Hiding (filtering) a specific user from reporting in Cisco ISE

I ran into an interesting problem preparing for an 802.1x deployment - the authentications report in Cisco ISE was full of all the network devices checking to make sure ISE was still available (health checks). As seen below the load balancer's keep alive fill the logs pretty much on their own, imagine trying to troubleshoot a … Continue reading Hiding (filtering) a specific user from reporting in Cisco ISE

Advertisements

Attacking HSRP and how to protect it

I covered HSRP (Hot Standby Router Protocol) in a previous post that went into great detail on how HSRP functioned and a few enhancements to it. This time around I figured it would be fun to see what we could do to a typical HSRP deployment, and then research ways to further protect it. For this scenario … Continue reading Attacking HSRP and how to protect it

Lets just go ahead and use DTP & VLAN 1… Part 1: Attacking DTP – getting those server files

In my previous post, I discussed the vulnerabilities introduced from using the defaults of DTP and VLAN1 along with ways to mitigate the vulnerabilities. In this post a basic example of attacking DTP will be reviewed. To make things easier to follow the following diagram will be used throughout the series: Before the attack, for demonstration purposes, … Continue reading Lets just go ahead and use DTP & VLAN 1… Part 1: Attacking DTP – getting those server files

Lets just go ahead and use DTP & VLAN 1… Part 0: What using DTP & VLAN 1 means

By default, DTP auto negation is enabled on Cisco switches on all layer 2 ports and they are placed in VLAN 1. These two defaults allow for an easy way to just deploy a switch, or attach another switch to gain more port density, without needing any configuration knowledge. While this is very helpful, the … Continue reading Lets just go ahead and use DTP & VLAN 1… Part 0: What using DTP & VLAN 1 means