Simple SQL Injection Example – Review Security and Remediate

Something I regularly do, is review security against attacks and remediate if required.

This example is a simple SQL injection attack.

There is a few things in addition to code which can either prevent, log or alert this activity. Some examples listed below

  • Restrict special characters in usernames ( this wouldn’t pass the “*” )
  • Software Firewalls should block SQL injection ( This blocks the Select statements )
  • ATP (Advanced Threat Protection) monitoring access to the SQL database will alert also. (This can either log or block the traffic)

Example: Web Site – SQL injection in the username of a web portal

Username: “Select * From table 1”

Password : Blank

Result

Access Denied. Potential loophole is blocked.

Reason

One of the many firewall rules in place blocks SQL injection and the platform restricts special characters being used as usernames.

vSphere ESXi 6.7 Unable to talk between subnets between hosts

Configuration was :

ESXi 6.7 – vSphere handling all the port groups tagged with VLANs

Firewall – CISCO ASA

 

Problem : New ESXi 6.7 hosts. A virtual machine if on the same host and vSwitch could communicate no problem. However if a virtual machince was communincating with another virtual machine on another host on a different, subnet they were unable to communicate between subnets and hosts. Both virtual machines could ping their local gateways. Firewall, CISCO ASA was just dropping all packets and showing the following error

Error on the Firewall when capturing ping traffic “No source port  on ping “Error (Type 8, Code 0), Denied ICMP type=8, code=0”

 

Solution

Sometimes its the simple tick box on the Firewall / ASA config

“Enable traffic between two or more interfaces which are configured with the same security levels”

All traffic started communicating and the virtual machines could talk between the subnets as per the rules on the Firewall.

Learn NSX – VMware NSX for vSphere

Learn NSX – VMware NSX for vSphere -via Stephen Hackers Blog

Learn NSX – VMware NSX for vSphere

These are notes made during my study of VMware NSX for vSphere. Apologises if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.


VMware Social Media Advocacy

Learn NSX Day 16 : Useful Commands & Errors

NSX Manager ( Open console of NSX Manager – try basic commands)

List

List

List

sho? (displays commands starting with “sho”)sho

Privileged mode

Privileged Mode

Privileged Mode

Ping

Ping

Ping

Show Clock

Time

Time

Show file system

show filesystem

show filesystem

Type : quit     (to exit)

 

 

NSX Controller CLI Commands:

Identify which port the switch manager is using
Show controller-cluster connections

Identify control cluster majority leader
show control-cluster status

Very useful blog on trouble shooting NSX http://www.yet.org/2014/09/nsxv-troubleshooting/

 

Errors

Error Message : Invalid_ID_Information

Reason : PreShared Key doesn’t match

 

Topics :
Learn NSX – Home
Learn NSX Day 1 : NSX Requirements
Learn NSX Day 2 : NSX Deployment Best Practice
Learn NSX Day 3 : NSX Manager and NSX Controller
Learn NSX Day 4 : NSX Roles
Learn NSX Day 5 : NSX HA, Edge, REST API
Learn NSX  Day 6 : NSX and Logical Switches
Learn NSX Day 7 : Deploying ESXi
Learn NSX Day 8 : vDS (vSphere Distributed Switch)
Learn NSX Day 9 : Load Balancing Feature
Learn NSX Day 10 : Layer 2 Bridging
Learn NSX Day 11 : NSX EDGE
Learn NSX Day 12 : Spoof Guard
Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall
Learn NSX Day 14 : Monitoring
Learn NSX Day 15 : NSX Backups
Learn NSX Day 16 : Useful Commands & Errors

 

These are notes made during my study of VMware NSX for vSphere. Apologies if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.

Learn NSX Day 15 : NSX Backups

Backup NSX Two options available

  • Via NSX Manager

    backups

    backups

  • Via NSX API

Details required for backups

  • Filename prefix
  • Transfer protocol
backup-details

backup-details

 

Topics :
Learn NSX – Home
Learn NSX Day 1 : NSX Requirements
Learn NSX Day 2 : NSX Deployment Best Practice
Learn NSX Day 3 : NSX Manager and NSX Controller
Learn NSX Day 4 : NSX Roles
Learn NSX Day 5 : NSX HA, Edge, REST API
Learn NSX  Day 6 : NSX and Logical Switches
Learn NSX Day 7 : Deploying ESXi
Learn NSX Day 8 : vDS (vSphere Distributed Switch)
Learn NSX Day 9 : Load Balancing Feature
Learn NSX Day 10 : Layer 2 Bridging
Learn NSX Day 11 : NSX EDGE
Learn NSX Day 12 : Spoof Guard
Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall
Learn NSX Day 14 : Monitoring
Learn NSX Day 15 : NSX Backups
Learn NSX Day 16 : Useful Commands & Errors

 

These are notes made during my study of VMware NSX for vSphere. Apologies if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.

