thierolf.org - Vom Hirn ins Terminal seit 1998.

Articles with the tag: #security

NetFlow with Elastic-Stack

This blog post shows how to setup a NetFlow collector with Elastic-Stack, Fleet and Elastic-Agent. NetFlow data is sent by a Cisco ASA Firewall cluster.


Technischer Schutz und Prozesse bei Datenlecks

In diesem Blog-Post beschreibe ich meine technischen Schutzmaßnahmen (Email) und Prozesse, wenn ich von einem Datenleck betroffen bin.


Cisco Wireless Intrusion Detection Events to Elastic-Stack

In this blog post I'm showing how to get Wireless Intrusion Detection Events from Cisco's WIDS included in Cisco's Wireless Controllers into an Elastic-Stack.


802.1X Switch port is amber when only IP Phone is connected

When 802.1X (wired) is configured on a 3750G switch, the port LED is amber when only an IP Phone is connected (mab). When connecting on the IP Phone a downstream device like a laptop (dot1x), the port LED goes to green.


Login-Block (DoS and Dict-Attack Protection) in Cisco IOS

Cisco offers a method to protect against DoS (Denial-of-Service) and Dictionary attacks for IOS devices called Login-Block.


Mapping of IP addresses blocked by Russia

Mapping of IP addresses blocked by Russia


SiSyPHuS Win 10 Telemetry blocklist for Pi-Hole

Based on the latest SiSyPHuS Analysis of BSI I built a small blocklist for Pi-Hole to drop Win 10 Telemetry data collection


Cisco WLC - No secured WebUI after failover switching

Cisco WLC 3504 secured WebUI is not working on Secondary Unit in a failover (SSO) setup. When switched back to the Primary Unit, the secured WebUI is working again. Troubleshooting and solution of this strange behavior.


Some security settings for Apache Web Server

I'm showing in this blog post some security settings for the Apache web server including disabling of Directory Browsing, Server Signature and Server Token.


WiFicalypse 2021

WiFicalypse 2021, FragAttacks. Design and Implementation flaws in WiFi.


>>  |