Jan
19
2009
Preventing STP forwarding loops
stp_loops_2

The Spanning Tree Protocol is an OSI layer-2 protocol that ensures a loop-free topology for any bridged LAN. Spanning tree allows a network design to include spare (redundant) links to provide automatic backup paths if an active link fails, without the danger of bridge loops, or the need for manual enabling/disabling of these backup links. Bridge loops must be avoided because they result in flooding the network. The Spanning Tree Protocol (STP), is defined in the IEEE Standard 802.1D. As the name suggests, it creates a spanning tree within a mesh network of connected layer-2 bridges (typically Ethernet switches), and […]

Jan
15
2009
3 new Cisco critical vulnerabilities

Yesterday Cisco has published 3 different vulnerabilities, which can be exploited by malicious people to conduct a DOS attack or a Remote control attack. 1) Cisco ONS Platform Crafted Packet Vulnerability The Cisco ONS 15300 series Edge Optical Transport Platform, the Cisco ONS 15454 Optical Transport Platform, the Cisco ONS 15454 SDH Multiservice Platform, and the Cisco ONS 15600 Multiservice Switching Platform contains a vulnerability when processing TCP traffic streams that may result in a reload of the device control card.

Jan
13
2009
DOCSIS 3.0: Modems Over 300 Mbps

Cisco Systems is developing a cable modem that will use Broadcom’s recently announced DOCSIS 3.0 silicon to bond together eight downstream channels – letting cable providers, theoretically, pump Internet content down to subscribers at more than 300 Mbps. According to Bekele, the idea with the eight-downstream-channel devices is to let cable operators future-proof their installed base of DOCSIS modems. So while a cable operator wouldn’t necessarily introduce a 300-Mbps Internet tier initially, that latent capacity would be available down the line.

Jan
8
2009
Wireless Home Audio system

During the CES show, Cisco did just that with its new Linksys by Cisco Wireless Home Audio system, a multi-room audio solution that will be positioned as a direct – and less expensive – competitor to the Sonos multi-room wireless system. The Wireless Home Audio system utilizes Wireless-N technology to deliver a rich audio experience to any room in the home. Users can create a party atmosphere with immaculate synchronization when listening to the same song throughout the entire home, or send different music to customized “zones”.

Jan
7
2009
Cisco Global Site Selector Appliances DNS Vulnerability

The Cisco Application Control Engine Global Site Selector (GSS) contains a vulnerability when processing specific Domain Name System (DNS) requests that may lead to a crash of the DNS service on the GSS. Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available. Vulnerable Products The following GSS products are affected by this vulnerability: Cisco GSS 4480 Global Site Selector Cisco GSS 4490 Global Site Selector Cisco GSS 4491 Global Site Selector Cisco GSS 4492R Global Site Selector

Jan
6
2009
Cisco Press Conference at CES 2009

Cisco will unveil new consumer products and initiatives during a press conference at the 2009 International Consumer Electronics Show (CES) in Las Vegas on Jan. 7, 2009. Cisco Chairman and CEO John Chambers will be joined by key Cisco executives responsible for the company’s consumer strategy to discuss how Cisco is enabling the connected life through a new class of compelling communication and entertainment experiences that are more visual, more social and more personal.

Jan
5
2009
Protecting against MAC flooding attack
mac_flooding_attack_2

In a typical MAC flooding attack, a switch is flooded with packets, each containing different source MAC addresses. The intention is to consume the limited memory set aside in the switch to store the MAC address-to-physical port translation table. The result of this attack causes the switch to enter a state called failopen mode, in which all incoming packets are broadcast out on all ports (as with a hub), instead of just down the correct port as per normal operation. A malicious user could then use a packet sniffer running in promiscuous mode to capture sensitive data from other computers, […]

Dec
28
2008
New Cisco Certification Logo’s

Cisco are deciding to update their certification logo’s; below the proposals: First logo  

Dec
25
2008
Merry Christmas and Happy New Year

I wish everyone a very Merry Christmas and Happy New Year. Fabio – The admin

Dec
23
2008
How to create a VPN server using SDM

As I explained in the article “Security Device Manager aka SDM“, SDM is a Web-based device-management tool for Cisco routers that can improve the productivity of network managers, simplify router deployments, and help troubleshoot complex network and VPN connectivity issues. What is a virtual private network? A virtual private network (VPN) is a computer network in which some of the links between nodes are carried by open connections or virtual circuits in some larger network (e.g., the Internet) instead of by physical wires. The link-layer protocols of the virtual network are said to be tunneled through the larger network when […]