Wednesday, March 7, 2018

The History of a Firewall: How to buy a used Fortigate and not die in the process

While talking with a friend he asked for my input regarding a Firewall option for his small business, he needs something to replace a server which he could be using for whatever else he could think of, we are talking about a rack type server with something akin to two Xeon and 16GB of RAM for an office with less than 20 workers which are only during some times of the day.

Overkill is the right word here.

Asking around many solutions came by, Cisco ASA, FirePower, Palo Alto, SonicWall and Fortinet were some of the names that rang the most but I was somewhat familiar with Fortinet and the price range was reasonable for what it does in general but I decided to take a dive onto eBay and managed to squeeze some money out of a Fortigate 60C (it ended up being 50 dollars with tax and shipping).

This was a slippery slope to "what the fuck is going on and what am I doing?".

Getting it was fast and easy, opening the box confirmed that I had received what the seller specified, plugging it in gave me nothing but a power light and a blinking status light that went off, looking at the documentation it was not clear to me what was going on but getting no IP address from the device on the LAN ports made it clear something was not right.

I tried following the other instructions which indicated there was a Web UI, which I could never get to even with a static IP address, no routing, it would not get an IP address through the WAN port, the appliance was dead apparently.

This is when I complained to the seller, which provided no feedback, about not specifying that the appliance had either been wiped clean or that configurations were still in place. The only way to figure this out was to get a RJ45 to DB9 cable and work my way through the console.

If you are wondering how that even works in 2018 let me tell you that I keep an old laptop for this purpose, a Toshiba PIII laptop with Windows 98 (I love doing retrocomputing, guilty as charged, also I do not have a docking station for my T400 otherwise I would not have to use it).

Bringing the connection up with PuTTY showed me a screen asking me if I wanted to do a test with or without express card, I was baffled by this but I got it to go through the test without an express card and it indicated a failure with the USB and Ethernet ports (because I was missing the loopback wiring it requires but I wasn't looking to make any tests, I wanted to get this working).

Turns out that I was running a troubleshooting firmware that came with the Fortigate which was in the backup section, there was no main firmware loaded onto the device so this took me to the next logical step which was getting an account with Fortinet and registering the device.

This is where the "what the fuck is going on" part gets interesting.

It turns out I could not register the device with the SN and it would ask me to contact Support, when I contacted Fortinet Support they told me nothing could be done as:

1) This appliance was registered under a different name and I could not be provided additional information on this
2) The seller I bought it from was not an authorized reseller of Fortinet
3) There was support or plan I could pay for to get assistance with this
4) I was told to get a refund from the seller because this was pointless
5) Also I got told to read the Terms of Agreement (should do that next time I try to do something this stupid, DUH, bad customer, you used to work customer support, how could you not know this!)

If at this point you are wondering, why is this important? Well friend-o, the whole reason this is breaking my neck is because without this type of support I cannot get the firmware for the device, even though I have it physically with me and I paid money for it I could not get what I needed (I also read about doing the one month free for FortiGuard or some such but I could not find this, my google-fu was weakening because my brain was drying out at this point).

I did not despair though, I assumed a good Samaritan somewhere in the world would be kind enough to have the firmware somewhere in the public even if that meant getting shit-canned by Fortinet. My assumption was right, I found it in an open FTP folder on a website (which I will not name to avoid issues but if you leave a comment or send me a message I can point you in the right direction though).

Finally I had the Fortigate 60C 5.2.8 firmware (fuck the cookbook, I had this and only this, following the damn path was out of the picture at this point) so I had to get working on pushing it through TFTP which in turn takes me to the "what am I doing?" section.

Picture this, I have a Windows 98 computer which is the only one that can connect through the console to the Fortigate, I have no other Windows machine in the house (I run Debian, Windows has been out of the question for years even if I have Virtual machines and other nonsense around, I use it at work half the time, the other half is flying through *nix consoles). I do not want to do a whole ordeal on putting a TFTP on Debian, so I end up downloading tftpd32 version 3.0 which works fine in Windows 98 but I can't get the firmware onto the Windows 98 directly (because the browsers won't work on the site, lucky me eh?) so I get them on my Debian machine, push a Samba folder that Windows 98 can access (how vulnerable am I?) and then onto the tftpd32 folder, setup the DHCP server, connect it to port 1 on the appliance (after reading through the messages on the screen) and pushing it through the console.

Was I successful? Of course! It took about a minute or two to move the image and another minute or two for the appliance to be ready but as soon as it was done it came to life, the Fortigate was alive and I could move through the Web UI as promised (no, I just did not want to deal with the console at this point, thank you very much).

