Date registered: 25th July 2015
Jan 30
SDM (Switching Database Manager) is used on Cisco Catalyst switches to manage the memory usage of the TCAM. For example, a switch that is only used for switching won’t require any memory to store IPv4 routing information. On the other hand, a switch that is only used as a router won’t need much memory to …
Jan 29
CDP and LLDP are both discovery protocols used to find information about first hop neighbor network devices. The Cisco Discovery Protocol (CDP) is a proprietary Data Link Layer protocol developed by Cisco Systems. It is used to share information about other directly connected Cisco equipment, such as the operating system version and IP address. CDP …
Jan 29
In this article are listed steps to upgrade Cisco ASA firewall setup in Active/Standby Failover Configuration. We assume that console connection is not available and only remote SSH connectivity is possible. Note: During reload and failover you may be disconnected Prep work: – New image (asa825-51-k8.bin) is already loaded into Active and Standby unit. Upgrading …
Oct 20
There’s number of ways to copy files to Cisco ASA firewall. Most common example is TFTP we all learned to use on CCNA course or reading articles on the Internet. There’s are two issues to this method: First problem is security as TFTP use clear text transmission is not preferred method from security standpoint . …
Oct 15
Great document created by Dan Farmer regarding IPMI security and best practices. Must do read for all Sys Admins and Security Engineers. IPMI Security Best Practices
Oct 09
IPSec does not disturb the original IP header and can be routed as normal IP traffic. Routers and switches in the data path between the communicating hosts simply forward the packets to their destination. However, when there is a firewall or gateway in the data path, IP forwarding must be enabled at the firewall for …
Oct 06
To permit any packets that come from an IPsec or SSL VPN tunnel without checking ACLs for the source and destination interfaces, enter the sysopt connection permit-vpn command in global configuration mode. You might want to bypass interface ACLs for IPsec or SSL VPN traffic if you use a separate VPN concentrator behind the ASA …
Aug 26
Identity NAT and NAT exempt are commonly considered the same kind of ‘no natting’ configuration when in practice both methods are configured slightly different as well as firewall’s internal processing. Identity NAT configuration nat (inside) 0 10.1.1.3 NAT Exempt configuration access-list NO_NAT extended permit ip 192.168.0.0 255.255.255.0 10.10.10.0 255.255.255.0 nat(inside) 0 access-list NO_NAT Identity NAT: …
Aug 25
During troubleshooting connectivity issues on Cisco ASA firewall it’s useful to understand TCP flags displayed in connection table. Example of connection table: TCP connection stages with corresponding flags: Flag types with brief description available on ASA firewall:
Aug 25
A POODLE attack is an exploit that takes advantage of the way some browsers deal with encryption. POODLE (Padding Oracle On Downgraded Legacy Encryption) is the name of the vulnerability that enables the exploit. POODLE can be used to target browser-based communication that relies on the Secure Sockets Layer (SSL) 3.0 protocol for encryption and …
