domingo, 30 de novembro de 2014

HOW TO INSTALL WIRESHARK FOR DEBIAN WHEEZY

First, do the download of source code file by  tar.gz.b2
By this web site: https://www.wireshark.org/download.html
After realize this procedure:

#apt-get build-dep wireshark
#apt-get install build-essential checkinstall libcurl4-openssl-dev
#tar xvf wireshark-*.tar.bz2
#cd wireshark-*
#./configure --with-ssl --enable-setcap-install --with-dumpcap-group=wireshark
#  make -j4
 
#### if you have some problem like that:
configure: error: Qt is not available
 
in this step do that### 
 
##Add ##
 ./configure --with-ssl --enable-setcap-install --with-dumpcap-group=wireshark 
--with-gtk2" or "--with-gtk3
 
 
After the process, execute this command:
 
#checkinstall --fstrans=no 

After, enter y then name the package: wireshark and press enter to receiver this information.
 
##################message##################################################################
 
checkinstall 1.6.2, Copyright 2009 Felipe Eduardo Sanchez Diaz Duran
           This software is released under the GNU GPL.


The package documentation directory ./doc-pak does not exist. 
Should I create a default set of package docs?  [y]: y

Preparing package documentation...OK

Please write a description for the package.
End your description with an empty line or EOF.
>> wireshark
>> 

*****************************************
**** Debian package creation selected ***
*****************************************

This package will be built according to these values: 

0 -  Maintainer: [ root@brahms ]
1 -  Summary: [ wireshark ]
2 -  Name:    [ wireshark ]
3 -  Version: [ 1.10.0 ]
4 -  Release: [ 1 ]
5 -  License: [ GPL ]
6 -  Group:   [ checkinstall ]
7 -  Architecture: [ amd64 ]
8 -  Source location: [ wireshark-1.10.0 ]
9 -  Alternate source location: [  ]
10 - Requires: [  ]
11 - Provides: [ wireshark ]
12 - Conflicts: [  ]
13 - Replaces: [  ]

Enter a number to change any of them or press ENTER to continue: 

Installing with make install...

Some of the files created by the installation are inside the home directory: /home

You probably don't want them to be included in the package.
Do you want me to list them?  [n]: n
Should I exclude them from the package? (Saying yes is a good idea)  [n]: yes

Some of the files created by the installation are inside the build
directory: /home/stmiller/Downloads/wireshark-1.10.0

You probably don't want them to be included in the package,
especially if they are inside your home directory.
Do you want me to list them?  [n]: n
Should I exclude them from the package? (Saying yes is a good idea)  [y]: y

Copying files to the temporary directory...

Stripping ELF binaries and libraries...OK

Compressing man pages...OK

Building file list...OK

Building Debian package...OK

Installing Debian package...OK

Erasing temporary files...OK

Writing backup package...
OK

Deleting temp dir...OK


**********************************************************************

 Done. The new package has been installed and saved to

 /home/stmiller/Downloads/wireshark-1.10.0/wireshark_1.10.0-1_amd64.deb

 You can remove it from your system anytime using: 

      dpkg -r wireshark

**********************************************************************

 
 
 
################## end message##################################################################
 
 
execute this command:
#ldconfig
execute this command to open the program: 
#wireshark 
 
 
 
 

sexta-feira, 21 de novembro de 2014

HOW TO INSTALL CITRIX RECEIVER FOR UBUNTU/DEBIAN/ETC FOR X64

Tested on:
debian 7, kali linux 1.x and ubuntu 14.04

Do the download of  " citrix receiver for linux" by the way :
http://www.citrix.com/downloads/citrix-receiver/linux/receiver-for-linux-131.html

After the download file .deb for example take this command and insert of your terminal:

#dpkg --add-architecture i386

#apt-get install ia32-libs ia32-libs-i386 libglib2.0-0:i386 libgtk2.0-0:i386

OBS.: If do you have some error after this last command line, execute after :

#dpkg --add-architecture i386
#apt-get update
#apt-get install ia32-libs

...wait the update finish and the ia32-libs instalation.. (hold on)
Start the same command line again:

#apt-get install ia32-libs ia32-libs-i386 libglib2.0-0:i386 libgtk2.0-0:i386

#dpkg --force-all --install icaclient_13.0.0.256735_amd64.deb

#ldd /opt/Citrix/ICAClient/wfica

#cp --verbose /usr/share/ca-certificates/mozilla/* /opt/Citrix/ICAClient/keystore/cacerts/

or you can do that:

sudo ln -s /usr/share/ca-certificates/mozilla/* /opt/Citrix/ICAClient/keystore/cacerts/
sudo c_rehash /opt/Citrix/ICAClient/keystore/cacerts/
 
and after:
 
/opt/Citrix/ICAClient/util/configmgr &  
 

So, now try to open the citrix session, my session is by citrix appliance:

In this case, any system by citrix will open normal,

Obs. if is necessary do a update of your web browser for example, normaly in this process is necessary and automatical citrix uninstall, but after update your brownser, execute the same procedure to go back to work fine the citrix session.