After changing some of the configurations and confirming that I could not register the appliance no matter what I tried I got connected to the internet and began to toy around with the configurations which were easier than I thought.

Was I done? Oh no, I also had to try one last step before I was happy with what I had done.

I had to forward the logs to Splunk, Splunk Light that is because I have no hardware that can run the Enterprise version. After opening UDP 514 to receive logs I could see them slowly moving in (I'm just one person testing it out) and while I could get the FortiGate App for Splunk installed I see little purpose at the moment.

Hope this helps someone in the future (maybe even myself) and save some precious hours of their life. Feel free to leave a comment or message me for any questions regarding this!

Sunday, February 18, 2018

As technology moves further on

Many years ago I learned to use a computer, that was 1994 when I saw the first computer, even for the time they were old but ran MS-DOS 6.2 and later Windows 95, some of the computers had at that time Windows 3.1 and I still remember the blocky look these interfaces had, it was then that I knew I was going to be working with technology and was thrilled about the possibilities, especially since our teacher back then had installed a ton of games on the computers which included shareware versions of Commander Keen, Wolfenstein 3D and Doom.

I think one of the most memorable things I can remember where the old trackball mice we used then, some of the were like bricks and others were getting a bit more curvy but nothing that felt nice on the hand, now we have peripherals that interact directly with the user from the computer itself (I’m talking about touch screens for example, no additional items).

It was until the early 2000s that I saw my first optical mouse, it was a game changer for me, trackball was good because it was the only thing that we had, and back then trackball could be below your hand (which is how most people used them) or on top/side (which are a bit weird to get used to but it is the same as any other new device you have no knowledge or experience with unless you have some time with it).

Now that I think about it, I cannot go back to trackball if it is the old way, I’ve tried alternatives and some seem better than the current optical solutions but I am unsure it will ever pick up again, if it did not pick up back then it’s probably not doing it now (or maybe I’m wrong, if retrocomputing is a thing then why not old mice) but you can always be one of the weird bunch and give it a try, I know I would recommend giving it a try but to watch the wallet because some of these are expensive as hell for no reason? Below are two I have tried in the last year, if you can find them at a decent price then go for it.

Friday, November 24, 2017

CDS/ISIS (WinISIS) Conversion to plain text files

Well, there's always a time in which you find some really, really obscure shit in your life and you wonder why or how you dropped into this place where paths seem very... should I say, fucking weird?

Couple of years ago I was studying, well I still am, at the Faculty of Humanities and Social Sciences of UABC and came to find this really weird database the Institute for Historical Investigations has, never heard of it, or the format, UNESCO was behind it, that's it, not much to do there. Digging up more info into this it turns out that the thing does not work on anything above Windows XP, furthermore this was made for MS-DOS back in the day and has some awkward limitations that cannot be fixed in any way or form, did I mention UNESCO dropped support for it a long time ago and this thing is incompatible with other formats?

What this means in the long run is that you are stuck with something that cannot be upgraded, modified or easily transition to something that has web capabilities, oh yeah, since this was made way back in the day there was no way to get this on the internet without downloading and working with some obscure libraries.

So I volunteered to fix this and make something at least in PHP to have something that could be easily worked with, the problem remains though on how to get this out.

Round 0: Facing thy enemy without knowing anything about it
Does it work: In some lucky instances probably but not this one, after looking around for documentation and trying to do this directly through Python and some Linux commands I noted that this was a stupid thing to do as I had little to no understanding of ISO2709 or MARC for that matter.

Round 1: OpenISIS/Malete
Does it work: Yes and no? For the life of me I could not figure or understand how to get this to work, I even managed to find the executable binary file for Linux but it does not work, it simply will not work without going apeshit about the extensions not being in lowercase and missing some of the files. To top it off this is no longer supported by the developer, unfortunate.

Round 2: isis2json
Does it work: Nope, and this looked like the most viable candidate but I could simply not work out the kinks and requirements, I followed everything that was in the instructions but apparently I'm doing something wrong or it simply is not working anymore since it was done 6 years ago.

Round 3: Isis2XML
Does it work: I don't know about this one, I did not get the chance to try it out since this is for Windows and I could not be bothered to get as virtual machine running with Windows XP in order to test it. May work on other versions, I won't lie, but again I do not have the time to bother with it.

Does it work: Nope, could not even figure out what to do with it, you get a couple of files to include somewhere but from what I understand this is part or became part of OpenISIS.

