Admins, Don’t “Default” on Your Security Obligations
Any network administrator worth his/her salt knows to change the default password on a router during its initial configuration, or you leave your network open to outside attack. Fortunately, these passwords are easy enough to change. But there’s another potential path to attack that many admins don’t address. It’s not so easy to mitigate, but […]
IPv6 Geolocation: Challenges and Solutions
Human nature makes us curious to know where we are located within the World Wide Web. We are also curious about where within the global Internet the person we are communicating is connected. We could use this information to make security decisions to allow or block connections. When it comes to geolocation, accuracy is paramount, […]
Addressing the Cisco ASA SNMP Remote Code Execution Vulnerability
As you have probably seen, there has been much in the news lately about the EXTRABACON exploit released by a group of hackers called the Shadow Brokers, who supposedly acquired the exploit (and other cyber weapons) from a different group of hackers, the Equation Group, which is rumored to be affiliated with the National Security […]
Next Generation Identity Management Using Cisco Identity Services Engine (ISE) 2.0
Security has always been a driving principle at Cisco Systems. From the introduction of the Pix to the ASA (Adaptive Security Appliance), Cisco has been at the forefront of the firewall market. In the intrusion prevention space, Cisco has recently acquired Sourcefire, whose Snort products are now integrated with the company’s Next Generation IPS line […]
Splunk Partners and Practitioners Unite at .conf2014
Securely Enabling ICMPv6 Router Advertisements on Your IPv6 Network
When a dual-protocol host joins a network, it sends an ICMPv6 (type 133) Router Solicitation (RS) message to inquire about the local IPv6-capable router on the network. The local router is tuned into the ff02::2 (all-router’s multicast group address) and will receive the RS message. In response to the RS, the router immediately sends an […]
Securing Open DNS Resolvers Against Denial of Service Attacks
The Domain Name System (DNS) has been the target of many types of attacks in recent years. Authoritative DNS servers are exposed to the Internet and generally allow queries from all IP addresses. However, DNS resolvers are typically internal to an organization and allow queries only from the internal clients they serve. DNS resolvers that […]