Security – Pagina 4

Deze malware zal, zodra het geactiveerd wordt, vrijwel alle documenten waar de betreffende gebruiker toegang toe heeft trachten te versleutelen. Het betreft hierbij in ieder geval de volgende bestandstypen:

3fr, Accdb, Ai, Arw, Bas, Bay, Cdr, Cer, Cr2, Crt, Crw, Dbf, Dcr, Der, Dng, Doc, Docm, Docx, Dwg, Dxf, Dxg, Eps, Erf, Img, Indd, Jpe, Jpg, Kdc, Mdb, Mdf, Mef, Mrw, Nef, Nrw, Odb, Odc, Odm, Odp, Ods, Odt, Orf, P12, P7b, P7c, Pdd, Pdf, Pef, Pem, Pfx, Ppt, Pptm, Pptx, Psd, Pst, Ptx, R3d, Raf, Raw, Rtf, Rw2, Rwl, Sr2, Srf, Srw, Txt, Wb2, Wpd, Wps, X3f, Xlk, Xls, Xlsb, Xlsm, Xlsx, Zip

Het coderen van deze bestanden duurt vaak niet meer dan enkele minuten. Zodra de documenten gecodeerd zijn, is het nagenoeg onmogelijk om deze bestanden terug te krijgen (behalve uit een back-up).

Het is daarom zaak om z.s.m. te reageren in geval van een infectie!

Voor enkele varianten van deze malware, waarbij de maker opgepakt is of waar de server van de criminelen in beslag genomen is, zijn de sleutels bekend en kunnen de bestanden hersteld worden via www.decryptolocker.com. Let op; deze pagina werkt slechts voor enkele typen van de cryptolocker malware. Bestanden geïnfecteerd met de nieuwste versie kunnen waarschijnlijk (nog) niet gerepareerd worden.

Herkennen:
In enkele gevallen blijkt de malware via mail ontvangen te zijn. Het is echter mogelijk dat de malware ook via een geïnfecteerde website/advertentie of download binnen komt.

Security

Special Use IPv4 Addresses

11 februari 2015 Winfred

Address Block       Present Use                Reference
------------------------------------------------------------------
0.0.0.0/8           "This" Network             RFC 1122, Section 3.2.1.3
10.0.0.0/8          Private-Use Networks       RFC 1918
127.0.0.0/8         Loopback                   RFC 1122, Section 3.2.1.3
169.254.0.0/16      Link Local                 RFC 3927
172.16.0.0/12       Private-Use Networks       RFC 1918
192.0.0.0/24        IETF Protocol Assignments  RFC 5736
192.0.2.0/24        TEST-NET-1                 RFC 5737
192.88.99.0/24      6to4 Relay Anycast         RFC 3068
192.168.0.0/16      Private-Use Networks       RFC 1918
198.18.0.0/15       Network Interconnect
                    Device Benchmark Testing   RFC 2544
198.51.100.0/24     TEST-NET-2                 RFC 5737
203.0.113.0/24      TEST-NET-3                 RFC 5737
224.0.0.0/4         Multicast                  RFC 3171
240.0.0.0/4         Reserved for Future Use    RFC 1112, Section 4
255.255.255.255/32  Limited Broadcast          RFC 919, Section 7
                                               RFC 922, Section 7

https://tools.ietf.org/html/rfc5735

Security

Optimalisatie WAN doorvoersnelheid

21 januari 2015 moiwinfred

https://www.fir3net.com/Networking/Terms-and-Concepts/how-can-i-optimize-the-throughput-of-a-vpn-across-a-wan-based-link.html

Cisco, Security

Veranderen host naam TRA

21 januari 2015 moiwinfred

Changing the Hostname of a Leader Appliance:
1. SSH to the CLI of the Leader Appliance
2. Stop services on the Leader appliance: “services sp stop”
3. Rename the appliance: “service sp device rename old_name new_name”
4. Set the new name on the device: “system name set new_name”
5. Start SP services: “service sp start”
6. Save the configuration: “config write”

Arbor Networks, Security

Cisco EZvpn router client

16 januari 2015 Winfred

https://supportforums.cisco.com/discussion/11613901/cisco-router-ipsec-vpn-client

http://www.cisco.com/web/services/news/ts_newsletter/tech/chalktalk/archives/201102.html

Cisco, Security

L2TP PPP login

16 januari 2015 Winfred

L2TP over IPsec on Cisco IOS

! Enable L2TP
! - Connect VPN clients to VRF private

! Must use "password" ("secret" won't work)
username roadwarrior password 0 <removed>

aaa authentication ppp l2tp-auth local-case

ip local pool l2tp-pool 10.1.11.100 10.1.11.199

vpdn enable

interface Virtual-Template1
 ip unnumbered Loopback0
 peer default ip address pool l2tp-pool
 ppp mtu adaptive
 ppp authentication ms-chap-v2 l2tp-auth
!

vpdn-group l2tp-group
 ! Default L2TP VPDN group
 description L2TP clients
 accept-dialin
  protocol l2tp
  virtual-template 1
!
no l2tp tunnel authentication
!

