Showing posts with label Software. Show all posts
Showing posts with label Software. Show all posts

Tuesday, February 3, 2015

Free Software Across the Great Firewall (免费翻墙软件)

All information are collected from Internet. 





From: https://pao-pao.net/article/111

从2015年1月1日开始的,Chinese GFW升级,很多免费翻墙软件相继失效. Here are some may still working:

1. 自*由*门

翻墙软件中的“常青树”。最新版本7.52依然好用,就是速度稍微慢了一点。

How to Use Link: 翻墙七种武器之多情环:自由门与无界

2. 无*界*浏*览*14.04 

无界,几乎算作自由门的姐妹款,是由美国无界万国公司创建在GIFT技术平台上的免费软件,也是由海外法轮功学院所开发,和动态网同属于美国自由网络联盟,曾经被哈弗大学在2007年的研究调查中被评为“效果最好的翻墙工具”. Usage is same as 自由门.

3. 赛风(Psiphon)

“Psiphon”,官方中文译名为赛风,民间早期译作白凤或彩虹,是一款可以突破网络审查的自由软件,其遵循GPL协议,于2006年12月1日发布。它是由开放网络基金资助、多伦多大学的公民实验室(Citizen Lab)开发。Psiphon 分为数个版本,Psiphon 2 是网页版代理,Psiphon 3 是利用VPN和HTTP代理技术的软件,支持‬Android及Microsoft Windows系统。Psiphon3提供SSH+,VPN,SSH三个通道可供翻墙。速度比较快,就是不太稳定,偶尔断线,不过断线后软件会自动寻找新的可用服务器。

How to use link: 翻墙七种武器之新多情环:Psiphon赛风
http://www.psiphon3.com 

https://psiphon.ca/

4. 蓝灯(Lantern)

基于P2P的新型翻墙软件,美国国务院资助项目。可以添加信任的好友到自己的网络,使翻墙速度更快、更不容易被封锁!


最新版下载:
* 本文原文链接:蓝灯 Lantern – v1.5.8(2014-11-5) – 美博园 *
Latest Lantern Release v.1.5.8 (2014-11-5)

How to use Link: 翻墙 | 蓝灯 Lantern – v1.5.8

5. GoAgent

这个不用我多说了吧,基于Google App Engine(GAE)的翻墙利器。稳定、速度快、难以被封锁。可就是配置起来相对复杂一点,不属于傻瓜式的翻墙软件。

How to use Link: 翻墙七种武器之长生剑:GoAgent

6. Ultrasurf

Ultrasurf is a product of Ultrareach Internet Corporation. Originally created to help internet users in China find security and freedom online, Ultrasurf has now become one of the world's most popular anti-censorship, pro-privacy software, with millions of people using it to bypass internet censorship and protect their online privacy.

7. Autoproxy - the smart firefox proxy management add-on


8. 萤火虫翻墙代理(Firefly-proxy)



翻墙新利器:萤火虫代理

9. Tor

TorProject已经推出了以 Firefox ESR 的专属浏览器: Tor Browser Bundle(简称TBB),将Tor和 Firefox 浏览器进行捆绑,使用者只需要通过网站下载 最新的4.0 版本到本地,解压缩安装以后就可以直接上网浏览,省去了其中复杂繁琐的过程。

How to Use Link: Tor“重返”中国:翻墙与进入“深网”

10. SoftEther and VPN Gate




vpngate.net 的镜像站点列表 (更新于 2014-04-15 01:09:08 UTC):
How to Use Link: 

Reference:






Saturday, January 3, 2015

Bypass China GFW

A website punches a hole at GFW. Add the website you want to surf after http://www.wallhole1.com. For examples:

2. xskywalker - 天行浏览器 - http://www.xskywalker.net/


3. Freegate - http://us.dongtaiwang.com/ or http://briian.com/6511/freegate.html

链接:http://pan.baidu.com/s/1qW7G6PA 密码:tll6
更新的链接:
链接:http://pan.baidu.com/s/1eQrfTOA 密码:gvf3 


Tools:

  • Website to real-time check if any website is blocked in China: Blocked in China

Reference:






Thursday, August 7, 2014

Tripwire Enterprise 8.3 Basic Configuration Steps


Tripwire Enterprise is a security configuration management suite whose Policy Management, Integrity Management, and Remediation Management capabilities stand-alone or work together in a comprehensive, tightly integrated SCM solution.
Five Key Features:
  • Change-triggered Configuration Assessment
  • World's Best File Integrity Monitoring
  • Achieve Continuous Compliance
  • Integrate SCM into IT Security Operations
  • Visualize and Report SCM Results to Communicate & Mitigate Risks

Our version is 8.3. Here are some basic steps to configure a new network device node in the Tripwire Enterprise 8.3:

1. Add a new node:

Assigned to Custom type Cisco which gives more flexibility.
Enter correct username and password.

Important part is to give right maker and model information to get it auto assigned into smart group.

This screenshot shows the new node assigned to right Cisco Nexus 5000 group.


