Spamming Spanning-Tree

Recently a client approached me as they regularly had interruptions on their network which was starting to frustrate them. After a short period of monitoring via PRTG it was clear they were suffering periodic bouts of packet loss on the LAN which seemed to peak during working hours and the slow downs were experienced by … Continue reading Spamming Spanning-Tree

802.1x between Cisco and RADIUS

I've always wondered if it were possible to control access for a user to a VLAN based on their logon credentials and recently embarked on seeing if this was possible. We commonly use authentication in order to grant or deny permissions to the network for VPN's and wireless connections but when it comes to physical connections … Continue reading 802.1x between Cisco and RADIUS

Automate Your job – Synchronise NPS Servers and Push Config Changes to Multiple Devices

A recent project I was working on involved migrating a clients switches, routers, firewalls, VPN and wireless to two new NPS servers (live and DR) from their existing and hard to manage four. The situation they had was that Cisco switches, routers and firewalls would use RADIUS to authenticate VTY sessions but over time the configurations … Continue reading Automate Your job – Synchronise NPS Servers and Push Config Changes to Multiple Devices

Network Device Security Policies

Having recently dipped my toes into the security world with the Security+ exam I've been far more conscious about the risks to confidentiality, integrity and availability in my day to day work designing and supporting network infrastructure. In addition to this I found a very small mention to network device security policies in the back of … Continue reading Network Device Security Policies

Sophos UTM vs. XG

I've been using a Sophos UTM9 virtual appliance for some time now. Originally my intention was to just test out its features as I was already using a pfSense VM to isolate my lab environment from my live environment, however I started to see the massive potential in the device and eventually retired pfSense in … Continue reading Sophos UTM vs. XG

Spoofing Attacks

In order to secure the internal network against threats you need to consider the tactic of presenting an attacking device as a trusted device in order to lull users into handing over credentials or files. An attacker can perform this in several ways, for example, by modifying their MAC address to mirror one of a target … Continue reading Spoofing Attacks

Sniffing Attacks

Just like sitting in a café and listening to other peoples conversations, sniffing the network involves passively capturing traffic as it flows through the network segment that an attacker is connected to. One common tool to capture traffic (often for legitimate reasons) is Wireshark, which is a freely available "protocol analyser", that will reveal what … Continue reading Sniffing Attacks