A client required isolated networks for factory hardware but their infrastructure, many basic NetGear switches, did not support VLAN separation (my original hope was to use the DrayTek default gateway for inter-VLAN routing). This required some 'thinking outside of the box' and resulted in a design that made use of a DrayTek to isolate the … Continue reading WDS Transparent Mode, DrayTek Inter-LAN Firewalls and some interesting observations!
We're seeing a greater shift now more than ever toward wireless networking due to many factors: Laptops sacrificing Ethernet jacks in favour of maintaining a slim form factor Increases in IoT and BYOD where the demand for access to the network for users who traditionally only had their corporate laptop has now stretched to their … Continue reading Controller based WiFi made easy (and cheaper) with Cisco Mobility Express
Following on from a recent CCNA Security pass I decided while I was in the swing of things to keep going with my studies and work towards the CCDA Design qualification which thankfully I passed. From my perspective this was a slightly more difficult exam than the CCNA R&S and the CCNA Security exams due … Continue reading CCDA Design – Key Things I learned
Having recently passed CCNA Security I thought I'd share some of the interesting topics covered that I'd either not heard of before or had limited knowledge of. I've also posted a small rant about the exam and how I studied here. Many of the topics were existing knowledge for me as my daily work is … Continue reading CCNA Security – Key Things I learned
Ok, so I have to admit that the Sophos XG is pretty good when it comes to Policy Based Routing (PBR). The XG worked pretty nicely for me running on my somewhat overstretched HP N54L micro server VMware host however upgrading to anything beyond XG v15 became painful. Even at v15 the UI seemed slow and I … Continue reading Sophos UTM and Policy Based Routing
Recently I spotted a post by satirical website, The Poke, in which a Twitter user shared her families humorous WiFi password in a screenshot. Clearly visible was the SSID. Would you realistically think that based on just the shared SSID someone would be able to find your house with no other information needed? Wigle.net allows … Continue reading Oversharing and its Consequences
Having had mixed results with the Sophos XG, and having hardware that just can't keep up with the latest updates for it, I've reverted back to the Sophos UTM9. This still plays nicely with my PIA VPN setup whereby a pfSense router is placed in front of a UTM interface to anonomise traffic however I … Continue reading Sophos UTM Up2Date Failing
So I've just taken and passed the 210-260 CCNA Security exam which I'm pretty happy about! I'll start to put some content together based on the subjects covered in the syllabus which should make for interesting reading. For anyone interested, my studying method consisted of: Reading the Cisco Press 210-260 book (ISBN 978-93-325-7038-2). The book … Continue reading CCNA Security (210-260)
Got a WiFi baby monitor? Got a fancy WiFi kettle? Bought a smart TV with WiFi? How's that WiFi connection in the car working out for you? Because they are all very likely to be vulnerable to the KRACK (Key Reinstallation Attack) exploit: https://www.krackattacks.com/ The exploit allows an attacker within proximity of a wireless client or access point … Continue reading Release the Kracken!
Recently a colleague mentioned a small device he'd bought that can perform de-authentication attacks on wireless devices and cause all sorts of mischief - and given we both had an interest in security he loaned me this and I was amazed at how something so freely available and cheap could affect a wireless network in … Continue reading Playing with a WiFi De-authenticator