2. Do a check or baseline to new node with proper rule. 

In this example, I used Cisco IOS configuration Rule which is to run Show Running-Config command

3. Rules. 

Create a new rule for your device. Using Network Device -> Common -> Command Output Validation Rule template:


In the rule, put proper command just as following screenshot shows:

Next Screenshot shows how to check Checkpoint rules.C

Another thing in the rule is Target Node Type.

4. Report

Create a report based on a report template.



5. Task.

Schedule a task to send the report to your email.



Tuesday, May 6, 2014

Free SNMP Software Suit in Windows Environment - Net-SNMP (Snmpv3 Support)

I was looking for this kind of software for a while. Mostly desktop and servers I am using are windows based. There is no Snmpwalk this kind of command under windows OS. Good things, there are always some genius to see the gap and develop some gorgeous tools to meet the needs from the people like me.

Net-SNMP is one of this kind of software. Based on their website - http://www.net-snmp.org/
"
Net-SNMP is a suite of applications used to implement SNMP v1SNMP v2c and SNMP v3 using both IPv4 and IPv6. The suite includes:
  • Command-line applications to:
    • retrieve information from an SNMP-capable device, either using single requests (snmpgetsnmpgetnext), or multiple requests (snmpwalksnmptablesnmpdelta).
    • manipulate configuration information on an SNMP-capable device (snmpset).
    • retrieve a fixed collection of information from an SNMP-capable device (snmpdfsnmpnetstatsnmpstatus).
    • convert between numerical and textual forms of MIB OIDs, and display MIB content and structure (snmptranslate).
  • A graphical MIB browser (tkmib), using Tk/perl.
  • A daemon application for receiving SNMP notifications (snmptrapd). Selected notifications can be logged (to syslog, the NT Event Log, or a plain text file), forwarded to another SNMP management system, or passed to an external application.
  • An extensible agent for responding to SNMP queries for management information (snmpd). This includes built-in support for a wide range of MIB information modules, and can be extended using dynamically loaded modules, external scripts and commands, and both the SNMP multiplexing (SMUX) and Agent Extensibility (AgentX) protocols.
  • A library for developing new SNMP applications, with both C and perl APIs.
"
There is a tutorial page at http://www.net-snmp.org/wiki/index.php/Tutorials .

Here I would like to list some usage from my person experience.

1. Installation

a. Download it from http://sourceforge.net/projects/net-snmp/files/net-snmp/
current version is 5.7.2.1. Installation package for windows is net-snmp-5.6.1.1-1.x86.exe (4.2 MB)
b. Follow the installation guideline to complete the installation in the windows environment.
c. Verify the installation.

C:\usr\bin>snmpd -V
No log handling enabled - using stderr logging
Warning: no access control information configured.
  (Config search path: c:/usr/etc/snmp;c:/usr/share/snmp;c:/usr/lib)
  It's unlikely this agent can serve any useful purpose in this state.
  Run "snmpconf -g basic_setup" to help you configure the snmpd.conf file for th
is agent.
NET-SNMP version 5.6.1.1

2. SNMPv2

Seems like very straightforward.

C:\usr\bin>snmpwalk -v 2c -c SnmpPass 10.94.120.160 system
SNMPv2-MIB::sysDescr.0 = STRING: Juniper Networks, Inc. srx240h internet router,
 kernel JUNOS 11.4R10.3 #0: 2013-11-15 06:56:20 UTC     builder@singlath:/volume
/build/junos/11.4/release/11.4R10.3/obj-octeon/bsd/kernels/JSRXNLE/kernel Build
date: 2013-11-15 07:18:28 UTC Copyright (c) 199
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.2636.1.1.1.2.39
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (43996634) 5 days, 2:12:46.34
SNMPv2-MIB::sysContact.0 = STRING:
SNMPv2-MIB::sysName.0 = STRING:
SNMPv2-MIB::sysLocation.0 = STRING:
SNMPv2-MIB::sysServices.0 = INTEGER: 4

3. SNMPv3

Not that easy when test SNMPv3 command.

Trying to test SNMPv3 but got 'Encryption support not enabled' error messages always:

C:\>snmpget -v3 -u NetService -l authPriv -x DES -a MD5 -A Password -X Password 10.94.16.11 SNMPv2-MIB::sysName.0

No log handling enabled - using stderr logging
Encryption support not enabled.
snmpget: USM encryption error

C:\>snmpd -H
No log handling enabled - using stderr logging
netsnmp_assert GetLastError() != 10093L failed ..\..\snmplib\winpipe.c:48
Warning: no access control information configured.
  (Config search path: c:/usr/etc/snmp;c:/usr/share/snmp;c:/usr/lib)
  It's unlikely this agent can serve any useful purpose in this state.
  Run "snmpconf -g basic_setup" to help you configure the snmpd.conf file for th
is agent.
Configuration directives understood:
  In snmpd.conf and snmpd.local.conf:
    authtrapenable           1 | 2              (1 = enable, 2 = disable)
    trapsink                 host [community] [port]
    trap2sink                host [community] [port]
.
.
.
    defSecurityName          string
    defContext               string
    defPassphrase            string
    defAuthPassphrase        string
    defPrivPassphrase        string
    defAuthMasterKey         string
    defPrivMasterKey         string
    defAuthLocalizedKey      string
    defPrivLocalizedKey      string
    defVersion               1|2c|3
    defAuthType              MD5|SHA
    defPrivType              DES (AES support not available)
    defSecurityLevel         noAuthNoPriv|authNoPriv|authPriv

It clearly shows DES is supported but not AES. Since we are using DES, where is the real problem. Actually, the cause for our error message is the option during installation, encryption support not being chosen.


