Latest Event Updates

How to block a WEBSITE / URL Link on PTCL WiFi ADSL Router ?

Posted on Updated on

Hello, today’s article is about configuring your PTCL ADSL WiFi Router for blocking a “website / URL Link”. The PTCL ADSL WiFi Router I am using comes with a lot of features and security settings. This article is about configuring/using the “Url Filter” feature.

Advantage
The advantage of blocking on PTCL ADSL WiFi Router is that the website / URL Link will not be accessible to any device (PC, Laptop, Mobile phone, Tablet etc.) present in the network. So, you don’t have to block it one each device or use some software firewall, just add it to the router and its blocked for all the users inside the network.

Note: Please note you can’t block HTTPS webistes/URL Links on your PTCL ADSL WiFi Router. Only HTTP websites will be blocked. If the “green secure” bar/words doesn’t show up in the browser it means the  website is on HTTP. Most of the websites are now running on HTTPS.

HTTP vs HTTPS website example
HTTP vs HTTPS website example

 

Current Network Scenario

Drawing1
Current Network Scenario

For this article I am using the following PTCL ADSL WiFi Router

SLIM Router
PTCL ADSL WiFi Router

Steps

1 Login to the ADMIN WEB PAGE of your router by typing “192.168.1.1” in your web browser. Type the username and password which is written on the backside of your router or on the box of router.

Accessing the WEB Admin Page
Accessing the Admin WEB Page

2. On successful username and password, following page will show up

Admin WEB Page
Admin WEB Page

3. Next click on “Advance Setup” then “Parental Control” and then “Url Filter”. Following page will show up.

Url Filter Web Page
Url Filter Web Page

4. Click on “Add” button and a new web page will show up. In the “URL Address” column type the complete web address of a website you want to block for this example I am blocking Microsoft’ BING website (http://www.bing.com). In “Port Number” type 80. And then click “Apply/Save” button.

Blocking website WWW.BING.COM
Blocking website WWW.BING.COM

5. Make sure “Exclude” is selected

Exclude radio button
Exclude radio button

6. Now try to open the website on your WEB Browser of cellphone or laptop or tablet etc. and it should not open, as shown below

Website / URL Link successfully blocked
Website / URL Link successfully blocked

Note: User’s in network can still bypass the Url filter security feature by using a PROXY WEBSITE to access the blocked website / URL Link.

 

Idiots Guide: How to connect two PTCL ADSL (wifi) routers in a network via LAN ?

Posted on Updated on

Hello, hope you are having a good day or may be not!!! You are confused and frustrated about configuring two routers in your home network (LAN). If you are facing this problem. Just sit back and relax because this tutorial will guide you on how to fix this problem.

Scenario:

Somehow I have got two PTCL routers from the PTCL. Both the routers are ADSL + WIFI routers as shown in the following figures.

New router: SLIM

SLIM Router
SLIM Router

Old router: FAT

FAT Router
FAT Router

Now the SLIM router is my primary router i.e. the PHONE LINE after DSL SPLITTER comes to this router and all the devices in my home connects to this one via WIFI or a CAT5/6 cable. Now, I have another spare router (FAT) and I want to use this router in another room because I am not getting good signals with my SLIM router. Also, I want this FAT router to be a part of my existing network.

Existing network:

Existing Network
Existing Network

Problem:

To Install / Configure a PTCL’s ADSL + WIFI router (FAT) in the existing network because we want to install the NEW router in another room to get GOOD WIFI SIGNALS.

Modified network:

Modified Network
Modified Network

Steps: 

1. First you need to find out the network address of your ROUTER that is connected to the INTERNET in my case its the SLIM router. SLIM router is on the “192.168.1.1”, most of the PTCL routers are assigned this private IP address. You can also verify it by typing “192.168.1.1” address in your browser, it will ask you USERNAME + PASSWORD to login. Afterwards you will be shown to a screen similar to following:

SLIM router LOGIN PAGE
SLIM router LOGIN PAGE

2. Now, the second step is to find the network address of our FAT router. Just like the SLIM router it will also be running on the IP address “192.168.1.1”. To connect with this router. I would recommed the following steps:

  • TURN OFF your SLIM router
  • POWER UP this FAT router
  • Connect you PC/Laptop with this FAT router via WIFI or NETWORKING CABLE (CAT 5/6) [ i used the networking cable method]
  • LOG into the ADMIN PAGE of this FAT router by typing “192.168.1.1” into your browser
  • A similar screen like previous router’s admin page will be shown as shown in the following picture
FAT router login page
FAT router LOGIN page

