SSH Manipulation – Palo Alto

The manipulation of the ssh would be required for a critical network. When you verify your Secure Shell (SSH) connection to the firewall, the verification uses SSH keys. You can use the CLI to change the default host key type, generate a new pair of public and private SSH host keys, […]

Automatic Backup of WordPress Website for Free

Install and Activate the plugins – UpdraftPlus Go to Settings and then select GoogleDrive Make the required selection like weekly backup and save the setting Allow the credentials as of GoogleDrive Once everything is done. Go to Backup/Restore Select Backup Now This will enable the backup of all the files […]

Website Search Bar Malfunction using CloudFlare SSL

The issue can be resolved by using the Cloudflare Flexible SSL.  This is pretty straight forward. Find the below steps. Install the Cloudflare Flexible SSL plugins. Activate the installed plugins. Enable the Your SSL/TLS encryption mode in Flexible. Make sure to enable the below setting. Always Use HTTPS : Redirect all […]

Ring Version Mismatch Error In Panorama – Palo Alto Tshoot

SYMPTOMS Deploying Panorama in Panorama/Log Collector Combination in HA Mode on the Panorama Managed Log Collectors tab results in the following error: Ring version mismatch. DIAGNOSIS Resolution To resolve this mismatch, the configuration needs to be committed to both Panorama and the log collector group: Perform local commit on Panorama Perform commit […]

ZoneRunner-managed zone – zrsh – F5 Networks

We could also use zrsh as a workaround, but kindly take note this is not officially supported by F5 Technical support and we don’t have official document published for this tool. ******************************************* There’re two types of DNS records in the customer’s RPZ blacklist zone – normal DNS record – wildcard […]

iRule to Log the CLIENTSSL_HANDSHAKE and SERVERSSL_HANDSHAKE- F5 Networks

Use the Below snippet to rewrite the http request. Associate it with the required VS. when CLIENTSSL_HANDSHAKE { log local0. “clientside {[IP::remote_addr]:[TCP::remote_port]} <–> clientside {[IP::local_addr]:[TCP::local_port]}” log local0. “RSA Session-ID:[SSL::sessionid] Master-Key:[SSL::sessionsecret]” } when SERVERSSL_HANDSHAKE { log local0. “serverside {[IP::local_addr]:[TCP::local_port]} <–> serverside {[IP::remote_addr]:[TCP::remote_port]}” log local0. “RSA Session-ID:[SSL::sessionid] Master-Key:[SSL::sessionsecret]” }

iRule to Log HTTP REQUEST and HTTP RESPONSE – F5 Networks

Create the iRule Snippet from below. Associate it with any of the VS as required. when HTTP_REQUEST { set LogString “Client [IP::client_addr]:[TCP::client_port] -> [HTTP::host][HTTP::uri]” log local0. “=============================================” log local0. “$LogString (request)” foreach aHeader [HTTP::header names] { log local0. “$aHeader: [HTTP::header value $aHeader]” } log local0. “=============================================” } when HTTP_RESPONSE { […]

Work with FTD LINA Engine Captures – Firepower

Requirements 1. Enable two captures on FTD using these filters: Source IP 192.168.103.1 Destination IP 192.168.101.1 Protocol ICMP Interface INSIDE Source IP 192.168.103.1 Destination IP 192.168.101.1 Protocol ICMP Interface OUTSIDE 2. Ping from Host-A (192.168.103.1) to Host-B (192.168.101.1) and check the captures. Solution Step 1. Enable the captures: > capture CAPI interface […]

Work with Snort Engine Captures – Firepower

Prerequisites There is an Access Control Policy (ACP) applied on FTD that allows Internet Control Message Protocol (ICMP) traffic to go through. The policy also has an Intrusion Policy applied: Requirements Enable capture on FTD CLISH mode using no filter. Ping through the FTD and check the capture output. Solution […]