Comments for Information Technology Enthusiast http://infolookup.securegossip.com Just another SecureGossip - United Security Blog Portal weblog Thu, 17 May 2012 20:09:21 +0000 hourly 1 Comment on Port forwarding with Fortigate 100A by Sherwyn http://infolookup.securegossip.com/2010/10/01/port-forwarding-with-fortigate-100a/comment-page-1/#comment-38071 Sherwyn Thu, 17 May 2012 20:09:21 +0000 http://infolookup.securegossip.com/?p=363#comment-38071 Hi Derek, Thank you very much for your information. I was unable to test this on our device since its in a remote location but I am happy to know someone else was able to shed some light on this. Cheers, Sherwyn @infolookup Hi Derek,

Thank you very much for your information. I was unable to test this on our device since its in a remote location but I am happy to know someone else was able to shed some light on this.

Cheers,
Sherwyn
@infolookup

]]> Comment on Port forwarding with Fortigate 100A by Derek http://infolookup.securegossip.com/2010/10/01/port-forwarding-with-fortigate-100a/comment-page-1/#comment-38043 Derek Wed, 16 May 2012 21:07:52 +0000 http://infolookup.securegossip.com/?p=363#comment-38043 Hi there, I just went through this myself, and discovered that you really can't create a VIP with two nonconsecutive ports. If you need say port 110 and port 25 to be forwarded, you will need to create two VIP's. FG60C (vip) # edit Test-VIP-SMTP FG60C (Test-VIP) # set extip 192.168.10.10 => setting up the external IP FG60C (Test-VIP) # set extintf wan2 => binding to an external interface FG60C (Test-VIP) # set portforward enable => enable port forwarding FG60C (Test-VIP) # set mappedip 172.29.19.10 => mapping to an internal IP FG60C (Test-VIP) # set extport 25 => setting up external port FG60C (Test-VIP) # set mappedport 25 => mapping to internal destination port FG60C (vip) # edit Test-VIP-POP3 FG60C (Test-VIP) # set extip 192.168.10.10 => setting up the external IP FG60C (Test-VIP) # set extintf wan2 => binding to an external interface FG60C (Test-VIP) # set portforward enable => enable port forwarding FG60C (Test-VIP) # set mappedip 172.29.19.10 => mapping to an internal IP FG60C (Test-VIP) # set extport 110 => setting up external port FG60C (Test-VIP) # set mappedport 110 => mapping to internal destination port Note, you then have two VIP's , and you create two firewall rules, one for each. Set up the firewall with the proper service, and that traffic will flow. If you set up a firewall with "ANY" as the service, then you will only catch the first one, which won't work for POP3. If you want to set up a range, the extip can only be set with an integer (a single port) Set it to the first port, then set up the range in "mappedport" It was asked, how do you forward 10000 to 20000: FG60C (vip) # edit Test-VIP-RANGESERVER FG60C (Test-VIP) # set extip 192.168.10.10 => setting up the external IP FG60C (Test-VIP) # set extintf wan2 => binding to an external interface FG60C (Test-VIP) # set portforward enable => enable port forwarding FG60C (Test-VIP) # set mappedip 172.29.19.10 => mapping to an internal IP FG60C (Test-VIP) # set extport 10000 => setting up external port FG60C (Test-VIP) # set mappedport 10000-20000 => mapping to internal destination port Note2: I have a FG60C, and I'm just figuring this out on the fly, so please don't take my word for it. http://docs.fortinet.com/fgt/handbook/cli_html/wwhelp/wwhimpl/js/html/wwhelp.htm Hi there,

I just went through this myself, and discovered that you really can’t create a VIP with two nonconsecutive ports.

If you need say port 110 and port 25 to be forwarded, you will need to create two VIP’s.

FG60C (vip) # edit Test-VIP-SMTP
FG60C (Test-VIP) # set extip 192.168.10.10 => setting up the external IP
FG60C (Test-VIP) # set extintf wan2 => binding to an external interface
FG60C (Test-VIP) # set portforward enable => enable port forwarding
FG60C (Test-VIP) # set mappedip 172.29.19.10 => mapping to an internal IP
FG60C (Test-VIP) # set extport 25 => setting up external port
FG60C (Test-VIP) # set mappedport 25 => mapping to internal destination port

FG60C (vip) # edit Test-VIP-POP3
FG60C (Test-VIP) # set extip 192.168.10.10 => setting up the external IP
FG60C (Test-VIP) # set extintf wan2 => binding to an external interface
FG60C (Test-VIP) # set portforward enable => enable port forwarding
FG60C (Test-VIP) # set mappedip 172.29.19.10 => mapping to an internal IP
FG60C (Test-VIP) # set extport 110 => setting up external port
FG60C (Test-VIP) # set mappedport 110 => mapping to internal destination port

Note, you then have two VIP’s , and you create two firewall rules, one for each.
Set up the firewall with the proper service, and that traffic will flow. If you set
up a firewall with “ANY” as the service, then you will only catch the first one, which won’t work for POP3.

