Tag: web

Configuring AWS CLI using Python and pip on Windows

by Samuel Mitchell, posted in AWS, Uncategorized, windows

This article was created to document the steps to configure and utilize the AWS CLI on a Windows machine.

There are multiple ways of installing the AWS CLI but I choose the method of using the Python with pip3 since I already have the tool install on my Windows 10 machine.

  1. After you install the python on your windows system from python.org

2.  You will run the following command to ensure it is working from the command prompt

python –version

3. You will then use the python utility pip3 and check if it is installed using the following command:

pip3 –version

4. Once the version is displayed without any errors, you can proceed to installing the AWS CLI using pip3. You will do this by using the command below:

pip3 install awscli

5. After the installation is complete. proceed to test that the AWS CLI is working:

where aws

Once the folder path of the AWS CLI is shown, then you have successfully installed the CLI.

Now the next step is to configure it for use with your AWS service. This can be done by running the following aws command:

aws configure

It will prompt you for the AWS Access key ID, Secret Access Key,  default Region and default output format. This allows you to connect to the AWS without authenticating each time. I would recommend that you setup an IAM user account to authenticate with the AWS CLI and limit the access to only the features that will be accessed using this method.

For further details, please consult the AWS CLI documentation here.

Securing the Web management for the HP 2530 switch

by Samuel Mitchell, posted in HP, Routing & Switching, Security

Whenever you get a HP/Aruba 2530 switch out of the box, it comes default with web management enabled using http. You can easily go to the IP address of the switch to view the switch details. To secure the web portal of the switch, do the following:

  1. Log into the switch
  2. Go into configuration mode
  3. Create a self-signed certificate for secure http access

    1. crypto pki enroll-self-signed certificate-name [SWITCHNAME] subject

    2. Enter each information requested
  4. To enable secure http, use command

    1. web-management ssl

  5. To disable http for web management, use command
    1. no web-management plaintext
  6. To added a login for the web portal, use the command:

    1. password manager user-name [loginname] plaintext [loginpassword]

I hope this was useful.

Almost caught by Spam

by Samuel Mitchell, posted in Exchange, Security, Uncategorized

I had receive the following spam email which seems to come from Paypal:

Spam_email_paypalMarch132018_edit

At first glance, it looks very legitimate but after close inspection, it was discovered to be a spam. This provides the opportunity to highlight some indications that the email received is a spam and how to mitigate against it.

  • Check the email address that it is coming from. Not the one that is displayed at first glance but when it is opened, the email address that is between these symbols <>. In the example above, it says it is coming from service@paypal-int.co.uk. (Paypal correct address is service@intl.paypal.com).

 

  • Check where the link that you are asked to click on is point to by just hovering the mouse pointer over the hyperlink and look at the bottom of the browser. The spam email said the following:

    If you did not initiate this payment, we recommend that you go to Manage/Cancel Payment

    The Manage/Cancel payment was pointing to an unknown URL and not to the Paypal website so you know that it is a malicious website it is asking you to click on.

 

  • Usually the greeting will include the email address it is sent to. In this case, I was address by my email address (*****@gmail.com) and not by my full name which the Paypal will have on record.

Now for those who are unsure if this event actually happened that the email is stating. Verify the transaction by logging on directly to your website or portal (not using the email links) in my case Paypal.com and check if any such event has occurred.

I hope this is helpful and don’t be fooled by well crafted spam emails.

Keep safe…Keep secure