Tags: phishing

Recently i wrote about securing SSH access with certificate login. 

A report from SANS warns administrators from a rising number of brute-force attacks on SSH daemons. 

http://isc.sans.org/diary.html?storyid=4408

Taking care of these things in advance will save you some headaches.

Tags: brute-force, ssh

I recently encountered a problem setting up a VPN tunnel between a Cisco router and a Checkpoint firewall.

From the firewall side, i could see an IKE packet going out, and nothing coming back. 

On the Router side, there was a reply to the IKE, but an error logged:

“Duplicate Phase 1 packet detected.  Retransmitting lastpacket.”

Now this error should appear if the reply is discarded on the firewall side, and it tries to re-send the initial IKE packet. 

Nothing indicated it in the firewall log. 

What solved it was enabling Aggressive Mode on the firewall side. 

I didnt have the time to go over and see why this helped, but it did the trick, so i moved on. 

Another thing, and this is more of a reminder for me, the command for tunnel handling on checkpoint, is “vpn tu”. There you can see all the tunnels, and delete them.

If you know what caused this, please share

Tags: checkpoint, cisco, router, vpn

Cyberduck is an FTP client for Mac. 

When i ran it for the first time, it crashed immediately. 

It took me a while to solve this. 

Seems that the problem was java related. 

I was working with java SE 6. After changing it back to J2SE 5 and what do you know. It worked. 

Just go into Java Preferences and set it to look like this:

* I just saw that there was a software update. After installing it, things ran well with java se 6

Tags: crash, cyberduck, ftp