Following packages have to be installed first to support this Encryption.
1. Microsoft Visual C++ 2008 Redistributable Package Please make sure use vcredist_x86.exe but not vcredist_x64.exe.
2. Win32 OpenSSL v1.0.1g Light (Win32OpenSSL_Light-0_9_8y.exe) , reboot system.
3. net-snmp-5.6.1.1-1.x86.exe (net-snmp-5.5.1-1.x86.exe)

There are lots of tricks here. First, you will have to install OpenSSL 0.9.8 this version based on the download page ,

"IMPORTANT NOTE FOR WINDOWS USERS: the Net-SNMP Windows binaries have been built with OpenSSL version 0.9.8r. Since the OpenSSL 0.9 and 1.0 DLLs are incompatible, any attempt to install Net-SNMP on a system where OpenSSL 1.0 has been installed will fail."

Second thing I spent tons of time to figure out is 5.5.1 version working fine but not 5.6.1.1 this latest version.

C:\Users\John>snmpwalk -v3 -u NetServices -l authPriv -x DES -a MD5 -A SnmpPass -X SnmpPass 10.94.16.11 SNMPv2-MIB::sysName.0
SNMPv2-MIB::sysName.0 = STRING: Switch2001

I feel lucky today!!!!!!

Thursday, April 3, 2014

Best Free Network Performance Test tool - Iperf

According to wikipedia Iperf "is a commonly used network testing tool that can create TCP and UDP data streams and measure the throughput of a network that is carrying them. Iperf is a modern tool for network performance measurement written in C++." So far it is best free software to test network throughput I found. 

1. Download iperf 2 from http://iperf.fr/.

2. Running on one of your remote machine from command line as iperf server (ip address 100.99.136.66).




C:\Tools>iperf -s

------------------------------------------------------------
Server listening on TCP port 5001
TCP window size: 8.00 KByte (default)
------------------------------------------------------------
[188] local 100.99.136.66 port 5001 connected with 100.94.200.14 port 48410
[ ID] Interval       Transfer     Bandwidth
[188]  0.0-10.0 sec   121 MBytes   101 Mbits/sec

3. Run iperf as client from another machine (ip address 100.94.200.14) of your network to evaluate the network throughput based on TCP connection.


C:\tools>iperf -c 100.99.136.66

------------------------------------------------------------
Client connecting to 100.99.136.66, TCP port 5001
TCP window size: 8.00 KByte (default)
------------------------------------------------------------
[1912] local 100.94.200.14 port 48410 connected with 100.99.136.66 port 5001
[ ID] Interval       Transfer     Bandwidth
[1912]  0.0-10.0 sec   121 MBytes   101 Mbits/sec

4. Send 100MBytes data for testing


iperf -c 100.99.136.66 -n 100m

5. Bi-direction test

Simultaneous bi-directional bandwidth measurement: (-d argument)
To measure the bi-directional bandwidths simultaneousely, use the -d argument. If you want to test the bandwidths sequentially, use the -r argument (see previous test).
By default (ie: without the -r or -d arguments), only the bandwidth from the client to the server is measured.

C:\tools> iperf -c 100.99.136.66  -d
------------------------------------------------------------
Server listening on TCP port 5001
TCP window size: 85.3 KByte (default)
------------------------------------------------------------
------------------------------------------------------------
Client connecting to 10.1.1.1, TCP port 5001
TCP window size: 16.0 KByte (default)
------------------------------------------------------------
[ 5] local 10.6.2.5 port 60270 connected with 10.1.1.1 port 5001
[ 4] local 10.6.2.5 port 5001 connected with 10.1.1.1 port 2643
[ 4] 0.0-10.0 sec 76.3 MBytes 63.9 Mbits/sec
[ 5] 0.0-10.1 sec 1.55 MBytes 1.29 Mbits/sec

6. Parallel TCP connections

Parallel connections can be useful if you need to saturate the bandwidth of a link.  The bandwidth of a single TCP session can be greatly affected by the size of the receive window and the latency of the link.
iperf -s -i 1 (-i 1 means update terminal every second)
iperf -c 192.168.1.1 -t 30 -P 10
Add caption

Tuesday, February 4, 2014

What’s the Best Antivirus for home users at Win7, Win8 and Winxp OS

From Howtogeek.com :
http://www.howtogeek.com/181342/whats-the-best-antivirus-and-how-do-i-choose-one/

Test Report for home user from
http://www.av-test.org/en/tests/home-user/

For free product, bothAVG Free Edition 2013 and Avast:Free Antivirus 8 are good.
For Commercial Products: Kaspersky won.

Win7
 Win8
 WinXP