China catches a lot of flack in the infosec World, mostly for being suspected of cyber-terrorism and for propagating nasty malware. Lately things have been getting more political especially during their tussle with Google over the whole ‘search freedom’ issue and censorship. The latest is that they are starting to check for compliance on a [...]
Tag Archive | "cisco"
What a surprise, another quiet weekend – nothing much has been going on apart from the big furore about Facebook privacy – which frankly has been discussed to death. Other than that, 2 critical patches are expected in the next Microsoft patch Tuesday – info here and here. One story which I did find interesting [...]
If your organisation is using any kind of Cisco Wi-Fi kit it may be time to get the latest patches for your kit. Although they state there is no proof that hackers have used this attack in the wild – in my experience if Cisco have discovered this now, someone else probably knew about it [...]
This is an interesting development in router security, Cisco bugs have been popping up now and then – not that often – but usually when they do they are quite serious. The problem with them was you needed so many variations unless you were just targeting one specific router, with that specific version of IOS [...]
In the story we recently covered where Terry Childs had locked San Fransisco officials out of their own network, there is a new development. He’s handed over the passcode to the Mayor, Gavin Newsom. It seems he came to his senses and he also seems to have VERY little faith in the IT administration for [...]
CDPSnarf if a network sniffer exclusively written to extract information from CDP packets. It provides all the information a “show cdp neighbors detail” command would return on a Cisco router and even more. The application is written in C using the popular PCAP library. Sample Output Cisco AIR-AP1231G-E-K9 Access Point:
$ sudo ./cdpsnarf eth2
Waiting for a CDP packet...
[#0] Sniffed CDP advertisement with a size of 367 bytes.
CDP Version: 2
TTL: 180 ms
Device ID: cisco-ap.mydomain.net
Software version: Cisco IOS Software, C1200 Software (C1200-K9W7-M),
Version 12.3(8)JEA, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2006 by Cisco Systems, Inc.
Compiled Wed 23-Aug-06 16:42 by kellythw
Platform: cisco AIR-AP1231G-E-K9
Address #: 1
Protocol type:  NLPID format
Protocol: [0xCC] IP
IP Address: 184.108.40.206
Port ID: Dot11Radio0
[0x02] Transparent bridge
You can download CDPSnarf [...]
Another flaw in Cisco’s IOS, this time a problem with FTP, the mechanism used to update the firmware on Cisco devices (routers & switches mostly). You really don’t want someone playing around with your configuration files on your router do you? IOS FTP, which comes disabled by default in IOS, is used to upload IOS [...]
This is an excellent article you might find useful covering the use of the capture command in Cisco PIX firewalls. A vital tool to use when troubleshooting computer networking problems and monitoring computer networks is a packet sniffer. That being said, one of the best methods to use when troubleshooting connection problems or monitoring suspicious [...]