Change default Windows Keyboard layout
Note : The default Windows Keyboard layout at login, is different from your windows session.
For changing the defualt KB layout you need to change the following key in the registry :
/HKEY_USERS/.DEFAULT/Keyboard layout/Preload/1. For example, for a French KB, you need to define the value 40C.
TrendMicro Network Reputation Service
TrendMicro NRS is free of charge for customeers under contract for SPS.
Before working, you need to add the SP1 of IMSS 5.7.
See below some explaination about the product logs (ipfilters) and adding IP address in a whitelist file.
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-1032926&id=EN-1032926
http://esupport.trendmicro.com/support/viewxml.do?ContentID=EN-127748&id=EN-127748
For testing the lookup, you can use the MAPS lookup tool
http://www.mail-abuse.com/cgi-bin/lookup
BIGIP Virtual Server
Virtual Servers are the most important componentof any Link Controler configuration. A Virtual Server receive a client request, and instead of sendiing the request directky to the destination IP address specified in the packet header, send it to any of several content servers that make up a load balancing pool. Virtual servers increase the availabimlity of resources for processing client requests.
Not only do virtual servers distribute traffic across multiple servers, they also treat varying types of traffic differently, depending on your traffic-mangagement needs. A VS can apply an entire group of settings, to affect the way the Link Controller manages that traffic type .
Finaly, a VS can apply an iRules, which is a user-written scruipt designed to inspect and direct individual connectionsin specific ways.
To summarize, a VS can do the following :
- Distribute client requests across multiple servers to balance server load
- Apply various behavorial settings to multiples traffics types
- Enable persistence for multiple traffic types
- Direct traffic according to users-written iRules
You can use a VS in any of three distinct ways :
- Directing traffic to a load balancing pool (the mmost basic VS type)
- Forwarding traffic to a specific destination IP address. Like an other VS, except that the VS has no pool members to load balance. The VS simply forwards the packet directly to the destination IP address specified in the client request.
- L2 forwarding
ISA Server, using ports other than 443 for https
If Microsoft Internet Explorer is configured to reference a server that is running Microsoft Internet Security and Acceleration (ISA) Server as a Web proxy server, when you try to view a Secure Sockets Layer (SSL) Web site on the Internet by using a port other than 443, a blank page may appear with "Page cannot be displayed" in the title bar.To solve the problem, a script need to be executed to change the ISA Storage. Exempe for adding the port 10000 :Dim root Dim tpRanges Dim newRange Set root = CreateObject("FPC.Root")Set tpRanges = root.GetContainingArray.ArrayPolicy.WebProxy.TunnelPortRangesSet newRange = tpRanges.AddRange("SSL 10000", 10000, 10000)tpRanges.SaveSee more detailled informations in the two following links :http://support.microsoft.com/kb/283284/en-ushttp://www.microsoft.com/technet/isa/2004/plan/managingtunnelports.mspx
CheckPoint fw monitor exemple
Commande de contrôle des paquets arrivants et partants vers l'adresse 234.234.234.234 (hors Remote Desktop)fw monitor -e "accept src=234.234.234.234 or dst=234.234.234.234 and not (sport=3389 or dport=3389);"Commande de contrôle du packet à destination du 172.18.2.1 au travers du Firewall
fw monitor -p all -e 'accept dst=172.18.2.1;'
monitor: getting filter (from command line)
monitor: compiling
monitorfilter:
Compiled OK.
monitor: loading
Sep 12 16:21:47 TOTO[LOG_CRIT] kernel: FW-1: monitor filter loaded
in chain (16):
0: -7ffffff0 (97748194) (00000001) tcpt inbound (tcp_tun)
1: -7f800000 (96396be4) (ffffffff) IP Options Strip (ipopt_strip)
2: - 2000000 (97732e50) (00000001) vpn decrypt (vpn)
3: - 1fffff6 (96398494) (00000001) Stateless verifications (asm)
4: - 1fffff2 (9775b87c) (00000001) vpn tagging inbound (tagging)
5: - 1fffff0 (97732460) (00000001) vpn decrypt verify (vpn_ver)
6: - 1000000 (963d8594) (00000003) SecureXL conn sync (secxl_sync)
7: 0 (9632b838) (00000001) fw VM inbound (fw)
8: 1 (963a5510) (00000002) wire VM inbound (wire_vm)
9: 10 (9634c458) (00000001) fw accounting inbound (acct)
10: 2000000 (9773576c) (00000001) vpn policy inbound (vpn_pol)
11: 10000000 (963d8bdc) (00000003) SecureXL inbound (secxl)
12: 7f600000 (9638d104) (00000001) fw SCV inbound (scv)
13: 7f750000 (964c168c) (00000001) TCP streaming (in) (cpas)
14: 7f800000 (96396e84) (ffffffff) IP Options Restore (ipopt_res)
15: 7fb00000 (964a75cc) (00000001) HA Forwarding (ha_for)
out chain (14):
0: -7f800000 (96396be4) (ffffffff) IP Options Strip (ipopt_strip)
1: - 1ffffff (97731a1c) (00000001) vpn nat outbound (vpn_nat)
2: - 1fffff0 (964c1800) (00000001) TCP streaming (out) (cpas)
3: - 1ff0000 (9775b87c) (00000001) vpn tagging outbound (tagging)
4: - 1f00000 (96398494) (00000001) Stateless verifications (asm)
5: 0 (9632b838) (00000001) fw VM outbound (fw)
6: 1 (963a5510) (00000002) wire VM outbound (wire_vm)
7: 2000000 (97734e24) (00000001) vpn policy outbound (vpn_pol)
