CCNA Security – Key Things I learned

Having recently passed CCNA Security I thought I'd share some of the interesting topics covered that I'd either not heard of before or had limited knowledge of. I've also posted a small rant about the exam and how I studied here. Many of the topics were existing knowledge for me as my daily work is … Continue reading CCNA Security – Key Things I learned

Advertisements

Sophos UTM and Policy Based Routing

Ok, so I have to admit that the Sophos XG is pretty good when it comes to Policy Based Routing (PBR). The XG worked pretty nicely for me running on my somewhat overstretched HP N54L micro server VMware host however upgrading to anything beyond XG v15 became painful. Even at v15 the UI seemed slow and I … Continue reading Sophos UTM and Policy Based Routing

Oversharing and its Consequences

Recently I spotted a post by satirical website, The Poke, in which a Twitter user shared her families humorous WiFi password in a screenshot. Clearly visible was the SSID. Would you realistically think that based on just the shared SSID someone would be able to find your house with no other information needed? Wigle.net allows … Continue reading Oversharing and its Consequences

Sophos UTM Up2Date Failing

Having had mixed results with the Sophos XG, and having hardware that just can't keep up with the latest updates for it, I've reverted back to the Sophos UTM9. This still plays nicely with my PIA VPN setup whereby a pfSense router is placed in front of a UTM interface to anonomise traffic however I … Continue reading Sophos UTM Up2Date Failing

CCNA Security (210-260)

So I've just taken and passed the 210-260 CCNA Security exam which I'm pretty happy about! I'll start to put some content together based on the subjects covered in the syllabus which should make for interesting reading. For anyone interested, my studying method consisted of: Reading the Cisco Press 210-260 book (ISBN 978-93-325-7038-2). The book … Continue reading CCNA Security (210-260)

Release the Kracken!

Got a WiFi baby monitor? Got a fancy WiFi kettle? Bought a smart TV with WiFi? How's that WiFi connection in the car working out for you? Because they are all very likely to be vulnerable to the KRACK (Key Reinstallation Attack) exploit: https://www.krackattacks.com/ The exploit allows an attacker within proximity of a wireless client or access point … Continue reading Release the Kracken!

Playing with a WiFi De-authenticator

Recently a colleague mentioned a small device he'd bought that can perform de-authentication attacks on wireless devices and cause all sorts of mischief - and given we both had an interest in security he loaned me this and I was amazed at how something so freely available and cheap could affect a wireless network in … Continue reading Playing with a WiFi De-authenticator

Preventing Rogue DHCP Servers and Machine to Machine Connectivity on Wireless Networks

A recent post looked at DHCP Snooping on a wired network, which uses a concept of trusted and untrusted ports whereby the genuine DHCP server or uplinks which a genuine DHCP offer could be sent across are marked as trusted, with all other links marked as untrusted. This is great at keeping a wired network secure, … Continue reading Preventing Rogue DHCP Servers and Machine to Machine Connectivity on Wireless Networks

Setting Up PIA VPN In My Overly Complicated Network

After getting my hands on a WiFi Pineapple (a post on this to follow!) and enjoying exploring its features I quickly realised my mobile device is super promiscuous when it comes to joining open access points I'd previously connected too (Premier Inn, McDonalds etc). This got me started on looking into VPN solutions and after … Continue reading Setting Up PIA VPN In My Overly Complicated Network

DHCP Snooping, Dynamic ARP Inspection and IP Source Guard

With a client going for an ISO standard which dictates stringent controls over both the external and the internal network resources I decided to put in some additional controls to ensure confidentiality, integrity and availability of the internal network. As the client uses Cisco hardware on premise, this consisted of a trio of additional measures … Continue reading DHCP Snooping, Dynamic ARP Inspection and IP Source Guard