Feb
21
2009
WebEx for mobile

Cisco has unveiled plans to bring its WebEx online meeting service to a new crop of smartphones. The announcement, at Mobile World Congress, means users will be able to join Cisco WebEx Meeting Center web and audio conferences on smartphones including the BlackBerry Bold, BlackBerry Curve 8900, and BlackBerry Storm from RIM, the Nokia E71, Nokia E75, Nokia N97, and other Nokia Eseries and Nseries, and the Samsung Blackjack II. They will be able to participate in audio and web conferencing via 3G or Wi-Fi, attend scheduled meetings and view presentations, applications and desktops with live annotations. In addition, Cisco […]

Feb
17
2009
Use MRTG to monitor bandwidth

In “An introduction to SNMP” I have explained how SNMP protocol works and how use it; but what are the softwares that use SNMP to monitor network bandwith? HP Openview, Ciscoworks, MRTG are some examples. In this article I will explain how monitor Cisco Switches/Routers bandwith under a Linux machine using a free open source tool: MRTG. The Multi Router Traffic Grapher (MRTG) is a tool to monitor the traffic load on network links. MRTG generates HTML pages containing PNG images which provide a LIVE visual representation of this traffic. MRTG consists of a Perl script which uses SNMP to read the traffic counters […]

Feb
10
2009
Why use HSRP version 2?

Not everyone knows that HSRP, a fault-tolerant default gateway protocol, has two versions: version 1 (the default) and version two. The second version was integrated from IOS Release 12.2(25)S. HSRP Version 2 features: It advertises and learns millisecond timer values. This change ensures stability of the HSRP groups in all cases. It expands the group number range from 0 to 4095 and consequently uses a new MAC address range 0000.0C9F.F000 to 0000.0C9F.FFFF. It provides improved management and troubleshooting: the HSRP version 2 packet format includes a 6-byte identifier field that is used to uniquely identify the sender of the message. Typically, this field […]

Feb
7
2009
Cisco IOS Cross-Site Scripting Vulnerabilities

Zloss has reported some vulnerabilities in Cisco IOS, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. Input passed via the URL when executing commands is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site. The device allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to potentially alter the configuration of the device by tricking the user […]

Feb
5
2009
Multiple Vulnerabilities in Cisco Wireless LAN Controllers

Multiple vulnerabilities exist in the Cisco Wireless LAN Controllers (WLCs), Cisco Catalyst 6500 Wireless Services Modules (WiSMs), and Cisco Catalyst 3750 Integrated Wireless LAN Controllers. This security advisory outlines details of the following vulnerabilities: Denial of Service Vulnerabilities (total of three) Privilege Escalation Vulnerability These vulnerabilities are independent of each other.

Feb
3
2009
Valentine’s Day – Any ideas?

What do you hope to receive from your love one? A romantic dinner, a Cd, a perfume, a PDA or a iPhone? I think that Cisco may just give you the idea that you need. :-)

Jan
29
2009
The PPDIOO network lifecycle

One of the first topic presented in the “Designing for Cisco Internetwork Solutions (DESGN)” book is about the network design methodology. This methodology is composed by six phases closely related: prepare, plan, design, implement, operate, optimize. As show in this figure, the PPDIOO lifecycle phases are separate, yet closely related.  

Jan
26
2009
Cisco IOS: Attack & Defense

Surfing the web, I have found a nice talk on Cisco IOS Forensics and Exploits, explained during the 25C3: “Cisco IOS Attack & Defense – The State of the Art“. What is 25C3? The 25th Chaos Communication Congress (25C3) is the annual four-day conference organized by the Chaos Computer Club (CCC). It takes place at the bcc Berliner Congress Center in Berlin, Germany. The Congress offers lectures and workshops on a multitude of topics and attracts a diverse audience of thousands of hackers, scientists, artists, and utopians from all around the world. Here a summary written by FX “To summarize […]

Jan
22
2009
2 new Cisco critical vulnerabilities

On 21 January 2009, Cisco has published two new security advisories, which can be exploited by malicious people to conduct a DOS attack or a Remote control attack. The two vulnerabilities are: Cisco Security Manager Vulnerability and Cisco Unified Communications Manager CAPF Denial of Service Vulnerability. 1) Cisco Security Manager Vulnerability Cisco Security Manager contains a vulnerability when it is used with Cisco IPS Event Viewer (IEV) that results in open TCP ports on both the Cisco Security Manager server and IEV client. An unauthenticated, remote attacker could leverage this vulnerability to access the MySQL databases or IEV server. Cisco […]

Jan
21
2009
How to test Cisco IOS FTP Server Multiple Vulnerabilities

On 09 May 2007, Cisco published a Security advisory about multiple IOS FTP Server vulnetabilities. Cisco IOS FTP Server is prone to multiple vulnerabilities including a denial-of-service issue and an authentication-bypass issue. Attackers can exploit these issues to deny service to legitimate users, gain unauthorized access to an affected device, or execute arbitrary code. Only IOS devices that have the FTP Server feature enabled are vulnerable; this feature is disabled by default. The vulnerable produtcs are IOS versions 11.3, 12.0, 12.1, 12.2, 12.3 and 12.4 contain the IOS FTP server feature.