Categories
Tech

Duo Security IP Address Range

Here are the IP ranges used by Duo Security for authentication purposes – list correct as of September 2016. Duo don’t make this list public (security through obscurity?) but they do give it to customers on request so here they are:

Categories
Tech

Palo Alto MineMeld Example Configuration

MineMeld is an “extensible Threat Intelligence processing framework and the ‘multi-tool’ of threat indicator feeds. Based on an extremely flexible engine, MineMeld can be used to collect, aggregate and filter indicators from a variety of sources and make them available for consumption to peers or to the Palo Alto Networks security platforms.”

It was recently open-sourced by Palo Alto and can be found on Github.

Categories
Tech

Ruckus SNMP Active Users and Bandwidth Utilisation

In this post I will briefly go through the steps needed to configure your SNMP monitoring tool to get active user statistics from your Ruckus ZoneDirector. You can then use this data to map against another metric like bandwidth utilisation or anything else you might find useful in your environment.

In my set-up I have a Ruckus ZoneDirector 3000. I used PRTG as the SNMP monitoring software but any will do.

Categories
Tech

Reverse SSH Tunnelling over SSL with the Raspberry Pi

In this blog I will go through the steps necessary to set-up an automatic reverse SSH tunnel between a client machine sitting in a restricted environment and a server that you control in your home/office/cloud. The reverse SSH tunnel will be encapsulated within a SSL tunnel over port 443 to evade network security appliances/firewalls.

Categories
Tech

Palo Alto Networks – Update Server API Exposure

In this brief post I will relay my finding of a security vulnerability with the Palo Alto update servers. This post refers to the security advisory PAN-SA-2016-0010.