Archive for the 'ISCW' Category

ISDN and Multilink with load-threshold

Thursday, August 27th, 2009

ISDN is a fantastic option as a backup in cases where your primary link has failed. However often your primary line has much more bandwidth than a single ISDN line (Channel). The ISDN BRI B-Channels run at 56kb/s or 64 kb/s (depending on country) and although this is a good start, often you need more [...]

Floating Static Routes

Wednesday, August 26th, 2009

In order to have a fully fault tolerant network, a backup solution for WAN links is vital. There are many options for configuring a backup line incase the primary line fails and in this tutorial we are going to look at using floating static routes to achieve a dial-up connection to act as our backup [...]

Configuring Basic ISDN with Interesting Traffic

Tuesday, August 25th, 2009

When configuring ISDN with interesting traffic, it’s important to first understand how Cisco defines ‘interesting’ and what this means in terms of the connection been formed. Interesting traffic is traffic that we define in the form of an access-list that is allowed to cause the ISDN to dial. This does NOT mean it is the [...]

ISDN Switch-type

Monday, August 24th, 2009

In order for any ISDN lines to establish Layer-1 connectivity the switch-type has to be defined correctly. The switch-type is very much country dependant so it’s also important to memorize the switch-type that applies to where you do most of your installations.   If Layer-1 is showing ‘Deactivated’ when using the show isdn status command, [...]

DoS TCP SYN Attack Mitigation

Friday, August 21st, 2009

TCP SYN flooding is often used in conjunction with IP spoofing. The main aim of a TCP SYN flood is to send a TCP SYN packet to a host inside your network from a spoofed IP address. The TCP SYN ACK is then sent to a machine that is not expecting one, or a machine [...]

Mitigating SubSeven attacks

Thursday, August 20th, 2009

SubSeven – aka: Sub7 and Sub7Server is a backdoor program, in the form of a Trojan, used mostly for causing trouble on computer networks. It can be used for simple attacks such as hiding the mouse cursor and opening applications, but it can also be used for more serious attacks including retrieving all your personal [...]

Mitigating Smurf DoS Attacks

Tuesday, August 18th, 2009

Before looking at how to mitigate a Smurf attack, let’s first understand what it is and why it’s such a problem.   A Smurf works on a weakness of IP and ICMP by sending an ICMP packet to the broadcast address of a network. For example, I could send an ICMP (Ping packet) to every [...]

IP Address Spoofing Mitigation with Access Control Lists (ACL)

Monday, August 17th, 2009

IP spoofing is the act of camouflaging your IP address to make it look like you are someone else. Although IP spoofing is not an attack by itself, it is the starting point of many of the most common attacks found on today’s networks.   Most, but not all, of the spoofing attacks that take [...]

Configuring Syslog on Cisco Routers

Thursday, July 30th, 2009

As part of any management and audit solution for networking, Syslog is vital.   Syslog messages allow us to track system error messages, exceptions, and other information, such as device configuration changes. It allows for historical reporting, depending on the application keeping the logs, as well as help in fault finding.   Cisco devices support [...]

Cisco Router Login Lockdown

Thursday, July 23rd, 2009

Additional configuration to further lockdown Cisco router security.