Stopping the Spread of WannaCry within the LAN

The recent WannaCry outbreak highlighted just how vulnerable machines are within the LAN, even behind the perimeter firewall. The attack took advantage of a vulnerability in SMBv1 but also in the way we traditionally look at network security whereby the things on the outside are untrusted, but everything inside is trusted. This attitude allowed the … Continue reading Stopping the Spread of WannaCry within the LAN

Controlling Logons to Cisco Devices with Active Directory

Something I see quite often is local passwords being used to authenticate network administrators onto switches and routers. While this is fine for smaller organisations with a small IT team and few network devices, it can quickly become a headache when trying to update the password across all devices or add a new user. There are … Continue reading Controlling Logons to Cisco Devices with Active Directory

802.1x MAC Authentication Bypass (MAB) to an NPS Server

Continuing to build on earlier posts where we setup 802.1x to authenticate users and place them in predefined VLANs, then extended this to dynamically assign the VLAN, this post will look at what to do for devices that don't speak 802.1x such as printers etc. While there is a guest VLAN command for dot1x we could use … Continue reading 802.1x MAC Authentication Bypass (MAB) to an NPS Server

Dynamic VLAN Assignment (Cisco and NPS)

In an earlier post we used 802.1x to authenticate users into the network and assign them into a VLAN based on either a successful or unsuccessful authentication as well as a VLAN for clients who did not send an initial EAPOL message. While this can be quite useful, it can also be quite restrictive - what … Continue reading Dynamic VLAN Assignment (Cisco and NPS)

Securing Baby Monitors and Webcams

There has been quite a bit in the media lately about consumer grade webcams and Internet of Things (IoT) devices being used as a springboard for DDoS (Distributed Denial of Service) attacks on popular web services. This post is more aimed at the general consumer  as opposed to those who deal with IT in their … Continue reading Securing Baby Monitors and Webcams

802.1x between Cisco and RADIUS

I've always wondered if it were possible to control access for a user to a VLAN based on their logon credentials and recently embarked on seeing if this was possible. We commonly use authentication in order to grant or deny permissions to the network for VPN's and wireless connections but when it comes to physical connections … Continue reading 802.1x between Cisco and RADIUS

Automate Your job – Synchronise NPS Servers and Push Config Changes to Multiple Devices

A recent project I was working on involved migrating a clients switches, routers, firewalls, VPN and wireless to two new NPS servers (live and DR) from their existing and hard to manage four. The situation they had was that Cisco switches, routers and firewalls would use RADIUS to authenticate VTY sessions but over time the configurations … Continue reading Automate Your job – Synchronise NPS Servers and Push Config Changes to Multiple Devices

Network Device Security Policies

Having recently dipped my toes into the security world with the Security+ exam I've been far more conscious about the risks to confidentiality, integrity and availability in my day to day work designing and supporting network infrastructure. In addition to this I found a very small mention to network device security policies in the back of … Continue reading Network Device Security Policies

Spoofing Attacks

In order to secure the internal network against threats you need to consider the tactic of presenting an attacking device as a trusted device in order to lull users into handing over credentials or files. An attacker can perform this in several ways, for example, by modifying their MAC address to mirror one of a target … Continue reading Spoofing Attacks