Block Flash content on Squid proxy

No more flash
No more flash

One of the trending topic I discuss regularly with my company IT department is the need to block Flash content on our navigation proxies.

As a Security people I have no doubt about, Flash must be blocked. Period.

Because I manage some Squid proxy I made this simple and effective configuration in squid.conf  file. Continue reading “Block Flash content on Squid proxy”

Forticlient SSLVPN packages for Ubuntu/Debian

[UPDATE: 17th of December 2019]
If you use Ubuntu 19.10 OpenFortiGUI 18.04 package is not working. I’m using openfortivpn from ubuntu repo and is working well

$ sudo apt install openfortivpn
$ cat config.vpn
host = <SERVER>
port = <PORT>
username = <USER>
pppd-use-peerdns = 1
# X509 certificate sha256 sum, trust only this one!
trusted-cert = <CERT>

$ sudo openfortivpn -c config.vpn

[UPDATE: 19th of November 2018]
Since Ubuntu 18.10 I start using the OpenFortiGUI and it works well, so I suggest to give it a try

[UPDATE: 9th Dec 2017]
If you want to use the FortiClient from command line, this is the command (for 64bit, same for 32bit with the right path)

$ yes | /opt/forticlient-sslvpn/64bit/forticlientsslvpn_cli --server <YOUR SERVER IP/FQDN HERE>:<YOUR SERVER PORT HERE> --vpnuser <YOUR USERNAME HERE> > /dev/null

—— original post ——

This post is just to point to the page where the great Rene mantains the .deb packages for Forticlient SSLVPN Linux client (instead of .tar.gz provided by Fortinet).

You can find the .deb files built by Rene in his blog Bits and Bites.

SNORT rules Advanced Parser for pulledpork

Lone Hacker in Wharehouse by Brian Klug
Lone Hacker in Wharehouse by Brian Klug

Security Onion is an Ubuntu based distribution created to handle a lot of Security task.

One of the security tool installed is SNORT, the best open source Intrusion Detection System (IDS). Security Onion use Pulledpork to get IDS rules and process them.

I wrote a perl script to make advanced modification to the downloaded SNORT rules. This script can handle rule transformation based on regular expression and multiple substitution patterns. Continue reading “SNORT rules Advanced Parser for pulledpork”

Launching Nessus scans inside Metasploit

Network by Rosmarie Voegtli from Flickr
Network by Rosmarie Voegtli

[UPDATE Feb 24th 2018: tenable disabled the API to execute remote scan since version 7 so keep in mind that if you use nessus>7 this won’t work]

Metasploit is my favorite tool while I do Pen Test and Secuirty Checks. I use also Nessus for Vulnerability Assessment and integrate Nessus and Metasploit is a must.

Follow a short guide on how to launch Nessus from Metasploit (for reference, I used NESSUS 6.5 and Metasploit PRO but also Community Edition should be ok).

Continue reading “Launching Nessus scans inside Metasploit”