showcrypto

INE SECURITY WORKBOOK - 1.6 IP Access-Lists

Admin — Fri, 19 Feb 2010 20:18:09 +0000

This section was pretty straight forward. Everything worked as advertised. I did make an initial mistake in my ACL for allowing NTP traffic. I made the mistake and setup the ACL using TCP instead of UDP, which confused me when it would not accept "eq ntp" on the end. This was easily corrected.

INE SECURITY WORKBOOK - 1.5 Advanced Routing

Admin — Mon, 15 Feb 2010 21:29:52 +0000

This section introduced a command I have never used, "track". It is basically a way to setup a "smart" static route. This is a very handy command.

"a static route tracking feature is used to track the availability of a static route and, if that route fails, remove it from the routing table and replace it with a backup route."

ASA/PIX 7.x: Redundant or Backup ISP Links Configuration Example

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00806e880b.shtml

Quoted in February 2010 issue of Information Security Magazine

Admin — Mon, 15 Feb 2010 20:52:18 +0000

Disaster recovery plans and DLP solutions top 2010 priorities

http://searchsecurity.techtarget.com/magazineFeature/0,296894,sid14_gci1380343_mem1,00.html

Published Article on SearchSecurity.com

Admin — Mon, 15 Feb 2010 20:38:02 +0000

Here is a link to an article I wrote on implementing firewall egress filtering for SearchSecurity.com

NETWORK SECURITY TACTICS

How to properly implement firewall egress filtering

Deploying egress firewall traffic filtering is sometimes easier said than done. Deployment may seem simple: Implement an access control list (ACL) on a firewall to block all outbound traffic, then only allow traffic that is approved by the company's security policy.

http://searchsecurity.techtarget.com/tip/0,289483,sid14_gci1378492,00.html

INE SECURITY WORKBOOK - 1.4 EIGRP

Admin — Mon, 15 Feb 2010 20:13:44 +0000

The only question I had regarding this lab was disabling OSPF on the connection to R4. The command in the solution guide appears to be incomplete. This may be due to my lab running PIX instead of ASA. To disable OSPF on my PIX the command is:

Rack1ASA1(config)#router osfp 1

Rack1ASA1(config-router)# no network 136.1.124.0 255.255.255.0 area 1

The solution guide does not include the "area 1". I will test this on an ASA to see if it behaves the same.

****Update 02.19.2010****

The "area 1" is also required on the ASA

INE SECURITY WORKBOOK - 1.2 RIP v2, 1.3 OSPF

Admin — Mon, 15 Feb 2010 20:11:29 +0000

Nothing to report here. These labs went as expected.

INE Security Workbook - 1.1 VLANS and IP addressing

Admin — Wed, 13 Jan 2010 22:20:54 +0000

Comments and observations from CCIE Security Lab Workbook Volume I Version 5.0

ASA Firewall 1.1 VLANS and IP addressing

This section was pretty straight forward; however I did get some inconsistencies from my lab equipment compared to the solution guide. These verification inconsistencies did not take away from the overall objectives of this section.

My verification result (from Switch1):

Rack1SW1#show interface trunk

Port Vlans in spanning tree forwarding state and not pruned

Fa0/21 1,100,120-121,124

Fa0/22 none

Fa0/23 none

****The solution guide says ports Fa0/22 - 23 should display the same results as Fa0/21. Why would Fa0/22 and Fa0/23 show "none"? I haven't figured this out.

My verification result (from Switch2):

Rack1SW2#show interfaces trunk

Port Mode Encapsulation Status Native vlan

Fa0/13 on 802.1q trunking 1

Fa0/21 on 802.1q trunking 1

Fa0/22 on 802.1q trunking 1

Fa0/23 on 802.1q trunking 1

***The solution guide says ports Fa0/21 - 23 should be "auto". I can make my results look like the solution guide by changing the provided intial config for SW2 ports Fa0/21, Fa0/22, Fa0/23

from: switchport mode trunk

to: switchport mode dynamic auto

Squarespace iPhone App

Admin — Thu, 03 Dec 2009 03:53:17 +0000

This is my first post using the Squarespace iPhone app.

Cisco Terminal Server

Admin — Mon, 23 Nov 2009 18:53:39 +0000

I needed a very inexpensive terminal server to provide console access to my security lab. I purchased an 8 Port USB To RS232 Adapter from StarTech.

http://www.startech.com/item/ICUSB2328-8-Port-USB-To-RS232-Adapter.aspx

I found this on Amazon for $144. I attached this to the Dell Latitude D600, which is running XP. This solution works great. I RDP into the laptop and have CON access to 8 devices.

Building A Security Lab - Part 2

Admin — Mon, 23 Nov 2009 17:19:30 +0000

I have scrapped the previous security lab I was working on. I have been able to acquire the following physical equipment:

2 - 3550-24 12.2 IP Services

4 - 2610XM 12.4(15)T11 ADV. Security

2 - PIX 525 8.0(4)

1 - Dell 1750 Running Windows 2003 with VMware Server

1 - Dell Latitude D600

All of this equipment is cabled according to the INE Lab Physical Interface Connections document.

This should get me through the majority of the VOL1 Workbook. I thought I had access to an ASA 5510, but I will have to get by using a 5505 for ASA only features.