CA management - tinyca

TinyCA is a program with a simple graphical user interface that makes managing a small CA (Certification Authority) easy.  TinyCA works as a frontend for openssl and can deal with several independent CAs.
With TinyCA you can create and manage x509 and S/MIME server and client certificates.  You can choose between RSA and DSA keys, as well as between different digest algorithms.
The certificates can be exported as PEM, DER, TXT and PKCS#12 or as a convenient archive containing both key and certificate.  Certificates can be revoked by adding them to a certificate revocation list.

Juniper screen OS debug transaction flow

Capturing Debug flow basic:

Cl db

Set ff src-ip x.x.x.x dst-ip y.y.y.y

Set ff src-ip y.y.y.y dst-ip x.x.x.x

(where

x.x.x.x== client ip which is accessing the server y.y.y.y==public ip of server i.e VIP ip of the server)

debug flow basic

(Then initiate the concerned traffic from source x.x.x.x to y.y.y.y)

Get db str

Undebug all

Cl db

Capturing snoop detail

Cl db

Snoop filter ip src-ip x.x.x.x dst-ip y.y.y.y direction both Snoop detail len 1514 Snoop (and then press `y?)

(Then initiate the concerned traffic from source x.x.x.x to y.y.y.y)

Get db str

Snoop off

RHEL6 disable ipv6

Edit /etc/sysconfig/network
Change the following:
NETWORKING_IPV6=yes to NETWORKING_IPV6=no

Add a new file /etc/modprobe.d/ECS.conf containing
alias net-pf-10 off
alias ipv6 off

Stop the ipv6tables service
service ip6tables stop

Disable the ipv6tables service
chkconfig ip6tables off

After these changes, IPv6 will be disabled after the next reboot of your system.

verify ipv6 is disable
lsmod | grep ipv6
ifconfig

netstat

ref.: http://linuxnet.ch/groups/linuxnet/revisions/5b3a1/6/