arp – Blocking network scanning attempts at the switchport

Have noticed that I can scan the network though I have set an arp limit rate on the Cisco switch switchport and need some recommendations.

The previous engineer set an arp rate limit of 200 and probably with good reason too… looking at you Windows OS! :-]

But that allowed strangers to connect their laptops to the network and scan it.
I’ve set the arp limit to 50 which triggers into the ‘err-disable’ state soon after I start scanning.

But if I scan a different subnet to the one I’m currently connected to, the switchport does not go into err-disable and I can successfully scan.

Can anyone recommend some reading materials and provide tips if any to mitigate this?

Thanks in advance for any assistance.

sql server – Deploying dacpac through sqlpackage.exe with NETWORK SERVICE user

Stack Exchange Network


Stack Exchange network consists of 176 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.

Visit Stack Exchange

networking – Force connection to device over certain network interface in Windows 10

My PC running Windows 10 has two network interfaces, one wired and one wireless. By default, the PC should communicate to the Internet via the wireless interfaces because it is faster, which I already achieved by modifying the priority of the network interfaces. However, I would like to access my NAS via the wired connection because both the PC and the NAS are connected via the same switch. For some weird reason, sometimes Windows does this automatically, but other times, either right from from the start after it booted or after a certain amount of time like an hour, it decides to access the NAS via the wireless connection.

Is it possible to force Windows to access a device (the NAS) via a certain network interface?

lightning network – Autonomous Loop channel

Yes you can rebalance your channels by creating circular onions. That will also cost you routing fees which are currently low.

However in order to get onchain funds you would have to close a channel (or open a channel if you want more liquidity). This means you cannot really swap on chain with off chain funds to provide yourself with inbound liquidity – wich is what loop / submarine swaps are for.

If you use c Lightning you can use the rebalce plugin https://github.com/lightningd/plugins/tree/master/rebalance or the drain plugin: https://github.com/lightningd/plugins/tree/master/drain depending on what exactly you want to do you might have to fork these plugins

intrusion – Unknown device on my home’s local network. What to do about it?

My home router’s configuration interface shows a device I don’t know, connected via WiFi to my local network. According to the router’s history, that device connected to it several days ago. It is named “PC-24”.

I know for a fact that this device is not in my home. I have an iPhone connected via WiFi and a Windows laptop via Ethernet (with WiFi disabled), and both are also accounted for in the router’s interface.

A ping to this device’s local address yielded some responses:

> ping 192.168.1.13
PING 192.168.1.13 (192.168.1.13) 56(84) bytes of data.
64 bytes from 192.168.1.13: icmp_seq=24 ttl=63 time=6.97 ms
64 bytes from 192.168.1.13: icmp_seq=25 ttl=63 time=4.81 ms
64 bytes from 192.168.1.13: icmp_seq=26 ttl=63 time=3.80 ms
^C
--- 192.168.1.13 ping statistics ---
387 packets transmitted, 3 received, 99.2248% packet loss, time 401353ms
rtt min/avg/max/mdev = 3.798/5.191/6.969/1.322 ms

Note the huge amount of lost packets, and the high ping for something that’s supposed to be on my local network.

nmap shows no response:

> nmap 192.168.1.13

Starting Nmap 7.80 ( https://nmap.org ) at 2020-09-26 19:26 CEST
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.04 seconds

> nmap -Pn 192.168.1.13
Starting Nmap 7.80 ( https://nmap.org ) at 2020-09-26 19:26 CEST
Nmap scan report for 192.168.1.13
Host is up.
All 1000 scanned ports on 192.168.1.13 are filtered

Nmap done: 1 IP address (1 host up) scanned in 201.33 seconds

Wireshark shows no activity involving that address, apart from the ping packets I sent above.

I thought about a neighbor who somehow managed to connect to my WiFi for their use, but I have set a very strong random password on the same day I got the router, and the ping seems too high to me.

