Tag: Tool

Tools: How to identify and clean up Windows computers infected with malware and bots

Solution: Follow the steps below in the given order: Step 1: Disconnect the computer from the network and notify the user that the computer cannot be re-connected until all malware has been successfully removed. Step 2: Find out if the user is familiar with the destination or action that the malware or bot is trying … Continue reading Tools: How to identify and clean up Windows computers infected with malware and bots

Advertisement

Fortigate 5.2 Vulnerability: SSH/SSL – Weak Encryptions

Known issue to: FortiOS 5.2.x (can also apply to higher versions). But 5.4.x and later has already disabled weaker ciphers DES, RC4 and SSLv3, so Firewalls running on later version are less-prone to vulnerabilities.     Recommendations/Mitigations:  What does strong encryption do? Enabling the use of strong encryption will only allow strong ciphers such as: AES … Continue reading Fortigate 5.2 Vulnerability: SSH/SSL – Weak Encryptions

Cisco device serial number explanation

Cisco devices have a standard serial number, from the serial number you can work out it's age and the location it was built. To decipher the serial number, here's how it is composed. Cisco S/N format is LLLYYWWXXXX. LLL = Location code (i.e. FOC = FoxConn China) YY = Year code (08 = 2004...09=2005...etc...) WW … Continue reading Cisco device serial number explanation

Fortigate: Disable Telemetry (Endpoint Security) for Client VPN Users

blah blah Solution 1 You can recreate the VPN and on Step 3, Unselect Allow Endpoint Registration Solution 2 Disable Endpoint Security Enable the feature first so the option will show up on the firewall. Under System -> Feature Select -> Security Features -> select Endpoint Control. Once Feature is enabled, Forticlient Profile will be … Continue reading Fortigate: Disable Telemetry (Endpoint Security) for Client VPN Users

Fortigate: New FortiOS Upgrade Path Tool

Early this week, Fortigate has removed the Upgrade Path table on the Fortigate Cookbook website gaining reaction from many of us. I spend a good number of minutes trying to look around where I can find the table I used to find in just a couple of google searches and clicks. The Upgrade Path tool … Continue reading Fortigate: New FortiOS Upgrade Path Tool

Sonicwall GVC VPN: Unable to connect to VPN. Error: “Packet length mismatch with interface MTU”

I had a client who was unable to connect to the Sonicwall VPN via GVC (Global VPN Client). Packet capture showed initial inbound traffic to the Sonicwall from Client is being dropped. Logs as below: 50 03/30/2016 14:16:06.912 X4*(i) -- VPN.CLIENT.IP.HERE SONICWALL.WAN.IP.HERE IP UDP 500,500 DROPPED 60[60] 51 03/30/2016 14:16:06.912 X4*(i) -- VPN.CLIENT.IP.HERE SONICWALL.WAN.IP.HERE IP … Continue reading Sonicwall GVC VPN: Unable to connect to VPN. Error: “Packet length mismatch with interface MTU”

Fortigate: Log Monitoring and Email Alerting via Fortianalyzer

Using the logs sent by your Fortigate Firewall to your Fortianalyzer, you can set up an monitoring/alerting function for any logs or events captured. This is very helpful in monitoring critical systems and functions such as interface flaps or VPN IPsec Issues. You can monitor any events as long as it is logged.  In this … Continue reading Fortigate: Log Monitoring and Email Alerting via Fortianalyzer

Fortigate: Disabling and enabling the SIP session helper

You can use the following steps to disable the SIP session helper. You might want to disable the SIP session helper if you don’t want the FortiGate to apply NAT or other SIP session help features to SIP traffic. With the SIP session helper disabled, the FortiGate can still accept SIP sessions if they are … Continue reading Fortigate: Disabling and enabling the SIP session helper