404 Not Found

Not Found

The requested URL /form_work2/ was not found on this server.

Archive for the 'Access-Lists' Category

Configuring Basic ISDN with Interesting Traffic

Tuesday, August 25th, 2009

When configuring ISDN with interesting traffic, it’s important to first understand how Cisco defines ‘interesting’ and what this means in terms of the connection been formed. Interesting traffic is traffic that we define in the form of an access-list that is allowed to cause the ISDN to dial. This does NOT mean it is the [...]

Posted in Access-Lists, ISCW, Routing, WAN | 9 Comments »

DoS TCP SYN Attack Mitigation

Friday, August 21st, 2009

TCP SYN flooding is often used in conjunction with IP spoofing.
The main aim of a TCP SYN flood is to send a TCP SYN packet to a host inside your network from a spoofed IP address. The TCP SYN ACK is then sent to a machine that is not expecting one, or a machine that [...]

Posted in Access-Lists, IPS, ISCW, Intrusion Prevention, Security | No Comments »

Mitigating SubSeven attacks

Thursday, August 20th, 2009

SubSeven – aka: Sub7 and Sub7Server is a backdoor program, in the form of a Trojan, used mostly for causing trouble on computer networks. It can be used for simple attacks such as hiding the mouse cursor and opening applications, but it can also be used for more serious attacks including retrieving all your personal [...]

Posted in Access-Lists, IINS, ISCW, Intrusion Prevention, SND, Security | No Comments »

Mitigating Smurf DoS Attacks

Tuesday, August 18th, 2009

Before looking at how to mitigate a Smurf attack, let’s first understand what it is and why it’s such a problem.
 
A Smurf works on a weakness of IP and ICMP by sending an ICMP packet to the broadcast address of a network. For example, I could send an ICMP (Ping packet) to every computer on [...]

Posted in Access-Lists, IINS, ISCW, Intrusion Prevention, SND, Security | 2 Comments »

IP Address Spoofing Mitigation with Access Control Lists (ACL)

Monday, August 17th, 2009

IP spoofing is the act of camouflaging your IP address to make it look like you are someone else. Although IP spoofing is not an attack by itself, it is the starting point of many of the most common attacks found on today’s networks.
 
Most, but not all, of the spoofing attacks that take place start [...]

Posted in Access-Lists, IINS, ISCW, Intrusion Prevention, SND, Security | 3 Comments »

Restricting access to VTY (Virtual Terminal Lines)

Friday, August 14th, 2009

One of the first and most important things to configure on any Cisco device after allowing telnet or SSH, is to restrict who is allowed to access the device. Of course having a password on the lines is the first step but if telnet is the method of communication, all passwords will be sent over [...]

Posted in Access-Lists, CCNA (ICND2), IINS, SND, SNRS, Security | No Comments »

Introduction to ACLs (Access Control List)

Thursday, August 13th, 2009

Before looking into the configuration of ACL (Access Control Lists), it’s important to get some of the concepts and understanding of how they work and what they are used for.
Firstly, most people believe that ACL’s are used purely for denying or allowing traffic, although this is certainly one of the functions of a ACL it [...]

Posted in Access-Lists, CCNA (ICND2), Networking 101, Security | No Comments »

Wildcard Mask

Monday, July 6th, 2009

Before we can start to explain how routing protocols work, we need an understanding of wildcard masks.
 
The concept of wildcard mask is one that many people struggle with at first, but with a little time and practice it’s becomes second nature.
Converting a full class subnet mask into a wildcard mask quite straight forward, but when [...]

Posted in Access-Lists, CCNA (ICND2), Routing | No Comments »