8: 10000000 (963d8bdc) (00000003) SecureXL outbound (secxl)
9: 20000000 (97733e84) (00000001) vpn encrypt (vpn)
10: 60000000 (97747ac4) (00000001) tcpt outbound (tcp_tun)
11: 7f000000 (9634c458) (00000001) fw accounting outbound (acct)
12: 7f700000 (964c1a40) (00000001) TCP streaming post VM (cpas)
13: 7f800000 (96396e84) (ffffffff) IP Options Restore (ipopt_res)
monitor: monitoring (control-C to stop)
eth2c0:i0 (tcpt inbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:i1 (IP Options Strip)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:i2 (vpn decrypt)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:i3 (Stateless verifications)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:i4 (vpn tagging inbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:i5 (vpn decrypt verify)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:i6 (SecureXL conn sync)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:i7 (fw VM inbound )[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I8 (wire VM inbound )[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I9 (fw accounting inbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I10 (vpn policy inbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I11 (SecureXL inbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I12 (fw SCV inbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I13 (TCP streaming (in))[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I14 (IP Options Restore)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I15 (HA Forwarding)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth2c0:I16 (Chain End)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth1c0:o0 (IP Options Strip)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth1c0:o1 (vpn nat outbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth1c0:o2 (TCP streaming (out))[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth1c0:o3 (vpn tagging outbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth1c0:o4 (Stateless verifications)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
eth1c0:o5 (fw VM outbound)[60]: 10.10.1.117 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=512 seq=39937
Packet translaté
eth1c0:O6 (wire VM outbound )[60]: 172.19.1.1 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=10013 seq=39937
eth1c0:O7 (vpn policy outbound)[60]: 172.19.1.1 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=10013 seq=39937
eth1c0:O8 (SecureXL outbound)[60]: 172.19.1.1 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=10013 seq=39937
Packet encapsulé
eth1c0:O9 (vpn encrypt)[60]: 172.19.1.1 -> 172.18.2.1 (ICMP) len=60 id=47223
ICMP: type=8 code=0 echo request id=10013 seq=39937
Paquet après encapsulation
TOTO[admin]# fw monitor -p all -e 'accept dst=195.6.6.6;'
monitor: getting filter (from command line)
monitor: compiling
monitorfilter:
Compiled OK.
monitor: loading
Sep 12 16:25:08 TOTO[LOG_CRIT] kernel: FW-1: monitor filter loaded
in chain (16):
0: -7ffffff0 (97748194) (00000001) tcpt inbound (tcp_tun)
1: -7f800000 (96396be4) (ffffffff) IP Options Strip (ipopt_strip)
2: - 2000000 (97732e50) (00000001) vpn decrypt (vpn)
3: - 1fffff6 (96398494) (00000001) Stateless verifications (asm)
4: - 1fffff2 (9775b87c) (00000001) vpn tagging inbound (tagging)
5: - 1fffff0 (97732460) (00000001) vpn decrypt verify (vpn_ver)
6: - 1000000 (963d8594) (00000003) SecureXL conn sync (secxl_sync)
7: 0 (9632b838) (00000001) fw VM inbound (fw)
8: 1 (963a5510) (00000002) wire VM inbound (wire_vm)
9: 10 (9634c458) (00000001) fw accounting inbound (acct)
10: 2000000 (9773576c) (00000001) vpn policy inbound (vpn_pol)
11: 10000000 (963d8bdc) (00000003) SecureXL inbound (secxl)
12: 7f600000 (9638d104) (00000001) fw SCV inbound (scv)
13: 7f750000 (964c168c) (00000001) TCP streaming (in) (cpas)
14: 7f800000 (96396e84) (ffffffff) IP Options Restore (ipopt_res)
15: 7fb00000 (964a75cc) (00000001) HA Forwarding (ha_for)
out chain (14):
0: -7f800000 (96396be4) (ffffffff) IP Options Strip (ipopt_strip)
1: - 1ffffff (97731a1c) (00000001) vpn nat outbound (vpn_nat)
2: - 1fffff0 (964c1800) (00000001) TCP streaming (out) (cpas)
3: - 1ff0000 (9775b87c) (00000001) vpn tagging outbound (tagging)
4: - 1f00000 (96398494) (00000001) Stateless verifications (asm)
5: 0 (9632b838) (00000001) fw VM outbound (fw)
6: 1 (963a5510) (00000002) wire VM outbound (wire_vm)
7: 2000000 (97734e24) (00000001) vpn policy outbound (vpn_pol)
8: 10000000 (963d8bdc) (00000003) SecureXL outbound (secxl)
9: 20000000 (97733e84) (00000001) vpn encrypt (vpn)
10: 60000000 (97747ac4) (00000001) tcpt outbound (tcp_tun)
11: 7f000000 (9634c458) (00000001) fw accounting outbound (acct)
12: 7f700000 (964c1a40) (00000001) TCP streaming post VM (cpas)
13: 7f800000 (96396e84) (ffffffff) IP Options Restore (ipopt_res)
monitor: monitoring (control-C to stop)
eth1c0:O10 (tcpt outbound)[112]: 210.1.1.1-> 195.6.6.6(50) len=112 id=50449
eth1c0:O11 (fw accounting outbound)[112]: 210.1.1.1 -> 195.6.6.6(50) len=112 id=50449
eth1c0:O12 (TCP streaming post VM)[112]: 210.1.1.1-> 195.6.6.6(50) len=112 id=50449
eth1c0:O13 (IP Options Restore)[112]: 210.1.1.1-> 195.6.6.6(50) len=112 id=50449
eth1c0:O14 (Chain End)[112]: 210.1.1.1-> 195.6.6.6(50) len=112 id=50449
