I am on Fedora 31, I am trying to connect to a VPN that uses IKEv2 via strongswan. But I get [IKE] received NO_PROPOSAL_CHOSEN notify the error. I used the following tutorial https://www.securevpn.pro/eng/setup/linux-ikev2-vpn?url=eng%2Fsetup%2Flinux-ikev2-vpn to install the VPN. Multiple websites mention certificates, but since I am on the client-side, do I need to create certificates? should I configure someting specifically?
Any hint, idea, solution is welcome.
Without detailed log from at least your end it is not possible to be sure what is going on.
However, checking the guide which you referenced in your question, I think I might have spot the issue.
In the step 7 of the guide, there is an instruction to customize cipher proposals to a single specific one. The specific cipher proposal might not be supported by the other end. I suggest to remove this limitation, i.e. to uncheck the checkbox. I took a screenshot of the step 7 from the guide and marked the checkbox with a red arrow, see below.
Related
I am trying to write a minifilter that more or less captures everything that happens in the kernel and was wondering if I could also capture "URLs"/network information; I stumbled upon windivert which seems to be using a .sys driver and also another thread which says we cannot get URLs in driver mode which leaves me a bit confused. If it is true then how does windivert do it?
I understand there is something called network redirect under minifilters on learn.microsoft.com which uses a dll and .sys file (same as windivert), but I could not find any resources that can help make me one.
Is there a better way to capture all visited URLs in real time?
Thanks in advance for any help or directions.
You're looking for Windows Filtering Platform and Filtering Platform Callout Drivers, which WinDivert is utilizing. This gives you the data that goes out over the wire, so for plain old HTTP over port 80 you can parse the requests to obtain the URL. This won't work for HTTPS since you're getting encrypted data over the wire; you'd have to implement some kind of MITM interception technique to handle that.
Interesting issue I have never run into before with Asterisk.
Using Asterisk 1.8.x (please don't tell me to upgrade, it's not possible at this time).
When someone dial direct into the system to any of the numbers, we Answer, then push them to a queue and either play MOH on Ring sound.
This has always worked fine and still does. Most people forward calls to our numbers from their business line/phone system.
For this one customer and only one customer, there is complete silence for the caller once their phone system initiates the forward to our number. Our Asterisk box answers the call, we have even tried playing sounds using Playback etc but nothing, complete silence until one of the agents answers from the queue.
Really bizarre. canreinvite=no is set so, there shouldn't be any issues with Asterisk getting optimized out.
Any ideas a really appreciated. I know it's on their end but, it would be great to find a way to make Asterisk, make the customer's phone system behave correctly LOL.
You would have to take a wireshark trace at Asterisk box and check INVITE offer and 200OK response from asterisk. Then make sure that media RTP are sent to IP address in connection information line c= and port specified on m= media line. You also should check if rtp payload (codec) match the request and answer. Asterisk probably will respond with one codec from INVITE offer. When media are sent but caller does not hear anything before an agent answer the issue is probably on caller side. Hope helped a bit to tracę the issue.
I had the same problem once, but the other way around. I was the client dialing into someone else's system using my asterisk system. I tried everything in my hand, including pestering my (E1) telephony provider to no avail.
To this day I still don't know the reason for this behaviour, but I've managed to get around by Answering the call originated from my system BEFORE dialing the PSTN, thou this is far from ideal.
Something like this:
Answer()
...
Dial(YADAYADAYADA)
I know this isn't exactly the answer to your problem, but I hope it helps in any way.
Very likly you have issues with codecs. I.e customer use some codec you have no translation module, but agent's customer have
As you may assume I need a little assistance here.
I have four routers (TP-Link WDR3600) that I need to use to create an Ad-Hoc network. Currently I am only dealing with two of the four routers for simplicity. All of the routers have OpenWRT Chaos Calmer 15.05 OS installed on them and all of them are running the OLSR routing protocol. My question is super simple but the answer eludes me and I would love some direction on the matter.
How do I get these two (and eventually four) routers to talk to each other using HNA (Host and Network Association) and the setup specified above?
Edit: they need to be connected to each other wirelessly too. End edit.
