Feb
16
2013
NAT and PAT: a complete explanation
Nat-and-PAT-a-complete-explanation-static-pat

Network address translation (NAT) is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device. There are two different types of NAT: NAT Static NAT: The simplest type of NAT provides a one-to-one translation of IP addresses. It is often also referred to as one-to-one NAT. In this type of NAT only the IP addresses, IP header checksum and any higher level checksums that include the IP address need to be changed. The rest of the packet can be left untouched (at least for basic TCP/UDP functionality, some higher level protocols may […]

Feb
12
2013
January 2013: five Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published five important vulnerability advisories: Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities Multiple Vulnerabilities in Cisco Wireless LAN Controllers Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability Cisco Prime LAN Management Solution Command Execution Vulnerability Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability

Dec
13
2012
November 2012: two Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published two important vulnerability advisories: Cisco IronPort Appliances Sophos Anti-Virus Vulnerabilities Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability Cisco IronPort Appliances Sophos Anti-Virus Vulnerabilities Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Web Security Appliances (WSA) include versions of Sophos Anti-Virus that contain multiple vulnerabilities that could allow an unauthenticated, remote attacker to gain control of the system, escalate privileges, or cause a denial-of-service (DoS) condition. An attacker could exploit these vulnerabilities by sending malformed files to an appliance that is running Sophos Anti-Virus. The malformed files could […]

Nov
27
2012
Switchport capture: a good alternative to SPAN port
Switchport-capture-a-good-alternative-to-SPAN-port

Do you remember the article “How to analyze traffic with SPAN feature“? The SPAN port is a feature that mirror traffic (on physical or virtual port) to a specific port. In general, behind this ‘destination’ port can be a traffic analyzer (wireshark, ntop and so on…), an IDS or other appliances. The SPAN feature is a good tool but it has two limitations: The number of SPAN sessions that can be configured is limited. A destination port receives copies of sent and received traffic for all monitored source ports. If a destination port is oversubscribed, it can become congested. This […]

Nov
16
2012
Cisco DPC2100 Denial of Service
cisco-exploit

Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 6.0 before 6.0.200.0, 7.0 before 7.0.98.216, and 7.0.1xx before 7.0.112.0 allows remote attackers to cause a denial of service (device reload) via a sequence of ICMP packets, aka Bug ID CSCth74426. Solution: Upgrade to the version specified in the vendor advisory or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Nov
15
2012
Cisco Linksys PlayerPT ActiveX Control Buffer Overflow
cisco-exploit

Cisco Linksys PlayerPT ActiveX is prone to an overflow condition. The SetSource() function fails to properly sanitize user-supplied input resulting in a stack based buffer overflow. With a specially crafted argument, a remote attacker can potentially cause execution of arbitrary code. Solution: Currently, there are no known upgrades or patches to correct this vulnerability. It is possible to correct the flaw by implementing the following workaround: set the kill-bit on the PlayerPT.ocx ActiveX Control [ {9E065E4A-BD9D-4547-8F90-985DC62A5591} ]. See Microsoft KB article 240797 for additional details.

Nov
12
2012
October 2012: five Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published five important vulnerability advisories: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Multiple Vulnerabilities in Cisco Firewall Services Module Multiple Vulnerabilities in the Cisco WebEx Recording Format Player Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability

Oct
18
2012
September 2012: eleven Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published eleven important vulnerability advisories: Cisco IOS Software Network Address Translation Vulnerabilities Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability Cisco IOS Software DHCP Denial of Service Vulnerability Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability Cisco IOS Software DHCP Version 6 Server Denial of Service Vulnerability Cisco IOS Software Malformed Border Gateway […]

Sep
18
2012
WhoisUP – Is your host up or down?
Whoisup

During last months, I have not written tutorial about Cisco technology because I have dedicated my free time to write my personal script to monitor hosts, router and so on. Why write a new script and not use a pre-existent script/software? The reasons are different, but in particular three: Surfing the web, I have found software that check hosts with a minute delay (they use crontab…), but in my case I want to check hosts continuously; other software can check hosts continually, but they are too complex for my purpose and they have features don’t needed in my case. They can be too expensive. The second reason […]

Aug
8
2012
July 2012: four Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published four important vulnerability advisories: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices Multiple Vulnerabilities in Cisco TelePresence Manager Multiple Vulnerabilities in Cisco TelePresence Recording Server Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices Cisco TelePresence Endpoint devices contain the following vulnerabilities: Cisco TelePresence API Remote Command Execution Vulnerability Cisco TelePresence Remote Command Execution Vulnerability Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability Vulnerable Products Cisco TelePresence Manager, Cisco TelePresence Recording Server, Cisco TelePresence Multipoint Switch, and Cisco TelePresence Immersive Endpoint System may […]

Pages:«123456789...26»