Apr
7
2014

March 2014: nine Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published nine important vulnerability advisories: Cisco IOS Software SSL VPN Denial of Service Vulnerability Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability Cisco IOS Software Network Address Translation Vulnerabilities Cisco AsyncOS Software Code Execution Vulnerability Cisco Small Business Router Password Disclosure Vulnerability Multiple Vulnerabilities in Cisco Wireless LAN Controllers

Mar
5
2014

February 2014: five Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published five important vulnerability advisories: Cisco Prime Infrastructure Command Execution Vulnerability Unauthorized Access Vulnerability in Cisco Unified SIP Phone 3905 Multiple Vulnerabilities in Cisco IPS Software  Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability Cisco UCS Director Default Credentials Vulnerability

Feb
7
2014

January 2014: five Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published five important vulnerability advisories: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability Cisco TelePresence System Software Command Execution Vulnerability Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability Multiple Vulnerabilities in Cisco Secure Access Control System Undocumented Test Interface in Cisco Small Business Devices

Jan
6
2014

Dual Internet connections in active/standby mode without BGP

Suppose that your company has two indipendent Internet connections: the first used as main link and the second used ONLY in case of main connection fault. What can we do to avoid a ‘manual’ switch of routing and NAT tables? In general, in this case, the best solution is to use the BGP protocol with bofh providers, but this solution can be very expensive, so are there other ways to implement this process? In my opinion, one of the best solutions is to use IPSLA, PBR and the EEM features togheter, but what are these features? See you below each […]

Dec
19
2013

Show interface in depth

In my opinion, a good network engineer must know the “show interface” in depth; indeed, this command is useful to obtain various interface information like drop, duplex mismatch, error, tx/rx load, … Usually, the IOS switch/router have similar “show interface” output; the differences are dictated by devices, interface and IOS. Below a show interface of a TenGigabitEthernet interface. The show is issued on a Cisco WS-C6509-E in VSS Mode with IOS version 15.

Dec
6
2013

November 2013: three Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published three important vulnerability advisories: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability Cisco WAAS Mobile Remote Code Execution Vulnerability Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability

Dec
5
2013

Cisco ASA < 8.4.4.6 | 8.2.5.32 Ethernet Information Leak

This is the Cisco ASA ethernet information leak exploit that leverages the vulnerability noted in CVE-2003-0001. Versions prior to 8.4.4.6 and 8.2.5.32 are affected. Multiple platform ethernet Network Interface Card (NIC) device drivers incorrectly handle frame padding, allowing an attacker to view slices of previously transmitted packets or portions of kernel memory. This vulnerability is the result of incorrect implementations of RFC requirements and poor programming practices, the combination of which results in several variations of this information leakage vulnerability. The simplest attack using this vulnerability would be to send ICMP echo messages to a machine with a vulnerable ethernet […]

Nov
10
2013

October 2013: seven Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published seven important vulnerability advisories: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers Cisco IOS XR Software Route Processor Denial of Service Vulnerability Multiple Vulnerabilities in Cisco Identity Services Engine Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products Multiple Vulnerabilities in Cisco Firewall Services Module Software Multiple Vulnerabilities in Cisco ASA Software Cisco IOS XR Software Memory Exhaustion Vulnerability

Oct
12
2013

September 2013: eleven Cisco vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published eleven important vulnerability advisories: Cisco IOS Software Queue Wedge Denial of Service Vulnerability Cisco IOS Software Internet Key Exchange Memory Leak Vulnerability Cisco IOS Software Zone-Based Firewall and Content Filtering Vulnerability Cisco IOS Software Resource Reservation Protocol Interface Queue Wedge Vulnerability Cisco IOS Software DHCP Denial of Service Vulnerability Cisco IOS Software Multicast Network Time Protocol Denial of Service Vulnerability Cisco IOS Software Network Address Translation Vulnerabilities Cisco IOS Software IPv6 Virtual Fragmentation Reassembly Denial of Service Vulnerability Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password […]

Sep
26
2013

WhoisUP v0.2 released!

One year ago, I had published Whoisup v0.1, a script that monitors hosts via ICMP and shows the status in a web page. The script had obtained a good success, so I have decides to continue the WhoisUP project. The version 0.2 has several improvements: Fixed some bugs in the core.php script and in the CSS file Added the warning latency value Added the width index page Added the maintenance mode Added the compact view Added the the core.php check

Pages:1234567...23»