وب سایت شخصی مهندس رامین ملک قاسمی

مقالات شبکه و کامپیوتر

Archive for فوریه, 2020

Mikrotik Firewall Rules in persian

posted by ramin_malek in شبکه(mikRotik Routers) and have دیدگاه‌ها برای Mikrotik Firewall Rules in persian بسته هستند

Config RSPAN in switch cisco

https://www.networkstraining.com/how-to-configure-cisco-span-rspan-erspan/
https://www.techonia.com/5080/configure-span-rspan-cisco-catalyst-switches
posted by ramin_malek in Cisco and have دیدگاه‌ها برای Config RSPAN in switch cisco بسته هستند

Port Blocking in Router cisco

https://community.cisco.com/t5/routing/blocking-ports-on-cisco-router/td-p/2391587
posted by ramin_malek in Cisco and have دیدگاه‌ها برای Port Blocking in Router cisco بسته هستند

Fastnetmon Install

For install new-version

wget https://www.rmalekghasemi.ir/file/installer-fastnetmon -O installer

sudo chmod +x installer

sudo ./installer -install_community_edition

Use Ubuntu

Ubuntu 16.04.5 LTS

wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/fastnetmon_install.pl -Ofastnetmon_install.pl

sudo apt-get install perl

sudo perl fastnetmon_install.pl

https://github.com/pavel-odintsov/fastnetmon
https://ripe71.ripe.net/wp-content/uploads/presentations/17-RIPE71_new_slides.pdf
https://forum.mikrotik.com/viewtopic.php?t=124958
https://www.menog.org/presentations/menog-18/444-fastnetmondraft2_1523890550.pdf

How install Grafana Enterprise

https://grafana.com/docs/grafana/latest/installation/debian/

How Add Influxdb To DataSource Grafana

http://www.rmalekghasemi.ir/file/grafana-fastnemon.jpg

Add influxdb to startup

sudo systemctl enable --now influxdb

How test influx DB

In shell run

sudo apt-get install influxdb-client

sudo influx -execute ‘SHOW DATABASES’;

ramin@Fastnetmon:~$ influx

After Run influx

Show Database

SHOW DATABASES

And See Database

If true See Database

graphite

https://docs.influxdata.com/influxdb/v1.7/tools/
https://docs.influxdata.com/influxdb/v1.8/tools/shell/

Mikrotik FLOW Config

https://fastnetmon.com/mikrotik/

Download Src File Fro Github

https://github.com/pavel-odintsov/fastnetmon/blob/master/src/fastnetmon_install.pl

Add to startup

If system load in high you must start fastnetmon service by delay on startup

my suggest is 30 second delay

For do this

In file

/lib/systemd/system/fastnetmon.service

add this

ExecStartPre=/bin/sleep 30

For 30 second delay

reload file service

systemctl daemon-reload

add service to startup ubuntu

sudo systemctl enable fastnetmon

How Add Notification For Ban Ip address In fastnetmon

https://fastnetmon.com/docs-fnm-advanced/advanced-quick-start/

Template For Grafana

http://www.rmalekghasemi.ir/file/FastNet Dashes.rar

Grafana New Dashboard

https://github.com/openbsod/grafana_dashboards

For Per host template Syntax For ip address

1_1_168_192

Enter Ip address By under line

For monitor Subnet In fastnetmon Config file

Change

enable_subnet_counters = on

For monitor subetnetwork and work template

Note : For Every Template Must Config influxdb

For Example this link

https://grafana.com/grafana/dashboards/7378

Chiness Site Atricle

https://ccav.me/fastnetmon-grafana-monitoring-network-traffic-and-ddos-early-warning.html

How install Fastnetmoon For Package

wget https://raw.githubusercontent.com/pavel-odintsov/fastnetmon/master/src/fastnetmon_install.pl -Ofastnetmon_install.pl 
sudo perl fastnetmon_install.pl --install-ci-packages
https://github.com/pavel-odintsov/fastnetmon/issues/900

Best Fastnetmon Dashboard

http://www.rmalekghasemi.ir/file/fastnetmon dashboard.rar

Add bgp Session By router

https://fastnetmon.com/docs/gobgp-integration/

And Config Bgp Community In fastnetmon.conf

gobgp_community_host = 65001:666

gobgp_community_subnet = 65001:777

For Enable BGp session In startup

In etc/rc.local

gbgp Files

http://www.rmalekghasemi.ir/file/gobgpd.conf

http://www.rmalekghasemi.ir/file/gobgpd

add this line

sudo /opt/gobgp_2_16_0/gobgpd -f /etc/gobgpd.conf

Note:Sure Config

gobgp_next_hop =

For announce True Subnet For next hop Router For Prefix work true

FastNetmoon Plugin For mikrotik

https://github.com/pavel-odintsov/fastnetmon/tree/master/src/mikrotik_plugin

Notify Email

My config suggest file

http://www.rmalekghasemi.ir/file/fastnetmon-email-sender.txt

Slack

https://github.com/pavel-odintsov/fastnetmon/blob/master/src/scripts/notify_with_slack.sh

python

https://github.com/pavel-odintsov/fastnetmon/blob/master/src/scripts/fastnetmon_notify.py
https://docs.python.org/3/library/smtplib.html
https://github.com/pavel-odintsov/fastnetmon/issues/624

How test email Sender by ssmtp

cat /etc/fastnetmon.conf | mail -s ‘e-mail test from FastNetMon’ root

Telegram Notification

https://github.com/halbebruno/fastnetmon-telegram
https://github.com/halbebruno/fastnetmon-telegram/blob/master/telegram_notify_about_attack.sh

ASN and email Of ips collector Script

https://github.com/deivisonmarteleto/fastnetmon_notify.py
https://community-downloads.fastnetmon.com/releases/
https://github.com/osrg/gobgp
posted by ramin_malek in هک و عملیات DDOS and have دیدگاه‌ها برای Fastnetmon Install بسته هستند

unbound config file by netlabs

https://nlnetlabs.nl/documentation/unbound/unbound.conf/
posted by ramin_malek in Linux and have دیدگاه‌ها برای unbound config file by netlabs بسته هستند

How Calculate Mss Size

https://www.imperva.com/blog/mtu-mss-explained/
posted by ramin_malek in شبکه(mikRotik Routers) and have دیدگاه‌ها برای How Calculate Mss Size بسته هستند

How Check DNS-Sec By dig command

DNS Sec Validate By Dig

dig @127.0.0.1 yahoo.com +dnssec +multi

How See Key

dig @127.0.0.1 +dnssec www.cyberciti.biz.

Dig Trace

dig DS cyberciti.biz +trace @127.0.0.1

https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/
posted by ramin_malek in Linux and have دیدگاه‌ها برای How Check DNS-Sec By dig command بسته هستند

Native Cache TTL for unbound dns

The option `cache-max-negative-ttl: 60` could be what you are looking
for, or `cache-max-ttl:` and `cache-min-ttl:`.  They are documented in
the man page (with `man unbound.conf`).

posted by ramin_malek in Linux and have دیدگاه‌ها برای Native Cache TTL for unbound dns بسته هستند

How BGP-Sec Works

posted by ramin_malek in BGP and have دیدگاه‌ها برای How BGP-Sec Works بسته هستند

How enable DNS-Sec Validation in unbound

https://plone.lucidsolutions.co.nz/linux/dns/enable-dnssec-for-unbound-resolver
posted by ramin_malek in Linux and have دیدگاه‌ها برای How enable DNS-Sec Validation in unbound بسته هستند