Archive for May, 2008
Daily Trivia - 5/29
The CEF table is a “stripped-down” version of the routing table, implemented as a ___-way mtrie data structure for optimum retrieval performance.
A) 512
B) 256
C) 768
D) 128
Please email me your answer to be entered into a monthly drawing for a free itunes or starbucks gift card.
addthis_url = ‘http%3A%2F%2F6200networks.com%2F2008%2F05%2F29%2Fdaily-trivia-529%2F’;
addthis_title [...]
Run VMWare as a service
Many of us use VMWare as a way to run more than one machine on a single laptop/PC and in my case use it to boot multiple OS’s like W2K server, XP Pro, Ubuntu, Red Hat, ect. however one of the things I’m not a fan of is having to start and stop each virtual [...]
29May2008 | Joe Harris | 2 comments | Continued
Cisco IPS Active Update Bulletin
The Cisco IPS Active Update Bulletin has been posted for March 11th. Topics listed in this current bulletin are as follows:
Announcing the S335 Signature Update for IPS
Announcing Availability of Cisco IPS Manager Express (IME) and IPS Version 6.1
Upcoming E2 Engine Update
Upcoming End-of-Life (EOL) for new signature updates in 4.x format for Cisco IOS IPS feature
Announcing [...]
Cisco Security Advisory: CiscoWorks Common Services Arbitrary Code Execution Vulnerability
CiscoWorks Common Services contains a vulnerability that could allow a remote attacker to execute arbitrary code. Cisco has released free software updates that address this vulnerability. CiscoWorks Common Services represents a common set of management services that are shared by CiscoWorks applications. CiscoWorks is a family of products based on Internet standards for managing networks [...]
29May2008 | Joe Harris | 0 comments | Continued
EoL/EoS Announcement - Cisco IOS Software Release 12.2(33)SRA
Cisco announces the end-of-sale and end-of life dates for the Cisco IOS Software Release 12.2(33) SRA. The last day to order the affected product(s) is September 20, 2008. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as shown in Table 1 of the EoL bulletin.
For more [...]
EoL/EoS Announcement - Cisco Unified Customer Voice Portal Release 4.0
Cisco Systems announces the end-of-sale and end-of-life dates for the Cisco Unified Customer Voice Portal Release 4.0. The last day to order the affected product is November 12, 2008. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as listed in Table 1 in the EoL announcement.
For [...]
EoL/EoS Announcement - Cisco IPS Sensor Software Version 5.1
Cisco Systems announces the end-of-sale and end-of-life dates for the Cisco IPS Sensor Software Version 5.1. The last day to order the affected product is October 27, 2008. Customers with active service contracts will continue to receive support from the Cisco Technical Assistance Center (TAC) as listed in Table 1 in the EoL announcement.
For more [...]
IntelliShield Event Response: Microsoft Security Bulletin for May 2008
Microsoft released the May Security Update on May 13, 2008. Four bulletins were released that address six individual vulnerabilities. Microsoft rated all four bulletins as Critical. The vulnerabilities that have a client software attack vector, require user interaction, or can be exploited through web-based attacks such as cross-site scripting or phishing are in the following list:
MS08-026
MS08-027
MS08-028
MS08-029
Information [...]
27May2008 | Joe Harris | 0 comments | Continued
Daily Trivia - 5/27
True or False, the ESP5 does support ISSU in the ASR 1006 only. The ESP10 supports ISSU in the case where it is installed in the Cisco ASR 1004 or 1006 Router chassis together with a redundant 10-Gbps ESP.
Please email me your answer to be entered into a monthly drawing for a free itunes or [...]
Cisco Data Center Design Best Practices Tool
Are you at the design and implementation stages of a data center networking project, use this intuitive, interactive tool to gain access to validated designs and test information. This tool is provided to help users gain access to design and test information in an intuitive, interactive way. To find the network design guidance you need [...]
27May2008 | Joe Harris | 0 comments | Continued
ASA Jumpstart Training
Instructions to access training content and recorded sessions:
Go to https://ciscosales.webex.com/meet/Martinez
Select the ‘Files’ tab .
Click on the ‘+’ sign to open the list of files - Power of Pix PIs.
Select the session you want (named based on original session date).
You can download the file content of the session (click Download button) and/or you can cut and paste the URL link under [...]
24May2008 | Joe Harris | 2 comments | Continued
Daily Trivia - 5/23
Without opening the case or shutting down an ISR router, name one way in which you can determine what memory is in each DIMM slot? For instance say you have 512MB and want to upgrade to 1GB, and you don’t know if you have 2 x 256MB or 1 x 512MB.
Please email me your answer [...]
IronPort Anti-Spy
Marketing sometimes has a way of twisting facts to make them seem ’super’…and if I have visited with or presented to you and/or your organization you will know that I understand marketings purpose but I always defer to the technical detail over the marketing detail. I have taken the next paragraph directly off the IronPort Web Security Appliances website:
“The IronPort® S-Series™ [...]
23May2008 | Joe Harris | 1 comment | Continued
‘Secure’ PayPal page is… you guessed it
A serious scripting error has been discovered on PayPal that could enable attackers to create convincing spoof pages that steal users’ authentication credentials. The cross-site scripting bug is made all the more critical because it resides on a page that uses an extended validation secure sockets layer certificate. The new-fangled SSL mechanism is designed to [...]
