Configure Network Segmentation with TP-Link Omada Controller
In this tutorial, you will be shown how to configure network segmentation with the TP-Link Omada Controller. Segmentation is an ideal practice to protect your TP-Link Omada network.
What is network segmentation?
Network segmentation is, to put it as simply as possible, the practice of dividing a larger computer network into several small subnetworks that are each isolated from one another. Network segmentation is also a key part of HIPAA and PCI compliance. The benefits of segmenting your network can massively outweigh the challenges of configuration. Some key benefits of network segmentation include:
- Slowing Down Attackers.
- Increasing Overall Data Security.
- Enabling Implementation of a Policy of Least Privilege.
- Reducing Damage from Successful Attacks.
Let’s get started with network segmentation
Before we start this tutorial is under the impression you already have additional networks created. If you need help with creating new VLAN Networks Click Here.
- Log into your cloud
Lost your iPhone? Someone can use Checkm8 and Checkra1n to jailbreak it.
If you lost your iPhone you should be worried. Someone can hack into it with free software called Checkm8 and Checkra1n to jailbreak it. Essentially they would be able to hack into your phone and by pass any security you have in place.
Why should we care about Checkm8?
The Checkm8 vulnerability works on 11 generations of iPhones, from the 4S to the X. While it doesn’t work on newer devices, Checkm8 can jailbreak hundreds of millions of devices in use today. And because the bootrom can’t be updated after the device is manufactured, Checkm8 will be able to jailbreak in perpetuity.
- Checkm8 requires physical access to the phone. It can’t be remotely executed, even if combined with other exploits
- The exploit allows only tethered jailbreaks, meaning it lacks persistence. The exploit must be run each time an iDevice boots.
- Checkm8 doesn’t bypass the protections offered by the Secure Enclave
Jetty Vulnerability using Invalid Large TLS Frame causes 100% CPU Usage
This Jetty vulnerability is to be considered as a service availability issue. When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage.
The following packages have been upgraded to a later upstream version: rh-eclipse-jetty (9.4.40).
Security Fixes:
- jetty: Symlink directory exposes webapp directory contents (CVE-2021-28163)
- jetty: Ambiguous paths can access WEB-INF (CVE-2021-28164)
- jetty: Resource exhaustion when receiving an invalid large TLS frame (CVE-2021-28165)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Type/Severity
Security Advisory: Moderate
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Developer Tools (for RHEL Workstation) 1
Install SSL Certificate Onto A FQDN UniFi Controller
In this tutorial you will be shown how to install SSL Certificate onto a FQDN (fully qualified domain name) UniFi Controller installed on Ubuntu 20.04.
Lets Get Started
- SSH onto your Ubuntu Linux Server
- Make sure your server is fully up to date with patches.
- Check and see what type of pre-existing firewall your using. In my case I am sticking with ufw firewall. We will be opening up the ports for SSL configuration and enabling auto start for my ufw firewall.
sudo ufw allow 80 sudo ufw allow 443 sudo systemctl enable ufw sudo ufw enable
This Is A Must: Since you have an existing UniFi Controller already running make sure to set an A record for your domain and point it to the IP address of the UniFi Controller server. Lets move forward with configuring SSL certificate for your domain!
Install SSL Certificate For Your Domain To Access
… Read the rest
Install UniFi Controller On Ubuntu 20.04 Linode
In this tutorial you will be shown how to install the UniFi Controller software with SSL on Ubuntu 20.04 using a Linode VPS.
The current version of UniFi SDN Controller that we will be installing is 6.2.23 Of course new packages will be released and they can be found on there UniFi Software Download Page. The script we will be using will install the latest version.
Lets Get Started!
Prerequisites
- Create a VPS server on Linode. The $10 plan meats minimum specifications and should be just fine up to 250 devices. You can even enable the option to create VPS backups witch is ideal.
- To access the UniFi controller with a domain you will need to create an A record pointing to VPS server’s public IP address.
Getting Started With Linode
- Sign Up and Log into your Linode account and click the blue [Create Linode] button.