3. Third step involves configuring this FAT router. So, that we can adjust it in our existing network.

  • In the Advanced Setup tab click on the LAN button
  • Now change the IP address so that we don’t have any conflict with our SLIM router
  • I will be assigning ip address of 192.168.1.100 to this FAT router
  • And after this you need to DISABLE the DHCP server
  • After this go to the Routing tab and click on Default Gateway button
  • Check the Use Default Gateway IP address and assign the IP address of your primary router, in my case it will be 192.168.1.1
  • Save settings and reboot your router
  • Following figures shows these steps
FAT router modified settings
FAT router modified settings
FAT router default GATEWAY
FAT router default GATEWAY

4. After the restart, this FAT router will be availble to access on the “192.168.1.100” IP address.

FAT router @ 192.168.1.100
FAT router @ 192.168.1.100

5. Now,  the next step involves configuring the WIFI of this WIFI router. Give this FAT router a diffrent SSID  (name). In my case I am giving it the name of “Free Internet”, you can do whatever you want. If you want to protect your WIFI, you can go to the SECURITY settings and put a password too.

WIFI settings of FAT router
WIFI settings of FAT router

6. Next, you need to physically connect both the WIFI routers via a LAN CABLE (cat6).
Place this FAT router in your desired location / floor.

7. Next, step is to connect with the FAT router via “WIFI”. If you look at the WIFI connections in your operating system in my case its windows. “Free Internet” will be shown.

SSID: Free Internet
SSID: Free Internet

8. Connect with this “Free Internet”.

9. You will be connected to “Free Internet” but you will not be able to browse/surf any website. Its because of the fact that you have TURNED OFF THE DHCP and your system has not been assigned any IP. To fixed this issue, you will have to manually assign IP Address, Default Gateway, Netmask etc. settings as shown below

Settings on Client Side
Settings on Client Side

10. Save settings and “Disable” and then “Enable” your wireless adapter so that settings gets in.

11. After this, you will be successfully able to use INTERNET from this FAT router. Hurrah !!!

12. Please remember that you will have to do manual configuration of devices (laptop, mobile etc.) that will be connected to FAT router. Else, it won’t work.

Feel free to ask questions if you have any !!!

Note:
If you have different routers just remember that you just need to turn off the “DHCP” on the second router and give the second router default gateway IP of the primary router. Thats it.

How to generate XACML policies ? Generating XACML (2.0) policies using Picketbox API (formerly known as Jboss)

Posted on Updated on

XACML stands for eXtensible Access Control Markup Language. The standard defines a declarative access control policy language implemented in XML and a processing model describing how to evaluate access requests according to the rules defined in policies (Source: Wikipedia). This article is particularly about generating XACML based security polices so, I am assuming that you have basic understanding of XACML architecture, its components and tags.

Frankly speaking, I was not able to find a simple program (code), that can generate a policy on one click. This consumed a lot of my time and often made me frustrated. Although, there are few implementations of XACML e.g WSO2 provides a complete XACML based server that can not only generate a security policy but can also evaluate it. I would recommend people to use it. You can find its details over here. But WS02 server is complex to understand and requires a lot of settings before it comes to a running state. Also, to build your custom access control model you may need to code yourself. So, to address these issues and save your time (yes, your time) I am making this post which specifically talks about generating XACML policies on one click.

Implementation details

We will be using Picketbox (Jboss) API for implementation of XACML. The project will be build using Eclipse IDE, running Windows 7 Ultimate (x64) and the language used will be Java. Make sure you have JAVA JDK installed on your system, you can download latest JDK from here. Now lets generate a policy:

1. Download Eclipse from their official website and run it.

Eclipse

2.  I m using Eclipse Kepler Java EE version.

x2

3. Go to File —> New Project —> Other —> Java Project. Specify a name, Click next and then finish.

x3

x4

x5

x6

4. A project will be created

x75. Since we are using Picketbox API, so we need to import there libraries/JAR files. Download JAR files from here. To import JAR files, right click on the project —> navigate to Build Path —> and click on Configure Build Path.

x8

6. A new window will pop up, click on “Add External JARs”

x97. Add the following three JAR files and click ok.

x11

8. You will see the JARs imported in your project.

x129. Now lets generate a Java Class.

x13

x14

10. Copy the source code from this file source_code_JAVA and paste it the class you have just created.

x15

11. Now again, right click on the project, navigate to Run and click on “Run as Java Application”.

x1712. On successful run, a policy will be generated which will be displayed to console and saved in D drive. You can find this generated security policy here: simple_policy_XML

x18

x19

This is it, I hope this post helps you in configuring Picketbox API for generating XACML policies. In my next post I will provide you guidance about Policy Decision Point (PDP) which basically evaluates a security policy. Feel free to ask questions. Ciao.