If you want to set up a range, the extip can only be set with an integer (a single port)
Set it to the first port, then set up the range in “mappedport”

It was asked, how do you forward 10000 to 20000:

FG60C (vip) # edit Test-VIP-RANGESERVER
FG60C (Test-VIP) # set extip 192.168.10.10 => setting up the external IP
FG60C (Test-VIP) # set extintf wan2 => binding to an external interface
FG60C (Test-VIP) # set portforward enable => enable port forwarding
FG60C (Test-VIP) # set mappedip 172.29.19.10 => mapping to an internal IP
FG60C (Test-VIP) # set extport 10000 => setting up external port
FG60C (Test-VIP) # set mappedport 10000-20000 => mapping to internal destination port

Note2: I have a FG60C, and I’m just figuring this out on the fly, so please don’t take my word for it.

http://docs.fortinet.com/fgt/handbook/cli_html/wwhelp/wwhimpl/js/html/wwhelp.htm

]]> Comment on Handcent SMS logs all your sent messages by Sherwyn http://infolookup.securegossip.com/2011/12/18/handcent-sms-logs-all-your-send-messages/comment-page-1/#comment-38037 Sherwyn Wed, 16 May 2012 19:50:09 +0000 http://infolookup.securegossip.com/?p=663#comment-38037 Hi Goi, Thank you for your comment. Is my phone rooted? Yes My concern would have still exist even if my phone is not root, I have a concern about my privacy, if I delete something I want it to be deleted. If I lost my phone and something found it, I dont want them finding all my private sms, or have some company logging and possibly accessing my sms. Hi Goi,

Thank you for your comment.

Is my phone rooted? Yes

My concern would have still exist even if my phone is not root, I have a concern about my privacy, if I delete something I want it to be deleted.

If I lost my phone and something found it, I dont want them finding all my private sms, or have some company logging and possibly accessing my sms.

]]> Comment on Handcent SMS logs all your sent messages by Goi http://infolookup.securegossip.com/2011/12/18/handcent-sms-logs-all-your-send-messages/comment-page-1/#comment-38014 Goi Wed, 16 May 2012 06:56:14 +0000 http://infolookup.securegossip.com/?p=663#comment-38014 Is your phone rooted? If not, the sqlite database, which is stored in handcent's /data folder, should be accessible only to handcent isn't it? Also, does deleting the database solve the problem? Is your phone rooted? If not, the sqlite database, which is stored in handcent’s /data folder, should be accessible only to handcent isn’t it? Also, does deleting the database solve the problem?

]]> Comment on Handcent SMS logs all your sent messages by Attack of the Androids - AotA 15: It Won’t Connect http://infolookup.securegossip.com/2011/12/18/handcent-sms-logs-all-your-send-messages/comment-page-1/#comment-37725 Attack of the Androids - AotA 15: It Won’t Connect Thu, 03 May 2012 06:40:39 +0000 http://infolookup.securegossip.com/?p=663#comment-37725 [...] some interesting findings about one of the most popular Android messaging apps, Handcent. Hopefully we can have the author on the show next week to answer some of the questions we tossed back and forth. If I delete [...] [...] some interesting findings about one of the most popular Android messaging apps, Handcent. Hopefully we can have the author on the show next week to answer some of the questions we tossed back and forth. If I delete [...]