FONT:http://unix.stackexchange.com/questions/110295/installing-citrix-receiver-on-64bit-debian-wheezy
http://superuser.com/questions/714375/how-do-i-install-citrix-ica-client-receiver-13-on-debian-64-bit-linux

quinta-feira, 13 de novembro de 2014

HOW TO CONFIGURE WATCHGUARD DIMENSION

Do download for dimension:
wget http://cdn.watchguard.com/SoftwareCenter/Files/WSM/Dimension_1_3_U1/watchguard-dimension_1_3_U1.ova

load for esxi ovf file and boot :

After:


acess terminal:

user:wgsupport
password: readwrite
 
after change the password, config ip address:

/opt/watchguard/dimension/bin/wg_ip_addr.sh -i <IP address> -m <mask> -g <gateway>.

obs: when you go config mask, every put cidr like : /24 /16 , etc..

after try to access by ip used:

https://<IP address>

user:admin
password: readwrite


define:

hostname: dimension
ip address method: (static or dynamic)
ip/mask: 0.0.0.0./00
gt: 0.0.0.0
dns: 0.0.0.0
domain name: local domain name

Define a new password for user admin: smorgasboard
Log server settings:smorgasboard


Review configurations:


Review Dimension Settings

System Information
Host name: dimension
IPv4 address: 0.0.0.0/24
Default Gateway: 0.0.0.0
DNS Server: 0.0.0.0
Domain Name: doain.local

Administrator Passphrase
Admininistrator passphrase set

Log Server
Encryption key set
Database location: /var/opt/watchguard/dimension/data/db


configuration firewall to send log for watchguard dimension:
   log on to wathcguard firewall , enable logging on all policy manager rules;
   configure watchguard firewall to send log to watchguard dimension server;
   browse firewall logs via dimension web interface;
   show ou couple of watchguard dimension snapshots in prodction network;

Note: In this demo am using my home network logs , with only two users;


Now, just access the firewall - watchguard policy manager/setup/logging...
set watchguard log server/click configure, and add ip dimension server and Encryption key

segunda-feira, 10 de novembro de 2014

MOUNT EXITED WITH EXIT CODE 1 WHEN YOU MOUNT USB STORAGE DEVICE BY DEBIAN

There is this message:


Do that:
apt-get install ntfs-3g
apt-get install libfuse2 fuse-utils
ntfs-3g /dev/sdb1 /mnt


cd /mnt/

After activites :

umount /dev/sdb1 mnt


domingo, 9 de novembro de 2014

HOW TO INSTALL KASPESRKY ENDPOINT FOR LINUX (POST 20)



Obs.: Tested in ubuntu 14.02,14.04  and Debian Whezzy 7.0

Start download file :
http://support.kaspersky.com/kes8linux#downloads

Before to start, do that:

dpkg --add-architecture i386
apt-get install build-essential
apt-get update && sudo apt-get install libc6-dev
apt-get install glib*
apt-get install gdebi
apt-get install binutils
apt-get install libc6-i386
apt-get install gcc-multilib
apt-get install lib32z1 lib32ncurses5 lib32bz2-1.0 lib32stdc++6
apt-get install libc6:i386 libncurses5:i386 libstdc++6:i386
apt-get install ia32-libs

Dependen of your ubuntu linux version you must install before ia32-libs package this command:

apt-get install program:i386
sudo -i
cd /etc/apt/sources.list.d
echo "deb http://archive.ubuntu.com/ubuntu/ precise main restricted universe multiverse" >ia32-libs-raring.list
apt-get update
apt-get install ia32-libs
rm /etc/apt/sources.list.d/ia32-libs-raring.list
apt-get update

Now, start the installation:

dpkg -i  <nome do pacote baixado.deb>

ou /opt/kaspersky/kes4lwks/bin/kes4lwks-setup.pl



Obs.: I cases of that you had some issue, use apt-get install linux-headers

quinta-feira, 6 de novembro de 2014

HOW TO USE VPN SSL FOR WATCHGUARD ON LINUX DEBIAN (POST 19)


#apt-get install openvpn#apt-get install openvpn openssl#apt-get install openvpn-auth-ldap#apt-get install network-manager-openvpn#apt-get install network-manager-openvpn-gnome (IF UBUNTU) #apt-gt install gadmin-open-client gadmin-openvpn-client-dbg#apt-get install gadmin-open-client gadmin-openvpn-client-dbg#apt-get install gadmin-openvpn-client gadmin-openvpn-client-dbg#apt-get install sslh deixe from initd
#apt-get install resolvconf

restart the service openvpn : service /etc/init.d/openvpn  

acess you firewall device to download vpn profile
https://<IP address of a Firebox or XTM device interface>/sslvpn.html 

