how medium sized mammals defend our network
play

How medium sized mammals defend our network! Tim Clark (eclipse) - PowerPoint PPT Presentation

Dec 02, 2023 •180 likes •355 views

Introduction Tools Config Crazy stuff Finally How medium sized mammals defend our network! Tim Clark (eclipse) November 1, 2011 Tim Clark (eclipse) How medium sized mammals defend our network! Introduction Tools Config Crazy stuff

  1. Introduction Tools Config Crazy stuff Finally How medium sized mammals defend our network! Tim Clark (eclipse) November 1, 2011 Tim Clark (eclipse) How medium sized mammals defend our network!

  2. Introduction Tools Config Crazy stuff Finally Tim Clark (eclipse) How medium sized mammals defend our network!

  3. Introduction Tools Config Crazy stuff Finally IPSec Secure tunnels over IP Uses racoon Needs setkey Usually auth with shared keys Can auth with public keys (X.509) Tim Clark (eclipse) How medium sized mammals defend our network!

  4. Introduction Tools Config Crazy stuff Finally Racoon The thing you need to do IP tunnels IKE Daemon IKE=Internet Key Exchange Negotiates keys to make a IPSec tunnel IPSec tunnels use ESP (seriously) ESP=Encapsulating Security Payload Tim Clark (eclipse) How medium sized mammals defend our network!

  5. Introduction Tools Config Crazy stuff Finally Setkey Causes the tunnel to be used Sets the security policy For example: when talking to SUCS only talk through the tunnel, and only listen to SUCS if its through the tunnel The tunnel doesn’t exist till its needed Setkey is the thing that tells racoon to make the tunnel Tim Clark (eclipse) How medium sized mammals defend our network!

  6. Introduction Tools Config Crazy stuff Finally Racoon path pre_shared_key "/etc/racoon/psk.txt"; remote 137.44.6.5 { proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method pre_shared_key; dh_group modp1024; } lifetime time 60 min; exchange_mode main; } Tim Clark (eclipse) How medium sized mammals defend our network!

  7. Introduction Tools Config Crazy stuff Finally Racoon sainfo address 137.44.10.0/24[any] any address 137.44.6.5[any] any { pfs_group modp1024; lifetime time 20 min; encryption_algorithm 3des; authentication_algorithm hmac_sha1; compression_algorithm deflate; } Tim Clark (eclipse) How medium sized mammals defend our network!

  8. Introduction Tools Config Crazy stuff Finally Setkey spdadd 137.44.10.0/24 137.44.6.5 any -P out ipsec esp/tunnel/137.44.19.200-137.44.6.5/require; spdadd 137.44.6.5 137.44.10.0/24 any -P in ipsec esp/tunnel/137.44.6.5-137.44.19.200/require; Tim Clark (eclipse) How medium sized mammals defend our network!

  9. Introduction Tools Config Crazy stuff Finally psk.txt 137.44.6.5 ThisIsNotActuallyTheKey Tim Clark (eclipse) How medium sized mammals defend our network!

  10. Introduction Tools Config Crazy stuff Finally Server for complex remote remote anonymous { proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method pre_shared_key; dh_group modp1024; } generate_policy unique; nat_traversal on; passive on; verify_identifier off; lifetime time 60 min; exchange_mode main,aggressive; } Tim Clark (eclipse) How medium sized mammals defend our network!

  11. Introduction Tools Config Crazy stuff Finally Server for complex remote sainfo address 137.44.10.0/25[any] any anonymous { pfs_group modp1024; lifetime time 20 min; encryption_algorithm 3des; authentication_algorithm hmac_sha1; compression_algorithm deflate; } Tim Clark (eclipse) How medium sized mammals defend our network!

  12. Introduction Tools Config Crazy stuff Finally psk.txt client-test ThisIsNotActuallyTheKey Tim Clark (eclipse) How medium sized mammals defend our network!

  13. Introduction Tools Config Crazy stuff Finally Server for complex remote remote 137.44.19.200 { proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method pre_shared_key; dh_group modp1024; } nat_traversal on; my_identifier keyid tag "client-test"; verify_identifier off; lifetime time 60 min; exchange_mode aggressive; } Tim Clark (eclipse) How medium sized mammals defend our network!

