Security

Debating SSL Decryption in 2024

Debating SSL Decryption in 2024

Yet another day brings another meeting about another security product recommending SSL Decryption at our network edge. Your Intrusion Prevention System (IPS), your web filter, the …

Will 2023 be the year of Artificial Intelligence for InfoSec?

Will 2023 be the year of Artificial Intelligence for InfoSec?

Gartner has been saying that “next big thing” in network security is the increased use of artificial intelligence (AI) and machine learning (ML) technologies for years now… Mainly …

ASA v9.4 Elliptic Curve Cryptography with TLS1.2

ASA v9.4 Elliptic Curve Cryptography with TLS1.2

With ASA version 9.4 Cisco has added support for Elliptic curve cryptography (ECC), which is one of the most powerful types of encryption in use today. While ECC has been in use …

Cisco ASA Packet Captures for Fun and Profit

Cisco ASA Packet Captures for Fun and Profit

As many of you know my background isn’t in enterprise, but I currently fill that role in my $job. In order to succeed I’ve had to develop many new skills including …

Double NAT – Cisco ASA 8.4+

Double NAT – Cisco ASA 8.4+

Recently I was faced with an issue outside my normal expertise… those of you that know me realize I am anything but a security engineer. But in reality, you must always expand your …

Cisco IPS Fun

Cisco IPS Fun

Since I’ve recently had some fun working with the Cisco 5585-X and the IPS blades, I wanted to document some of the information I learned while getting them online. Some of this …

Best Practices and Securing Cisco IOS

Best Practices and Securing Cisco IOS

Everyone has different views on hardening IOS, and while I do not claim to be an expert, these are the practices that I commonly use when bringing up a new device. If you see …

Time-based ACLs

Time-based ACLs

Ever since Cisco released IOS 12.0.1T we’ve had the ability to broaden the reach of the extended ACL to allow the influence of time. Time-based ACLs reference a time range that is …

ASA v8.4

ASA v8.4

Less than a year after changing the rules with ASA version 8.3, Cisco has released a new OS version 8.4. Since I won’t be covering the release notes word for word, you can find …

Poor man's VPN connection

Poor man's VPN connection

Have you ever needed to access a site that had an IP restriction, or one inside your remote network? Recently I need to access a customers remote monitoring site, but its …

IOS ACL Resequencing

IOS ACL Resequencing

This is one of those tricks you wish you learned about 10 years ago, but never did. You know how easy it is to mess up a nice looking access list. You get one setup on the router, …

Securing SSH against bruteforce attacks

Securing SSH against bruteforce attacks

This is one of the methods I’ve used in the past to secure a Linux host against brute force ssh attacks. While its not a perfect method, it does a good job of preventing 100s of …