What is Physical Security for Cisco? Cisco Physical Security software and hardware facilitates the capture, transmission, viewing, recording, archiving, and management of analog and IP video sources and provides electronic access control. Engineered with network and video expertise, Cisco Physical Security standards-based products: Deliver easy, secure access to live and recorded video Use the IP network as a platform to deploy electronic access control Provide excellent scalability, reliability, and availability Simplify deployment and control of new security applications Lower operational costs Protect existing physical security systems investments Support multivendor device and applications interoperability Facilitate a smooth migration from analog to [...]

Due to the number of CLI commands needed to manually disable services in an attempt to make the router more secure, Cisco introduced the AutoSecure feature from the Major Release 12.3 and subsequent 12.3 T. AutoSecure is a good command for customers without special Security Operations Applications because it allows them to quickly secure their network without thorough knowledge of all the Cisco IOS features. The command is available for the Cisco 800, 1700, 2600, 3600, 3700, 7200, and 7500 Series Routers. There are 2 mode: Interactive mode: prompts the user with options to enable and disable services and other [...]

Cisco has announced the Cisco Virtual Office (CVO) that allows businesses to extend their enterprise and productivity by “bringing the office” to employees who regularly work in a variety of remote settings, such as branch locations or from a home office.

The Cisco DHCP server feature is a full implementation that assigns and manages IP addresses from specified address pools to DHCP clients. After a DHCP client has booted, the client begins sending packets to its default router. The IP address of the default router should be on the same subnet as the client.

When you read official documentation from cisco.com, there are some conventions that is opportune to know. Some examples of Cisco conventions: * Bold indicates text the user must enter or select, such as menu items, buttons, and commands.

Surfing the web, I have found a document concerning the undocumented cisco commands. The document is write by Lars Fenneberg (CCIE #7325) and it’s quite old (last revision in 2005). Certainly this is not a complete list, but I suppose that could be funny to discover some new commands… I have tried to found other document more exhaustive with no result.

A new Cisco ACS vulnerability is found by Gabriel Campana and Laurent Butti. Cisco Secure ACS does not correctly parse the length of EAP-Response packets which allows remote attackers to cause a denial of service and possibly execute arbitrary code. The affected products are all versions of Cisco Secure ACS that support EAP.

Some vulnerabilities have been reported in Cisco ASA and PIX appliances, which can be exploited by malicious people to disclose sensitive information, and by malicious users and malicious people to cause a DoS (Denial of Service).

Searching more info about Cisco WebEx Meeting Manager vulnerability, I have found this exploit. Only for test.

From the Cisco Security Advisory (http://www.cisco.com/warp/public/707/cisco-sa-20080814-webex.shtml): A buffer overflow vulnerability exists in an ActiveX control used by the WebEx Meeting Manager. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the user client machine. The WebEx Meeting Manager is a client-side program that is provided by the Cisco WebEx meeting service. The Cisco WebEx meeting service automatically downloads, installs, and configures Meeting Manager the first time a user begins or joins a meeting.