Thursday, June 2, 2016
Blacklist IP's
object-group network Custom_Block_List
network-object host 23.250.11.220
network-object host 209.10.104.55
network-object host 119.81.240.10
network-object host 118.192.3.3
network-object host 89.248.171.137
network-object 222.186.21.0 255.255.255.0
network-object object 89.248.168.128
network-object host 213.136.90.120
network-object host 80.82.70.238
network-object 162.252.172.0 255.255.255.0
network-object object 188.138.9.51
network-object host 91.219.238.193
network-object host 61.216.2.15
network-object 185.40.4.182 255.255.255.255
network-object host 209.126.116.147
network-object object 125.64.94.200
network-object 123.59.59.0 255.255.255.0
network-object host 93.174.93.94
network-object host 80.82.65.61
network-object host 125.64.94.200
network-object host 80.82.78.38
network-object 185.45.13.0 255.255.255.0
network-object host 208.100.26.228
Attacks and Scans
I see way to many of these lately so I am going to start posting the reoccurring ones for other engineers to reference by on attack type and if they just want to start blocking these IP's for there own firewalls/routers.
-Gary
-Gary
Monday, May 16, 2016
Sample Adtran NetVanta 3430 Config
corerouter#show run
Building configuration...
!
!
! ADTRAN, Inc. OS version R11.8.0
! Boot ROM version 17.06.01.00
! Platform: NetVanta 3430, part number 1202820G1
! Serial number ******
!
!
hostname "corerouter"
enable password encrypted 323ab2216eb4ffgghhb25bcc426298ddfggba2625f57
!
!
clock timezone -5-Eastern-Time
!
ip subnet-zero
ip classless
ip default-gateway 192.168.1.1
ip routing
ipv6 unicast-routing
!
!
domain-name "gnet.local"
domain-proxy
name-server 208.67.222.222 208.67.220.220
!
!
no auto-config
auto-config authname adtran encrypted password 383e4bc8685e2bf8b1350b96da4ae62fc205
!
event-history on
no logging forwarding
logging forwarding priority-level info
logging email on
logging email receiver-ip 192.168.0.1 auth-username usrname auth-password encrypted 43lkmfdmskm454
logging email address-list glangston@ksbankinc.com
logging email ip urlfilter top-websites address-list glangston@knrgnetworksinc.com
logging email sender glangston@nrgnetworksinc.com
!
service password-encryption
!
username "admin" password encrypted "4048f6b33g249c127e28ac48fdd3452203161619f745"
!
banner motd #
#
!
!
ip firewall
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
!
!
!
!
!
!
!
!
!
!
no dot11ap access-point-control
!
!
!
ip security monitor stats-filter web-stats-filter
threat 201
!
ip security monitor
stats-filter web-stats-filter
!
!
!
!
!
!
!
!
ip urlfilter Web_Http_Filter http
!
!
!
!
!
!
!
!
!
no ethernet cfm
!
interface eth 0/1
ip address 10.207.177.97 255.255.255.248
no shutdown
!
!
interface eth 0/2
no ip address
shutdown
!
!
!
!
interface t1 1/1
clock source internal
fdl att
tdm-group 1 timeslots 1-24 speed 64
no shutdown
!
!
interface fr 1 point-to-point
frame-relay lmi-type ansi
no shutdown
!
interface ppp 1
ip address 12.124.191.18 255.255.255.252
ip mtu 1500
ip urlfilter Web_Http_Filter in
ip urlfilter Web_Http_Filter out
no shutdown
cross-connect 1 t1 1/1 1 ppp 1
!
interface hdlc 1
no ip address
no shutdown
!
!
!
!
!
!
ip access-list standard wizard-ics
remark Internet Connection Sharing
permit any
!
!
ip access-list extended self
remark Traffic to NetVanta
permit ip any any log
!
ip access-list extended wizard-remote-access
remark do not hand edit this ACL
permit tcp any any eq telnet log
permit icmp any any echo log
permit ip host 192.168.10.1 any log
!
!
!
!
ip policy-class Private
allow list self self
!
ip policy-class Public
allow list wizard-remote-access self
!
!
!
ip route 0.0.0.0 0.0.0.0 12.114.121.217
!
no tftp server
no tftp server overwrite
http server
http secure-server
no snmp agent
no ip ftp server
ip ftp server default-filesystem flash
no ip scp server
no ip sntp server
!
!
!
line con 0
login
password encrypted 2821704d6ad1dde8ac0fdfdfdbe6a02f3aa429fcbe
!
line telnet 0 4
login
password encrypted 3e36e4defd8afdfd26bnb3c7edb47d0117a42bb7952
no shutdown
line ssh 0 4
login local-userlist
no shutdown
!
sntp server time-b.nist.gov
!
!
!
!
end
corerouter#
Building configuration...
!
!
! ADTRAN, Inc. OS version R11.8.0
! Boot ROM version 17.06.01.00
! Platform: NetVanta 3430, part number 1202820G1
! Serial number ******
!
