Deploy FMCv 7.4.1 in KVM – Ubuntu 22.04
The Secure Firewall Management Center Virtual (formerly Firepower Management Center Virtual) Appliance brings full firewall functionality to virtualized environments to secure data center traffic and multi-tenant environments. The management center...
How to create a systemd timer to update ip address in ipset from Dynamic DNS
Systemd timers are a feature of the systemd init system on Linux. They are used to schedule and automate the execution of tasks or services at specific times or intervals. Timers are often used for automating periodic maintenance tasks, backups, data synchronization,...
How to create a cron job to update ipset with ip address from Dynamic Domain
Creating a cron job for IPset involves scheduling a task that updates IPset with a list of IP addresses at specified intervals. In this tutorial I will show you how to update a Update the syntax in bold and italic with your own. Here's a step-by-step guide on how to...
How to configure ipset – Ubuntu 22.04
ipset is a utility in Linux used for managing sets of IP addresses, ports, or other IP-related objects. It is a powerful tool that can be used to create and manage lists of IP addresses and related data efficiently. ipset is particularly useful for implementing...
Cron Job
A cron job is a scheduled task or automated job that runs at specified intervals on Unix-like operating systems. The name "cron" comes from the Greek word "chronos," meaning time, and it is a time-based job scheduler in Unix and Unix-like operating systems. Cron jobs...
Onboard FTDv 7.2.3 (FDM) to Cisco Defense Orchestrator (CDO)
Cisco Defense Orchestrator (CDO)/Cloud Firewall Management Center (FMC) is Cisco Cloud Management Solution for Firewalls. It provide the convenience and ease of use for managing multiple firewall from a single management console. It reduces the complexity and time to...
Configure Site to Site VPN between FTDv 7.3.0 (Using FDM) Running on KVM (Ubuntu 22.04)
Virtual Private Network (VPN) is a network connection that establishes a secure tunnel between remote peers using public ip address to connect 2 or more private networks. Encryption is use to ensure privacy and integrity of the Data. IPsec-based VPN technologies use...
Configure Remote Access (RA) VPN on FTDv 7.3.0 Managed by FDM
Remote Access Virtual Private Network (RA VPN) allows remote office / remote worker to connect back to the Head Office to gain access to resources that are not accessible from the public internet directly. Even thou more and more application are accessible from the...
Cisco FTDv 7.3.0 – Using FDM to configure HA (KVM in Ubuntu)
High Availability (HA) is a Active-Passive (Standby) setup that provide high availability for the LAN users. It is a useful setup for customer who wants to ensure that if one device fails the other device will take over while waiting for the faulty unit to be...
Cisco FTDv 7.3.0 – Configure FTDv using FDM Custom Port forwarding to SSH Client behind FTDv
In this setup I will show you how to configure FTDv using FDM to map custom SSH port 11122 to port 22, to gain access to a SSH Client behind the FTDv firewall. Below is how the setup looks like. 1. Go to Policies and select NAT and then click on ADD button. 2. In this...
Cisco FTDv 7.3 Configure Port Forwarding using FDM (RDP to the Windows 10 Client behind the Firewall)
In this tutorial I will show you how to port forward RDP to the Windows Client behind the firewall. Below is how the setup looks like. For those that are looking at using FMC / Cloud FMC to configure the port forwarding rule, the configuration is slightly different....
Configure FTDv using FMD to Allow Management from Internet (Through Outside Interface) or NAT to Management Interface
https://youtu.be/-bS8-iwhyMc Below is a graphical Diagram on how the setup looks like. To configure the FTD/FTDv to allow management from Internet/Outside interface below are the step by step guide. Configuring Cisco FTD using FDM (Firepower Device Manager) for...
Configure FTDv using FMD to Allow Management from Internet to the outside interface
Below is the Interface assignment and IP Addresses of the setup. At the end of this setup we will allow the Windows 10 Client (UMB SIG IP) to Managed the FTDv using FDM from the outside interface for the FTD. 1. Login to the FDM from the inside Windows 10 Client...
Configure ASAv Inside and Outside Interface with Dynamic PAT for internet Access
ASAv Version: 9.16 In this tutorial I will show you how to configure the ASAv Inside and Outside Interface. To allow access to the internet from a workstation in the LAN. We will be using the GigabitEthernet0/0 interface (GE0/0) as the outside interface for connection...
Install Windows 11 on KVM (Ubuntu 22.04) with software TPM 2.0
To install Windows 11 on KVM you want to make sure that you have swtmp install and in your KVM environment. Like its name suggest is a software that emulates TPM 2.0 in your virtual environment. You can do a quick check by running the following command. swtpm...
