This link solves the issues that I experienced with removing the capability for leaving comments
-
Recent Posts
-
Archives
-
Categories
-
Meta
Importing a VMDK to VirtualBox
Importing a VMDK to VirtualBox
I am a big fan of VirtualBox and was looking for a way to convert my workstation from a physical machine to a virtual machine. VMWARE offers a free conversion program, but naturally it only converts your physical machine to a VMDK file (VMware format). You can download the free conversion software at:
http://www.vmware.com/products/converter/overview.html
Fortunately Oracle’s VirtualBox can run a VMDK file but it is not a very obvious process, such as installing a virtual appliance.
The basis steps are, you need to create a new machine, give it resources, and then when selecting the boot drive, you need to select a local drive, and browse to the VMDK file.
I found that hutzoft.com already provides all the steps necessary to accomplish this, and you can read more
http://blog.hutzoft.com/2010/10/18/importing-vmware-vmdk-disk-to-oracle-virtualbox/
Fortigate IPSec Trouble Shooting
Here are the basic commands to trouble shoot IPSec on a Fortigate firewall.
Use diag debug en
Diag vpn ike filt
Diag debug app ike -1
Diag debug reset
SA is on phase 1 and phase 2 but typically refered to in phase 2
An SA is required for each direction
AH authentication header, is not encrypted and is not typically used (protocol 51)
ESP is nwo used most of the time (protcol 50)
For IT Support and InfoSec services see, www.quanexus.com
Printing from a Web Page
There is a lot of useful information on the web, but sometimes it is difficult to print what you want without having to print a lot of useless information. This is a great free utility to let you choose what to print.
http://www.printwhatyoulike.com/
For information on IT Services provided by Quanexus, please visit, www.quanexus.com
Control Panel Commands
Working different versions of Windows servers and workstations, I find running these Control Panel commands from the Start button very helpful in saving time versus navigating the GUI.
Control Panel Tool Command
Add New Hardware sysdm.cpl
Network Properties ncpa.cpl
Internet Properties inetcpl.cpl
System Propoerties sysdm.cpl
Printers printers
For more information about networking, information technology and information security, please go to www.quanexus.com
Foritgate Basic UTM Configuration
If you are new to programming a Fortigate here are some basics to help you get started with implementing the Unified Threat Management (UTM) features. The following was created using 4MR3 Patch9
Basic
The key UTM features to be implemented are: AntiVirus, Web Filter, Application Control and IPS.
1 AntiVirus
The default AntiVirus setting are sufficient, and do not need to be changed.
2 Web Filter
Create a new profile and name it Q-Web-Filter. Click Proxy, check Log all URLs, check FortiGuard Categories. Under the Categories, check Security Risk and for action drop down and select Block. Then click apply.
There could be problems with the this Web Filter configuration causing an “In Valid Certificate” error messages on some workstation and mobile devices, so this should be added to the configuration via console (command line)
config webfilter profile
edit Q-Web-Filter
config ftgd-wf
set options connect-request-bypass
end
next
end
3 Application Control
Create a new Application Sensor and name it Q-App-Sensor. In the new Q-App-Sensor, select create new, and in the category section, drop down to Botnet. Under action click Block.
4 Intrusion Sensor
Create a new IPS Sensor and name it Q-IPS-Sensor. In the new Q-IPS-Sensor, click new and add the following:
Severity, select high and critical
Target, select client (there is an issue with HTTP URI overload with the Server)
OS, select Windows and MacOS
Keep the defaults except at the bottom select the Quarantine Attackers to Banned Users List:
Mehtod, Attacker IP Address
Expires, 5 Minutes.
5 Apply Filters
These filters should be applied on all gernaerl outgoing traffic policiy rules.
For IT Support and InfoSec services in the Dayton, Ohio area please visit our web site at www.quanexus.com
Setting Up Fortigate Interface Mode and Soft-Switch
Often times it is advantageous to divide up the internal swtich into individual interfaces. Reasons for doing this include additioanl hardware port for routing, or additional ports to implement one-arm sniffers. The following are some of the commands necessary to accomplish this.
To put a FortiGate in Interface mode:
config system global
set internal-switch-mode interface
To create a software-switch
config system switch-interface
edit name (example SW1-3)
set member internal1 internal2 internal3 (the names may be different depending on firmware and model, you can use the tab key to scroll through valid names)..
set vdom root
next
end
To assign an IP address and management access to the software-switch
config system interface
edit SW1-3
set ip address and mask (example 192.168.1.1 255.255.255.0)
set allowaccess ping https ssh
next
end
For IT Support and InfoSec services in the Dayton, Ohio area please visit our web site at www.quanexus.com
On-line Storage and File Sharing Solutions
Two great soltuions for storing and sharing on-line information are Dropbox or Box.Com (formerly Box.Net) . Both prodcuts off a free versoin, Dropbox offers a free 2GB program that can be expanded upto 18GB with referals and Box offers 5 GB free out of the box. Paid versions of both offer much mroe storage space.
Box can be downloaded at www.box.com
Dropbox can be downloaded at www.dropbox.com
Jack Gerbs, Quanexus, Inc.
For IT Support and InfoSec services see, www.quanexus.com
Managing Passwords
A great utility to manage passwords is keepass. This is a Windows program. It can be permanently installed on a workstation and or it can be installed in a portable mode and ran off of a USB drive. It is important to remember to backup your keepass database. If you need access to keepass from multiple computers an on-line storage solution such as Dropbox or Box.Com (formerly Box.Net) is a great compliment to keepass. Box and DropBox both offer a free version but with limited storage. Dropbox offers a free 2GB program that can be expanded upto 18GB with referals and Box offers 5 GB free out of the box. Paid versions of both offer much mroe storage space.
KeePass can be downloaded at www.keepass.com
Box can be downloaded at www.box.com
Dropbox can be downloaded at www.dropbox.com
For IT Support and InfoSec services see, www.quanexus.com
Protect Your Data – TrueCrypt data encryption
If you need an effective way to encrypt (protect) your data, TrueCrypt is a great solutoin. It can be downloaded at www.truecrypt.org
TrueCrypt can be installed on a computer or ran in portable mode off of a USB drive
For IT Support and InfoSec services see, www.quanexus.com
Jack's Usefull Reference Material 