  14. Introduction Tools Config Crazy stuff Finally Old Setkey spdadd 137.44.10.0/24 137.44.6.5 any -P out ipsec esp/tunnel/137.44.19.200-137.44.6.5/require; spdadd 137.44.6.5 137.44.10.0/24 any -P in ipsec esp/tunnel/137.44.6.5-137.44.19.200/require; Tim Clark (eclipse) How medium sized mammals defend our network!

  15. Introduction Tools Config Crazy stuff Finally New Setkey spdadd 137.44.10.0/24 137.44.6.5 any -P out ipsec esp/tunnel/137.44.19.200-137.44.6.5/unique; spdadd 137.44.6.5 137.44.10.0/24 any -P in ipsec esp/tunnel/137.44.6.5-137.44.19.200/unique; Tim Clark (eclipse) How medium sized mammals defend our network!

  16. Introduction Tools Config Crazy stuff Finally The Internet Slides Available at http://sucs.org/~eclipse Tim Clark (eclipse) How medium sized mammals defend our network!

  17. Introduction Tools Config Crazy stuff Finally Questions? Any Questions? Tim Clark (eclipse) How medium sized mammals defend our network!

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Support Infrastructure of Director, Prof. Dr. Yury Reutov Small and Medium-sized Businesses in

Support Infrastructure of Director, Prof. Dr. Yury Reutov Small and Medium-sized Businesses in

Support Infrastructure of Director, Prof. Dr. Yury Reutov Small and Medium-sized Businesses in Russia 09/29/2016 .: (3467)-361889 SUPPORT ECOSYSTEM OF SMALL & MEDIUM-SIZED BUSINESS Industrial parks Technoparks and Science Centre

486 views • 14 slides
The Future of Small and The Future of Small and Medium Sized Nuclear Medium Sized Nuclear

The Future of Small and The Future of Small and Medium Sized Nuclear Medium Sized Nuclear

The Future of Small and The Future of Small and Medium Sized Nuclear Medium Sized Nuclear Reactors Reactors 2009 and Beyond 2009 and Beyond Presentation Outline Presentation Outline Distinguish from Large Commercial Reactors

575 views • 41 slides
Update from SME Office Update from SME Office for for & medium-sized

Update from SME Office Update from SME Office for for & medium-sized

Update from SME Office Update from SME Office for for & medium-sized enterprises small micro EMEA Workshop, 8.2.08 Agenda Agenda Introduction SME Regulation and Incentives Type of companies assigned SME status

579 views • 33 slides
Doing Business 2013 Smarter Regulations for Small and Medium-sized Enterprises Augusto

Doing Business 2013 Smarter Regulations for Small and Medium-sized Enterprises Augusto

Doing Business 2013 Smarter Regulations for Small and Medium-sized Enterprises Augusto Lopez-Claros alopezclaros@ifc.org December 2012 1 Pace of reforms remains strong in 2011/12: share of economies with at least one reform making it easier

565 views • 41 slides
Experimental Demonstration of Model Predictive Control in a Medium-Sized Commercial Building

Experimental Demonstration of Model Predictive Control in a Medium-Sized Commercial Building

3 rd International High Performance Buildings Conference at Purdue, West Lafayette, IN. Experimental Demonstration of Model Predictive Control in a Medium-Sized Commercial Building Pengfei Li, Dapeng Li, Draguna Vrabie, Sorin Bengea, Stevo

263 views • 15 slides
Patterns and flows of recent intra-metropolitan migration in six medium-sized metropolises of

Patterns and flows of recent intra-metropolitan migration in six medium-sized metropolises of

Patterns and flows of recent intra-metropolitan migration in six medium-sized metropolises of Argentina, Brazil and Mexico, 2010 Florencia Molinatti 1 Enrique Pelez 2 The accelerated process of urbanization that characterized the countries of

374 views • 8 slides
BEYOND THE GTA Lessons Learned from Small and Medium-Sized Urban Areas P R E S E N T E D B Y D

