Clik here to view.
NTP Authentication on Pulse Connect Secure
I initially wanted to show how to use NTP authentication on a Pulse Connect Secure. Unfortunately, it does not support NTP over IPv6, which is mandatory for my lab. Ok, after I calmed down a bit, a...
View ArticleClik here to view.
NTP Authentication at Juniper ScreenOS
Yes, ScreenOS is end-of-everything (EoE), but for historical reasons I still have some of them in my lab. ;D They simply work, while having lots of features when it comes to IPv6 such as DHCPv6-PD....
View ArticleClik here to view.
Basic NTP Client Test: ntpdate & sntp
During my work with a couple of NTP servers, I had many situations in which I just wanted to know whether an NTP server is up and running or not. For this purpose, I used two small Linux tools that...
View ArticleClik here to view.
Network Time Security – New NTP Authentication Mechanism
This is a guest blogpost by Martin Langer, Ph.D. student for “Secured Time Synchronization Using Packet-Based Time Protocols” at Ostfalia University of Applied Sciences, Germany. In many areas, the use...
View ArticleClik here to view.
Network Time Security – Strengths & Weaknesses
This is a guest blogpost by Martin Langer, Ph.D. student for “Secured Time Synchronization Using Packet-Based Time Protocols” at Ostfalia University of Applied Sciences, Germany. The Network Time...
View ArticleClik here to view.
Intro to NetworkMiner
This is a guest blogpost by Erik Hjelmvik, an expert in network forensics and network security monitoring at NETRESEC. Wireshark is the default goto tool for analyzing captured network traffic for most...
View ArticleClik here to view.
Setting up NTS-Secured NTP with NTPsec
This is a guest blogpost by Martin Langer, Ph.D. student for “Secured Time Synchronization Using Packet-Based Time Protocols” at Ostfalia University of Applied Sciences, Germany. In the previous posts,...
View ArticleClik here to view.
Certificate Transparency & Alternative Name Disclosure
Maybe you’ve heard of Certificate Transparency and its log. Citing Wikipedia: “Certificate Transparency (CT) is an Internet security standard and open source framework for monitoring and auditing...
View ArticleClik here to view.
NTS Published as Standard
This is a guest blogpost by Martin Langer, Ph.D. student for “Secured Time Synchronization Using Packet-Based Time Protocols” at Ostfalia University of Applied Sciences, Germany. The Internet...
View ArticleClik here to view.
DDIUGv3: Certificate Transparency Disclosure
Quite spontaneous I gave a small talk on the 3rd german DDI (DHCP/DNS/IPAM) user group which took place on June, 17th, 2021. (I was asked to do a talk just two days before the meeting.) It’s based on...
View ArticleClik here to view.
Decrypting TLS Traffic with PolarProxy
This is a guest blog post by Erik Hjelmvik, an expert in network forensics and network security monitoring at NETRESEC. PolarProxy is a transparent TLS proxy that outputs decrypted TLS traffic as PCAP...
View ArticleClik here to view.
Cisco APIC: New Certificate
This post is about adding an own (trusted) X.509 certificate for the HTTPS GUI of the Cisco Application Policy Infrastructure Controller aka APIC. You can do this via the GUI itself or via the API....
View ArticleClik here to view.
Who sends TCP RSTs?
At SharkFest’22 EU, the Annual Wireshark User and Developer Conference, I attended a beginners’ course called “Network Troubleshooting from Scratch”, taught by the great Jasper Bongertz. In the end, we...
View ArticleClik here to view.
RADIUS & TACACS+ PCAP
Again two more commonly used network protocols for the Ultimate PCAP: the Remote Authentication Dial-In User Service (RADIUS) and the Terminal Access Controller Access-Control System Plus (TACACS+)...
View ArticleClik here to view.
Some more Mail Captures
Email is still the most common communication protocol on the Internet. And since I was missing some variants of the related protocols, IMAP, POP3, and SMTP in the Ultimate PCAP, I did some captures. ✅...
View ArticleClik here to view.
Misusing Palo’s Captive Portal as a Guest Wi-Fi Welcome Page
I was faced with an interesting customer requirement: An existing guest Wi-Fi should be prefaced with a welcome page for accepting the terms and conditions. Since there was already a Palo Alto Networks...
View Article