Strengthening Network Security on a Budget

eWeek has taken on a topic near and dear to the SMB network administrator’s heart: How to improve network security on a budget.

Times are tough. The economy is down. Spending is controlled. And your budget is cut. Specifically, your security budget has been hacked to pieces because ROI for security is a pretty tough sell. As [...]

April 16th, 2010 | Category: Networking, Security & Privacy | Leave a comment

Question Convention: VLAN 1 Vulnerability to VLAN Hopping

Packet Life has a great reminder why we shouldn’t automatically accept “conventional wisdom” and “best practices” in our work, using the long-held conventional nugget that VLAN 1 and user traffic don’t mix because it leaves the network vulnerable to VLAN hopping attacks as a prime example.

Specifically, network engineers have been preaching for years that allowing user [...]

March 2nd, 2010 | Tags: , , | Category: Networking | One comment

Chuck Norris Karate Chopped Me in the Firewalls


The Czechs were the first ones to notice the network of infected devices that became known as the Chuck Norris bot-net. What makes this bot-net noteworthy for us networking types is not the number of devices infected (although the number is astonishing) but rather which devices are being targeted, compromised, and used to nefarious purposes, chiefly routers, firewalls, and gateway devices.

And that is unique: Most bot-nets attack workstations, compromise them, and use them to send spam, conduct DDoS attacks, or commit other crimes, and that’s about the extent of it. Chuck Norris uses network devices not only to commit crimes, but to compromise workstations on your private network and prime them for infection with other malware.

That’s right folks, Chuck Norris has gone berserk–he’s no longer just a butt-kicking Texas Ranger who beats up the bad guys, makes the ladies swoon, and wears a very expensive hat, now he’s after your firewall!

Continue reading Chuck Norris (Bot-Net) Karate Chopped Me in the Firewall

February 24th, 2010 | Tags: , , , | Category: Networking, Security & Privacy | Leave a comment

How To: Configure MAC Address on Cisco ASA WAN Interface

Recently, I setup a new Cisco ASA for a customer who is stuck using a cable-modem in their office. Their particular ISP assigns a DHCP address to all clients, and makes that IP sticky to the MAC Address it is initially assigned to. If a different MAC address requests an IP through that modem, it is assigned a different address.

Since this customer’s public mail-exchanger is hosted at this address, if the IP changes, e-mail will stop arriving until we resolve the situation. To prevent this I configured the ASA to present the MAC address from the existing router when it made its initial DHCP request to the cable-company.

Continue reading How To: Configure MAC Address on Cisco ASA WAN Interface

July 9th, 2009 | Tags: , , | Category: How To, Networking | Leave a comment

Accessing SSH, ASDM Over ASA Remote-Access VPN

Recently had a customer contact me for help: He couldn’t access his ASDM on his ASA 5505 when connected to his remote-access VPN, but he was pretty sure he’d configured it correctly by permitting http access from the ip range assigned to VPN clients. But alas, no joy.

He had neglected to take one crucial step–by default remote-access VPN clients won’t be allowed to connect to SSH or ASDM even if their assigned IP address is in an “allowed” network. Fortunately, like everything goofy you’ll find under the hood of your Cisco device, there is an easy fix.

Continue reading Accessing SSH, ASDM Over ASA Remote-Access VPN

June 11th, 2009 | Tags: , , | Category: Networking | One comment
 
  Older Entries »