|
.: networking archive
This paper is very advanced using a lot of different skills, but it does demonstrate how to abuse SNMP on a Cisco router to get its configuration file, and then have some fun with Generic Routing Encapsulation (GRE).
by LonerVamp 07.09.06 at 12:11 PM in /networking - comments(0)
What pulled my attention here is a couple papers on Setting Up Cisco Pix Firewalls, but in browsing the rest of the site, all of these papers look very interesting.
by LonerVamp 07.12.06 at 10:49 PM in /networking - comments(0)
by LonerVamp 07.22.06 at 12:05 AM in /networking - comments(0)
Every now and then the SANS Handler Diary offers up some nice information. They just threw out this list of switch features that many people never know to use, and I thought it was a nice rundown to use at a later date, especially if my two switches include all of this stuff.
by LonerVamp 08.12.06 at 9:39 PM in /networking - comments(0)
If I can get my hands on a pix for educational purposes, I can play around with the capture command.
by LonerVamp 09.16.06 at 10:38 AM in /networking - comments(0)
This paper discusses bypassing NAC systems. The presentation is also available.
by LonerVamp 09.25.06 at 7:57 PM in /networking - comments(0)
I've worked with SSL extensively, as has any sysadmin that knows what a web server and SSL certs are. But what about the real dirty guts of SSL? Sometimes, topics like this are difficult to grasp, but I found something that made enough sense to me that I re-wrote the process of an SSL session negotiation on a piece of scratch paper just to visualize it. Palisade has a question and answer about SSL which is written in very plain English for an intermediate to understand, and it actually makes complete sense to me! Other quiz questions are also available, although some are a little less interesting to me. Reading about HTTP cache smuggling is interesting (and makes sense, since you can hijack HTTP connections anyway, which can be fun on wireless with airpwn). .NET best practices are not quite as interesting to me right now.
by LonerVamp 01.11.07 at 4:41 PM in /networking - comments(0)
An interesting (and woefully short) question and answer from ComputerWorld, "How many firewalls do I need?"
Answer: "How many can you manage?"
Ok, so that's very simplified and not necessarily the right answer. The thing is, firewalls should be in place on the network any time the trust or sensitivity level of the data or systems changes. If your sales workstations don't need to be up very long and have little sensitive data, but your database server has very sensitive data and needs to be up as much as possible, you really could put a firewall in between the two. If some systems need to be accessed from the Internet but others do not, use a firewall to keep them separate (thus creating your typical DMZ. That way, much like real physical firewalls in cars or buildings, if a "fire" breaks out with an attack against your Internet-accessible servers, the next firewall will contain the "fire" from spreading to those systems that had no business being in the same group as those Internet-accessible ones.
Firewalls are awesome. They create natural choke-points to monitor and measure traffic flow. They allow barriers to access so that you don't have everyone's traffic scurrying around everywhere. They give natural points where traffic capturing and logging can occur (and I've become a big proponent of NSM and logging and traffic analysis).
And put up as many firewalls as you can manage. You can have too many, but the chances of that are far less than not having enough firewalls. Put up as many as you can and remove ones you deem unnecessary or restrictive to network stability later on. But never put up more than you can properly manage. A mismanaged or unmanaged firewall is maybe worse than no firewall at all.
I really believe that firewalls are one of the very few mandatory but not technical necessary pieces of any network (i.e. you CAN run a network without them, but just don't). I consider them a mandatory piece of any network or host-based "defense in depth" approach and one of the most important and valuable (i.e. the value they add) and basic blocks of a network.
My own personal projects list involves learning more firewalls including getting my own home pix someday, becoming more intimately familiar with iptables and pf (if I get into BSD this year), and other standalones like Smoothwall/IPCop and so on.
by LonerVamp 01.31.07 at 1:19 PM in /networking - comments(0)
An article about a Cisco FTP vulnerability caught my eye today. The article gave little detail, so I checked with Secunia and sure enough saw an advisory. That's an interesting vulnerability (impacting, but not enabled by default...so not the holy grail of network hacking), and I would hope good admins have taken some measures to already mitigate or avoid this issue.
First, don't use the FTP server. I'd rather use an external TFTP server as opposed to one on the router itself. Second, even if the config is disclosed, limit the damage by making sure your enable and enable secret passwords are different, as are the SNMP strings and other access passwords that may be disclosed in the config. Also make sure they're all different across other routers (minus the SNMP string of course). Third, update your IOS, of course, and hope that Cisco puts in a (long overdue) SCP/SFTP solution sooner than later.
Of additional note, I'm still itching to get my hands on the Hacking Exposed: Cisco Networks book. It taunts me weekly from the bookstore shelf, but I just don't want to get too confused as I am hitting the running strides of my study for CCNA (which I will take in late May or early June).
by LonerVamp 05.15.07 at 1:38 PM in /networking - comments(1)
ICMP can be blocked or allowed, or one can instead allow the good stuff and block the unnecessary stuff. This paper should give the quick details on which is which. Gleaned from Shane Castle on the Security Catalyst forums.
by LonerVamp 07.17.07 at 3:01 PM in /networking - comments(1)
by michael 09.25.07 at 8:40 AM in /networking - comments(0)
|