Round 5: Biblio-Isis-0.24
Does it work: Surprisingly yes, had to figure out how to install the module after downloading and uncompressing it (first time using PERL) and afterwards get the initial script to work, I was really surprised when I managed to pipe everything out to a file in which everything came out, well, there is the concern that some characters are not showing up but this can be fixed later, the only problem left for me right now is to figure out a way to get everything moved around in such a way that it can be easily imported to MariaDB or anything else. <- Link to the savior of the day.

Sunday, November 5, 2017

It's been four, *ahem* FIVE years

True, it's been four years now that I've written anything for this blog, or has it been three and a bit?

I think it's time to come back with some new and interesting ideas and tips, maybe even some assistance, with some current projects I have in mind and currently running around my head but haven't properly landed since I lack some of the knowledge to perform it the way I want it to.

While I have moved on most of my work from Windows to Linux that does not mean I have lost sight of the original idea that brought this site to life, also I keep what I personally call the K. Mandla directive alive by putting old hardware back to use with true purpose and intention, I do not intend to make a clock out of a Pentium III machine, rather I intend to get the most out of it by getting it working in a business or industrial environment when applicable or assisting schools when possible, not that it takes most of these schools out of the horrible strain they are in but having a computer with a minimalist version of Linux that lets you browse and work some documents is better than nothing.

Other things currently working on would be an Open Source Timeclock (something simple and easy to install and use using PHP and Python) and an experiment with a Raspberry Pi and Splunk (more on Splunk and other interesting tools in the future).

Friday, September 21, 2012

Slitaz = Life Saver

Well it has been quite a while since I wrote on this blog and that is probably because I never found the special need to do so, be it for whatever reason.

Today I had the chance to toy around with a Toshiba Laptop built somewhere around ´99 or 2000, Pentium III Proc @ 450 MHz and 64 MB of SDRAM, which I tried upgrading but didn´t work, and a superior 6 GB HDD. This, laughable as it may seem to some, was my perfect choice for a school laptop, as I need to write a lot and my old T60 is gone now, forever, which left me with my bare hands... yeah, no.

So I was playing around with this thing and I tried different Distros in it with no success, Debian 6 and 7 RC 2 were not working at all, as a matter of fact I couldn´t connect to the wireless network as it uses WPA and the Debian installer only allows WEP; PuppyLinux was just doing bad, probably because the video card ranges somewhere around 2 to 4 MB, maybe even less; I wasn´t doing DSL, I didn´t do DSL; Knoppix was also out of the question; Crux, which is a Distro I learned about from K. Mandla, wasn´t working either and I have no other laptop at hand to do the whole "transfer this to the faster one then finish the fight on the slower one", too much hassle and not enough resources; then came SliTaz and everything somehow changed.

You see, with all the other Distros I wasn´t getting anywhere, at all, and the furthest I managed to get through was with Debian 6 but yet again that didn´t go far with the PCMCIA Wireless Card, take note that this laptop has no internal wireless or ethernet, keyword, NO, ETHERNET.


Back to SliTaz. I give it a try, at first I´m not sure why it won´t boot in some modes, then I discover it is because of the video card, so I just let it roll and get to console, good, this thing boots at blazing 8 to 5 seconds, I am impressed but I need to find a way to get this working on the hard drive itself and get rid of the CD thing.

So I look around for instructions and find that it was easier than I expected, no compiling was required and only some slight tweaking here and there, including formatting the hard drive and what not, did everything for me. Copy this and move it here, mount that, unpack this, everything goes smooth even though I have to work with Vi, nothing against it but man I´d rather have Nano anyday.

So the thing boots, IT BOOTS, but it goes into this horrible twisted screen that could be a surrealist painting. It kinda looked alive but I wasn´t sure... so in the end the video was still screwed up.


Console mode. By adding a single screen=text to grub it all worked juuuuuuust as I needed it, this whole adventure actually started because I needed a system that would run a console system not a GUI based system so this is what I got in the end and this is what I wanted, it was a win-win situation for everyone as the guy who put it in the office wasn´t really looking forward to seeing it coming back.

Tuesday, January 3, 2012

Ancient Technology wins again

Been quite a while since I've wrote in this blog but that was because I was going around with school, work and other more important things and besides I had nothing really techy to talk about until now.

Just a few days ago I bought a desktop, nicknamed Anubis from now on, from a friend, this is probably the most advanced desktop I've ever owned as I transitioned to laptops quite a while back, and I was surprised by the casing itself which looks like some sort of ship, specs were quite nice actually and once I added a few hard drives, a DVD reader and installed Windows XP, because I wanted to try my hand at something a little bit more flexible for this baby, everything looked great except for the fact that when I tried to turn it on it just wasn't working and playing around with it got it to work but I wasn't 100% sure what the reason was.

