h1

Step by step setup AeroHive WiFi bridge

November 6, 2019

AeroHive wrote not bad instructions in the link below. However, your bridge will not work no matter what unless you follow the small steps I wrote as an addition to their detailed instructions.

Aerohive Point-to-Point Mesh

  1. Create netowrk policy with ssid and wpa2 personal, setup password
  2. In the policy add the templates wiredhut and remotehub, set location for the remotehub
  3. Connect both access points to (could be the same) a network switch
  4. Manually for each access point dedicate a wifi1 channel, and set manually the power for wifi1 to max
  5. Deploy the network policy on both
  6. Disconnect the one dedicated to be a remote and connect it to PoE injector, without that injector being connected to anything but power
  7. Wait for the wireless bridge between the wiredhub and the remotehub to get up
  8. Access the dedicated one for remotehub, change the template from wiredhub to remotehub, and apply the settings
  9. Once the settings being applied to the remotehub AP, you can disconnect it from the PoE injector and plug it to a switch, which switch must be stand alone only, no network uplink besides the AP
h1

Installing Snort on CentOS7

July 18, 2019

yum install -y gcc flex bison zlib libpcap pcre libdnet tcpdump wget
yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
yum install -y libnghttp2 daq
yum -y install https://www.snort.org/downloads/snort/snort-2.9.13-1.centos7.x86_64.rpm
ldconfig; mkdir /usr/local/lib/snort_dynamicrules
chmod -R 5775 /etc/snort; chmod -R 5775 /var/log/snort; chmod -R 5775 /usr/local/lib/snort_dynamicrules
touch /etc/snort/rules/white_list.rules /etc/snort/rules/black_list.rules /etc/snort/rules/local.rules
wget https://www.snort.org/rules/snortrules-snapshot-29140.tar.gz?oinkcode=9e71199b974cd3ff84c0ae2482d97758eab55363 -O ~/registered.tar.gz
tar -xvf ~/registered.tar.gz -C /etc/snort

vi /etc/snort/snort.conf
# Setup the network addresses you are protecting
output unified2: filename merged.log, limit 128, nostamp, mpls_event_types, vlan_event_types
ipvar HOME_NET [172.20.0.0/20,172.20.16.0/23,172.20.32.0/20,192.168.20.0/24]
var SO_RULE_PATH /etc/snort/so_rules
var PREPROC_RULE_PATH /etc/snort/preproc_rules
var WHITE_LIST_PATH /etc/snort/rules
var BLACK_LIST_PATH /etc/snort/rules
# unified2
# Recommended for most installs
output unified2: filename merged.log, limit 128, nostamp, mpls_event_types, vlan_event_types

vi /etc/sysconfig/snort
ln -s /usr/lib64/libdnet.so.1.0.1 /usr/lib64/libdnet.1
nmtui
nmcli
snort -T -c /etc/snort/snort.conf
systemctl enable snortd
systemctl start snortd
yum -y install setroubleshoot setools
sealert -a /var/log/audit/audit.log
ausearch -c 'snort' --raw | audit2allow -M my-snort
semodule -i my-snort.pp
systemctl stop snortd
systemctl start snortd
ps xa | grep snort

h1

Screen sharing not working after 1809 update

February 5, 2019

I found the following registry entry is missing. You will need to run regedit as Administrator to add the entry.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters

When you get here, click on Parameters – do not expand list – look for the parameter, MaxUserPort

NOTE: This is not plural – make sure spelling is accurate.

If this is not defined, please add the following:

New DWORD

Enter the name: MaxUserPort

Hit Enter to Accept the name.

Right click on the new entry and select Modify

Select Decimal and enter 5000 as the value.

Hit OK to accept new value and exit the dialog.

(15000 was recommend to test with. Then I reduced to the default in my final implementation. The reference to default value I took from here:

https://support.microsoft.com/en-us/help/196271/when-you-try-to-connect-from-tcp-ports-greater-than-5000-you-receive-t)

Then Reboot your machine and give it a whirl!

Hope this helps!

h1

Brocade 6450, frustration

August 16, 2018

Well a company named Ruckus bought Brocade. Fine. Business world etc. I understand. They renamed Brocade ICX 6450 to Ruckus ICX FastIron 6450 or maybe just Ruckus ICX 6450. It is hard to find out.

To download an update for the switch is … not an easy job. To find the documentation is not an easy job either. These people from Ruckus did a bad job. BAD!

Took me about forever to discover what I was looking for. It is very simple:

• Autokey public key authentication is not supported.

and that line could be found in the documentation. I’ll try to attach it here, otherwise currently could be found after series of logins, password resets, etc at

https://ruckus-support.s3.amazonaws.com/private/documents/1471/fastiron-08030-adminguide.pdf

fastiron-08030-adminguide

h1

MacOS Sierra SSH issue solved

October 10, 2016

Just upgraded to OSX Sierra and my ssh totally broke. The fix is easy. As a super user or with sudo apply that below at the end of file /etc/ssh/ssh_config:

KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms +ssh-dss

h1

Crontab jobs for all US federal holidays

May 7, 2016

Ever wonder how to run crontab jobs for all US federal holidays? Below is how:

1 0 1 1 * /bin/echo “New Year’s Day”
1 0 15,16,17,18,19,20,21 1 1 /bin/echo “Martin Luther King’s Day”
1 0 15,16,17,18,19,20,21 2 1 /bin/echo “President’s Day”
1 0 25,26,27,28,29,30,31 5 1 /bin/echo “Memorial Day”
1 0 4 7 * /bin/echo “Independance Day”
1 0 1,2,3,4,5,6,7 9 1 /bin/echo “Labor Day”
1 0 8,9,10,11,12,13,14 10 1 /bin/echo “Columbus Day”
1 0 11 11 * /bin/echo “Veterans Day”
1 0 22,23,24,25,26,27,28 11 4 /bin/echo “Thanksgiving”
1 0 25 12 * /bin/echo “Christmas”

h1

GoPro HJC FG-17 chin mount

May 2, 2016