!
hostname "corerouter"
enable password encrypted 323ab2216eb4ffgghhb25bcc426298ddfggba2625f57
!
!
clock timezone -5-Eastern-Time
!
ip subnet-zero
ip classless
ip default-gateway 192.168.1.1
ip routing
ipv6 unicast-routing
!
!
domain-name "gnet.local"
domain-proxy
name-server 208.67.222.222 208.67.220.220
!
!
no auto-config
auto-config authname adtran encrypted password 383e4bc8685e2bf8b1350b96da4ae62fc205
!
event-history on
no logging forwarding
logging forwarding priority-level info
logging email on
logging email receiver-ip 192.168.0.1 auth-username usrname auth-password encrypted 43lkmfdmskm454
logging email address-list glangston@ksbankinc.com
logging email ip urlfilter top-websites address-list glangston@knrgnetworksinc.com
logging email sender glangston@nrgnetworksinc.com
!
service password-encryption
!
username "admin" password encrypted "4048f6b33g249c127e28ac48fdd3452203161619f745"
!
banner motd #
#
!
!
ip firewall
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
!
!
!
!
!
!
!
!
!
!
no dot11ap access-point-control
!
!
!
ip security monitor stats-filter web-stats-filter
threat 201
!
ip security monitor
stats-filter web-stats-filter
!
!
!
!
!
!
!
!
ip urlfilter Web_Http_Filter http
!
!
!
!
!
!
!
!
!
no ethernet cfm
!
interface eth 0/1
ip address 10.207.177.97 255.255.255.248
no shutdown
!
!
interface eth 0/2
no ip address
shutdown
!
!
!
!
interface t1 1/1
clock source internal
fdl att
tdm-group 1 timeslots 1-24 speed 64
no shutdown
!
!
interface fr 1 point-to-point
frame-relay lmi-type ansi
no shutdown
!
interface ppp 1
ip address 12.124.191.18 255.255.255.252
ip mtu 1500
ip urlfilter Web_Http_Filter in
ip urlfilter Web_Http_Filter out
no shutdown
cross-connect 1 t1 1/1 1 ppp 1
!
interface hdlc 1
no ip address
no shutdown
!
!
!
!
!
!
ip access-list standard wizard-ics
remark Internet Connection Sharing
permit any
!
!
ip access-list extended self
remark Traffic to NetVanta
permit ip any any log
!
ip access-list extended wizard-remote-access
remark do not hand edit this ACL
permit tcp any any eq telnet log
permit icmp any any echo log
permit ip host 192.168.10.1 any log
!
!
!
!
ip policy-class Private
allow list self self
!
ip policy-class Public
allow list wizard-remote-access self
!
!
!
ip route 0.0.0.0 0.0.0.0 12.114.121.217
!
no tftp server
no tftp server overwrite
http server
http secure-server
no snmp agent
no ip ftp server
ip ftp server default-filesystem flash
no ip scp server
no ip sntp server
!
!
!
line con 0
login
password encrypted 2821704d6ad1dde8ac0fdfdfdbe6a02f3aa429fcbe
!
line telnet 0 4
login
password encrypted 3e36e4defd8afdfd26bnb3c7edb47d0117a42bb7952
no shutdown
line ssh 0 4
login local-userlist
no shutdown
!
sntp server time-b.nist.gov
!
!
!
!
end
corerouter#
Bacon Wrapped Jalapeno Peppers
1 Container of Cream
Cheese
1 Pack of Think Cut
Bacon
6 Peppers
Onion Powder
Garlic Powder
Olive Oil
Salt
and Black-pepper
Halve
the JalapeƱos down the middle and de-core them. Leave a few seeds for
heat. Put them Pour a little Olive Oil on them. Sprinkle Onion Powder, Garlic
Powder and Salt & Pepper.
Preheat the oven to
350. Put the peppers in a cooking shit and in the oven at 325 for 15 minutes.
Pull them out and let them cool for a few minutes. Take you
room temperature cream cheese and use a spoon to pack them.
Next completely wrap
the pepper with the bacon. "Try not to leave many gaps". Put in the
over for 30-45 minutes on 325.
Saturday, May 14, 2016
Example Cisco Config with Frame Relay and Multilink /w OSPF 2900 Series
Current
configuration : 4278 bytes
!
! Last configuration
change at 16:10:58 PCTime Wed Jul 29 2015 by admin
!
version 15.0
service
tcp-keepalives-in
service
tcp-keepalives-out
service timestamps
debug datetime msec localtime show-timezone
service timestamps
log datetime msec localtime show-timezone
service
password-encryption
service
sequence-numbers
!
hostname corerouter
!
boot-start-marker
boot-end-marker
!
card type t1 0 0
logging buffered
51200
logging console
critical
!
no aaa new-model
clock timezone
PCTime -5
clock summer-time
PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
no
network-clock-participate wic 0
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
ip domain name
nrgnetworksinc.com
ip name-server
208.67.222.222
ip name-server
208.67.220.220
multilink
bundle-name authenticated
!
