WebRTC Leak issue

glitchlist Blog Leave a Comment

Web Real-Time Communication aka WebRTC is an API that provides web browsers, IoT devices or mobile apps to talk to each other in peer-to-peer mode. Is mainly used in streaming and realtime environment. To work, this API needs to communicate to its peers the real IP address of the machine. A possible attacker could then discover details of your local …

Securing OSPFv2

glitchlist Blog Leave a Comment

OSPF is a king routing protocol that speaks on Multicast addresses 224.0.0.5 and 224.0.0.6. Once the neighborhood relationship is installed and LSAs are exchanged, the SPF algorithm starts running. If the new OSPF peer is a malicious router it can cause a lot of damage to your routing table such as: Network congestions Dos attacks Loops LSA flooding and why …

FortiGate first Install

glitchlist Blog Leave a Comment

Small guide to logon on your new FortiGate for the first time: Create a new Wired Ethernet connection under Linux of course: 2. Set 192.168.1.*/24 as IP address. But not the .99 3. Logon on http://192.168.1.99 and Accept the Risk! 4. Glitch prevention: Remember not to be locked out and, for the time necessary to set up your new firewall, …

vrf on HPE 7500series

glitchlist Blog Leave a Comment

VRF under HPE are called vpn-instance, I still call them VRF because working with some disinterested colleagues … they constantly confuse a vpn-instance from a vpn IPSec. Another reason why I call it VRF is because when I started this job I was only dealing with Cisco devices and the VRF initials remained in my heart. Uhm and it is …

LACP on ARUBA

glitchlist Blog Leave a Comment

to conf a dynamic bridge-aggregation with LACP as load balancing protocol, do this: 1/A* interfaces are x4 10G Ports module, but you can build a trunk with any ports. Remember also, if your port-channel has to pass VLAN tagged, config Aruba VLANs by tagging the trunk interface and not the single port of the aggregated link. The native vlan always …

P0f

glitchlist Blog Leave a Comment

by this fingerprinting utility, inspection of real-time data or an .pcap file can give as output informations about a system. In this example, we have sniffed WAN interface of our Internet router. The tool passively recognize an OS from traces and behaviors in TCP packets. Cool stuff! .glitchlist crew

ip route-static

glitchlist Blog Leave a Comment

In Huawei, there are some options to make a static route less static and more dynamic! Now, you can bind a static IP route on certain events that happen in your network. Events can be triggered by: BFD session EFM state NQA An example could be forward a network on a Core Router without using a routing protocol: .glitchlist crew