Hard link and soft link?

I would like to give some examples to describe practical meaning of hard links,soft links and cache in memory in a linux system. I will start creating two ramdisk partitions: # mkdir /ramdisk1 [root@tux ~]# mkdir /ramdisk2 [root@tux ~]# mount none -t tmpfs -o size=256m /ramdisk1 [root@tux ~]# mount none -t tmpfs -o size=256m /ramdisk2
Read More »

How to use ulimit utility to restrict users?

You can use ulimit command to prevent users from abusing system resources. Below I will touch two of the options; root@deb1:~# ulimit -a core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 15957 max locked memory (kbytes, -l) 64 max
Read More »

Reverse SSH connection

Imagine that you have a host (named A) somewhere that has no publicly reachable IP address but you would like to connect it via SSH. If this host A can reach outside, then you can reverse SSH into it. Here is the scenario; Host A (192.168.1.1) —  INTERNET —- Host C (10.10.10.1) On host A,
Read More »

How to preserve quoted strings in python split

If you want to analyse for example apache log files and split the lines by space by using the usual “split” method, you will see that split doesn’t respect quoted strings. For example if you have a line like below; 192.168.2.1 – – [06/Mar/2012:10:02:22 +0100] “GET /2011/10/19/jncip-sec-exam/ HTTP/1.1” 200 3331 “-” “mm” You can’t get
Read More »

Maximum rollback configuration in SRX

I used to remember that junos by default keeps 50 configuration rollbacks by number through 0 to 49. However in a default setup when I saw that I only have up to number 5 rollback, I realized that default isn’t 50 config files. Once you set the command; #set system max-configuration-rollbacks 49 you can keep
Read More »

how to block skype on SRX

To test how SRX blocks skype logins I have done the followings test and it worked; 1) Create a test IDP policy named My_Policy root@ankara# show idp-policy My_Policy rulebase-ips { rule 1 { match { source-address any; destination-address any; application default; attacks { predefined-attacks [ VOIP:SKYPE:LOGIN VOIP:SKYPE:PROBE-1 ]; } } then { action { close-client;
Read More »

How to uninstall IDP module in SRX

I would like to share my experiment on uninstalling of IDP module on an SRX100 device. Please take this as a test case and use it at your own discretion as I just test a manual removal of files and re-installed IDP module. 1) First disable IDP process root@ankara# set system processes idp-policy disable 2)
Read More »

SRX firewall filter

There are several ways of blocking certain type of traffic. One of them is a firewall filter. You may be asking why to use firewall filter instead of a security policy. The reason is firewall filter is at the very early stage of packet processing and it needs less processing power than security policies. You
Read More »