Forward two weeks later and it goes completely dead again but this time nothing I do will turn it on and it isn't until the damn things blasts my hand, the PSU that is, that I decide I've had it with the thing and decide to return it although there was the additional solution of trying another PSU but I wasn't sure I had anything for this one, specially since that PSU was 650 watts and had cables going everywhere, but fortunately I found that there was, in between all the trash I keep from old computers that I dismantle when I can't sell them, a PSU that could fit and could work for this mobo.

Two minutes later this baby is running perfectly fine, as a matter of fact it's better than before, and I just got enough cables in it to connect everything without leaving anything flying around which makes me very happy since I hate seeing crap flying around and even though it's a meager 200/300 watts PSU it is just what I needed. All in all it seems investing in ancient technology does serve you in the end!

Saturday, July 16, 2011

eMachines keeps trolling me after so many years

I have been doing IT for some 7 years now, like I've mentioned a couple of times, in different fields which range from Call Center Technical Support, the cheapo and fancy version, up to personal support to customers and companies that range between your mom and pops business up to the thousands of employees Corporation, and never have I personally found something as disgusting or annoying as an eMachines Desktop.

Yes I get the point about building affordable systems for the common user but for the love of whatever it is that you praise do it right man and I am dead serious here.

All this comes here for one reason. Two days ago I bought this old L7VMM MOBO from the guy that gives me the old computers I refurbish and let me tell you that these two last days have been terror and horror to me but also they have provoked me to look for answers to things I had previously learned and with that I had forgotten since I never used them.

I couldn't quite remember how to format a PC from a floppy, yes I am serious about the floppy thing and I have a bunch of them stored in a box, and it has been a while since I saw a FAT32 Partition in something that isn't a USB drive. That said it's also been years since I've seen a K7 in use, an AMD Duron @ 650 MHz to be precise, and I wanted to put it to use since... well the codename of the processor is "Spitfire" and using a computer with a CPU named like that sounds killer although it turned out to be a complete bummer.

How did all of this really start?

First off I placed everything in a case, that ironically states outside that it uses a P3 Celeron 600MHz CPU and that this PC NEVER goes obsolete...

Next, I try booting straight from the HDD with no luck and I start working around with it. Then I notice, in horror, that this is one of those PC's that for the life of me won't boot up from the CD-Drive and I am not sure why this is even happening but it has me terrified.

My first alternative turned out to be a Windows 98 boot floppy with CD-ROM support, because maybe you don't know it but back in the day some things weren't supported like CD-ROM drives or Floppy Drives and USB was non-existent.

As mentioned further above it had been a while since I saw a full partition of FAT32 and from there on it just went downhill. I got the CD recognized and I ran the WINNT exe to get the installation going but at first it wouldn't do it mentioning something about not enough swap space. Some ten minutes later I figured that I had to delete the NTFS partition that was occupying 99% of the hard drive... yeah I kept forgetting how the commands work.

Next stop was trying WINNT and it partially worked, then died on me, then worked, then died again, then I decided to go for Nomad, the codename for a 4GB hard drive I got laying around holding Debian 6, and it went into a deep coma state that could only be prevented if I went into the recovery state which meant I had to mess around with it a lot more than I wished for it, openSUSE laughed at me too or cried, not sure at this point, but it didn't work, Windows XP from another machine didn't work either and I've had it with this PC that will only run floppy systems, nothing bad with them but if I try and sell it to the normal customer I won't get much out of it.

Then there's the suspicion that the CPU may be damaged but I have no way to prove this since yet again I have no way to load Hirens or any other tool to test this out, RAM is also an option but that would give me a whole different bunch of errors and from what I've read, seen and understood it seems the culprit is the motherboard which has to be flashed immediately after being bought because of buggy software on the BIOS ROM which can only be done inside of Windows.

Level of Patience, almost null.

One more alternative before I give away and ask for my 10 bucks back... Windows 98 2nd Edition. May work, may not work, I don't know and I don't care but I am not letting this bad boy go out without a battle.

And in the end that also failed... that sums it up after I saw Windows 98 getting stuck several times during the installation and having to force the "restart" physically. At this point I am pretty sure the culprit is the processor and well there's nothing much I can do about this except return it and get my money back and buy a soda or something.

The History of a Firewall: How to buy a used Fortigate and not die in the process

While talking with a friend he asked for my input regarding a Firewall option for his small business, he needs something to replace a serve...