Configuration on Quagga routers Quagga1# show running-config               hostname Quagga1              log file /var/log/quagga/quagga.log              hostname bgpd              log stdout              password zebra              enable password zebra              interface eth0              ipv6 nd suppress-ra              interface lo              router bgp 100              bgp router-id 10.10.12.1              bgp log-neighbor-changes              redistribute static metric  route-map bh-trigger              neighbor 10.10.12.2 remote-as 100              neighbor 10.10.12.3 remote-as 100             …

3. BGP sessionsa) Configure Quagga1 and Quagga2Install quagga and start bgpd and zebra daemons. bash-4.2# systemctl start bgpd bash-4.2# systemctl start zebra Connect to the configuration console using vtysh. If all sessions are valid you’ll see something similar in exabgp logs: 14:05:40 | 464 | reactor | loaded new configuration…

2) Generate sflow Traffic Send some sflow traffic to FastNetmon from an external machine – machine with IP 192.168.122.1 and marked with hsflowd in the schema. From Linux machine with hsflowd installed https://sflow.net/downloads.php we are sending traffic to FastNetMon machine. Hsflowd has the following configuration: cat /etc/hsflowd.conf sflow { DNSSD=off…

Now it’s time to start FastNetMon1.a) Server side: bash-4.2# cd /opt/fastnetmon/bash-4.2# ./fastnetmon –daemonize –configuration_file /etc/fastnetmon.conf –log_file /var/log/fastnetmon.log Verify if working: bash-4.2# ps -ef | grep fastroot 363 1 0 13:23 ? 00:00:00 ./fastnetmon –daemonize –configuration_file /etc/fastnetmon.conf –log_file /var/log/fastnetmon.log 1.b) Client side: From the same directory from where we have started…

As a bgp daemon we are using quagga, which is easy to be installed on every Linux distro. We are automating the process behind RTBH (Remotely-Triggered Black Hole) which is a very good tool for protecting us in case of a DDoS.Routers Quagga1 – Quagga4 compose the network, and router…

In this scenario I would like to introduce you FastNetMon, ExaBGP and BGP in order to cut DDoS attacks. FastNetMon – https://fastnetmon.com/ is a DDoS Detection tool. The proof of concept is presented in the following picture. The whole scenario is built on Linux environment, environment that supports all the…

In this part I will cover only OpenVPN configuration section. I’ll assume that every reader is able to generate the RSA keys used by OpenVPN to secure the traffic between client and server. OpenVPN server configuration a) cat radiusplugin-udp1194.cnf NAS-Identifier=OpenVPN Service-Type=5 Framed-Protocol=1 NAS-Port-Type=5 NAS-IP-Address=192.168.122.157 OpenVPNConfig=/etc/openvpn/server.ovpn Overwriteccfiles=true Acct-Interim-Interval=30 server {     …

Description In this post I’ll show you how to install, configure and test remote access into your infrastructure using ssl vpn technology. For that we are using OpenVPN tool (https://openvpn.net/). In this POC we are using Ubuntu 16.04 LTS, as operating system, but the configuration will be the same no…

Description In this post I’ll show you how to install, configure and test IPSec for a site-to-site configuration on Linux using wireguard. (https://www.wireguard.io/). In this P.O.C. we are using Ubuntu 16.04 LTS as the operating system, the configurations will be the same in all Linux OS’s.  The main differences will…

Description In this post I’ll show you how to install, configure and test IPSec for a site-to-site configuration on Linux using openswan (https://www.openswan.org/). In this POC we are using CentOS 6.9 as operating system, but the configuration will be the same no matter what Linux OS are you using. The…