BEYOND THE GTA Lessons Learned from Small and Medium-Sized Urban Areas P R E S E N T E D B Y D

BEYOND THE GTA Lessons Learned from Small and Medium-Sized Urban Areas P R E S E N T E D B Y D A V I D F O R S E Y M A Y 6 , 2 0 2 0 The Four Phases of Model Development Data Collection Model Architecture Model Estimation Panic BEYOND

367 views • 9 slides
Motivation (1 of 2) Data are medium-sized, but things we want to compute are intractable,

Motivation (1 of 2) Data are medium-sized, but things we want to compute are intractable,

Motivation (1 of 2) Data are medium-sized, but things we want to compute are intractable, e.g., NP-hard or n 3 time, so develop an approximation algorithm. Data are large/Massive/BIG, so we cant even touch them all, so develop a

321 views • 28 slides
Access to Finance for Micro, Small, and Medium-Sized Enterprises in Azerbaijan A Demand-Side

Access to Finance for Micro, Small, and Medium-Sized Enterprises in Azerbaijan A Demand-Side

Access to Finance for Micro, Small, and Medium-Sized Enterprises in Azerbaijan A Demand-Side Assessment Angela Prigozhina Country Sector Coordinator May, 2015 Agenda Setting the Stage Main Findings of the MSME A2F Survey Key Policy

519 views • 27 slides
Using Urban Climate Modelling to Support Climate Change Adaptation in Small- to Medium-sized

Using Urban Climate Modelling to Support Climate Change Adaptation in Small- to Medium-sized

Using Urban Climate Modelling to Support Climate Change Adaptation in Small- to Medium-sized Cities in Austria www.adapt-uhi.org Stefan Guggenberger Municipal Authority of the City of Klagenfurt on lake Wrthersee Department for Climate and

269 views • 13 slides
AUTOMATED REASONING make resolution steps, but for even a medium sized problem the number of

AUTOMATED REASONING make resolution steps, but for even a medium sized problem the number of

6ai Controlling Resolution: In this group of slides well look at some basic ways to control resolution. It is easy to AUTOMATED REASONING make resolution steps, but for even a medium sized problem the number of resolvents increases very

472 views • 6 slides
Medium Sized Vertical Axis Wind Turbine 4NAVITAS AND SIEMENS UK comp mpany y 4Navita

Medium Sized Vertical Axis Wind Turbine 4NAVITAS AND SIEMENS UK comp mpany y 4Navita

The World's First Commercially Viable Medium Sized Vertical Axis Wind Turbine 4NAVITAS AND SIEMENS UK comp mpany y 4Navita vitas Green Energ rgy y So Solu lution tions Ltd has successfu fully ly deve velop loped a a ve

2.1k views • 70 slides
Medium Sized Commercial Buildings 2014 Building Technologies Office Peer Review Building

Medium Sized Commercial Buildings 2014 Building Technologies Office Peer Review Building

Software-Defined Solutions for Managing Energy Use in Small to Medium Sized Commercial Buildings 2014 Building Technologies Office Peer Review Building Operating System Services (BOSS) User interfaces: smart phone/web-based Application Control

491 views • 16 slides
Workshop I Ohio Healthiest Employers-Medium Sized - Best-in-Class Wellness Programs American

Workshop I Ohio Healthiest Employers-Medium Sized - Best-in-Class Wellness Programs American

Workshop I Ohio Healthiest Employers-Medium Sized - Best-in-Class Wellness Programs American Showa Inc. & Equity Trust Co. 1:30 p.m. to 2:45 p.m. Biographical Information Andrew V. Piccolantonio, Vice President, Membership Ohio

538 views • 50 slides
Demystify Cybersecurity for Small and Medium Sized Manufacturers Webinar Webinar,

Demystify Cybersecurity for Small and Medium Sized Manufacturers Webinar Webinar,

Demystify Cybersecurity for Small and Medium Sized Manufacturers Webinar Webinar, September 17, 2020, 12:00-1:00 pm Webinar Agenda 1.Introductions 2.What is Cybersecurity? Why is it important? Cybersecurity Audit Prepare for