- The
Add SSL Certificate Onto Hestia Control Panel Ubuntu 20.04
In this tutorial you will be shown how to add Let’s Encrypt SSL Certificates onto Hestia Control Panel port 8083 installed on Ubuntu 20.04.
How to setup Let’s Encrypt for the Hestia Control Panel Port 8083
Make sure the hostname of the server is pointed to the ip address and you set the hostname correctly.
If you are not sure of your host name use the follow command.
hostname
If your domain is not what it should be use the following command to change it.
v-change-sys-hostname changethis.domain.tld
Once the server host name successfully changed lets active an ssl certificate to the Hestia Control Panel admin portal.
v-add-letsencrypt-host
Wait a few moments and it will complete successfully.
I hope this article was helpful, if you have any questions, please feel free to contact me. If you would like to be notified of when I create a new post, you can
… Read the rest
Create Website Server With Linode and Hestia Control Panel
In this tutorial I will be showing you how to use Linode, Ubuntu 20.04 and Hestia Control Panel to create yourself a website server. This is a much better option than using shared website hosting servers where compromised website server incidents can happen due to improper maintained webservers and websites.
Lets Create Your Domain.
- I will be using Godaddy to register my domain which will be websitemsp.com.
- Once your domain is created go to the manage DNS section.
- Within the Advanced features we will be adding hostnames to the ip address given to us after creating a VPS from Linode. Once the server is created and we have the IP address you can create your host addresses for example:
Lets Get Started With Linode.
- Sign up for a Linode Account.
- Click on the blue button [ Create Linode ] to get started.
- Under Choose Distribution please select Ubuntu
My Preferred SSD For Computer Upgrades
I am a Samsung SSD guy all the way if your looking for top performance however I have grown a fondness for the Western Digital WD Blue 3D NAND Internal PC SSD’s product line to be used in businesses. I have been deploying these SSD’s for the past 4 years and not one has yet to fail on me in production.
Some Of The Pros
- Sequential read speeds up to 560MB/s and sequential write speeds up to 530MB/s. | As used for transfer rate or interface, megabyte per second (MB/s) = 1 million bytes per second and gigabit per second (Gb/s) = 1 billion bits per second.
- Free downloadable software to monitor the status of your drive and clone a drive, or backup your data. This is not just any type of free backup software. They are providing you Acronis True Image WD edition.
- This drive is compatible with just
How to reset all Local Group Policy settings using Command Prompt
In this tutorial I will be showing you how to use CMD to reset all Local Group Policy settings. Once a computer is removed from a domain it may have many modified settings, you can quickly reset all the Group Policy Objects to their defaults with Command Prompt.
To reset the Group Policy settings with a command line, use these steps:
- Open Start.
- Search for Command Prompt, right-click the top result, and select the Run as administrator option.
-
Type the following command to reset all the Group Policy settings and press Enter:
RD /S /Q "%WinDir%\System32\GroupPolicyUsers" && RD /S /Q "%WinDir%\System32\GroupPolicy"
4. Type the following command to update the changes in the Local Group Policy console and press Enter:
gpupdate /force
5. To be on the safe side go ahead and reboot the computer. You should be good to go.
… Read the rest
Install TP-Link Omada SDN Controller on Ubuntu 20.04
In this tutorial I will show you how to Install the latest TP-Link Omada SDN Controller on Ubuntu 20.04. Tp-Link Omada is very similar to the Unifi Controller so the transition between the two wouldn’t be that difficult.
The current version of TP-Link Omada SDN Controller that we will be installing is 4.2.11. Of course new packages will be released and they can be found on there Omada Software Download Page. You can copy the new URL and append the commands with the new installation package URL.
Lets Get Started
Prerequisites
- A physical server / computer or VM with Ubuntu 20.04 Installed.
- Access to the internet.
- Make sure to have Install Ubuntu 20.04 on your physical server or VM.
- Once the server is available, log into your Ubuntu 20.04 server using SSH.
- To SSH into the server we will be using Putty. Download and install Putty.
- Open
Loading ...