VPC flow is a AWS feature that allows you to capture the inbound and outbound traffics of all network interfaces in your VPC. To get the information, you have to go to the Cloudwatch to read the raw logs line by line which is not really efficient. If you happen to use Sumologic, you can … Continue reading Send VPC flow logs to Sumologic
Tag: Security
Incomplete certificate chain
There are 3 methods to test the incomplete certificate chain: 1) https://www.ssllabs.com/ssltest/analyze.html?d=example.com The error is: Chain issues Incomplete 2) curl -v -o /dev/null https://example.com The error is: * NSS error -8179 (SEC_ERROR_UNKNOWN_ISSUER) * Peer's Certificate issuer is not recognized. 3) openssl s_client -showcerts -verify 10 -connect example.com:443 The error is: Verify return code: 21 (unable … Continue reading Incomplete certificate chain
Hidden Master DNS
Simply speaking 'Hidden Master DNS' is done by removing the SOA DNS server from the NS records. The common practise is that the company controls their own DNS master or SOA, and uses ISP or other vendors' DNS as secondary or slave. The benifit is to hide the master DNS from public, as generally speaking … Continue reading Hidden Master DNS
WinSCP or Putty authenticates against Microsoft ISA/ TMG
Many companies use Microsoft ISA/ TMG as their enterprise proxy solution. This may work for most cases. But in some scenarios, it does not work well. For example, use WinSCP or Putty behind the proxy AND the proxy requires authentication. ISA/ TMG is mircrosoft technology, it uses NTLM based authentication which is not supported by … Continue reading WinSCP or Putty authenticates against Microsoft ISA/ TMG
Extend ISA/TMG Ports to allow SSH
By default ISA/TMG does not allow outbound SSH traffic. And in the log it shows something like this: To make it work, you have to extend the ISA/TMG ports by adding SSH/22 by using isa_tpr.js. Here is my example:c:\Utils>cscript isa_tpr.js /add SSH 22Microsoft (R) Windows Script Host Version 5.8Copyright (C) Microsoft Corporation. All rights reserved.The Web … Continue reading Extend ISA/TMG Ports to allow SSH
Jackie Chen's IT Workshop 