
FortiGate Syslog via TLS
As we have just set up a TLS capable syslog server, let’s configure a Fortinet FortiGate firewall to send syslog messages via an encrypted channel (TLS). Let’s go: I am using a Fortinet FortiGate...
View ArticleClik here to view.
Das Webernetz dahoam
Endlich war es soweit: Das eigene Haus stand vor der Tür und Johannes hat sich um die Netzwerkverkabelung und das Netzwerkdesign gekümmert. Hier eine Zusammenfassung meiner Gedanken und deren Umsetzung...
View ArticleClik here to view.
Pi-hole Installation Guide
You probably know already the concept of the Pi-hole. If not: It’s a (forwarding) DNS server that you can install on your private network at home. All your clients, incl. every single smartphone,...
View ArticleClik here to view.
Top on Top: ForeverSpin Kreisel auf Gitarren
Neben dem Gebastel mit technischen Geräten macht mir vor allem das Spielen von Saiteninstrumenten viel Spaß. So haben sich mit der Zeit ein paar Insturmente aller Couleur angesammelt: E-Gitarren,...
View ArticleClik here to view.
Cisco APIC: New Certificate
This post is about adding an own (trusted) X.509 certificate for the HTTPS GUI of the Cisco Application Policy Infrastructure Controller aka APIC. You can do this via the GUI itself or via the API....
View ArticleClik here to view.
#heiseshow: IPv6 setzt sich langsam durch – die wichtigsten Fragen
Ich durfte zu Gast bei der #heiseshow zum Thema IPv6 sein. In Anlehnung an die Artikelserie über IPv6 in der c’t 7/2022, in der auch mein Artikel über die Vorteile von IPv6-Adressen erschienen ist,...
View ArticleClik here to view.
PAN: Logging of Packet-Based Attack Protection Events e.g. Spoofed IP
I just had a hard time figuring out that a network routing setup was not working due to a correctly enforced IP Spoofing protection on a Palo Alto Networks firewall. Why was it a hard time? Because I...
View ArticleClik here to view.
Palo Packet Capture: Choosing the Right Filter
Palo Alto firewalls have a nice packet capture feature. It enables you to capture packets as they traverse the firewall. While you might be familiar with the four stages that the Palo can capture...
View ArticleClik here to view.
Server-Verfügbarkeit: Monitoring-Werkzeuge
Angreifer verwenden gern Ping und Traceroute, um Server im Internet ausfindig zu machen. Das bringt viele Security-Admins in Versuchung, den Ping- und Traceroute-Verkehr mittels ihrer Firewall in ihrem...
View ArticleClik here to view.
Netzwerkmitschnitte mit tshark analysieren
Haben Sie mal Netzwerkmitschnitte untersucht, ohne zu wissen, was genau Sie suchen? Mit Wireshark wird das leicht zu einer Odyssee: Das Analysewerkzeug filtert zwar fabelhaft, reagiert bei großen...
View ArticleClik here to view.
Netzwerkprotokolle: Nachschlagewerk für Wireshark
Wenn es im Netzwerk knirscht, versuchen Admins den Fehler in Analyse-Tools wie Wireshark anhand von Paketmitschnitten einzukreisen. Jedoch hat der Herr viel mehr Netzwerkprotokolle gegeben, als sich...
View ArticleClik here to view.
Zehn Vorteile von IPv6!
Das moderne Internetprotokoll IPv6 gilt als so komplex und umständlich, dass manche Administratoren beharrlich beim vertrauten, aber veralteten IPv4 bleiben. Zehn Praxisbeispiele belegen, warum viele...
View ArticleClik here to view.
Why counting IPv6 Addresses is nonsense
From time to time I stumble upon Tweets about counting the number of IPv6 addresses (1 2 3). While I think it is ok to do it that way when you’re new to IPv6 and you want to get an idea of it, it does...
View ArticleClik here to view.
IPv6 Crash Course @ SharkFest’22 EUROPE
Fortunately, there was a SharkFest – the “Wireshark Developer and User Conference” – this year in Europe again. I was there and gave an IPv6 Crash Course likewise. Yeah! It’s my favourite topic, you...
View Article