How to activate ASAv SMART Licensing
In this tutorial I will provide the step by step guide on how to activate Cisco ASAv Smart License. A common error that happens for beginners when you are unable to reached the licensing server is that you have not configured DNS name server in the ASAv virtual...
Install ASAv in KVM (Ubuntu 22.04)
In this tutorial I will show you how to do the basic configuration to deploy ASAv in KVM in Ubuntu 22.04. There are a few things to take note. Firstly you need to configure the bridge interfaces in Ubuntu depending on how...
Basic Configuration of FTDv 7.3 (Telnet and FDM) in KVM
Do check out the article on how to deploy FTDv if you have not already done the deployment of FTDv in KVM. https://dracocybersecurity.com/deploy-ftdv-cisco-secure-firewall-threat-defense-virtual-in-kvm-ubuntu/ In this tutorial we will go...
How to configure IPTables to Port Forward RDP (3389) to Windows Machine in KVM (Cloud)
It is useful to learn how to use iptables to enable port forwarding and perform basic Network Address Translation (NAT) and Dynamic Port Address Translation (PAT). Below is a diagram and rules for a basic port forwarding example through the iptables from the internet...
How to disable password for sudo command
Disable password for sudo command has its risk and convenience so do assess the risk for your environment before disabling it. I usually disable it in my test/lab environment as the risk is lower there and I do not want to keep entering password for sudo commands. Of...
Uptime Kuma (Docker) – Configuring Apache Reverse Proxy with Let’s Encrypt SSL(Ubuntu 22.04)
This tutorial assumes that you already have uptime kuma installed in a Docker Container and the that Apache Web Server have been installed. First let's install the certbot for apache. sudo apt install certbot python3-certbot-apache You can use the default Apache web...
Windows 10 – Create Template using Sysrep
Creating Windows machine template has become important part of automation and testing. In this tutorial I will cover different aspect of creating a VM template. This similar for VMWare, OracleBox, KVM and most general virtualization technology. Depending on how you...
Install uptime-kuma with Apache as a reverse proxy (Ubuntu 22.04)
Uptime Kuma is an open-source tools that allows you to monitor servers, websites and services that are running in your environment. It is a very useful tools for monitoring your lab environment. You can install Uptime Kuma as a standalone or in a Docker container. For...
Changing Ubuntu 22.04 Hostname through CLI
Here are the steps to change the Ubuntu hostname. To check your current hostname and summary of your machine. hostname hostnamectl There a few ways to change your hostname. sudo hostnamectl set-hostname <new hostname> # Manually changing it in the hostname file...
Deploy FTDv Cisco Secure Firewall Threat Defense Virtual in KVM (Ubuntu)
https://youtu.be/nZ_noM6fbME In this tutorial I am going to show you how to deploy FTDv in KVM. The minimum system requirements for deploying FTDv are 4vCPU and 8GB RAM (Default). You will need to have at least 4 interfaces to successfully boot up. Create a shell...
Bash Prompt in Linux – Change the prompt temporally
OS: Linux You should be familiar with Bash prompt if you are a linux user. Whenever you start a terminal the command line interface of the Linux server you should be using Bash as a default unless you have change the default shell to something else. Bash prompt is set...
Install KVM on Ubuntu 22.04 Server
Install the cpu-checker to check if your system support virtualization. sudo apt install -y cpu-checker Run the command to see if the sys kvm-ok Install all the necessary packages. sudo apt install -y qemu-kvm virt-manager libvirt-daemon-system virtinst...
Ubuntu 22.04 ssh port change additional steps
For those of you who started using Ubuntu 22.04 Jammy Jellyfish and realized the conventional way of editing /etc/ssh/sshd_config does work. Hope this tutorial is useful and nothing else changes. This works as of Feb 19 2023. I am not sure when this started but in...
Basic Network Configuration for Ubuntu 22.04
Let's start with the basic. To check the ip address assign or interface available. ip address Another command to help identify all network interfaces available to your system is lshw sudo lshw -class network ethtool is a program that displays and changes Ethernet card...
How to create a SYSTEMD service for VNCServer to AutoStart at Reboot
Systemd is a system and service manager for Linux operating systems. It is used to manage and control services, manage system startup and shutdown, and perform various system-related tasks. Here is the sample configure for the systemd service....
Configure ASAv password and Management IP Address – VM on ESXi
ASAv Version: 9.16 After deploying the ASAv on ESXi. You can start the ASAv VM. There are 2 basic configuration that you need to perform to enable ASDM Access. Set a password Configure a IP address. Set a password...
