Questions tagged [cisco]

Cisco Systems is an American multinational corporation that designs, manufactures, and sells networking equipment.

91 questions
11
votes
6 answers

Automated tools for Cisco IOS config auditing?

Are there any automated tools for auditing config files exported from Cisco IOS devices? Free/Open Source is always nice, but anything that does the job would be of interest.
Iszi
  • 26,997
  • 18
  • 98
  • 163
9
votes
1 answer

Cisco ASA SYN flood detection and response not working

I have a Cisco ASA 5510 (ASA Version 8.3(2)) that has been getting a syn flood attack on it (or more accurately through it - targeting a host behind it) a couple of times a day for the past few days. The Internet connection itself is decent and it…
bgp
  • 191
  • 1
  • 5
8
votes
1 answer

Routing Protocol Encryption

As far as I know 'newer' versions of routing protocols support authentication between routers. What about encryption and integrity checks? Some implementations like this one from Cisco use MD5, which I dont feel secure using. How do you protect…
blended
  • 2,841
  • 3
  • 15
  • 16
8
votes
3 answers

Are RADIUS and TACACS+ Ever Allowed in FIPS 140-2 Compliant Scenarios?

Are RADIUS and TACACS+ Ever Allowed in FIPS 140-2 Compliant Scenarios? I understand that RADIUS uses the MD5 hashing algorithm and I'm pretty sure TACACS+ does too, and I do not believe there is any implementation of either RADIUS or TACACS+ that…
Ryan Ries
  • 949
  • 1
  • 10
  • 14
7
votes
2 answers

I'm having a DDoS attack, my hosting company is not giving me a solution, and I need to know what is hapening

So ok, right now my windows 2003 dedicated server is under attack by some guy who's flooding UDP packets (~90.000 packets/sec) on my 100Mbps server for the last 8 hours. I'm on a shared port, so I'm guessing there is one 100Mbps router, or cable…
Reacen
  • 71
  • 3
7
votes
7 answers

How to effectively block torrents on my network?

As per the network policy, we have to block all torrent traffic from the network. To do this, I used to block all ports above 1024 on my firewall/proxy devices. But due to this, many other applications that use non-standard ports are not able to…
Adi
  • 97
  • 1
  • 1
  • 2
7
votes
5 answers

Cracking CISCO ASA Passwords

I've got a copy of a Cisco ASA config and i want to crack the following example passwords I've got the following lines in the config ASA Version 8.4(2) ! hostname ciscoasa enable password 8Ry2YjIyt7RRXU24 encrypted passwd 2KFQnbNIdI.2KYOU…
NULLZ
  • 11,426
  • 17
  • 77
  • 111
6
votes
3 answers

Cisco IOS question - password management, service password encryption types

I'm university student studying for my certification exam, and I was doing some reviewing today when I found a question that I can't find an answer to. Basically, in the CCNA3 2.4.1 Cisco Netacademy online materials, it talks about encrypting…
mitch
  • 61
  • 1
  • 3
5
votes
1 answer

Trying to prevent Cisco toll fraud

A little back story on the setup first; We have a Cisco VoIP setup at our remote office(where I'm at) and the main CCM/CCX/Unity setup is at the parent company across the US in Connecticut. We have MPLS tunneling the VoIP traffic between the two…
Ian
  • 51
  • 1
5
votes
5 answers

Block Incoming-Teamviewer Connection

Is it possible to use an open-source tool such as Cisco IPS or Cisco ASA to block incoming Teamviewer connections to specific internal IP blocks, while allowing the outgoing ones? I cannot find a specific answer on other online sources.
confused1027
  • 51
  • 1
  • 1
  • 2
5
votes
1 answer

HeartBleed and Closed Source Hardware like Cisco

With the release of heartbleed how does one protect themselves with closed source networking hardware like cisco? Especially hardware with VPN variety. Would it be best to replaced such systems with opensource hardware setups such as pfSense or…
Jason
  • 3,086
  • 4
  • 20
  • 24
5
votes
1 answer

How does VTP authentication prevent unauthorized access (Can the password be cracked given captured packets)

I know that when setting up VTP across switches in a network you should set a secret/password to prevent unauthorized requests. My question is I know that this uses an MD5 hash to ensure that attackers don't falsify any requests, but I haven't been…
Jannu
  • 229
  • 2
  • 6
5
votes
1 answer

Symbiote Counter-Attack Detection

I saw this video on YouTube about hacking Cisco phones (and other embedded systems) and I was overjoyed when the presenter not only hacked, but presented a security solution. Intrigued, I started reading the research paper "Defending Embedded…
Seanny123
  • 511
  • 2
  • 5
  • 13
5
votes
3 answers

Is the Cisco vulnerability specific to Cisco or is it something in some commonly used library?

I am referring to the vulnerability reported here: Cisco secuirty advisory on "Cisco Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability" CIS adviory on the same vulnerability Is this in some proprietary code…
user93353
  • 1,982
  • 3
  • 19
  • 33
5
votes
4 answers

Cisco IOS service password-encryption

In Cisco IOS there's the service password-encryption command to encrypt all passwords in the config file to prevent unauthorized individuals from viewing them. quoting from…
cyzczy
  • 1,518
  • 5
  • 21
  • 34
1
2 3 4 5 6 7