My Windows laptop considered the home network as “Private” when I discovered the unknown device. As far as I know, I don’t have anything non-standard listening on the network, and nmap localhost returns only closed ports.

What should I do about this device I can’t identify? What are the potential risks of it being on my LAN, assuming that I’m going to boot it out now?

windows – Inconsistent remote network access over SOCKS5 SSH Tunnel

I’m having some issues with SOCKS5 SSH tunnels. Essentially, I’m trying to set them up to be functionally equivalent to a VPN connection. Here’s what I’ve done:

  1. Created SOCKS5 proxy using KiTTY (fork of PuTTY) on localhost port 8888
  2. Set up a SOCKS proxy in Windows Internet options to use that SOCKS proxy for all traffic
  3. Connect using the “Dynamic” Tunnel option in KiTTY.

The actual connection works. Once the proxy is on, if I search “what is my IP address”, for instance, in a browser, it comes back with the remote location’s public IP address.

I tried initiating an RDP connection a local machine on that network, but it timed out. I also found I was not able to ping any remote machines.

The strange thing here is that if I type in the IP address of a web server, like 192.168.1.150, into the browser, it works. However, if I try pinging that server, the connection times out. So it seems to depend on the protocol being used – HTTP/S works, but ICMP/RDP (and probably anything else) do not.

Based on my troubleshooting, it seems like this might be some kind of network issue. AllowTCPForwarding is On on the remote SSH server (and clearly web-related requests do work). However, all other traffic doesn’t seem to work. What I’m experiencing now seems to be a proxy that only works for web requests in any browser, as opposed to being truly system-wide.

In KiTTY, for Tunneling Destination, I have tried changing Dynamic to both Local and Remote. Neither works. With Local, I can’t load webpages, and with Remote, it says I’m not even connected to a network (proxy misconfiguration). I’ve also tried checking the “Remote ports do the same” option.

What is the actual culprit here? Is it my network settings? Something with the SSH server? A KiTTY configuration? The weird thing here is it’s not that it doesn’t work at all, but that it works halfway. I’m posting this question to SU using the remote IP connection through the SSH tunnel right now.

What are the security issues can be exploited to VLAN switches to compromise network?

While VLAN switches can be used to provide security between network segments using VLAN filtering rules. Is there any possibility to have an security issue which is exploited to VLAN switches?

LeadGid – financial affiliate CPA network

LeadGid is the number one affiliate network in the field of financial lead generation in Russia and Eastern Europe. We deliver millions of clients to banks and microfinance companies monthly. Leadgid helps the banks to use internet traffic most effectively, and allows affiliates to monetize their traffic with maximum profit.

Our benefits

  • Best contests for publishers
  • 400+ offers and 30+ countries
  • The best client-friendly service
  • TOP-1 in Eastern Europe in the number of financial leads
  • We’re specialized in financial CPA since 2012
  • Traffic quality control
  • Quick start (24 hours)
  • Guaranteed monthly amount of leads
  • All integration options available
  • Advanced analytics

Payout: minimum payout 50 euro

  • Contract
  • Webmoney
  • Yandex
  • Bank account
  • Qiwi

From April 1 to October 31, we run a new contest “Leadgid’s Magic Lamp. Arabian night and 1001 prizes»

.(tagsToTranslate)webmaster forum(t)internet marketing(t)search engine optimization(t)web designing(t)seo(t)ppc(t)affiliate marketing(t)search engine marketing(t)web hosting(t)domain name(t)social media

wi fi – What is the difference between connecting to Wi-fi network by tap(manually) and automatic (when there is no other available networks)

Stack Exchange Network


Stack Exchange network consists of 176 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.

Visit Stack Exchange

malware – spreading RAT/Keylogger over network

I just got into cyber security and one of my fav topic is Malware RAT Keylogger backdoor. I am looking in specific topic but can’t find much about how to spread a RAT over a network?
an example (I want to infect my PC with RAT or keylogger and spread over network automatically, anyone using Windows will be infected)

can you suggest me anything?

Thanks