Deploy ASAv in VMWare ESXi
ASAv Version: 9.16 In this tutorial I will show you how to install ASAv on VMWare ESXi. Steps Download the ASAv software. You need to have a valid Cisco Account or get a trial from a Registered Cisco Partner. You...
SSH Tunneling – Remote Port Forwarding – Debian 11
OS: Debian 11 (Bullseye) https://youtu.be/SRAr0eaWZBs You have seen my tutorial of Local Port Forwarding and should have a basic understanding of how SSH Tunneling work. If you have not seen the tutorial you can go to the link below on how to setup local port...
SSH Tunneling -Local Port Forwarding – Debian 11
SSH Tunneling or SSH port forwarding is a way where you can access application leveraging on the SSH ports and tunnel in the event that you do not want to open additional ports on your firewall. In this tutorial I am going to show you how...
Enabling SSH Key Login
OS: DebianSSH: OpenSSH 8.2p1 Enabling SSH Key Login is a great way of protecting your SSH access to the cloud server. In the event that you still prefer password login (For convenience if you access the SSH server from multiple machine and does not want to port your...
Umbrella SIG Tunnel with Fortigate 60F
In this tutorial, I will show you how to configure Cisco Umbrella SIG tunnel to Fortigate 60F in your lab environment. First, I will show you how to configure Cisco Umbrella SIG, followed by Fortigate 60F. I will also show you where you can see the status and the logs...
Grep and cut Command by example with SSH logs – Brute Force
Linux: Debian 11 Grep is a very useful tools to quickly look through logs and text file. In this tutorial by example I will go through some useful commands and options that you can use to quickly get the ip address and username that is use to brute force your ssh...
Python 3.9.2 – File and Exception – SSH Brute Force IP address
Python is one of the most commonly use scripting tools. As a cyber security professional it is always good to have a few scripting language up your sleeve. It is always important to be able to understand simple logs and use a scripting tool to get high level...
Python 3.9.2 – Taking input from command line – using sys module
The sys module is a common python module to handle system inputs and commands. sys.argv is the list of command line arguments that are passed into the Python program. argv represents all the input that are entered into the command line. It is an array that hold the...
Mount additional hard disk in Ubuntu 20.04 – Contabo
To mount additional hard disk in Ubuntu in Contabo. You will need to have root privilege to do it.Use fdisk to identified the disks in the system. Below is the link for the official guide https://contabo.com/blog/mounting-additional-hard-disks-linux/ fdisk -l If the...
Contabo – Fixing Console not working after installing GDE such as xfce4. – Ubuntu 20.04
Stuck at the above screen after you reboot your Ubuntu 20.04, this is a very common problem when you install Graphical Desktop Environment (GDE) such as xfce4, lightdm, Ubuntu Desktop etc in your Linux Environment. If you face the same issue. For those of you who have...
Assigning static IP Address to Guest VM in a nested KVM – Ubuntu 20.04
You can always manually configure the ip address of your guest VM especially you are going to expose the guest VM in your KVM or you can configure to use DHCP to assign a static ip address base on the virtual machine virtual MAC address. List the available network by...
KVM/QEMU – Creating a Bridge in Netplan and Defining the Bridge in QEMU with virsh define – Ubuntu 20.04
You can find the official Netplan configuration example in the link below. https://netplan.io/examples/#configuration This tutorial will focus on creating a bridge using netplan and define the bridge in QEMU/KVM so that you can attached the bridge to the Guest...
Configure Default Route using ip route – Ubuntu 20.04
While setting up your lab environment sometime it is useful to change the default route. In this tutorial I will show you how to quickly configure the default route and some of the commands to check the config. Using the command ip route add You can use ip route / ip...
Manually Resetting WordPress User Password through SSH
OS: Ubuntu 20.04.2 LTSDB: MariaDB 10.3.34Wordpress: 6.0 In this tutorial I am going to show you how to change the Wordpress User Password through SSH and mysql statement in 6 simple steps. Always backup you configuration before making changes so...
Install Xrdp Server – Debian 11
OS: Debian 11 (Bullseye) Xrdp is the open-source implementation of the Microsoft Remote Desktop Protocol (RDP that allows you to control a remote linux server graphically. For any technical folks especially pentester that are doing web penetration testing using kali...
How to create a VLAN in Fortigate 60F
In this quick tutorial, I am going to show you how to create a VLAN in Fortigate 60F To create a VLAN for the lab go to Network -> Interfaces, then select the interface that the VLAN for the tunnel is going to be and click on Create New. Select Interface. Enter a name...