I have followed this specific guide to the T but as soon as it gets to "HOW TO Step 4" the guide breaks down in terms of application because the file they point to (/etc/olsrd.conf) does not exist in my setup. When continuing anyway and running "olsrd start" it spits out: Notice how it says "Could not find specific config file /etc/olsrd/olsrd.conf" and how that differs from earlier when it asked me to modify "/etc/olsrd.conf"
In addition, the folder "/etc/olsrd" also does not exist in case you are wondering. I'm at a loss regarding this. Does anybody have any input on the matter? I'm certain that I'm missing something simple.
Thanks in advance.
I had to create /etc/olsrd.conf using the template provided and uncomment the third line of /etc/config/olsrd. I would also recommend installing olsrd-mod-httpinfo using opkg like he recommends.
One thing I noticed is that he never specifies giving the wireless interface (wlan0 in my case) an IP address to communicate with the mesh. Since I believe that is required, I had to use LuCI to give the interface an IP. I think I have my setup working but I am trying to get my new OpenWRT node to communicate with my previous DD-WRT nodes right now. Might just have to change them all to OpenWRT since it offers more "customization" due to it's bare-bones type configuration.
Can you try to run :
/usr/sbin/olsrd -d -f /etc/olsrd.conf
This question already has answers here:
How do you detect a VPN or Proxy connection? [closed]
(7 answers)
Closed 2 years ago.
I know it is popular question, and I read all topics about it. I want to put point for me in this question.
Goal: Detect proxy if user use it
Reason: If user use proxy does not show geo adv. I need to know bool result.
Decision:
1. Use database of proxy IPs (for ex: MaxMind);
2. Check header Connection: keep-alive because cheap proxy does not use persistent connection. But all modern browsers use it;
3. Check other popular headers;
4. Use JS to detect web-proxy by compare browser host and real host.
Questions:
1. Advise database, I read about MaxMind, but some people wrote it is not effective.
2. Check Connection-header. Is it okey?
3. May be I missed something?
PS/ Sorry for my english... I learn it.
Option 1 you suggested is the best option. Proxy detection can be time consuming and complicated.
As you mentioned maxmind and your concern for effectiveness, there are other APIs available like GetIPIntel. It's free and very simple to use. They go beyond simple blacklists and use machine learning and probability theory algorithms to determine a probability value and makes things very accurate.
Option 2 you mentioned doesn't hurt to implement unless you get a lot of false positives. Option 3-4 should not be used alone because it's very easy to get around it. All browser actions can be automated and just because someone is using a proxy, it does not mean they're not using a real browser.
The best way is definitely to use an API. You could use the database from MaxMind but then you need to keep downloading that database and making sure the data is kept up to date by them. And as you said there are questions about the accuracy of MaxMind data.
Personally I would recommend you try https://proxycheck.io which full disclosure is my own site, you get full access to everything for free, premium proxy detecting and blocking with 1,000 daily queries.
You can evaluate IP2Proxy database which is updated daily. It detects open proxy, web proxy, Tor and VPN. https://www.ip2location.com/database/px2-ip-proxytype-country
Check connection header is inaccurate for proxy types such as VPN.
Check headers is easily being defeated. A new generation of proxy will attempt to workaround older generation of detection methods.
Based on our experience, the best method in proxy detection is based on accurate blacklist.
I manage to send all my servers logs to a central syslog server. Now What? How do i make sense of this avalanche of data? does anybody know any good opensource syslog reader tool or any paid ones such as sawmill?
You might want to check out Sagan (http://sagan.io). Basically, it takes your logs as they come in and "detect" when bad things are happening. Sagan works a lot like the Snort IDS engine, but with logs instead of packets. Things that are detected can then be forwarded to a GUI like Snorby, Sguil, etc.
It's an open source project (GNU/GPLv2) and runs on *nix platforms. More information can be found at:
http://sagan.io
I know baretail, A free real-time log file monitoring tool
http://www.baremetalsoft.com/baretail/
Never tried it, but heard good things about it:
http://www.ossec.net/
It's perhaps more than what you asked for, but your question doesn't make exactly clear what you are looking for in the logs.
For displaying of the logs on a GUI you could check LogAnalyzer (http://loganalyzer.adiscon.com/)
Logstash, elasticsearch, and kibana is a nice modern stack for analyzing logs.