Monthly Archives: August 2012

Setting Privilege Levels With Local Usernames

Last week we looked at options for configuring privilege levels in Cisco IOS devices. I mentioned that there are three primary methods for doing this. The first method, which we focused on last week, was using the enable command. This … Continue reading

Posted in CCNA Security, Certification, Security, Technology | Tagged , , , , | 5 Comments

Password Length Limitations — Always an Indication of Clear Text Storage?

As a long time listener of Security Now, a consumer oriented security podcast, I wanted to challenge one of the statements Steve Gibson regularly makes. The statement I want to challenge is that if passwords have length restrictions, they’re stored … Continue reading

Posted in Rant, Security, Technology | Tagged , , | Leave a comment

The Case for Consistent Customer Service

I recently had an experience with the customer relations department of a restaurant chain. Out of professional courtesy, and the lack of relevance to this article, I’m not going to mention the name of the establishment. I will however, state … Continue reading

Posted in Career, Rant, Technology | Tagged , | Leave a comment

Using the “enable” Command To Set CLI Privilege Level

Last week I introduced the topic of privilege levels in Cisco IOS. I covered the fact that a user at privilege level x had access to any command that was less than or equal to x. In an effort to keep … Continue reading

Posted in CCNA Security, Certification, Security, Technology | Tagged , , , , | 2 Comments

NAT, NAT and PAT–Deduplicating The Terminology

NAT, or Network Address Translation, is unnecessarily tricky to define and explain. One of the big challenges is the fact that it is loosely used and often needs clarification. For example while NAT is an umbrella term that represents all types of … Continue reading

Posted in CCNA, CCNA Security, Certification, General, Rant, Technology | Tagged , , , | Leave a comment

Cisco Privilege Levels

One of the concepts that is mentioned in the IINS Blueprint in the “Security and Cisco Routers” section is securing the management plane. A key concept dealing with management plane security is the “privilege level”. Over the next few weeks, … Continue reading

Posted in CCNA Security, Certification, Security, Technology | Tagged , , , , | 2 Comments

Is A PAT Router a FW?

A couple of weeks ago Russ White wrote a Packet Pushers article called “Obscurity, Security, Reality“. His article was published later in the same day that I had published “The Truth About Security by Obscurity“. Obscurity, Security, Reality spawned quite … Continue reading

Posted in Blogroll, Rant, Security, Technology | Tagged , , , | 6 Comments

Fresh New Security Podcast by The Packet Pushers Gang

Our friends over at Packet Pushers are doing it again. Greg Ferro, Michele Chubirka (aka Mrs. “Y”), Ethan Banks and the gang have started a security podcast. Unlike most other security podcasts, this one promises not be about exploits, vulnerabilities … Continue reading

Posted in Blogroll, Security, Technology | Tagged , , , | Leave a comment

Using an Alternate Telnet Port in Cisco IOS

I have occasionally been asked how to change the telnet port in Cisco IOS. One would expect a simple command like “ip telnet listening-port <x>”. However a logical command like that doesn’t seem to exist. Since a command to change the port … Continue reading

Posted in CCNA Security, Certification, Network, Security, Technology | Tagged , , | 11 Comments

MSCHAPv2, Not So Secure…

I wanted to call attention to some research done by Moxy Marlinspike in the are of MSCHAPv2. This protocol is used in PPTP and many enterprise wireless environments. The article below explains how theory behind cracking the handshake and de-obfuscating … Continue reading

Posted in Blogroll, Security, Technology | Tagged , , | Leave a comment

VTY access-class Behavior With VRFs

Over the past few weeks, I have posted several introductory articles that deal with the concept of VRFs. One behavior that is modified when VRFs are introduced is the VTY access-class command. A router that is configured for VRFs will … Continue reading

Posted in Network, Security, Technology | Tagged , , , , | 5 Comments