Recently, the The Cisco Product Security Incident Response Team (PSIRT) has published three important vulnerability advisories.

Multiple Vulnerabilities in Cisco Unified MeetingPlace
Multiple vulnerabilities exist in Cisco Unified MeetingPlace. This security advisory outlines the details of these vulnerabilities:

• Insufficient validation of SQL commands
• Unauthorized account creation
• User and password enumeration in Cisco MeetingTime
• Privilege escalation in Cisco MeetingTime

Cisco Systems wants to put a router on every communications satellite.

The networking giant has already sent the first one into space.
The company announced that the router has successfully completed initial in-orbit tests, after being launched Nov. 23 aboard the Intelsat 14 communications satellite into geosynchronous orbit, 22,300 miles above the Earth.

The move is one small step in a bold, new Cisco initiative dubbed Internet Routing in Space (IRIS), which company executives say extends the same Internet protocol-based (IP) technology used to build the World Wide Web into the heavens. The long-term goal, they say, is to route voice, data and video traffic between satellites over a single IP network in ways that are more efficient, flexible and cost effective than is possible over today’s fragmented satellite communications networks.

In a large/critical network, it is fundamental backup the Cisco configuration for two reasons:

• Rollback configuration
• Restore configuration in case of a broken router

There are two ways to backup: manually (using write command each time that you would save running configuration) or automatically (using software like Ciscoworks, HP OpenView, … ).

In this tutorial, I would explain a different method to backup configuration: the archive command.

Introduced into Cisco IOS Release 12.3(4)T, the archive command permits to save a copy of the current running configuration to different path: ftp, http, https, rcp, scp, tftp servers. Moreover the archive command has other features, but in this article I would use only two of these:

• time-period: it sets the time increment for automatically saving an archive file of the current running configuration in the Cisco IOS configuration archive.
• write-memory: it enable automatic backup generation during write memory; for instance, when I use the ‘write’ command the archive command will be invoked automatically.

The The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory:  Multiple Cisco WebEx WRF Player Vulnerabilities.

Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted user.

The Cisco WebEx WRF Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an on-line meeting attendee. The WRF Player can be automatically installed when the user accesses a WRF file that is hosted on a WebEx server. The WRF Player can also be manually installed for offline playback after downloading the application from www.webex.com.

Yesterday, Cisco marks its 25th anniversary with a call to community service. Chairman and CEO John Chambers challenged every Cisco employee to volunteer four hours of service in his or her local community. The networking leader’s goal is an aggregate contribution of 200,000 employee volunteer hours, which equates to approximately 25 years worth of service to the global community.

Cisco was founded on December 10, 1984 by husband and wife Len Bosack and Sandy Lerner, two former Stanford University computer scientists whose efforts to enable email between computers on different networks led to the invention of the first multiprotocol router. This seminal breakthrough played a major role in fueling the growth of the Internet. 

Chambers says “In the coming quarter century, the role of the network will become even more important in driving growth, innovation, and productivity in industries such as healthcare, education and energy.  Looking ahead, Cisco is positioned to lead the evolution of the network to enable a ‘connected future’ which is increasingly collaborative, video-driven, personalized, and mobile.”.

Cisco invites people residing in Australia and New Zealand to submit entries to the Cisco “Christmas Connections” Contest for a chance to connect with family and friends from around the world this Christmas via Cisco TelePresenceTM.

Cisco will award two first-place prizes of Christmas dinners over TelePresence, 10 second-place prizes of a TelePresence meeting and 20 third-place prizes of Flip MinoTM cameras to the person with the entry that best illustrates the importance of connections with family and friends at Christmas.

Three days ago, Cisco announced the availability of Cisco SIO To Go, an Apple iPhone application that puts the power of the Cisco Security Intelligence Operations (SIO) in users’ hands, giving them real-time access to a wealth of actionable global security information no matter where they are. The Cisco SIO iPhone application enables users to personalize alerts to show only those security threats that could impact their network and provides added assurance that they are being protected by their Cisco security solution.

Marie Hattar, vice president, Network Systems Solutions Marketing, Cisco says: “enabling borderless networks is critical for today’s business success.  A key component of enabling individuals to connect to their business networks from anywhere is working to ensure that the network is protected regardless of the device used. Our new Cisco SIO To Go iPhone application is another important step in making this vision a reality. It improves the means by which IT departments are alerted to threats, and it provides added confidence and device flexibility as Cisco customers are shielded from these breaches.”

Do you remember simcity, the city-building simulation game first released in 1989 and designed by Will Wright? myPlanNet is a Sim City type RTS (real-time strategy) simulation game that puts you into the shoes of a service provider CEO.

You manage your business as it evolves from the stone age of dial-up, through the broadband and mobile connected eras, and into the dawning of the medianet age. Learn how to transform your community and explore the products and solutions that will help you provide a migration path from dial up, broadband and mobile services into the medianet age.

MyPlanNet was released on Oct. 5 at an International Telecommunication Union in Geneva, Switzerland, and is the product of an internal innovation contest at Cisco.

Security researchers Marsh Ray and Steve Dispensa unveiled the TLS (Transport Layer Security) flaw on Wednesday, following the disclosure of separate, but similar, security findings. TLS and its predecessor, SSL (Secure Sockets Layer), are typically used by online retailers and banks to provide security for web transactions. Ray explained in a blog post on Thursday that he had initially discovered the flaw in August, and demonstrated a working exploit to Dispensa at the beginning of September.

This vulnerability could impact any Cisco product that uses any version of TLS and SSL.

Recently, I have upgraded my Cisco 2650XM from 12.3 to 12.4 version; I use it to connect my PC to Internet, but something goes wrong.

After the upgrading, I have tried to downlad an ISO image but the speed was very low (about 300KB/s and not 700KB/s). Mhhh this is strange! I have begun the troubleshooting but no error, no warning message. So I have reset my current configuration, but nothing… no real improvement.