939 views • 61 slides
Role of small and medium sized urban areas in territorial development: Latvian experience and

Role of small and medium sized urban areas in territorial development: Latvian experience and

Role of small and medium sized urban areas in territorial development: Latvian experience and plans for the upcoming Latvian presidency of the Council of the EU Ilze JUREVIA Ministry of Environmental Protection and Regional Development

525 views • 15 slides
Specification-based testing of IPsec Institute for system Programming Russian Academy of

Specification-based testing of IPsec Institute for system Programming Russian Academy of

Specification-based testing of IPsec Institute for system Programming Russian Academy of Sciences Nickolay Pakoulin npak@ispras.ru Agenda Work Background Specification based testing in IPsec Discussion Future work The work

578 views • 30 slides
Americas IP Focus: Americas IP Focus: Protection and Enforcement Protection and Enforcement

Americas IP Focus: Americas IP Focus: Protection and Enforcement Protection and Enforcement

Americas IP Focus: Americas IP Focus: Protection and Enforcement Protection and Enforcement www.managingip.com A Euromoney publication in association with: SUGHRUE MION Pulling the preemptive trigger Being a declaratory judgment plaintiff

562 views • 6 slides
1. Need mechanisms to co-create intellectual property domestically and to ensure its

1. Need mechanisms to co-create intellectual property domestically and to ensure its

1. Need mechanisms to co-create intellectual property domestically and to ensure its protection internationally. 2. Ensure access to large markets (e.g., economies of scale). 3. Ensure no excess (e.g., non-market-based) competition.

168 views • 16 slides
Panel on IP Valuation How Much is it Worth? Title of Presentation How Much Can You Get? Goes

Panel on IP Valuation How Much is it Worth? Title of Presentation How Much Can You Get? Goes

Panel on IP Valuation How Much is it Worth? Title of Presentation How Much Can You Get? Goes Here How Can You Protect It? Orange County Bar Association (OCBA) Newport Beach, California Client Name Michael Haghighat, ASA Date, 2017

466 views • 22 slides
NetFPGA Summer Course Presented by: Andrew W Moore, Noa Zilberman, Gianni Antichi Stephen

NetFPGA Summer Course Presented by: Andrew W Moore, Noa Zilberman, Gianni Antichi Stephen

NetFPGA Summer Course Presented by: Andrew W Moore, Noa Zilberman, Gianni Antichi Stephen Ibanez, Marcin Wojcik, Jong Hun Han, Salvator Galea, Murali Ramanujam, Jingyun Zhang, Yuta Tokusashi University of Cambridge July 24 July 28, 2017

1.45k views • 95 slides
In-factory Machine Connectivity solution with Telit & Cisco Andras Nemes, Director, Strategic

In-factory Machine Connectivity solution with Telit & Cisco Andras Nemes, Director, Strategic

In-factory Machine Connectivity solution with Telit & Cisco Andras Nemes, Director, Strategic Partnerships, Telit .. Digital manufacturing Current landscape Enterprise IT Factory OT Enterprise IT processes Heterogonous OT

258 views • 15 slides
Disrupt your Industry with Lumada Trends, Lumada IoT Platform and Solution Cores Ravi Chalaka,

Disrupt your Industry with Lumada Trends, Lumada IoT Platform and Solution Cores Ravi Chalaka,

Disrupt your Industry with Lumada Trends, Lumada IoT Platform and Solution Cores Ravi Chalaka, VP, Global IoT and Lumada Marketing Kosta Ristovski, PhD, Sr. Research Scientist, CSI NA Disruptive Technology is your Opportunity Cant wait till

544 views • 30 slides
SoftEther VPN 2014/07/01 Outline Inroduction

SoftEther VPN 2014/07/01 Outline Inroduction

SoftEther VPN 2014/07/01 Outline Inroduction SoftEther VPN Features of SoftEther VPN Architecture of SoftEther VPN OpenVPN vs. SoftEther VPN Installation Benchmark 2

442 views • 15 slides

More recommend