Pages

Thursday, April 10, 2014

Heartbleed (CVE-2014-0160, CVE-2014-0346) - Affected Products From Major Vendors

Consolidated list of responses from Major Vendors

VMwarehttp://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2076225

Citrixhttp://support.citrix.com/article/CTX140605

Red Hathttps://access.redhat.com/site/solutions/781793

I will add more as and when I find the links/KB.

Tuesday, March 25, 2014

Finding Glue Records For A Domain

Glue records are very important for DNS infra. Here is how to check glue records for a DNS domain.

Use Dig  - http://www.adminsehow.com/2010/05/how-to-check-domain-ns-glue-records-using-dig/

(Or)

Be a lazy bitch like me :P  - https://mebsd.com/glue#disqus_thread

Hope it useful for someone

Friday, March 7, 2014

Sophos UTM320 To IPsec With AWS VPC

Here are some pointers using Sophos UTM320 firewall to set up IPsec VPN to AWS VPC.

1) Select 'Dynamic Routing'  when you create customer gateway.  Otherwise,  you won't be able to get configuration file from AWS for your UTM. AWS dynamic routing use BGP.
2) If you firewall WAN interface is not directly facing to Internet,  you need to modify interface IP correctly in downloaded configuration file before importing. 
3) If you can't get connection even after importing configuration and VPN shows 'up' status, check BGP setting in your UTM.  In my case, it simply failed to import BGP portion from configuration file. I had to configure BGP in UTM manually. 
4) Of course,  do add firewall rule to allow traffic between your local network and VPC. 

You may add more to the list....  :-D