Category Archives: Security

JunOS : Port forwarding on Juniper SRX

A friend of mine who was used to the legacy and EOL SSG/ScreenOS platform and he just jumped into the new world of SRX/JunOS gave me the motivation to write this article. As the syntax is quite different between the two platform, it may be harder to get at first and the following example should… Read More »

Windows : Nmap error dnet: Failed to open device eth0

Experiencing the following issue with Nmap on Windows? $ nmap -P0 -sS -T5 0.0.0.0 Starting Nmap 7.70 ( https://nmap.org ) at 2019-06-04 03:14 ric dnet: Failed to open device eth0 QUITTING! It appears that some version of Npcap (or WinPcap) is causing issues. Updating Npcap to version 0.995 solve this issue. If you are running… Read More »

Web : SSL error NET::ERR_CERT_SYMANTEC_LEGACY

Since April 2018, I have noticed the following SSL error with Google Chrome and Safari’s latest versions : NET::ERR_CERT_SYMANTEC_LEGACY All Symantec SSL/TLS certificates issued prior June 1st 2016 will output this warning from now on since the latest updates. Web user, nothing is wrong on your side, the site owner must re-issue his certificate, even… Read More »

ScreenOS : SSL error accessing the WebUI

If you are using the WebUI to manage your Juniper SSG / ScreenOS device, you probably encountered the following error accessing the page lately : ERR_SSL_VERSION_OR_CIPHER_MISMATCH If you use a browser that allow SSLv3, you will be able to access the device. However as we all know the weakness of this protocol, it isn’t ideal… Read More »

ScreenOS : ERR_SSL_VERSION_OR_CIPHER_MISMATCH accessing WebUI

You probably encountered the following error if you are a fan of using the Juniper SSG/ScreenOS WebUI using a “modern” browser : ERR_SSL_VERSION_OR_CIPHER_MISMATCH Well, since the latest clustered SSL exploits, the vast majority of browsers decided to disable some protocols and ciphers for everyone’s safety. To work around this issue, you may use the following… Read More »

Linux : Port forwarding with IPtables

Need to forward a custom port to an existing port on your Linux box? Simply use the following command as root :

Example : Assuming you want to forward port 1025 to port 587 :

The command above won’t survive to reboot, see the configuration below to enter in the IPTables script :… Read More »

Mac : OpenVPN JSONDialog: Error running jsondialog

Have you encountered the following error trying to connect to OpenVPN server? JSONDialog: Error running jsondialog, status=(5, [], [‘task_for_pid(): 0x5’]), stdout=[], I have observed the following error message under the following circumstances : Operating system : Mac OSX El Capitan 10.11 OpenVPN client : v2.0.18.202 or older version The problem occur because of the System… Read More »

Web : Firefox error ssl_error_weak_server_ephemeral_dh_key

Did you had the following error lately trying to open a SSL Web site with Firefox? Error ssl_error_weak_server_ephemeral_dh_key This is because the remote Web server is using the weak SSLv3 protocol. The only way to get to the site would be disabling this SSLv3 check in Firefox. However do only if you know what you… Read More »