Cisco Systems is an American multinational corporation that designs, manufactures, and sells networking equipment.
Questions tagged [cisco]
91 questions
11
votes
6 answers
Automated tools for Cisco IOS config auditing?
Are there any automated tools for auditing config files exported from Cisco IOS devices? Free/Open Source is always nice, but anything that does the job would be of interest.
Iszi
- 26,997
- 18
- 98
- 163
9
votes
1 answer
Cisco ASA SYN flood detection and response not working
I have a Cisco ASA 5510 (ASA Version 8.3(2)) that has been getting a syn flood attack on it (or more accurately through it - targeting a host behind it) a couple of times a day for the past few days. The Internet connection itself is decent and it…
bgp
- 191
- 1
- 5
8
votes
1 answer
Routing Protocol Encryption
As far as I know 'newer' versions of routing protocols support authentication between routers.
What about encryption and integrity checks? Some implementations like this one from Cisco use MD5, which I dont feel secure using. How do you protect…
blended
- 2,841
- 3
- 15
- 16
8
votes
3 answers
Are RADIUS and TACACS+ Ever Allowed in FIPS 140-2 Compliant Scenarios?
Are RADIUS and TACACS+ Ever Allowed in FIPS 140-2 Compliant Scenarios?
I understand that RADIUS uses the MD5 hashing algorithm and I'm pretty sure TACACS+ does too, and I do not believe there is any implementation of either RADIUS or TACACS+ that…
Ryan Ries
- 949
- 1
- 10
- 14
7
votes
2 answers
I'm having a DDoS attack, my hosting company is not giving me a solution, and I need to know what is hapening
So ok, right now my windows 2003 dedicated server is under attack by some guy who's flooding UDP packets (~90.000 packets/sec) on my 100Mbps server for the last 8 hours.
I'm on a shared port, so I'm guessing there is one 100Mbps router, or cable…
Reacen
- 71
- 3
7
votes
7 answers
How to effectively block torrents on my network?
As per the network policy, we have to block all torrent traffic from the network. To do this, I used to block all ports above 1024 on my firewall/proxy devices. But due to this, many other applications that use non-standard ports are not able to…
Adi
- 97
- 1
- 1
- 2
7
votes
5 answers
Cracking CISCO ASA Passwords
I've got a copy of a Cisco ASA config and i want to crack the following example passwords
I've got the following lines in the config
ASA Version 8.4(2)
!
hostname ciscoasa
enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU…
NULLZ
- 11,426
- 17
- 77
- 111
6
votes
3 answers
Cisco IOS question - password management, service password encryption types
I'm university student studying for my certification exam, and I was doing some reviewing today when I found a question that I can't find an answer to.
Basically, in the CCNA3 2.4.1 Cisco Netacademy online materials, it talks about encrypting…
mitch
- 61
- 1
- 3
5
votes
1 answer
Trying to prevent Cisco toll fraud
A little back story on the setup first; We have a Cisco VoIP setup at our remote office(where I'm at) and the main CCM/CCX/Unity setup is at the parent company across the US in Connecticut. We have MPLS tunneling the VoIP traffic between the two…
Ian
- 51
- 1
5
votes
5 answers
Block Incoming-Teamviewer Connection
Is it possible to use an open-source tool such as Cisco IPS or Cisco ASA to block incoming Teamviewer connections to specific internal IP blocks, while allowing the outgoing ones? I cannot find a specific answer on other online sources.
confused1027
- 51
- 1
- 1
- 2
5
votes
1 answer
HeartBleed and Closed Source Hardware like Cisco
With the release of heartbleed how does one protect themselves with closed source networking hardware like cisco? Especially hardware with VPN variety.
Would it be best to replaced such systems with opensource hardware setups such as pfSense or…
Jason
- 3,086
- 4
- 20
- 24
5
votes
1 answer
How does VTP authentication prevent unauthorized access (Can the password be cracked given captured packets)
I know that when setting up VTP across switches in a network you should set a secret/password to prevent unauthorized requests. My question is I know that this uses an MD5 hash to ensure that attackers don't falsify any requests, but I haven't been…
Jannu
- 229
- 2
- 6
5
votes
1 answer
Symbiote Counter-Attack Detection
I saw this video on YouTube about hacking Cisco phones (and other embedded systems) and I was overjoyed when the presenter not only hacked, but presented a security solution. Intrigued, I started reading the research paper "Defending Embedded…
Seanny123
- 511
- 2
- 5
- 13
5
votes
3 answers
Is the Cisco vulnerability specific to Cisco or is it something in some commonly used library?
I am referring to the vulnerability reported here:
Cisco secuirty advisory on "Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability"
CIS adviory on the same vulnerability
Is this in some proprietary code…
user93353
- 1,982
- 3
- 19
- 33
5
votes
4 answers
Cisco IOS service password-encryption
In Cisco IOS there's the service password-encryption command to encrypt all passwords in the config file to prevent unauthorized individuals from viewing them.
quoting from…
cyzczy
- 1,518
- 5
- 21
- 34