Realize the download file client.ovpn, by the option Mobile VPN with SSL client profile


Execute the command by the  terminal:

openvpn ./client.ovpn


root@debian:/home/andrevianna/Downloads# openvpn client.ovpn

Thu Nov 6 22:34:27 2014 OpenVPN 2.X [SSL] ################################built on #######

Enter Auth Username:<username>


Enter Auth Password:<password>
Thu Nov 6 22:34:33 2014 NOTE: OpenVPN requires '--script-security 2' or higher to call user-defined scripts or executables
Thu Nov 6 22:34:33 2014 Control Channel MTU parms [ ################################ ]
Thu Nov 6 22:34:33 2014 Socket Buffers: R=[################################]
Thu Nov 6 22:34:33 2014 Data Channel MTU parms [ ################################ ]
Thu Nov 6 22:34:33 2014 Local Options hash (################################)
Thu Nov 6 22:34:33 2014 Expected Remote Options hash (#######################)
Thu Nov 6 22:34:33 2014 Attempting to establish TCP connection with [yourip:<youport>[nonblock]
Thu Nov 6 22:34:34 2014 TCP connection established with [AF_INET]yourip:<youport>
Thu Nov 6 22:34:34 2014 TCPv4_CLIENT link local: [##]
Thu Nov 6 22:34:34 2014 TCPv4_CLIENT link remote: [<yourip:<youport>
Thu Nov 6 22:34:34 2014 TLS: Initial packet fromyourip:<youport>, sid=#
Thu Nov 6 22:34:34 2014 WARNING: this configuration may cache passwords in memory -- use the auth-nocache option to prevent this
Thu Nov 6 22:34:34 2014 VERIFY OK: depth=#,
Thu Nov 6 22:34:34 2014 Validating certificate extended key usage
#####################################################################################################################################################################################################################################################

Thu Nov 6 22:34:38 2014 Initialization Sequence Completed

Now just to use rdp, ssh, etc.. 




          CRIANDO VPNSSL NO WATCHGUARD:

          RECURSOS UTILIZADOS:
          WATCHGUARD SYSTEM MANAGER 11.9.3.x
          WATCHGUARD MOBILE VPN WITH SSL Client 11.9.3.x

          Obs.: procedimento valido somente para windows e mac os


          1 No policy manager, clicar em VPN, \Mobile VPN \ SSL...
          2 Habilitar a opção ACtivate Mobile VPN with SSL
          Guia General:

          Firebox IP Addresses:
            Primary: <adicionar ip external> ou seu ip válido;

          Networking and IP address Pool: Routed VPN traffic;

          Manter a opção:
           Force all client traffic through tunnel desabilitada (caso você queira que a saida de internet do client que se conecta a vpn sai pela vpn habilite essa opção) - essa opção não é inteligente habilitar;


          Defina os endereços de ips que será autorizado acessar:

          Na opção virtual ip address pool:
          Será um ip que o firewall vai entregar ao cliente vpn ao se conectar
          geralmente mantenho o padrão;

          Guia autentication:
          Em authentication server settings:
          Selecionar o método de conexão a vpn
          é possível utilizar: RADIUS,FIREBOX,LDAP,SECUID  e AD.

          Mantenha as opções habilitadas:
          Auto reconnect after a connection is lost
          Allow the mobile vpn with ssl client to remember password

          Abaixo: Defina os usuários que podem se autenticar na vpn:


          Guia Advanced:

          Data channel defina a porta de conexão da vpn e do portal para baixar o client

          DNS and WINS Server:

          Configurar:
          Domain name;
          DNS servers;
          WINS servers;


          Feito isso as configurações são aplicadas automaticamente ao firewall:


          Acesse agora via web o seguinte endereço:

          https://<ip>:<porta>/sslvpn_download.shtml

          1 - logue com o usuário definido na autenticação
          2 - baixe o client para windows ou mac e instale
          3 - execute o cliente


          Com o cliente instalado no campo:

          Server: <ip valido>:<porta>
          User name:dominio\usuario
          Password: senha









          PUPLICAÇÃO DE SERVIÇOS NO WATCHGUARD

          Acessar Policy manager
          Action/Snat/
          Editar / Add

          External /optional Address : adicionar endereço da publicação
          Set internal port to a different port: adicionar a porta de publicação

          Criar uma regra da porta publicada (utilizar o mesmo protocolo de publicação ) e na opção To apontar o Snat criado  Clicando em Add SNAT...