! ISAKMP policy:
! - OS X offers aes 256 and 128 (but not 192)
! - SHA1 is the default hash on Cisco IOS (does not show up in config)
! - OS X doesn't offer any of the PFS groups

crypto isakmp policy 50
 encr aes 256
 authentication pre-share
 group 2
 lifetime 14400
!

! Internet is connected to VRF cable
crypto keyring l2tp-ring vrf cable
  pre-shared-key address 0.0.0.0 0.0.0.0 key <removed>
!

! IPsec policy
! - Match OS X proposal

crypto ipsec transform-set l2tp-transform esp-aes 256 esp-sha-hmac
 mode transport
!

! Require IPsec for all L2TP traffic
! 

ip access-list extended l2tp-access
 permit udp any eq 1701 any
!

crypto dynamic-map l2tp-map 10
 set nat demux
 set transform-set l2tp-transform
 match address l2tp-access
!

crypto map l2tp 10 ipsec-isakmp dynamic l2tp-map

interface Vlan6
 crypto map l2tp
!

http://null.53bits.co.uk/index.php?page=pppoe-initial-set-up-with-freeradius-2http://null.53bits.co.uk/index.php?page=lac-wholesale-pppoa-e-l2tp-tunnelling-with-freeradius-2http://www.gossamer-threads.com/lists/cisco/bba/182918#182918

https://supportforums.cisco.com/document/9878401/l2tp-over-ipsec-cisco-ios-router-using-windows-8

http://www.cisco.com/c/en/us/support/docs/dial-access/virtual-private-dialup-network-vpdn/9556-basic-vpdn.html

http://www.gossamer-threads.com/lists/cisco/nsp/131855

http://www.cisco.com/c/en/us/td/docs/ios/12_4t/12_4t2/pt_wnlns.htmlhttp://www.networklabs.info/2012/03/cisco-l2tp-dial-in.htmlhttps://www.marc.info/?l=cisco-nsp&m=142683826203087&w=3

L2TP over IPsec on Cisco IOS

http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/vpdn/configuration/xe-3s/vpd-xe-3s-book/vpd-cfg-nas-init-dialin-tunnels.html#GUID-5F599546-5296-4037-93CA-C284D54C9426http://www.openl2tp.org/pipermail/openl2tp-users/2011-March/000939.html

http://blogconfigs.blogspot.nl/2010/07/configure-l2tp-ipsec-vpn-server-on.html

http://www.cisco.com/c/en/us/support/docs/dial-access/virtual-private-dialup-network-vpdn/23980-l2tp-23980.html#t4

http://www.cisco.com/c/en/us/td/docs/routers/asr1000/configuration/guide/chassis/asrswcfg/scaling.html#pgfId-1121164

http://www.cisco.com/c/en/us/products/collateral/routers/asr-1000-series-aggregation-services-routers/datasheet-c78-731640.html

http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/l2tp_ips.html#wp1046219

http://windowsitpro.com/networking/pptp-vs-l2tp

https://www.ivpn.net/pptp-vs-l2tp-vs-openvpn

http://www.cisco.com/c/en/us/support/docs/dial-access/virtual-private-dialup-network-vpdn/9556-basic-vpdn.html

http://strongvpn.com/forum/viewtopic.php?id=2234

Configuring DSL (ISP & Customer Side)

https://supportforums.cisco.com/document/30416/pppoe-over-l2tp-lns-configuration-and-troubleshooting

http://www.gossamer-threads.com/lists/cisco/nsp/131855

Cisco, Security

« 1 2 3 4 5 6 »

Categorie: Security

Netflow – FNF cheat sheet

Asset managememt

DNSbl controle

PC Schonen

decryptolocker.com

Special Use IPv4 Addresses

Optimalisatie WAN doorvoersnelheid

Veranderen host naam TRA

Cisco EZvpn router client

L2TP PPP login