Month: April 2021

Fortigate Automations & Alerts

Fortigate has added Automations to allow custom alerting Security Fabric, Automation, Create New Another great alerts: Another DHCP server sent DHCP offer (Rogue DHCP server)Authentication Lockout (If you have Local accounts for VPN)Disk FullDHCP Server sent DHCP OFFERInterface Status Changed (also sends msg when a VPN interface changes state)IPSec Phase 2 Error / Negotiate IPSec …

Fortigate Automations & Alerts Read More »

PenTest Prep

Install a Wireguard VPN server at your home base. Schedule your onsite box to start the VPN connection every hour. Onsite box is an Intel NUC or similar. I5 Gen 5 or newer will run VmWare. 16gb ram to run 2 virtual machines simultaneously. Tall NUC is nice as it can run both an M.2 …

PenTest Prep Read More »

How to Pentest

Prep: I like to break a pentest into a few categories: Intruder Scope: who is able to do this attack? Entire Internet (worst) / Local Area (think Wifi) / Targeted (USB stick dropped in your parking lot, very narrow)For a first audit i would focus on Internet scope and maybe put a little time into …

How to Pentest Read More »

DR Lessons Learned

Restore from backup may remove license keys, make sure they are recorded somewhere offsite Restore may change the network adapter settings including DGW, check those 2x Restore forgets network zones; Public/Private/Domain RdWeb is held together with bubblegum and cello tape; have a backup remote access method Bare metal servers are super annoying for DR; you …

DR Lessons Learned Read More »