Configure Attack Defense with TP-Link Omada Controller
In this TP-Link Omada tutorial, you will be shown how to configure attack defense security settings with the TP-Link Omada Controller.
Why should we properly configure TP-Link Omada Attack Defense?
Attack Defense provides protection against outside cyber attackers by shielding your computer or network from malicious or unnecessary network traffic. TP-Links Omada Attack Defense can also prevent malicious software from accessing a computer or network via the internet.
Let’s get started.
- Log into your cloud controller either using the omada.toplinkcloud.com URL or The IP address assigned to the TP-Link Omada Controller.
- Once logged in go ahead and expand the menu by sliding your mouse to the left bar.
- Click on Settings down at the bottom.
- Next click on the Network Security.
- From here click on Attack Defense.
- Under Flood Defense. Have the following all checked marked with the default settings the set.
Flood Defense
Configure Wireless Network with TP-Link Omada Controller
In this tutorial, you will be shown how to configure a Wireless Network with the TP-Link Omada Controller.
Let’s get started.
Before we start this tutorial is under the impression you already have additional networks created. If you need help with creating new VLAN Networks Click Here. You may want to create a VLAN if it is for a new wireless network.
- Log into your cloud controller either using the omada.toplinkcloud.com URL or The IP address assigned to the TP-Link Omada Controller.
- Once logged in go ahead and expand the menu by sliding your mouse to the left bar.
- Click on Settings down at the bottom.
- Afterwards, click on Wireless Networks and then click Create New Wireless Network.
- The Create new Wireless Network page should have loaded.
- Fill out the name you want for your wireless connection.
- If this will be a Guest Network checkmark Enable for Guest Network.
Configure VLAN Network with TP-Link Omada Controller
In this tutorial, you will be shown how to configure a new VLAN network using TP-Link Omada Controller.
Let’s get started.
- Log into your cloud controller either using the omada.toplinkcloud.com URL or The IP address assigned to the TP-Link Omada Controller.
- Once logged in go ahead and expand the menu by sliding your mouse to the left bar.
- Click on Settings down at the bottom.
- Afterwards, click on Wired Networks and then click LAN.
- Click the Create New Lan button at the bottom.
- I will be creating a new network for my IOT devices.
- In the Name field I will be calling my network IOT LAN.
- Make sure to checkmark LAN.
- I like to keep my VLAN ID the same as the subnet address
- Here I decided to use VLAN 200 and Subnet 192.168.200.1/24
- Click Update DHCP Range.
- If you scroll down a few you should see the DHCP Pool,
Configure Network Segmentation with TP-Link Omada Controller
In this tutorial, you will be shown how to configure network segmentation with the TP-Link Omada Controller. Segmentation is an ideal practice to protect your TP-Link Omada network.
What is network segmentation?
Network segmentation is, to put it as simply as possible, the practice of dividing a larger computer network into several small subnetworks that are each isolated from one another. Network segmentation is also a key part of HIPAA and PCI compliance. The benefits of segmenting your network can massively outweigh the challenges of configuration. Some key benefits of network segmentation include:
- Slowing Down Attackers.
- Increasing Overall Data Security.
- Enabling Implementation of a Policy of Least Privilege.
- Reducing Damage from Successful Attacks.
Let’s get started with network segmentation
Before we start this tutorial is under the impression you already have additional networks created. If you need help with creating new VLAN Networks Click Here.
- Log into your cloud
Lost your iPhone? Someone can use Checkm8 and Checkra1n to jailbreak it.
If you lost your iPhone you should be worried. Someone can hack into it with free software called Checkm8 and Checkra1n to jailbreak it. Essentially they would be able to hack into your phone and by pass any security you have in place.
Why should we care about Checkm8?
The Checkm8 vulnerability works on 11 generations of iPhones, from the 4S to the X. While it doesn’t work on newer devices, Checkm8 can jailbreak hundreds of millions of devices in use today. And because the bootrom can’t be updated after the device is manufactured, Checkm8 will be able to jailbreak in perpetuity.
- Checkm8 requires physical access to the phone. It can’t be remotely executed, even if combined with other exploits
- The exploit allows only tethered jailbreaks, meaning it lacks persistence. The exploit must be run each time an iDevice boots.
