Router not updating dyndns

some routers do not accept passwords with special characters  so we may need to change dyndns account password .

For example Belkin Adsl  router ( I dont know about other models but my Belkin N150 router needed password without special characters).

Some routers may need provider’s website link in dynamic dns settings . Try without  “http:// ” in the name.

 

Tomcat -Virtual hosts and Access logging

Some times we may need to run multiple websites on single ip address with the same port number ,for example http( tcp-80 ) port .

If I have 2 websites called  www.example1.com and  www.example2.com pointing to same webserver 10.0.0.10,  then i will configure my tomcat webserver( 10.0.0.10 )following way .

 

Using vim editor i will  edit /tomcat_directory/conf/server.xml and add seperate  virtual host entries for each domain .

 

<Host name=”www.example1.com” debug=”0″ appBase=”example1″
unpackWARs=”true” autoDeploy=”true”
xmlValidation=”false” xmlNamespaceAware=”false”>
<Context path=”” docBase=”.”/>
<Logger className=”org.apache.catalina.logger.FileLogger”
directory=”logs” prefix=”localhost_log.” suffix=”.txt”
timestamp=”true”/>
<Valve className=”org.apache.catalina.valves.AccessLogValve” directory=”logs”

prefix=”localhost_access_log.” suffix=”.txt” pattern=”common” resolveHosts=”false”/>

<Host name=”www.example2.com” debug=”0″ appBase=”example2″
unpackWARs=”true” autoDeploy=”true”
xmlValidation=”false” xmlNamespaceAware=”false”>
<Context path=”” docBase=”.”/>
<Logger className=”org.apache.catalina.logger.FileLogger”
directory=”logs” prefix=”localhost_log.” suffix=”.txt”
timestamp=”true”/>
<Valve className=”org.apache.catalina.valves.AccessLogValve” directory=”logs”

prefix=”localhost_access_log.” suffix=”.txt” pattern=”common” resolveHosts=”false”/>

</Host>

</Engine>

</Service>

</Server>

 

 

example1 and example2  are root directories  where we  can copy webpages .

<Valve className=”org.apache.catalina.valves.AccessLogValve” directory=”logs”

prefix=”localhost_access_log.” suffix=”.txt” pattern=”common” resolveHosts=”false”/>  ……. this entry will log  website access logs  in /tomcat_directory/logs .

 

 

Mointoring Messenger chats on networks ,passwords&much more !

First of all ,I would like to let you know that, whatever I write here is for educational purpose only .Please do not abuse it one way or other.

I think you already aware of the dangerous key loggers  and what they do . If you want to use  a computer in a net cafe for bank transactions, be-careful !, they might have key-loggers installed which can capture your passwords and chats .

There are some hardware key loggers which can be attached to keyboard and others are software key-loggers which are difficult to be traced .

If  we have physical access to someone’s computer it is very easy to view passwords ,record chats or record whatever typed  on that computer .And sometimes, it is possible  to receive a  mail automatically with the recorded data ( for example- spector pro).

If we don’t have physical access to the pc and dont want to install  some monitoring software , Then we can use network packet capturing tools like wireshark to capture passwords ,web traffic  on network.

If the computers on network connected to a older ethernet hub , then it will be more easy to capture packets originating from those computers , because a ethernet hub just broadcasts the packets (sends the same packet to all the computers on network , but only the real receiver will accept it ) . So with the tools like ethereal , we can make the computer  listen to these packets  in promiscuous mode .

But ethernet switch does not broadcast the traffic , it sends the frames directly to  a node which it has to be delivered . Because it knows the mac-address of the destination .

If the computers connected to Cisco catalyst switches , We can clone the same traffic destined to one port ,to another port . Suppose  computer A connected to port 1 and having conversation with server S connected to port 2,then using  port mirroring feature  we can copy the frames from port 1 to port 3 . And with the help of tools like ethereal , we can capture those packets( Should i say frames ?, since it is layer 2 data. ) and decrypt the interesting traffic.

 

The procedure to enable port mirroring on a csico  2900 LAN switch series is ,

1.using console cable or telnet to cisco switch ,enter global config mode

switch# config terminal

2.issue command

switch<config># monitor session 1 source interface GigabitEthernet 0/1

3. issue command

switch<config>#monitor session 1 destination interface FastEthernet 0/20

4.Exit from Global config mode and issue command write memory to save the changes

 

We can give session number anything between 1-66 . The source interface number is the port we want monitor and destination interface is the port where our computer is connected which has wire shark or any other network traffic sniffer is installed.

 

 

 

 

 

Now it is time to open our monitoring tools and check for the interesting traffic.

Suppose we can use messenger detect to monitor messenger chats and contacts of  messengers on the network .

 

 

 

If we use wire shark , we can capture http,pop3,ftp passwords too..

 

Sonicwall Global VPN Issue

I installed  my exchange 2010 email server on a rented server in a data center. I wanted to keep my remote exchange server and local client computers on the same domain . So i needed to install a secondary domain controller locally and run repliction between exchange server and local DC . Since I can not afford a separate vpn hardware in data center for site-to-site  vpn,  I just enabled global vpn  on my sonicwall TZ210 and  installed sonicwall global vpn client software on exchange server . I enabled split vpn   which  is important to seperate internet and vpn tarffic  ( I did not want my remote exchange serer use my office internet bandwidth for external communication) and I Created a vpn policy to limit  vpn traffic between exchange and secondary DC only  .

Domain replication has been scheduled for every  1 hour  and Everything was working fine , except .. the vpn communication brakes down frequently . But on sonicwall , global vpn session shows active .  After  2  hours of struggle , i finally found  the solution for  this.

 

 

The fix is , uncheck the check box  ” enable IKE Dead peer detection”  in  Advanced vpn settings

 

Also  I had to adjust the tcp innactivity timeout  -from 15  to 120 minutes.

 

Firewall access rule –> select matrix —> select VPN to Local  rules –> edit settings of  any to WLAN

Remote access Networks—> click Advanced     and chnage the tcp innactivevity timeout

 

You may need to do the same for   LAN to VPN  access rule .

 

 

 

 

Using Secure CRT to connect to GNS3 LAB

I like the tabbed connections feature while working with Secure CRT,  it allows quick switchting between multiple  terminal Connections.

If we use windows default telnet or putty  , we miss this convenient feauture .

 

 

While preparing for my CCNP recertification , I faced a problem using  Secure CRT with Gns3 labs on windows 7. Though there is an option to select secure crt as the defualt client , for some reason it didn’t work more over, there was some wrong  path mentioned  in the default settings  (see below).

start C:\progra~1 andyk~1\SecureCRT\SecureCRT.EEE /script C:\progra~1\gns3\securecrt.vbs /arg %d /T /telnet %h %p

Actually you do not need to put dos directory name in the path on  windows 7  .So i tried  the command

“C:\Program Files\VanDyke Software\SecureCRT\SecureCRT.EXE” /script “C:\Program Files\GNS3\securecrt.vbs” /arg %d /T /telnet %h %p           (  including ” ” ).

 

 

But this returned an error message saying that the remote system refused the connection , from which I  understood  that it is because of windows firewall . I added  inbound and out bound rules in windows firewall advanced settings to allow  C:\Program Files\VanDyke Software\SecureCRT\SecureCRT.EXE   and replaced   %h     with 127.0.0.1  in the command above.

 

 

 

 

 

 

 

 

You can see  the secure crt connection tabs in the picture which  shows my multiple routers in GNS3.