Port Security
Port Security, is a Cisco Switch feature that best protects against CAM table overflow attacks.
News
Atomic attacks
when configuring an IPS in promiscious mode, Atomic attacks (single packet attacks) NOT be stopped.
RADIUS packet type
Access response is not a valid radius packet type.
NTP
NTP crucial for: Accurate logging Validating certificates Kerberos tickets
Cisco Secure Desktop
Secure desktop will create a completely separate computing enviroment that will be deleted when you are done. This ensures that no confidential data has been left on the shared/public computer.
PGP web of trust
With PGP A Third part know as a web of trust verfies relation between user and key. The Web of trust signs a users public key
Configuring the Cisco Security Agent using Security policies
Configuring the Cisco Security Agent using preconfigured policies: Create and edit a new, similar policy Clone and then edit the new policy In order to customze the policy to fit your
Continue reading…Configuring the Cisco Security Agent using Security policies
IKE attribute
PFS group is NOT a supported IKE attribute.
Anti-X
Virus and phishing protection IPS Content and URL filtering are technologieswhich are included in the Anti-X.
SMTP
Open mail relays are often used for spamming Worms often spread via SMTP
FWSM for multiple security contexts
When configuring the FWSM for multiple security contexts, the system context is the context you allocate interfaces to.
The Cisco IOS-IPS functionality: To activate new signatures you download a new signature definition file (SDF) frim Ciscos website Loading and enabling selected IPS signatures is user configurable
The importance of NTP in a PKI enviroment
NTP is an importance component when implementing IPSEC VPN in a PKI enviroment, becuae it ensures the router has the correct time when checking validity from the remote peers.
Router obtaining a cerificate from a CA
For a router to obtain a cerificate from a CA, the first step of the certificate enrollment process is for the router to generate an RSA key pair
Pre-Blocking ACL entries
The Pre-Blocking ACL entries override the blocking ACL entries generated by the sensor, is a true statment about a Pre-Block ACL configured when setting up your sensor to perform IP Blocking.
Sending IPS alert messages
IOS IPS sends IPS alert messages using two protocols: SDEE SYSLOG
Network Trace of a ping in IPSEC tunnel
If you perform a network trace of a ping going through an IPSec/3-DES tunnel, it would be true with respect to the appearance of a tunneled/encrypted packets, that the same key
Performing IPS deny actions
By defualt, to perform IPS deny actions, the ACL is applied when using IOS-IPS, to the ingress interface of the offending packet.
Application of the “inspection rule” in IOS firewall (CBAC)
When configuring IOS firewall (CBAC) operations on Cisco routers, the “inspection rule” could be applied at two locations: At the untrusted interface in the outbound direction. At the trusted interface
Continue reading…Application of the “inspection rule” in IOS firewall (CBAC)
Spanning tree protocol manipulation
root guard and BPDU gruard, are Cisco technologis that protect against spanning-tree protocol manipulation.