]]> Comment on Port forwarding with Fortigate 100A by Sherwyn http://infolookup.securegossip.com/2010/10/01/port-forwarding-with-fortigate-100a/comment-page-1/#comment-37504 Sherwyn Wed, 25 Apr 2012 15:40:00 +0000 http://infolookup.securegossip.com/?p=363#comment-37504 Hi p_buddhika, Thank you for visiting my blog, as it relates to your question have you tried what I have suggested in the post? I am only forwarding one IP there but you can easily add more than one. The question I have is are you forwarding both ports to the same internal IP? if so just do: FG100A (vip) # edit Test-VIP FG100A (Test-VIP) # set extip 192.168.10.10 => setting up the external IP FG100A (Test-VIP) # set extintf wan2 => binding to an external interface FG100A (Test-VIP) # set portforward enable => enable port forwarding FG100A (Test-VIP) # set mappedip 172.29.19.10 => mapping to an internal IP FG100A (Test-VIP) # set extport 25 => setting up external port set extport 225 => setting up external port FG100A (Test-VIP) # set mappedport 25 => mapping to internal destination port FG100A (Test-VIP) # set mappedport 225 => mapping to internal destination port That should work. Hi p_buddhika,

Thank you for visiting my blog, as it relates to your question have you tried what I have suggested in the post?
I am only forwarding one IP there but you can easily add more than one. The question I have is are you forwarding both ports to the same internal IP? if so just do:

FG100A (vip) # edit Test-VIP
FG100A (Test-VIP) # set extip 192.168.10.10 => setting up the external IP
FG100A (Test-VIP) # set extintf wan2 => binding to an external interface
FG100A (Test-VIP) # set portforward enable => enable port forwarding
FG100A (Test-VIP) # set mappedip 172.29.19.10 => mapping to an internal IP
FG100A (Test-VIP) # set extport 25 => setting up external port
set extport 225 => setting up external port
FG100A (Test-VIP) # set mappedport 25 => mapping to internal destination port
FG100A (Test-VIP) # set mappedport 225 => mapping to internal destination port

That should work.

]]> Comment on Block users from creating global distribution list in Exchange 2010 by Sherwyn http://infolookup.securegossip.com/2011/10/13/block-users-from-creating-global-distribution-list-in-exchange-2010/comment-page-1/#comment-37503 Sherwyn Wed, 25 Apr 2012 15:39:43 +0000 http://infolookup.securegossip.com/?p=640#comment-37503 Hi Rob, Thank you for visiting my blog, it looks like this behavior did carry over pass the RTM cause we didn't install the RTM we installed the final release. Hi Rob,

Thank you for visiting my blog, it looks like this behavior did carry over pass the RTM cause we didn’t install the RTM we installed the final release.

]]> Comment on Block users from creating global distribution list in Exchange 2010 by Rob http://infolookup.securegossip.com/2011/10/13/block-users-from-creating-global-distribution-list-in-exchange-2010/comment-page-1/#comment-37500 Rob Wed, 25 Apr 2012 15:05:21 +0000 http://infolookup.securegossip.com/?p=640#comment-37500 It looks like this was the default behavior in the Beta but was changed in the RTM. This shouldn't be an issue for most default installations: http://blogs.technet.com/b/exchange/archive/2009/11/18/3408844.aspx It looks like this was the default behavior in the Beta but was changed in the RTM. This shouldn’t be an issue for most default installations:
http://blogs.technet.com/b/exchange/archive/2009/11/18/3408844.aspx

]]> Comment on Port forwarding with Fortigate 100A by Prasanna http://infolookup.securegossip.com/2010/10/01/port-forwarding-with-fortigate-100a/comment-page-1/#comment-37447 Prasanna Tue, 24 Apr 2012 11:20:45 +0000 http://infolookup.securegossip.com/?p=363#comment-37447 How do you setup 2 ports (25 and 225) to be forwarded? How do you setup 2 ports (25 and 225) to be forwarded?

]]> Comment on Bypassing UAC with User Privilege under Windows Vista/7 **Mirrored** by Sherwyn http://infolookup.securegossip.com/2010/11/25/bypassing-uac-with-user-privilege-under-windows-vista7-mirrored/comment-page-1/#comment-37271 Sherwyn Wed, 18 Apr 2012 21:08:23 +0000 http://infolookup.securegossip.com/?p=439#comment-37271 Hey, Sorry for the delayed response I was a bit busy. Now if ICT is your support admins then you should to the boss and have them do their jobs. If you want you can Google "bios master password "Machine model". You can also try to exploit the machine, do a few scans with Nessus or OpenVas and see what vulnerable services its running and exploit it as you see it :). Hey,
Sorry for the delayed response I was a bit busy. Now if ICT is your support admins then you should to the boss and have them do their jobs. If you want you can Google “bios master password “Machine model”. You can also try to exploit the machine, do a few scans with Nessus or OpenVas and see what vulnerable services its running and exploit it as you see it :) .

]]>