Apr
26
2009
Cisco ASA WebVPN Cross Site Scripting Vulnerability

Cisco ASA is prone to a cross-site scripting vulnerability. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials. Cisco ASA software versions 8.0.4(2B) and prior running on ASA 5500 Series Adaptive Security Appliances are vulnerable.

Apr
16
2009
Tips for securing Cisco administrative access

In this article I would explain some tips for securing Cisco administrative access. When creating passwords, keep these rules in mind: Make passwords lengthy Passwords should combine letters, numbers, and symbols. Passwords should not use dictionary words Change passwords as often as possible Strong passwords are the primary defense against unauthorized access to your router. The best way to manage passwords is to maintain them on an AAA server, but not all people can have/manage a AAA server. Cisco provides a number of enhanced features that allow you to increase the security of your passwords. For the basic configuration read […]

Apr
14
2009
Cisco to acquire Tidal Software

Cisco announced its intent to acquire privately held Tidal Software, Inc.  Based in Palo Alto, Calif., and Houston, Tidal Software is the creator of intelligent application management and automation solutions that will advance Cisco’s data center strategy by enhancing product and service delivery offerings.  

Apr
13
2009
Multiple Vulnerabilities in Cisco ASA / PIX security

Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances. Vulnerable Products The following is a list of the products affected by each vulnerability as described in detail within this advisory. VPN Authentication Bypass Vulnerability Cisco ASA or Cisco PIX security appliances that are configured for IPsec or SSL-based remote access VPN and have the Override Account Disabled feature enabled are affected by this vulnerability. Note:  The Override Account Disabled feature was introduced in Cisco ASA software version 7.1(1). Cisco ASA and PIX software versions 7.1, 7.2, 8.0, and 8.1 are affected by […]

Apr
6
2009
Banner, what is that?

One of the things that usually are not implemented by the network administrator is the banner; but what and why use it? The banner is a feature used not only on Cisco systems but also in other systems like Unix, Linux and so on. It permits to define a text that it is displayed in some cases, for example when you log in a router via SSH. There are two main reasons to implement banner on our router/switch: Banner messages should be used to warn would-be intruders that they are not welcome on your network. Banner are useful to quickly […]

Mar
29
2009
Cisco live! 09 – 20 Years of Networkers

Cisco Live is Cisco’s annual IT and communications conference and this year is the 20th Anniversary of the Cisco Networkers program. “This year marks the 20th anniversary of Networkers, which has grown into Cisco Live, our annual IT and communications conference. Much has changed since that first conference in 1989. But one thing remains as true today as it was then: knowledge is power. That simple phrase is the perfect theme for Cisco Live 2009. Innovative, creative, and knowledgeable people and businesses will always have a powerful competitive edge. In a challenging economy, it’s even more vital to hone the […]

Mar
27
2009
Mar.25, 2009?! 8 new Cisco vulnerability advisories!

On March 25, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 8 new vulnerability advisories. Mainly these vulnerabilities are DOS attack.   1) Cisco IOS cTCP Denial of Service Vulnerability A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers with the Cisco Tunneling Control Protocol (cTCP) encapsulation feature. Vulnerable Products Cisco IOS devices running versions 12.4(9)T or later and configured for Cisco Tunneling Control Protocol (cTCP) encapsulation for EZVPN server are vulnerable.

Mar
24
2009
Cisco to acquire Pure Digital Technologies

On 19 March 2009, Cisco announced its intent to acquire privately held Pure Digital Technologies Inc. San Francisco-based Pure Digital, creator of the best-selling Flip VideoTM brand, is a pioneer in developing consumer-friendly video solutions with mass-market appeal. “The acquisition of Pure Digital is key to Cisco’s strategy to expand our momentum in the media-enabled home and to capture the consumer market transition to visual networking,” said Ned Hooper, senior vice president of Cisco’s Corporate Development and Consumer Groups. “Pure Digital has revolutionized the way people capture and share video with Flip Video. This acquisition will take Cisco’s consumer business to […]

Mar
20
2009
2 new Cisco critical vulnerabilities

On 4 March 2009 and on 11 March 2009, Cisco has published two new security advisories, which can be exploited by malicious people to conduct a DOS attack or a Remote control attack. 1) Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability A denial of service (DoS) vulnerability exists in the Cisco Session Border Controller (SBC) for the Cisco 7600 series routers. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.

Mar
17
2009
How to protect against BPDU attack
bpdu_attack_2

The spanning-tree protocol is used to cut loops that redundant links create in bridge networks. These packets are not attested by the system, so an attacker could spoof the BPDU and compromise the network stability! See below to understand BPDU attack: In this example the Ciscozine1 switch is elected Root Bridge due to the lower MAC-address (suppose that all the switches have the same priority).

Pages:«1...16171819202122...27»