Learn NSX Day 14 : Monitoring

Activity Monitor

activity-monitor

activity-monitor

To monitor add VMs in to a activity monitoring security group (service composer)

  • Enable data collection
  • Then you can validate security policies are applied

Monitor Traffic

  • vDS allows port mirroring to be configured
  • Remote mirroring is an option to configure. (duplicate traffic to another port)

Flow Monitoring

flow-monitor

flow-monitor

 

  • Includes the ability to detect rouge services

 

Topics :
Learn NSX – Home
Learn NSX Day 1 : NSX Requirements
Learn NSX Day 2 : NSX Deployment Best Practice
Learn NSX Day 3 : NSX Manager and NSX Controller
Learn NSX Day 4 : NSX Roles
Learn NSX Day 5 : NSX HA, Edge, REST API
Learn NSX  Day 6 : NSX and Logical Switches
Learn NSX Day 7 : Deploying ESXi
Learn NSX Day 8 : vDS (vSphere Distributed Switch)
Learn NSX Day 9 : Load Balancing Feature
Learn NSX Day 10 : Layer 2 Bridging
Learn NSX Day 11 : NSX EDGE
Learn NSX Day 12 : Spoof Guard
Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall
Learn NSX Day 14 : Monitoring
Learn NSX Day 15 : NSX Backups
Learn NSX Day 16 : Useful Commands & Errors

 

These are notes made during my study of VMware NSX for vSphere. Apologies if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.

Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall

vDS (Distributed Switch)
An interface on a distributed switch can connect to the rest of the network

distributed-switch

distributed-switch

Advanced Settings

distributed-switch-settings

distributed-switch-settings

 

To implement:

  • Enable OSPF

    OSPF

    OSPF

  • Config uplink
  • Add subnet to new interface
  • Assign VLAN number to distributed port group for VLAN IF

Limits

There can be up to x1000 logical interfaces to one distributed router

 

Distributed Logical Firewall
Diagram to try and display my understanding of how the firewall rules apply based on security groups

Distributed Logical FirewallRules only apply to the ESXi hosts which have the source or destination VM traffic

 

Topics :
Learn NSX – Home
Learn NSX Day 1 : NSX Requirements
Learn NSX Day 2 : NSX Deployment Best Practice
Learn NSX Day 3 : NSX Manager and NSX Controller
Learn NSX Day 4 : NSX Roles
Learn NSX Day 5 : NSX HA, Edge, REST API
Learn NSX  Day 6 : NSX and Logical Switches
Learn NSX Day 7 : Deploying ESXi
Learn NSX Day 8 : vDS (vSphere Distributed Switch)
Learn NSX Day 9 : Load Balancing Feature
Learn NSX Day 10 : Layer 2 Bridging
Learn NSX Day 11 : NSX EDGE
Learn NSX Day 12 : Spoof Guard
Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall
Learn NSX Day 14 : Monitoring
Learn NSX Day 15 : NSX Backups
Learn NSX Day 16 : Useful Commands & Errors

 

These are notes made during my study of VMware NSX for vSphere. Apologies if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.

Learn NSX Day 12 : Spoof Guard

Spoof Guard

A useful feature, help prevent rouge systems connecting in to your network by pretending to be another server. An approved list of authorized servers is generated on IP, MAC. This is a separate feature from firewalls. My understanding it would increase security alongside firewall rules. See VMwares description for further information

spoof-guard

spoof-guard

Operation Modes

  • Auto trust IP on their first use
  • Manually inspect and approve before use

Topics :
Learn NSX – Home
Learn NSX Day 1 : NSX Requirements
Learn NSX Day 2 : NSX Deployment Best Practice
Learn NSX Day 3 : NSX Manager and NSX Controller
Learn NSX Day 4 : NSX Roles
Learn NSX Day 5 : NSX HA, Edge, REST API
Learn NSX  Day 6 : NSX and Logical Switches
Learn NSX Day 7 : Deploying ESXi
Learn NSX Day 8 : vDS (vSphere Distributed Switch)
Learn NSX Day 9 : Load Balancing Feature
Learn NSX Day 10 : Layer 2 Bridging
Learn NSX Day 11 : NSX EDGE
Learn NSX Day 12 : Spoof Guard
Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall
Learn NSX Day 14 : Monitoring
Learn NSX Day 15 : NSX Backups
Learn NSX Day 16 : Useful Commands & Errors

 

These are notes made during my study of VMware NSX for vSphere. Apologies if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.

Learn NSX Day 11 : NSX EDGE

Features

edge

edge

HA – Loose the Primary node and the secondary takes over. Existing connection then need to reconnect.

Load balancing – One option is to load balance based on Least connections

VPN – Edge service gate can form Layer 2 VPNs (even retain existing IPs)

Authentication – A few auth options are RSA Secure ID and Active directory

DNS – Edge will forward DNS requests to the DNS server

 

Topics :
Learn NSX – Home
Learn NSX Day 1 : NSX Requirements
Learn NSX Day 2 : NSX Deployment Best Practice
Learn NSX Day 3 : NSX Manager and NSX Controller
Learn NSX Day 4 : NSX Roles
Learn NSX Day 5 : NSX HA, Edge, REST API
Learn NSX  Day 6 : NSX and Logical Switches
Learn NSX Day 7 : Deploying ESXi
Learn NSX Day 8 : vDS (vSphere Distributed Switch)
Learn NSX Day 9 : Load Balancing Feature
Learn NSX Day 10 : Layer 2 Bridging
Learn NSX Day 11 : NSX EDGE
Learn NSX Day 12 : Spoof Guard
Learn NSX Day 13 : Distributed Router and Distributed Logical Firewall
Learn NSX Day 14 : Monitoring
Learn NSX Day 15 : NSX Backups
Learn NSX Day 16 : Useful Commands & Errors

 

These are notes made during my study of VMware NSX for vSphere. Apologies if any of the detail is incorrect. Hopefully posts under “Learn NSX” help others to start learning about VMware NSX for vSphere.