Categories

Bluetrait
        Bluetrait
                Bluetrait
                    Coding
                    Geek
                    General
                    Videos
                    Solar
                    Coding
                    Geek
                    General
                    Coding
                        PHP
                        Bluetrait
                        PHP
                        Bluetrait
                        WordPress
                            Plugins
                        PHP
                        Bluetrait (Program)
                    Geek
                        Juniper
                        Cisco
                        IBM N2200 8363
                        PCs
                        Spam
                        IPv6
                        Apple
                        NetScreen
                        Internet
                    General
                        Uni

Sun, 01 Apr 2007 6:52 PM

BTEV 0.3

Michael Dale

Version 0.3 of Bluetrait Event Viewer for Wordpress is now out.


You can download it here.


This version tracks more events (and allows you to override wp_login to track failed logins too).


Tested on Wordpress 2.0.9 and 2.1.2


Wed, 28 Mar 2007 4:50 PM

Wordpress Event Viewer

Michael Dale

I'm in the process of writing an event viewer (similar to the one in bluetrait) plugin for Wordpress.


Should be out sometime next month.

Wordpress Event Viewer Plugin


EDIT: An alpha version can be downloaded from here


Wed, 14 Mar 2007 10:33 AM

Webserver

Michael Dale
The web server has been doing some odd things.

Yesterday I needed to restart apache as it had used up all of the swap space (2.5gb), which was causing mysql to fail.

This morning I checked the load and found this

Web Server CPU Load

I should probably look into it :)

Thu, 08 Mar 2007 10:48 PM

IPsecuritas to Netscreen IPsec VPN

Michael Dale

I took these screen shots a while ago, but I thought they may be useful.

Note: If you want to setup the netscreen side follow this howto (ignoring the last section about setting up Netscreen Remote).

This setup is only using DES/MD5 and not 3DES/SHA-1 with a 10.0.0.0/22 remote network. Your setup may be different to this.

IPsecuritas to Netscreen 1
IPsecuritas to Netscreen 2
IPsecuritas to Netscreen 3
IPsecuritas to Netscreen 4
IPsecuritas to Netscreen 5


Mon, 26 Feb 2007 8:06 PM

Autumn 2007 Timetable

Michael Dale






































































Autumn 2007 Timetable
Monday Tuesday Wednesday Thursday Friday
8am Bluearc Bluearc
9am
10am
11am Project Management & Quality Assurance (31478)

Lec1, 01 CM05B.01.11
12pm
1pm
2pm Project Management & Quality Assurance (31478)

Tut1, 05 CB10.02.320
Mobile IP and Wireless LANs (31089)

CB10.02.440/CB01.23.16/CB10.03.440
3pm
4pm Information Technology Professional & Society (31479)

Tut1, 05 CB10.02.470
5pm
6pm Information Technology Professional & Society (31479)

Lec1, 01 CB02.04.13
7pm
8pm
9pm

Uni

Wed, 21 Feb 2007 5:32 PM

Damnit

Michael Dale
We got another letter today. Looks like the owner of our new house wants to sell it. We've only been here about 2 months.


Grrrr.

Sun, 18 Feb 2007 10:02 PM

Private Network

Michael Dale
I want to setup something like this.


So basically it would include:
  • VPN (ipsec) links to each user

  • BGP or OSPF running tunneled through the VPN (to advertise the networks everyone is running)

  • Internal DNS system


I've got a stack of networking gear now (netscreen and cisco stuff), most of it is fairly old but should be more than capable of doing what I want.


If anyone is interested send me an email.

Thu, 15 Feb 2007 9:49 PM

IPv6 tunnel through IPv4 with a Netscreen

Michael Dale
I finally got an IPv6 tunnel going on my Netscreen SSG 5. So I thought I'd post the relevant configuration details here.


I'm currently running ScreenOS 5.4.0r3a0; there seems to be some WebUI bugs with IPv6 so it is best to do it via the command line.


Update: I just got a response back from JTAC. IPv6 is only supported on the ISG2000. So I'm unsure when/if it the WebUI bugs will be fixed.


Update2: IPv6 is now supported on the SSG 5 under screenos 6, the WEBUI bug has been fixed.


Background info:
  • Trust interface 10.0.0.254/22 - bgroup0

  • Untrust interface - bgroup2

  • IPv6 broker (broker.aarnet.net.au) - 202.158.196.131

  • IPv6 subnet - 2001:388:c021::1/64


The first step is to enable IPv6 on your Netscreen.


Type the following then save your config and restart the device:

set envar ipv6=yes



Now let's setup the trust interface:

set interface "bgroup0" ipv6 mode "router"

set interface "bgroup0" ipv6 ip 2001:388:c021::1/64

set interface "bgroup0" ipv6 enable

unset interface bgroup0 ipv6 ra link-address

set interface bgroup0 ipv6 ra transmit

set interface bgroup0 ipv6 nd nud



So we've setup my trust interface with the IPv6 subnet and autoconfiguration should be working.


Now let's setup a tunnel interface for the traffic to run through:

set interface "tunnel.1" zone "Untrust"

set interface tunnel.1 ip unnumbered interface bgroup2

set interface "tunnel.1" ipv6 mode "host"

set interface "tunnel.1" ipv6 enable

set interface tunnel.1 tunnel encap ip6in4 manual

set interface tunnel.1 tunnel local-if bgroup2 dst-ip 202.158.196.131



Now we'll setup a static route for IPv6 traffic to go through:

set route ::/0 interface tunnel.1 gateway :: preference 20



And finally we need to setup a policy to allow traffic out:

set policy id 77 from "Trust" to "Untrust" "Any-IPv6" "Any-IPv6" "ANY" permit log

set policy id 77



You may want to setup some policies to allow traffic in too.


That should be all you need to do.

Wed, 14 Feb 2007 8:07 PM

New Server

Michael Dale
Our web server died a few weeks ago, I was lucky enough to borrow a spare DL380 G1 from work. Although we still have it, I'm not sure if we'll be able to keep it.


So this new server is a DL360 G1 (1 rack unit):
  • Dual Pentium 3 1.266GHz (512K L2 Cache)

  • 256mb Ram (we will upgrade it if it goes into production)

  • 18gb SCSI HDD

  • 2 100mbit onboard nics


Here is what it looks like:
DL360

PCs