!
!
crypto pki
trustpoint TP-self-signed-1461846340
enrollment
selfsigned
subject-name
cn=IOS-Self-Signed-Certificate-1461846340
revocation-check
none
rsakeypair
TP-self-signed-1461846340
!
!
crypto pki
certificate chain TP-self-signed-1461846340
certificate
self-signed 01
30820255
308201BE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30
2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963
6174652D 31343631 38343633 3430301E 170D3135 30373239 31363437
31365A17
0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53
656C662D 5369676E 65642D43 65727469 66696361 74652D31 34363138
34363334
3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
81009D2C
744A0648 AA54BB97 6134641C A1E81A8B 2DA3396A DCDEFD18 7C545D01
D3665567
154FB817 31944A23 B55269D9 937ABC7D 0DECED70 D96872AD 9E756748
B5AF0E48
8CF41793 04BB0F36 CFF148BF 4CE43D4D F8D247F3 F1F92176 19EA8554
024F0CE6
CE2AFBCB 769F6598 E7D96E85 0E319C1A 2BF38076 CC2DB60C DCAD750D
C4290203
010001A3 7D307B30 0F060355 1D130101 FF040530 030101FF 30280603
551D1104
21301F82 1D636F72 65726F75 7465722E 6E72676E 6574776F 726B7369
6E632E63
6F6D301F 0603551D 23041830 168014DA 9E0014B8 174B471C 16F84537
1F0F3EFF
D863D230 1D060355 1D0E0416 0414DA9E 0014B817 4B471C16 F845371F
0F3EFFD8
63D2300D 06092A86 4886F70D 01010405 00038181 00163DFD 31F6A4CA
E2999A3F
21F9DED1 91A3CD1A 429ADB5E 94EB871C C576CF75 C50879CD F675766F
1971BE01
DBFCBAFB 308B6428 F18C2BEE 78006571 AACB80FA BE174B09 B6857915
937FBEDA
E3AE8DB6 6A4660EF E8149667 3E4DE67B 78607371 35426E9A 9712C055
38CEEC1F
9F438D51 B08E63CD DBA02A83 C9FF1117 764AE3C2 50
quit
license udi pid
CISCO2911/K9 sn FTX****
!
!
username admin
privilege 15 secret 5 (password)
!
!
controller T1 0/0/0
cablelength short
110
channel-group 1
timeslots 1-24
!
controller T1 0/0/1
cablelength short
110
channel-group 1
timeslots 1-24
!
ip tcp synwait-time
10
!
!
!
!
interface Loopback1
no ip address
!
interface Multilink1
description Wan
ip address
negotiated
ip flow ingress
ppp multilink
ppp multilink group
1
!
interface
GigabitEthernet0/0
description ATT
ip address
12.120.136.97 255.255.255.248
ip flow ingress
duplex auto
speed auto
!
interface
GigabitEthernet0/1
description
CenturyLink
ip address
184.7.17.120 255.255.255.0
ip flow ingress
duplex auto
speed auto
!
interface
GigabitEthernet0/2
no ip address
ip flow ingress
shutdown
duplex auto
speed auto
!
interface
Serial0/0/0:1
ip address
12.124.171.218 255.255.255.252
ip flow ingress
encapsulation ppp
ppp multilink
ppp multilink group
1
!
interface
Serial0/0/1:1
ip address
187.7.23.34 255.255.255.252
ip flow ingress
encapsulation ppp
ppp multilink
ppp multilink group
1
!
router ospf 100
log-adjacency-changes
redistribute
connected subnets
network 192.168.138.0
0.0.0.63 area 192
network
172.21.99.116 0.0.0.3 area 192
!
ip forward-protocol
nd
!
ip http server
ip http
authentication local
ip http
secure-server
ip http
timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0
0.0.0.0 12.124.171.217
ip route 0.0.0.0
0.0.0.0 184.7.23.33
!
logging trap
debugging
!
!
!
control-plane
!
!
line con 0
exec-timeout 120 0
login local
line aux 0
line vty 0 4
exec-timeout 60 0
privilege level 15
login local
transport input
telnet ssh
line vty 5 15
exec-timeout 60 0
privilege level 15
login local
transport input
telnet ssh
!
scheduler allocate
20000 1000
end
My Eastern Carolina Pork Sauce Reciepe
2 cups apple cider
vinegar
2 tablespoons dark
brown sugar
1 tablespoon ketchup
1 tablespoon Texas
Pete's
1 teaspoon red
pepper flakes
1 teaspoon ground
black pepper
1 teaspoon kosher
salt
1/2 Stick of Butter
1/2 Cup of Pork or
Chicken Stock
Bring to Boil and
Let it cool to room temp to serve.
Refrigerant it after
first use.
Subscribe to:
Posts (Atom)