Skip to Content

Security

Configuring a Cisco Router to Accept VPN Connections

Thu, 2006-12-14 18:16

This blog has been a long-time-coming as someone asked me quite some time ago to post the simplest way to accomplish this (for a home environment). I hate to admit this, but my home PC (where I get all my email) was hacked since I allowed Microsoft's Remote Desktop Protocol (RDP) and VNC from anywhere on the Internet (very bad idea). That was the end of that - now VPN connections are required to get to my home PC. Well, the simplest way to configure a VPN on a router is to use the Cisco SDM...but Real Cisco Techs™ use the command line :). So here we go:
VPN.jpg

It's Even Better: Cisco's Output Interpreter

Mon, 2006-09-25 06:44

A Cisco tech support email I received last week mentioned the ol' Cisco Output Interpreter utility on their website. This utility analyzes the output of various show / debug commands to decrypt their meaning and point out configuration or hardware errors on your router. I remember trying out the Output Interpreter a few years back and not being very impressed, but thought I'd give it a shot today.
I ran a "show tech-support" command on one of my routers and pasted it into the Cisco Output Interpreter...WOW! Has this utility improved. Not only did it mention that I was getting many buffer drops, but also had multiple security improvement recommendations (which I'll be implementing later today). The best part about it was this:

What's New in CallManager 5.X?

Mon, 2006-07-10 06:17

This post has been a long time in coming, but after Cisco Networkers 2006, I thought I'd put together the high points of the changes that are appearing in Cisco CallManager 5.X versions. Bullets always work best for me!

  • Underlying Operating System – this is, by far, the biggest change to Cisco CallManager. Cisco has moved the software to an appliance model (I'm sure some industry pressure forced this). The CallManager runs on top of the RedHat Linux operating system; however, you will have no direct access to the operating system. What does this do?
    • Easier installations & upgrades
    • Increased security and reliability
    • You can only access the CallManager via Cisco approved tools & interfaces

Security Tools Galore

Wed, 2006-05-31 13:45

I'm working on recording a security video series right now and came across this link: http://www.insecure.org/tools.html. Can we say ROCK ON?!? This is a list of the top 75 security tools you can use to audit your network. This is guarentees at least two months of tinkering around with these widgets. My top 5 are:
#1 Ethereal (the ol' standby)
#2 Nessus (be your own auditing company)
#3 NMap (port scanning galore)
#4 Netcat (port redirection & general hacking widget)
#5 Snort (free IDS)

Cisco SAFE Documentation

Thu, 2006-01-12 14:35

I'm telling you, there's no better fireside reading than the Cisco SAFE documentation...I'm SERIOUS! I've never seen whitepapers that are written casually enough to keep your attention but technically enough to be useful. So here's my favorites:

Cisco SAFE: Wireless Network Security in Depth, Second Edition

Cisco SAFE: Guarding Against Layer 2 Attacks (I REALLY like this one - one of my favorites)

Cisco SAFE: VPN Best Practices

Not only a brief overview of the concepts, but lots of great configs in there too...

Syndicate content


Dr. Radut