23May2008 | Joe Harris | 0 comments | Continued
IntelliShield Cyber Risk Report
The IntelliShield Cyber Risk Report is a strategic intelligence product that highlights current security activity and mid- to long-range perspectives. The report addresses seven major risk management categories: vulnerability, physical, legal, trust, identity, human, and geopolitical. The Cyber Risk Reports are a result of collaborative efforts, information sharing, and collective security expertise of senior analysts [...]
21May2008 | Joe Harris | 0 comments | Continued
NAC Check for Windows Internet Connection Firewall
So I was asked today if I knew what registry key should be examined in order for NAC appliance to verify if the user has enabled his Windows Personal Firewall?
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallP
olicy\StandardProfile\[EnableFirewall]
HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallP
olicy\DomainProfile\[EnableFirewall]
In each case a DWORD value of 1 means “on”
addthis_url = ‘http%3A%2F%2F6200networks.com%2F2008%2F05%2F21%2Fnac-check-for-windows-internet-connection-firewall%2F’;
addthis_title = ‘NAC+Check+for+Windows+Internet+Connection+Firewall’;
addthis_pub [...]
Daily Trivia - 5/21
I appologize for having no daily trivia question yesterday. I was tied up in meetings for 14 hours so on to todays question, Name 8 Dynamic IP Routing Protocols?
Please email me your answer to be entered into a monthly drawing for a free itunes or starbucks gift card.
addthis_url = ‘http%3A%2F%2F6200networks.com%2F2008%2F05%2F21%2Fdaily-trivia-521%2F’;
[...]
Daily Trivia - 5/19
Which of the following services cannot be enabled on an IOS at the same time as IOS SSL VPN?
A) Dynamic Multipoint VPN
B) Easy VPN
C) IPsec VPNs
D) Quality of Service (QoS)
E) Network Address Translation (NAT)
F) None of the above
Please email me your answer to be entered into a monthly drawing for a free itunes or starbucks [...]
ISSA Names Cisco 2007 Organization of the Year
Cisco announced today that it has been selected as the Information Systems Security Association 2007 Outstanding Organization of the Year, in recognition of Cisco’s contributions to ISSA and the security profession overall.ISSA is the largest international professional association for information security specialists. With 10,000 members in 70 countries supported by a network of more than [...]
19May2008 | Joe Harris | 0 comments | Continued
Cisco ASA LDAP Integration Use Cases
In light of some of my recent posts regarding LDAP and the ASA which have drawn a large number of emails I thought I would post up an LDAP Use Case White Paper. This paper focuses on Remote Access VPN’s and the use of LDAP for authentication and authorization. The paper and the use cases [...]
19May2008 | Joe Harris | 0 comments | Continued
ACE 4710 software release A1(8) is now available on CCO
Cisco is pleased to announce availability of Cisco ACE 4710 Software Release A1(8). This maintenance release significantly improves software functionality, performance, and quality and will be the key enabler to move customers from proof of concept testing into full production. These enhancements plus the native architectural benefits of ACE like virtualization, role-based access control (RBAC), [...]
19May2008 | Joe Harris | 0 comments | Continued
Secure LDAP
So the customer in the previous post went to configure LDAP on his ASA and could not get it work correctly. He called me in hopes that I could get it working…Well he had configured the LDAP Server via ASDM and so logged into his system and pulled up the ‘Edit AAA Server’ page like [...]
15May2008 | Joe Harris | 1 comment | Continued
VPN ACL via LDAP
So a customer of mine wanted to enforce VPN policy directly from LDAP because his ACS server hardware died on him and he needed to enforce policy in the meantime until his new hardware arrived. He asked me if this was possible via Cisco-AV-Pairs and I told him that it was and that I would [...]
15May2008 | Joe Harris | 5 comments | Continued
Daily Trivia - 5/15
True or False, the Cisco IOS XE Software (used on the ASR 1000) release strategy is time-based, with a fixed release date. The schedule specifies three individual software releases per calendar year at 4-month intervals. Also, only two planned rebuilds are scheduled for each software release. Rebuilds incorporate only fixes for known problems; they are [...]
15May2008 | Joe Harris | 0 comments | Continued
Zero Day Threat Free Book Offer
Synopsis
“If you bank or manage your stocks online, you have to read this book. Cyberspace is making all sorts of things possible. Unfortunately, among them are fraud, theft, and espionage—all of which can directly impact you.”–Richard Clarke, noted counterterrorism expert and bestselling author of Against All Enemies
A white-collar true-crime story, Zero Day Threat is a [...]
-
Social Network
Glad I just found your wordpress blog through Google.
Found just what I was looking for, thanks =)
Btw, wat plugins ...
This is a very good post. Thanks 
Addition: I made a research on that topic and the workaround is to decrease the TKIP rekeying timer to 120 ...
Very useful tips in this post. Thanks. I think I will implemented on my Firefox browser :) 
Hi Joe,
Regarding ASA redundancy & failover i understand that there are two levels:
1.Unit Level
2.Monitored interface level.
regarding monitored interface level, assuming ...
Thank you Rookie4life, I apologize for not posting that frequently lately but I've been busy with both personal and professional ...
Thanks for the video! Audio sounds fine to me. 