tag:blogger.com,1999:blog-356758912024-02-18T22:47:30.419-03:00~#<center>
Self Study Always<br>
Think before you type.<br>
With great power comes great responsibility.<br>
IF you don´t take control of your data, someone else Will.<br>
The only Way to Stop a Hacker is to think like One<br>
To gain knowledge there is no shortcut
</center>MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.comBlogger351125tag:blogger.com,1999:blog-35675891.post-70806903757702054772018-01-15T22:25:00.002-02:002018-01-15T22:32:27.835-02:00BGP Confederation OverviewAn AS using BGP confederations, as defined in RFC 5065, separates each router in the AS into one of several confederation subautonomous systems. Peers inside the same sub-AS are considered to be confederation iBGP peers, and routers in different sub-autonomous systems are considered to be confederation eBGP peers.
Confederations propagate routes to all routers, without a full mesh of peers MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-73278314783447894782017-05-31T17:01:00.004-03:002017-06-03T20:19:25.126-03:00Carrying IPv6 over a MPLS Backbone (6PE)There are multiple techniques available to integrate IPv6 services over Service Providers core backbones: dedicated IPv6 network running over various data link layers, dual stack IPv4-IPv6 backbone, or leveraging of an existing MPLS backbone. These solutions (IPv6) are deployed on Service Providers backbones when the amount of IPv6 traffic and the revenue generated are in line with the necessary MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-33049803195182840122017-04-20T15:13:00.001-03:002017-04-20T15:15:28.359-03:00IPv6 over IPv4 TunnelingOverlay tunneling encapsulates IPv6 packets in IPv4 packets for delivery across an IPv4 infrastructure (a core network or the figure below). By using overlay tunnels, you can communicate with isolated IPv6 networks without upgrading the IPv4 infrastructure between them. Overlay tunnels can be configured between border devices or between a border device and a host; however, both tunnel endpoints MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-82916543781419188782017-04-19T10:56:00.004-03:002017-04-19T11:40:02.077-03:00Quick Notes - OSPF LSA Types
.!!!!
.!.!.
biOos
MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-42960982640325883832017-02-25T10:49:00.003-03:002017-02-25T10:51:23.157-03:00Multiprotocol BGP (MP-BGP) ExampleMBGP Overview
Multiprotocol BGP (MBGP) is defined in RFC 2283. This RFC defines extensions to the existing BGP protocol to allow it to carry more than just IPv4 route prefixes. Examples of some of the new types of routing information include (but are not limited to):
• IPv4 prefixes for Unicast routing
• IPv4 prefixes for Multicast RPF checking
• IPv6 prefixes for Unicast routing
AMBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-4660636643811436922017-01-19T22:16:00.001-02:002017-01-19T22:16:23.025-02:00 IPv6 Comparison with IPv4This image provides a summary comparison of IPv6 to IPv4. The use of 128 bits over 32 is a obvious change. The upper-layer protocol is identified with the Next Header field in IPv6. Which was the protocol type field used in IPv4. ARP is replaced by IPv6 ND.
biOosMBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-38073579083714585362016-07-09T21:02:00.004-03:002016-07-09T21:04:28.854-03:00WSA WCCP for ASA Configuration ExampleThis post describes how to configure the Web Cache Communication Protocol (WCCP) for the Cisco Adaptive Security Appliance (ASA) through the Cisco Web Security Appliance (WSA). The diagram below was used:
ASA Configuration Example
Complete these steps in order to configure the WCCP for the ASA via the WSA:
Enter this command in order to use the default service group web-cache:
wccp MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-77394342397725757032016-07-07T15:24:00.000-03:002016-07-07T15:24:00.584-03:00WSA - Bypass CACHE URLsSpecifying Domains or URLs that the Web Proxy never Caches 1. Access the CLI. 2. Use the webcache -> ignore commands to access the required submenus:example.com> webcacheChoose the operation you want to perform:- EVICT - Remove URL from the cache- DESCRIBE - Describe URL cache status- IGNORE - Configure domains and URLs never to be cached[]> ignoreChoose the operation you want MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-48194592632743759112016-07-07T14:51:00.001-03:002016-07-07T15:06:17.960-03:00Ironport WSA OverviewGet advanced threat defense, advanced malware protection, application visibility and control, insightful reporting, and secure mobility. The Cisco Web Security Appliance (WSA) combines all of these forms of protection and more in a single solution. The WSA also helps to secure and control web traffic, while simplifying deployment and reducing costs.