- Checkm8 doesn’t bypass the protections offered by the Secure Enclave
Jetty Vulnerability using Invalid Large TLS Frame causes 100% CPU Usage
This Jetty vulnerability is to be considered as a service availability issue. When using SSL/TLS with Jetty, either with HTTP/1.1, HTTP/2, or WebSocket, the server may receive an invalid large (greater than 17408) TLS frame that is incorrectly handled, causing CPU resources to eventually reach 100% usage.
The following packages have been upgraded to a later upstream version: rh-eclipse-jetty (9.4.40).
Security Fixes:
- jetty: Symlink directory exposes webapp directory contents (CVE-2021-28163)
- jetty: Ambiguous paths can access WEB-INF (CVE-2021-28164)
- jetty: Resource exhaustion when receiving an invalid large TLS frame (CVE-2021-28165)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Type/Severity
Security Advisory: Moderate
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Developer Tools (for RHEL Workstation) 1
Install SSL Certificate Onto A FQDN UniFi Controller
In this tutorial you will be shown how to install SSL Certificate onto a FQDN (fully qualified domain name) UniFi Controller installed on Ubuntu 20.04.
Lets Get Started
- SSH onto your Ubuntu Linux Server
- Make sure your server is fully up to date with patches.
- Check and see what type of pre-existing firewall your using. In my case I am sticking with ufw firewall. We will be opening up the ports for SSL configuration and enabling auto start for my ufw firewall.
sudo ufw allow 80 sudo ufw allow 443 sudo systemctl enable ufw sudo ufw enable
This Is A Must: Since you have an existing UniFi Controller already running make sure to set an A record for your domain and point it to the IP address of the UniFi Controller server. Lets move forward with configuring SSL certificate for your domain!
Install SSL Certificate For Your Domain To Access
… Read the rest
Install UniFi Controller On Ubuntu 20.04 Linode
In this tutorial you will be shown how to install the UniFi Controller software with SSL on Ubuntu 20.04 using a Linode VPS.
The current version of UniFi SDN Controller that we will be installing is 6.2.23 Of course new packages will be released and they can be found on there UniFi Software Download Page. The script we will be using will install the latest version.
Lets Get Started!
Prerequisites
- Create a VPS server on Linode. The $10 plan meats minimum specifications and should be just fine up to 250 devices. You can even enable the option to create VPS backups witch is ideal.
- To access the UniFi controller with a domain you will need to create an A record pointing to VPS server’s public IP address.
Getting Started With Linode
- Sign Up and Log into your Linode account and click the blue [Create Linode] button.
- The
Add SSL Certificate Onto Hestia Control Panel Ubuntu 20.04
In this tutorial you will be shown how to add Let’s Encrypt SSL Certificates onto Hestia Control Panel port 8083 installed on Ubuntu 20.04.
How to setup Let’s Encrypt for the Hestia Control Panel Port 8083
Make sure the hostname of the server is pointed to the ip address and you set the hostname correctly.
If you are not sure of your host name use the follow command.
hostname
If your domain is not what it should be use the following command to change it.
v-change-sys-hostname changethis.domain.tld
Once the server host name successfully changed lets active an ssl certificate to the Hestia Control Panel admin portal.
v-add-letsencrypt-host
Wait a few moments and it will complete successfully.
I hope this article was helpful, if you have any questions, please feel free to contact me. If you would like to be notified of when I create a new post, you can
… Read the rest
Create Website Server With Linode and Hestia Control Panel
In this tutorial I will be showing you how to use Linode, Ubuntu 20.04 and Hestia Control Panel to create yourself a website server. This is a much better option than using shared website hosting servers where compromised website server incidents can happen due to improper maintained webservers and websites.
Lets Create Your Domain.
- I will be using Godaddy to register my domain which will be websitemsp.com.
- Once your domain is created go to the manage DNS section.
- Within the Advanced features we will be adding hostnames to the ip address given to us after creating a VPS from Linode. Once the server is created and we have the IP address you can create your host addresses for example:
Lets Get Started With Linode.
- Sign up for a Linode Account.
- Click on the blue button [ Create Linode ] to get started.
- Under Choose Distribution please select Ubuntu
Loading ...