Archive for the 'SND' Category
Thursday, August 20th, 2009
SubSeven – aka: Sub7 and Sub7Server is a backdoor program, in the form of a Trojan, used mostly for causing trouble on computer networks. It can be used for simple attacks such as hiding the mouse cursor and opening applications, but it can also be used for more serious attacks including retrieving all your personal [...]
Posted in Access-Lists, IINS, ISCW, Intrusion Prevention, SND, Security | No Comments »
Wednesday, August 19th, 2009
The big difference between the enable password and the enable secret is the encryption level.
The enable password by default is saved in clear text so when looking at the running-configuration of the router you will be able to read the password. It is possible to encrypt this password using the service password-encryption command.
The service password-encryption [...]
Posted in IINS, IPS, SND, SNRS, Security | No Comments »
Tuesday, August 18th, 2009
Before looking at how to mitigate a Smurf attack, let’s first understand what it is and why it’s such a problem.
A Smurf works on a weakness of IP and ICMP by sending an ICMP packet to the broadcast address of a network. For example, I could send an ICMP (Ping packet) to every computer on [...]
Posted in Access-Lists, IINS, ISCW, Intrusion Prevention, SND, Security | 2 Comments »
Monday, August 17th, 2009
IP spoofing is the act of camouflaging your IP address to make it look like you are someone else. Although IP spoofing is not an attack by itself, it is the starting point of many of the most common attacks found on today’s networks.
Most, but not all, of the spoofing attacks that take place start [...]
Posted in Access-Lists, IINS, ISCW, Intrusion Prevention, SND, Security | 3 Comments »
Friday, August 14th, 2009
One of the first and most important things to configure on any Cisco device after allowing telnet or SSH, is to restrict who is allowed to access the device. Of course having a password on the lines is the first step but if telnet is the method of communication, all passwords will be sent over [...]
Posted in Access-Lists, CCNA (ICND2), IINS, SND, SNRS, Security | No Comments »
Thursday, August 6th, 2009
In order to control what machines are plugged into your network, Cisco introduced the “switchport port-security” command.
In this tutorial I’m going to explain how to use this command, and different options available using it.
Below is the breakdown of the commands I used in the live demo, and an explanation of each.
AOIP.ORG_Switch# terminal monitor
Since I was [...]
Posted in BCMSN, CCENT (ICND1), CCNA (ICND2), IINS, SND, Security, Switching | No Comments »
Thursday, July 30th, 2009
As part of any management and audit solution for networking, Syslog is vital.
Syslog messages allow us to track system error messages, exceptions, and other information, such as device configuration changes.
It allows for historical reporting, depending on the application keeping the logs, as well as help in fault finding.
Cisco devices support 8 levels of logging information [...]
Posted in IINS, ISCW, Management, SND, SNRS | No Comments »
Tuesday, July 28th, 2009
Cisco brings out new versions of the operating system quite frequently, and of course there are different versions of the operating system for each of the appliances. Different IOS’s will support different commands and different features and it’s not uncommon to have to change the IOS that your device is running to support commands you [...]
Posted in CCENT (ICND1), Maintenance, SND | 1 Comment »
Thursday, July 23rd, 2009
Additional configuration to further lockdown Cisco router security.
Posted in ISCW, SND, Security | No Comments »
Wednesday, July 22nd, 2009
In most smaller networks, or networks that have a few network administrators, when you log into a Cisco device you are only prompted for a password. This will take you to the Router> prompt where more than likely you will immediately type ‘enable’ to enter into privileged exec mode, and you will be prompted with [...]
Posted in SND, Security | 1 Comment »