Install TightVNCServer on Ubuntu 20.04
VNC (Virtual Network Computing, is a tool that allows you to connect to the GUI (Graphical User Interface) of linux GDE (Graphical Desktop Environment). This allow you to interact with Ubuntu using mouse and Keyboard in a GUI. Install xfce and choose the display...
Install Ubuntu 20.04 om Nested KVM (QEMU) Ubuntu 20.04
Kernel-based Virtual Machine (KVM) is the leading open source virtualization technology for linux. It is available natively on all linux distributions and turns underlying physical servers into hypervisors. For those of you who are...
Install Windows Server 2022 on nested KVM – Ubuntu 20.04 – Standard NAT
In this tutorial I am going to show you how to install Windows Server 2022 on Ubuntu Nested KVM. You can download the Windows Server 2022 from the official Microsoft Evaluation Download site. You need to enter you information do download the...
Configure RSyslog to log iptables log to another log file instead of kern.log/syslog.log
In this tutorial I am going to show you how to customized rsyslog to log iptables log to a different log file. This is useful if you want to look at specific iptables log and also understand how packets flow through the iptables. Create a new config file in the...
Configure Rsyslog to log multiple iptables log prefix to multiple log files – Ubuntu 20.04
In this tutorial I am going to show you how to customized rsyslog to log multiple iptables log (with different prefix) to different log files. This is useful if you want to look at specific iptables log and also understand how packets flow through the iptables. Create...
Iptables Basic Configurations – Ubuntu 20.04
Iptables is a very useful linux firewall for protection and learning of how the ip packets transverse the linux system. Although the newer nftables is starting to gain popularity as well as ufw and firewalld due its simplicity as well as add GUI capabilities it is...
Configure IPTABLES port forwarding to nested Guest VM in KVM (Default NAT virtual bridge) – Ubuntu 20.04
For those using iptables and would like to configure iptables allow http and RDP access to the Guest VMs. Here are the steps to configure and explanation of the rules. 1. Configure the iptables use the nat table to route the mapped port to the guest VM IP address and...
IPTABLES Basics Understanding – Ubuntu 20.04
In this tutorial, I will share my learning and understanding of IPTABLES. There are a few things that will help in your understanding and configuration of: . TABLESTables form the basis of the IPTABLES where chains and rules are created base on the tables that the...
Install pfSense on VMWare ESXi 7.0 U2
This is quick tutorial to setup pfSense. I decide to try out pfSense for routing. Was deciding between VyOS and pfSense and since I have used pfSense before, I have decide to try out pfSense. For those who are looking at using vSphere vCenter. This video does not do...
UFW basics – Debian 11
OS: Debian 11 (Bullseye) In this tutorial I will show you how to quickly install ufw in Debian 11. Do take note that if you do not specific the protocol by default both TCP and UDP protocol will be enabled Install ufw in Debian. sudo apt install ufw First lets allow...
UFW basics – Ubuntu
OS: Ubuntu 20.04.3 LTSUFW: 0.36 UFW (uncomplicated firewall) is the default firewall configuration tool that runs on top of iptables, included in Ubuntu distributions. For those that are looking at using the GUI configuration option. You can check out Gufw. By default...
Nmap Quick Guide
In this tutorial I have list down the list of common Nmap commands that might be useful. Target Specific SwitchExampleDescriptionnmap 192.168.33.200Scan a single IPnmap 192.168.33.200 192.168.33.203Scan specific IPsnmap 192.168.33.1-254nmap 192.168.33.*Scan a...
Nmap – Target Specific – Demo
Demo on Nmap Target Specific Commands. Target Specific SwitchExampleDescriptionnmap 192.168.33.200Scan a single IPnmap 192.168.33.200 192.168.33.203Scan specific IPsnmap 192.168.33.1-254nmap 192.168.33.*Scan a rangenmap www.dracocybersecurity.comScan a domainnmap...
NFTables Beginners Guide
OS: Debian 11 (bullseye)nftables version: 0.9.8 (E.D.S.) For those of you that are familiar with iptables by Netfilter. You might be interested to learn nftables which is available in linux kernels >= 3.13. The good news is it comes with a compatible layer that...
Basic Ubuntu Commands that is useful
For Beginners it is Important to take note that linux commands are CASE sensitive. In this section I have list down the commands that are frequently used by me in my lab setup. 1. sudo sudo – command that allows you to run programs or commands with administrator...