-
Adding user interactive UID webportal for paloalto firewalls
Just adding authentication user identification functionallity on selfhosted webportal based on local active directory BY NO MEANS SECURE, no input is sanitized… ref: https://wp.12p.no/2022/05/13/alternative-to-captive-webportal/ First thing that is needed. php-ldap. I noticed it was not supported by php7, so i change php version to 8.x. # a2dismod php7.x.x # a2enmod php8.x.x then # apt install…
-
Alternative to captive webportal Palo Alto
The idiotic way to implement user identification when everything else fails. You need: GPO to push automaticly run powershell A webserver, for example Apache A syslog forwarder, for example rsyslog And setup the Paloalto firewall as a User ID agent with syslog listener. Plain and simple. Absolutely not secure, but until I bother with integrating…
-
Hvordan 2.5 time på Herdla ser ut når det er nordlys.
Tok en tur til Herdla og så på nordlyset med en kompis. Dette ble resultatet:
-
Trip to Bølgekraftverket
Took a sponatious trip to Bølgekraftverket located in Toft, Rong. https://www.google.com/maps/place/B%C3%B8lgekraftverket/@60.4699557,4.9247579,15z/data=!4m2!3m1!1s0x0:0x9092354b5b6cc1c0?sa=X&ved=2ahUKEwiG3YrHms_xAhXql4sKHTVsDIYQ_BIwGHoECEAQBQ Took a few photos. Fun to take photos again.
-
Northern Lights from Herdla
Pictures taken 5th of january 2021
-
GlobalProtect + Client Certificate
Setup the client certificate deployment by following this guide : https://www.virtuallyboring.com/setup-microsoft-active-directory-certificate-services-ad-cs/ Start of by exporting the CA certificate: Install the certificate on you Palo Alto Firewall: the certificate should look something like this: Create a Certificate profile: Add this profile to your Authentication settings on the GlobalProtect gateway: Now you can access your globalprotect vpn…
-
2. february 2020
Went for a walk in the mountains today… took some pictures
-
Setting up Palo Alto GlobalProtect VPN 2fa-authentication using Google Authenticator
TL;DR : Enable free 2FA using an Ubuntu server, Google authenticator and FreeRadius on service supporting radius authentication. So, I’ve been messing around with this for a while, and I decided I’d create a post showing how to do it. Basicly i have a small Ubuntu Server, with Free radius, and Google authenticator module. Using…
-
Blocking malicius IP’s automaticly with Palo Alto Firewalls
So I’ve been thinking of creating a post of how to block ips when they try to do something bad to your system, for example a exploit related to a wordpress plugin on your dmz-webserver. It’s quite easy and extremely effective. Just setup a profile that will automaticly block the ip when it tries to…
-
Dji Spark Panoramas from Grand Alacant Mont Faro
All panoramas were taken by Dji Spark Drone with the 180* panorama function. Stiched together with Microsofts Image Composer Editor (ICE)