Not everyone knows that the reload command permits to schedule a reboot system; for instance, to plan a night router restart or during a critical configuration (AAA, vty, and so on…). There are two ways to schedule a reload system: at: at a specific time/date in: after a time interval The ‘at’ keyword permits to schedule a reload of the software to take place at the specified time (using a 24-hour clock). If you specify the month and day, the reload is scheduled to take place at the specified time and date. The following example reloads the router on April [...]

Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session. IPsec is an end-to-end security scheme operating in the Internet Layer of the Internet Protocol Suite. It can be used in protecting data flows between a pair of hosts (host-to-host), between a pair of security gateways (network-to-network), or between a security gateway and a host (network-to-host). There are [...]

The Cisco Product Security Incident Response Team (PSIRT) has published two important vulnerability advisories: Cisco Network Admission Control Guest Server System Software Authentication Bypass Vulnerability Cisco Secure Access Control System Unauthorized Password Change Vulnerability Cisco Network Admission Control Guest Server System Software Authentication Bypass Vulnerability Cisco Network Admission Control (NAC) Guest Server system software contains a vulnerability in the RADIUS authentication software that may allow an unauthenticated user to access the protected network.

Cisco PSIRT regularly discloses vulnerabilities in Cisco IOS Software on the fourth Wednesday in March and September via the Cisco IOS Security Advisory bundle. The next bundled disclosure was planned for Wednesday, March 23, 2011, but Cisco will defer this disclosure until the next scheduled Cisco IOS bundle on September 28, 2011.

The Cisco Product Security Incident Response Team (PSIRT) has published nine important vulnerability advisories: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Multiple Vulnerabilities in Cisco TelePresence Manager Multiple Vulnerabilities in Cisco TelePresence Recording Server Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices Cisco Firewall Services Module Skinny Client Control Protocol Inspection Denial of Service Vulnerability Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances Management Center for Cisco Security Agent Remote Code Execution Vulnerability Default Credentials for Root Account on Tandberg E, EX and C Series Endpoints Multiple Cisco WebEx Player Vulnerabilities

There are many tools to decrypt Cisco type-7 password, based on Vigenere algorithm. But, what can we do if we can not use these software? The Cisco-IOS method might not be new to some, but those that don’t know about it will find it useful. Suppose you would decrypt these string: username cisco password 7 0718365B000A1016141D11050A2F6527273E username fabio password 7 0110140558004B0224014600110C To find the password, you can use the Cisco Key Chain:

I have decided to write this tutorial (only for test purpose) to show how it is simple decode a G.729 stream using SPAN port, Wireshark, VoiceAge G.729 decoder and Audacity software. What is G.729? G.729 is an audio data compression algorithm for voice that compresses digital voice in packets of 10 milliseconds duration. It is officially described as Coding of speech at 8 kbit/s using conjugate-structure algebraic-code-excited linear prediction.

The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory: Cisco Content Services Gateway Vulnerabilities Cisco Content Services Gateway Vulnerabilities A service policy bypass vulnerability exists in the Cisco Content Services Gateway – Second Generation (CSG2), which runs on the Cisco Service and Application Module for IP (SAMI). Under certain configurations this vulnerability could allow: Customers to access sites that would normally match a billing policy to be accessed without being charged to the end customer Customers to access sites that would normally be denied based on configured restriction policies

An access list is a sequential list consisting of at least one permit statement and possibly one or more deny statements that apply to IP addresses and possibly upper-layer IP protocols. Time-based ACLs is a Cisco feature introduced in the Release 12.0.1.T to allow access control based on time. The time range, identified by a name, can be ‘absolute‘ or ‘periodic‘. Use time-based access list is easy and can be useful in some situations. To implement it, you need: Define time-range Define ACL, where the time-range is applied to Apply ACL; for istance: to the interface, to the vty, to [...]

The Cisco® Annual Security Report provides an overview of the combined security intelligence of the entire Cisco organization. The report encompasses threat information and trends collected between January and December 2010. It also provides a snapshot of the state of security for that period, with special attention paid to key security trends expected for 2011. In response to the last decade of cyber-exploits targeting PC operating systems, PC platform and application vendors have shored up security in their products and taken a more aggressive approach to patching vulnerabilities. As a result, scammers are finding it harder to exploit platforms that [...]