aseques

Forum Replies Created

Viewing 15 posts - 1 through 15 (of 42 total)
  • Author
    Posts
  • aseques
    Member

    @rsiera wrote:

    Hi,

    I tried ctrl^P and set conMute=Enabled. boot 81 (from USB) and then word GRUB appears, but then nothing moves.

    I’m using ZeroShell-3.0.0-Disk-2GB.img.gz which I unpacked and copied the img with dd for windows to a usb stick.

    I’m using baud 19200 speed.

    Any ideas why this doesn’t work in my setup?

    In my case I changed both ConMute and ConSpeed

    set ConMute=Enabled
    set ConSpeed=38400

    It’s very importat that you disable the hardware flow control in your minicom/serial connection.

    in reply to: Boot using serial one zeroshell 3.0.0 on a soekris 6501 #53230
    aseques
    Member

    I had to change de values of conMute so it could boot as expected.
    http://wiki.soekris.info/What_do_all_those_BIOS_settings_do%3F

    in reply to: Vulnerability and compromised profiles (Zeroshell<3.0.0) #53149
    aseques
    Member

    We observed that there is a hidden process (only shows upw when doing top) that’s called .DB.001
    This process is launched by the Database-Cron (Startup Cron -> Cron Database)
    You can see if you are affected by doing:

    cat ./DB/_DB.001/var/register/system/startup/scripts/Database-Cron/File

    in reply to: Vulnerability and compromised profiles (Zeroshell<3.0.0) #53147
    aseques
    Member

    I can confirm that the details outline in th video on youtube allows full access to the zeroshell, the only protection for this attacks other than updating is closing the web access except for your whitelisted ips.
    Other than that, could someone explain how to identify the traces of the exploits intalled?

    in reply to: Custom compile in zeroshell #52525
    aseques
    Member

    Answering to myself, racoon isn’t needed anymore in my environment because now client vpn can be established in major systems (including android and apple ios).
    So I am updating this guide for the current rc3 and switching into compiling rsync.

    in reply to: bonded VPN not working when one of WAN fails #52786
    aseques
    Member

    We are suffering exactly the same issue, and so far we haven’t found a solution for this too.

    in reply to: [Howto] Failover mail alert in zeroshell #48390
    aseques
    Member

    Just updated the script and patches for the current failoverd (zs RC2), enjoy 🙂

    in reply to: Need L2TP/IPSEC VPN for iOS #51670
    aseques
    Member

    I’d recomnend to give openvpn a try now that it can be installed in any ios device (iphone/ipad). https://www.zeroshell.org/forum/viewtopic.php?p=11587

    in reply to: Hyper-V VM rebuild of Renato’s 3.2.9 ZeroShell to VHD #52300
    aseques
    Member

    hello, insanityinside, I’ve been trying myself to compile some stuff for zeroshell without much success, I documented the steps I folowed here, but still couldn’t get it totally to work.
    The thread is here https://www.zeroshell.org/forum/viewtopic.php?t=3783
    Have you somewhere the instrucctions you followed to get zeroshell to compile the kernel and others?

    in reply to: Custom compile in zeroshell #52524
    aseques
    Member

    I’ve just updated the instructions to compile for the current RC2. Still the issues with the configure are there.
    Does anyone have an idea to fix these messages I got when compiling racoon?


    ./configure
    ......................

    checking netinet6/ipsec.h usability... no
    checking netinet6/ipsec.h presence... no
    checking for netinet6/ipsec.h... no
    checking netipsec/ipsec.h usability... no
    checking netipsec/ipsec.h presence... no
    checking for netipsec/ipsec.h... no
    checking /lib/modules/3.4.19-ZS/build/include/linux/pfkeyv2.h usability... no
    checking /lib/modules/3.4.19-ZS/build/include/linux/pfkeyv2.h presence... yes
    configure: WARNING: /lib/modules/3.4.19-ZS/build/include/linux/pfkeyv2.h: present but cannot be compiled
    configure: WARNING: /lib/modules/3.4.19-ZS/build/include/linux/pfkeyv2.h: check for missing prerequisite headers?
    configure: WARNING: /lib/modules/3.4.19-ZS/build/include/linux/pfkeyv2.h: see the Autoconf documentation
    configure: WARNING: /lib/modules/3.4.19-ZS/build/include/linux/pfkeyv2.h: section "Present But Cannot Be Compiled"
    configure: WARNING: /lib/modules/3.4.19-ZS/build/include/linux/pfkeyv2.h: proceeding with the compiler's result
    checking for /lib/modules/3.4.19-ZS/build/include/linux/pfkeyv2.h... no
    checking /usr/src/linux/include/linux/pfkeyv2.h usability... no
    checking /usr/src/linux/include/linux/pfkeyv2.h presence... yes
    configure: WARNING: /usr/src/linux/include/linux/pfkeyv2.h: present but cannot be compiled
    configure: WARNING: /usr/src/linux/include/linux/pfkeyv2.h: check for missing prerequisite headers?
    configure: WARNING: /usr/src/linux/include/linux/pfkeyv2.h: see the Autoconf documentation
    configure: WARNING: /usr/src/linux/include/linux/pfkeyv2.h: section "Present But Cannot Be Compiled"
    configure: WARNING: /usr/src/linux/include/linux/pfkeyv2.h: proceeding with the compiler's result
    checking for /usr/src/linux/include/linux/pfkeyv2.h... no
    configure: error: Unable to find linux-2.6 kernel headers. Aborting.
    in reply to: Zeroshell l2tp with Preshared key #52480
    aseques
    Member

    So far I am stuck with this, it seems to me (still have to investigate a bit more) that racoon needs to be compiled enabling the hybrid mode (mixed authentication with x509 and certificates).
    I will post whatever I can get.

    in reply to: How To rebuild kernel 2.6.36.3 into b14 document #51600
    aseques
    Member

    I have been looking into this manual, even though the instructions are very good, they don’t seem to be updated for the current zeroshell version.

    I collected all the information I could found, and wrote a simple guide that is public via bitbucket, at this url
    https://bitbucket.org/aseques/zeroshell-documentation see the file COMPILE.

    It’s a public repository, so feel free to clone/modify, etc..

    in reply to: Zeroshell l2tp with Preshared key #52479
    aseques
    Member

    It seems that there’s a way to load the certificats into iphone, I am yet to explore this setup, but it looks good, it’s a non intrusive configuration that would’nt need further changes to zeroshell.
    http://en.gentoo-wiki.com/wiki/VPN_iPhone_IPSec#With_CA

    in reply to: Need L2TP/IPSEC VPN for iOS #51669
    aseques
    Member

    PPTP will work, but it’s totally flawed, to the point that even microsoft recommends not to use it.
    Other than that you can only use l2tp, but at version 2.0.1 the configuration of the server is not usable on an iphone.
    https://www.zeroshell.org/forum/viewtopic.php?t=3721

    in reply to: Need L2TP/IPSEC VPN for iOS #51667
    aseques
    Member

    The problem is that you have to jailbreak your iphone to use openvpn natively, most of the time that’s a Non-option in a enterprise environment.
    Another solution would be to add the pieces to zeroshell l2tp connections so it could accept connections from ios (the missing piece is psk support in zeroshell)

Viewing 15 posts - 1 through 15 (of 42 total)