The Cisco Web Security Appliance intercepts MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-3322159869810672922016-06-15T22:57:00.001-03:002016-06-15T22:57:04.787-03:00Unicast Reverse Path ForwardingUnicast Reverse Path Forwarding (Unicast RPF) is a feature that can reduce the effectiveness of packets with spoofed source addresses. A network device using Unicast RPF evaluates the source of each IP packet against its local routing table in order to determine source address validity. While it can detect and filter some spoofed traffic, Unicast RPF does not provide complete protectionMBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-74658571106574981512016-06-05T01:14:00.001-03:002016-06-05T01:36:11.888-03:00BGP Best Path Selection - OriginCodeBorder Gateway Protocol (BGP) routers typically receive multiple paths to the same destination. The BGP best path algorithm decides which is the best path to install in the IP routing table and to use for traffic forwarding. A option is to prefer the path that was locally originated via a network or aggregate BGP subcommand or through redistribution from an IGP. Local paths that are sourced byMBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-11413604948429477012016-06-04T21:00:00.002-03:002016-06-04T21:00:16.107-03:00Fundamentals of Wireless Controllers
biOosMBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-90940107851786293462016-06-02T16:41:00.002-03:002016-06-02T16:41:35.873-03:00[*] Packet Dump using AireOSTo resolve issues such as voice and security on wireless networks, you might need to dump packets from the AP for analysis while the AP continues to operate normally. The packets can be dumped on to an FTP server. This process of dumping packets for analysis is called Packet Capture.
Let's jump in:
config ap packet-dump ftp serverip 10.139.12.57 path / user bob pass 123456
config ap MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-29908751497539714852016-02-26T23:01:00.004-03:002016-02-26T23:01:39.545-03:00EIGRP Metric Manipulation: Offset-ListsAn offset list is the mechanism for increasing incoming and outgoing metrics to routes learned via EIGRP or Routing Information Protocol (RIP). (Offset lists are only used for distance vector routing protocols.) Optionally, an offset list can be limited by specifying either an access list or an interface.
Below is the lab example: R4 I'll use the two path to get the R1 11.0.0.8/29 route.MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-62370053893322424482016-01-04T22:58:00.002-02:002016-01-04T23:03:13.662-02:00Quick Notes - HSRPUse UDP as transport protocol
(IPv4) = port 1985
(IPv6) = port 2029
[Multicast address]
V1 = 224.0.0.2
V2 = 224.0.0.102
TTL = 1
[Mac Address Format]
• 0000.0C07.ACxx for HSRP version 1 for IPv4
• 0000.0C9F.Fxxx for HSRP version 2 for IPv4
• 0005.73A0.0xxx for HSRP version 2 for IPv6
xx is the group number
> High priority Wins
> Equal priority? High IPAddress Wins
RFC 2281
.!!!!
MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-63744714211021526842015-09-26T17:35:00.004-03:002015-09-26T17:37:37.629-03:00Vectors of Data Loss and ExfiltrationThe expression "vector of data loss and exfiltration" refers to the means by which data leaves the organization without authorization. Common vectors of data loss and exfiltration include the following:
Email attachments: Email attachments often contain sensitive information like confidential corporate, customer, and personal data. The attachments can leave the organization in various ways. For MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com1tag:blogger.com,1999:blog-35675891.post-79534983808995883962015-09-13T16:59:00.005-03:002015-09-13T16:59:44.394-03:00Quick Notes - Clock/NTP ASAConfigclock set 11:11:11 May 11 20XXclock timezone XXX 3clock summer-time XXX recurring 2 Sun Mar 2:00 1 Sun Nov 3:00ntp authentication-key 1 md5 ***ntp authenticatentp trusted-key 1ntp server 1.1.1.1 key 1 source inside preferVerifyshow clock detailshow ntp statusshow ntp associations
.!!!!
biOos
MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-63948557708417712032015-09-13T16:18:00.005-03:002015-12-16T20:57:05.085-02:00Quick Notes - DHCP Relay ASAConfig
conf t
dhcprelay server 1.1.1.1 dmz
dhcprelay enable inside
Verify
show dhcp relay statistics
show dhcp state
.!!!!
biOos
MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-24818904823807113772015-09-13T15:51:00.006-03:002015-09-13T15:51:38.615-03:00Quick Notes - Capture traffic ASAPut this on your tshoot belt:
conf tcapture CAPnAME interface out|insideshow capture CAPnAME
...no capture CAPnAME interface out|inside
.!!!!
biOos
MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-1193284960388637172015-08-15T23:12:00.001-03:002015-08-15T23:12:02.513-03:00Fortigate with Cisco Using OSPFLet's make the Fortigate talk com a Cisco Router, using OSPF protocol (using authentication). Very easy to do so.
[+] The config in Fortigate unit:
FortiGate # show system interface
config system interface
edit "port2"
set vdom "root"
set ip 172.16.1.10 255.255.255.0
&MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-24653611154376908382015-08-13T20:36:00.004-03:002015-08-13T20:36:59.487-03:00EIGRP distribute-listTo suppress networks from being advertised in updates, use the distribute-list out command in address family or router configuration mode.
- Before the distribute-list
R2# sh ip route eigrp
10.0.0.0/24 is subnetted, 3 subnets
D 10.8.0.0 [90/156160] via 10.12.0.1, 00:00:46, FastEthernet0/0
D MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-31949844189859100192015-08-02T22:39:00.003-03:002015-08-02T22:46:09.840-03:00DHCP Server in ASA FirewallThe DHCP Relay Agent sends Dynamic Host Configuration Protocol (DHCP) messages between DHCP clients and servers on different IP networks. DHCP provides network configuration parameters, such as IP addresses, to DHCP clients. The ASA can provide a DHCP server or DHCP relay service to DHCP clients attached to ASA interfaces. The DHCP server provides network configuration parameters directly to DHCPMBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-20540820767229746552015-07-26T18:55:00.003-03:002015-07-26T18:55:40.259-03:00Managing the Firewall ASA Clock
http://www.ciscopress.com/articles/article.asp?p=424447
biOos
MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-76575902774664437282015-07-20T21:37:00.001-03:002015-07-20T21:56:40.010-03:00Site-to-Site IPsec VPN [ASA2ASA]This document provides a sample configuration for the LAN-to-LAN (Site-to-Site) IPsec tunnel between Cisco Security Appliances (ASA) and another (ASA) using just the cli. Static routes are used for simplicity.
Chicago ASA relevant config:
interface GigabitEthernet0
description INTERNET
nameif outside
security-level 0
ip address 200.0.0.2 255.255.255.252
!
interface MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0tag:blogger.com,1999:blog-35675891.post-54727937403498861862015-06-29T23:25:00.001-03:002015-06-30T23:08:26.506-03:00BGP Backdoor NetworksBGP uses an administrative distance (AD) of 20 for eBGP routes and 200 for iBGP routes and works well in almost all network designs. Occasionally, a route learned via an interior gateway protocol (IGP) needs to take preference over a route learned via eBGP. This can be accomplished using the BGP backdoor network feature. A BGP backdoor network is treated as a local network and raises the AD for MBORILEhttp://www.blogger.com/profile/04476098655454065792noreply@blogger.com0