Thursday, April 26, 2012

How to Access Skype Chat History of Another Person or PC.

Internet messengers (IM) indeed made the world smaller, and skype is undoubtedly the major contributor to this phenomena. 

Skype is simple to use, and hard to block. With skype, you can do free calls and videoconferencing; share your desktop; and, share files such as documents and photos with any other skype users anywhere. Skype has the ability to use any available open port to communicate to the internet which made it a bane for traditional port-based firewalls to block (a headache for most network engineers).

But is skype safe? 

Saturday, April 14, 2012

Practical SSH Tunneling: Using Putty to Bypass Web Filters and Firewalls

About SSH v.2 and SSH tunneling

SSH (Secure Shell) was an Internet Task Force (IETF) protocol for encrypting traffic to access a remote host. SSH v2 standard came out in 2006 and is incompatible with SSH v.1.  Version 2 uses Diffie-Hellman (DH) key exchanges to create a tunnel between a client and a server. Thus, SSH works very similary like a VPN and was, in fact, called a poor man's VPN. SSH has lower levels of security and encryption than VPN. Apart from that, I don't really know the exact difference between an SSH tunnel and a VPN and if you happen to do, please feel free to post a comment or link to your blog/article that explains SSH versus VPN.

SSH v.2 is both a boon and a bane for network engineers. I've been using SSH v.2 to do a myriad of things, some of which to purposely circumvent network policies that would normally disallow people to access other parts of the network. For this article, we will use SSH tunneling to bypass corporate firewall and webfiltering. This is possible using any Web Socket capable browser such as Mozilla Firefox and Opera (I've heard  Google Chrome will support it soon).

Wednesday, April 11, 2012

Paypal Spoof: How I knew the Paypal email I recieved was fraudulent

I had a recent experience with email spoofing involving Paypal, and I would like to share how I recognized the email as spoofed and thus was fraudulent.

My wife was selling her Macbook. Like most Gen X/Y couples do, we posted her for sale Macbook on eBay, and other trading sites. Two days later, we received an email from someone with a yahoo account asking what the prices would be in US dollars, including shipment to Nigeria. He didn't give a name and he didn't leave a shipping address. We told him the price would be US $450, but that he will have to shoulder the shipping cost depending on the address, and his favored shipping method/company would be. He said he wants to transact via Paypal, and even offered to up the price to US $580 including shipping cost -- what generosity.

So that night, I sent  him an invoice from my Paypal account. 24 hours past and I received a notification claiming to have come from services@intl.paypal.com informing me that payment had been made. Careful examination reveals it was a spoofed/phishing email. He was bamboozling me!  Here's how I immediately knew it was fake (click the picture to enlarge):


Sunday, April 8, 2012

Diablo III Will Be Available in Manila Stores May 15

Diablo III will hit stores in Manila, Philippines May 15, 2012 – the same day Blizzard announced the much-anticipated sequel to its successful Diablo series in North America.



Friday, April 6, 2012

Interconnecting Different Sites Using VPN Hairpinning with Cisco ASA Sample Configuration


This is  my first post in my newly created blog and I thought of sharing a project I did back in 2007. I was then working for a Danish company  who have offices, and clients, in  North America, South America, Europe, Asia, and Africa (North and East Africa to be more specific). 

The problem was how to interconnect all our offices and clients in these 5 continents fast, and inexpensively. We had support centers in Denmark, US and the Philippines and all our support personnel, and subject matter experts need to have access to the company's servers and systems deployed inside client's data centers scattered worldwide. We need to be able to SSH the servers; access the web and databases of the system; and, access server iLO (HP servers' integrated lights out) and KVMs. The inexpensive and fast, yet secure solution, is VPN. 

VPN is fast to deploy, is secure, and -- as most finance directors would like -- inexpensive. Do note that VPN is not the best solution when involving latency-sensitive traffic such as VoIP, and videoconferencing. For brevity, I did not include all other ASA configurations such as hostname, domain, and Firewalls. We will only show the VPN configurations and other relevant configuration lines.  

The Scenario: 

A certain Company ‘A’ has a Regional Office Headquarters (RoHQ) in Singapore that needs to access servers and systems deployed to a client in the US. Company ‘A’ has a  contact and support center in the Philippines who also needs to access the system deployed in our US-based client. As is the usual case, both companies agreed that their respective networks should be NAT-ed to a public IP address.

Related Posts Plugin for WordPress, Blogger...