Online Security  (via Bryan Soliman Blog)

Online Security (via Bryan Soliman Blog)

If you’re looking for a concise introduction to online security, check out my work colleague Bryan’s blog. You can find further information on ethical hacking and web application security in Bryan’s published work in PenTest Magazine.

The Basics of Online Security – features, technology used, and consumer issues:

Abstract Magalhaes (2003) explained that e-commerce requires huge commitment in securing online transaction of users’ credit card information, and other personal information. The top of the list of consumer complaints about e-business is the data security breaches, the identity theft and the phishing sites and e-mails. Most of the e-commerce web sites usually setup a secure gateway that can take customers payments, credit card information, billin … Read More

System administration 2: Firewall rules troubleshooting

System administration 2: Firewall rules troubleshooting

The following is a list of common practices for troubleshooting firewall rules that have been implemented for a server’s connectivity to another endpoint.

Confirm Firewall rules Implementation

Operating system Level connectivity test on established ports from source server/firewall to destination server/firewall. Test should verify routing, network address translation, ports, and URLs where applicable.

If there is no connectivity, follow steps below for troubleshooting procedures.

Check Security Configuration (if applicable)

Ensure SSL certificate trust in place and/or certificate exchanges installed and in place (e.g. 1-way, 2-way SSL certificates installed, and destination network can see successful SSL handshakes)

Preliminary Application Interface Test (Depends on application availability)

Source server generates a test message to be received on the destination server interface and source confirms a valid response. Test confirms URL in place and basic messaging interface is available.

Network connectivity troubleshooting on server

1. Test Connectivity on source server(s)

a. Initial test by server operator:
Telnet to destination IP via destination port. If IPs are using network address translation (NAT), choose the appropriate IP from source server – the IP the firewall sees and translates from the source server.

b. If telnet fails:
Check if static routing is done in source server routing table. Make sure routing goes to the correct default gateway and ping default gateway to check if it  works (e.g. netstat -rn to check IP configuration on server and /usr/sbin/ping ).

c. If server routing table is ok:
Conduct the telnet test while having network resources monitor firewalls between source and destination points.

d. If traffic is not picked up on firewall:
Check points along the network path. If possible trace the network route. Traffic bound for the destination address should be monitored in case source server IPs are not seen on the firewall.

e.g. Use /usr/sbin/traceroute to destination server and check for default gateway (assuming devices along the way do not have ICMP blocked)

2. Check Network configuration

a. If firewalls are picking up traffic but there is still no connectivity:

Network resources should check:

  1. Verify destination and source IPs in firewall rules.
  2. Check static routes, host files, address resolution protocols, VPN configurations, and other network routing configurations.
  3. If network address translation is being used, check that translation for source and destination addresses are done properly.

Random thought:

RAM disk is not an installation procedure.  ~Author Unknown