Configuring NTP Server in HP Procurve Switches

Time is important for you to check logs.
This time I'd like to show you how to configure NTP Server in HP Procurve Switches.
HP Switches are only support less secure SNTP instead of NTP.

OK. Let's Configure!

Login to your switch with console/terminal and type following commands for your sntp server configuration.

configure terminal
timesync sntp


sntp unicast (Use this command if you want to use only one NTP server)
(or)
sntp broadcast
(Use this command if you want to use more than one NTP server)

sntp server priority 1 218.186.3.36
(or)
sntp server  218.186.3.36

(These above two commands are working on different model.
Some model work first command and some model work second command.
Please take note that you can configure maximum 3 NTP server for your switch.
In my example, I use NTP server for Singapore)


time timezone +480 (Formula for this command is GMT+Regional Time in Minute. I use Singapore Time and GMT+8. 8 hours in minute is 480. So result is GMT+480)

Once you done above all commands, use below command to check NTP Server setting.

show sntp
(or)
show sntp statistics
(This command is not working on some switch model)

If NTP server setting are correct, check the time with command "show time".
If Time is showing as expected ,save the configuration with "write memory" command.
Logout from switch then.
If NTP server setting is not correct as what you expected, check all your configuration again.

Hope this post help you on configuratre the SNTP for your switch.

Have a good time.
(Be knowledgeable,pass it on then)

Resetting admin login password for GMS Application Interface of SonicWall GMS Virtual Appliance on UMA


If you have many SonicWall Firewall, it is not easy to manage without SonicWall GMS.

GMS have two logins for System Interface and Application Interface.

System Interface is to manage your GMS Hardware Appliance or Virtual Appliance.

Application Interface is to manage your SonicWall devices in your network.

So, you can contact to SonicWall Technical Support if you forgot the login password of GMS System Interface. But to do so, you need valid support contract/license. (So take note it and do not forget if you didn’t renew support contract/license. :P)

For application interface login password, you do not need Tech Support if you know how.

As human being, I am sure you will forget your password sometimes and here is how to reset the GMS Application Interface Password.

First, you will see like below if you forgot password.


You need MySQL Query Browser to access GMS Database in order to reset the password.

1.      Download it from below link and run it on the machine which is located in same subnet of GMS UMA or subnet which able to access of GMS UMA.

2.     Open MySQL Query Browser:


3.        Log into the SGMSDB database using either the ‘root’ account or the account you chose during Role Configuration:


4.     Enter this command in the top panel, then hit the ‘Execute’ button:


                
5.     The Admin password has been reset.  You can now log in to the Application Interface using the username ‘Admin’ with the password ‘password’:

I did this demonstration on GMS Virtual Appliance Version 7.2.
Have a good time.
(Be knowledgeable, pass it on then)

Angler EK is exploiting Adobe Flash Vulnerability (CVE-2015-5560)

There is an integer overflow vulnerability in Adobe Flash Player 18.0.0.209 and earlier versions.
The vulnerability is triggered when Flash Player loads and parses an contrived MP3 file with compressed ID3 data greater than 0x2aaaaaaa bytes.
This causes an integer overflow in the buffer that allocates this data.
This results in copying a large amount of data in to a small buffer.
Not long after the disclosure of the vulnerability, Angler exploit kit has been cited to be using exploits for this vulnerability.
The issues only affects 64bit platforms.
The vulnerability is referred by CVE as CVE-2015-5560.
If you haven't patch your Security Devices, please patch them.

Have a good time.
(Be knowledgeable, pass it on then)

How to deploy 2.4GHz Wireless properly?

There are a lot of things to take note before we going to deploy 2.4GHz Wireless Network.
If we select channel wrongly, stability and performance of our Wireless Network and it’s client will impact badly.

As we know that we can get Channel 1 to 11 (1 to 13 in some devices) for 2.4GHz spectrum.
A few channels are only non-overlap among these channel.
Channel 1,6 and 11 for range between  1 to 11 are not overlap.
Channel 1,5,9 and 13 for range between 1 to 13 are not overlap.

Currently, many wireless routers automatically select the channel for you upon initial setup, where depending on your wireless environment, it could lead to slow Wi‑Fi speeds and interference. 

It is not always right to configure Automation on channelization on Standlone or Controller Base Wireless devices.
The following explanation will describe what interference you're dealing with and takes you through the steps to selecting the right channel, so you can understand why you should choose between channel 1, 6 and 11 or channel 1,5,9 and 13.

There are three main causes of Wi‑Fi interference
1.     Co-Channel interference
Every client and access point on the same channel competes for time to talk as Wi-Fi devices working with  Half-Duplex.
2.     Adjacent-Channel interference
Every client and access point on overlapping channels talk over each other.
Adjacent-Channel interference on the other hand is where you run into problems and channel selection becomes critical. Luckily, these channel related interferences can be reduced or eliminated by selecting the proper Wi‑Fi channel for your network.
3.     Non-Wi‑Fi interference
Analog Camera, CCTV, Cordless Phone and Microwave Oven, etc are also using same frequency 2.4GHz and they can interference your Wireless Network stability and performance too.

So, we need to select the right Channel for our Wireless Network.
Check below example screenshot which taken by using insider Home (one of the free Wireless Channel Scanner application).


We should choose to configure SINGTEL-931_EXT Wireless from Channel 1 to  Channel 11 according to above screenshot as Channel 11 has less devices and less co-channel and less over-lapping channel.

This is the best configuration for Wireless Setting for Standlone Device .
If we are using Controller Base Wireless Device, we got to use this method too. Just need to ensure to check that we are going to select less devices, less co-channel and over-lapping channel.
Using more than one AP or Wireless Router with more than SSID also need to select and balance the Channel among non-overlapping channel 1,6,11 or 1,6,9,13.

That’s why configuring Wireless Broadcasting Devices or Wireless Controller as Auto Channelization , Auto Channel Width are not always right as we might need to hardcode it manually in some situation.
To do so, you will need and can find free or paid Wireless Channel Scanner application on Internet.

I’ll write about other Wireless post sooner or later. :D

Have a good time.
(Be knowledgeable, pass it on then)