Articles with the tag: #security
Testing for Cisco security vulnerabilities with Ansible
In this blog post I'm demonstrating how to test for Cisco security vulnerabilities with Ansible.
NetFlow with Elastic-Stack
This blog post shows how to setup a NetFlow collector with Elastic-Stack, Fleet and Elastic-Agent. NetFlow data is sent by a Cisco ASA Firewall cluster.
Technischer Schutz und Prozesse bei Datenlecks
In diesem Blog-Post beschreibe ich meine technischen Schutzmaßnahmen (Email) und Prozesse, wenn ich von einem Datenleck betroffen bin.
Cisco Wireless Intrusion Detection Events to Elastic-Stack
In this blog post I'm showing how to get Wireless Intrusion Detection Events from Cisco's WIDS included in Cisco's Wireless Controllers into an Elastic-Stack.
802.1X Switch port is amber when only IP Phone is connected
When 802.1X (wired) is configured on a 3750G switch, the port LED is amber when only an IP Phone is connected (mab). When connecting on the IP Phone a downstream device like a laptop (dot1x), the port LED goes to green.
Login-Block (DoS and Dict-Attack Protection) in Cisco IOS
Cisco offers a method to protect against DoS (Denial-of-Service) and Dictionary attacks for IOS devices called Login-Block.
Mapping of IP addresses blocked by Russia
Mapping of IP addresses blocked by Russia
Cisco WLC - No secured WebUI after failover switching
Cisco WLC 3504 secured WebUI is not working on Secondary Unit in a failover (SSO) setup. When switched back to the Primary Unit, the secured WebUI is working again. Troubleshooting and solution of this strange behavior.
Some security settings for Apache Web Server
I'm showing in this blog post some security settings for the Apache web server including disabling of Directory Browsing, Server Signature and Server Token.
WiFicalypse 2021
WiFicalypse 2021, FragAttacks. Design and Implementation flaws in WiFi.
Small Python script to quick test DMARCDKIM and SPF records
For a given occasion I wrote Small Python script to test a domain for DMARC, DKIM and SPF records. Those records are managed in a DNS Zone and are typically used in Anti-SPAM techniques.
Concept for DNS security with Bind9, Pi-hole and OpenDNS
This is my new concept for DNS security with Bind9, Pi-hole and OpenDNS in my network. Bind9 is used as Enterprise DNS to resolve hostnames and IP addresses in the local area network, Pi-hole and OpenDNS are used for Internet DNS traffic. DNS traffic is passed by Cisco ASA Firewall ACL.
Blocking of Google Chrome FLoC
Blocking of Google Chrome FLoC (Federated Learning of Cohorts) on my web server
Weeks of the data leaks
Weeks of the data leaks and my approach after data leaks or breaches
Debian Unattended upgrades
Automatically install security-related upgrades on Debian Linux with unattended-upgrades
Security and Security Research
Bookmarks and links to Security and security research related web sites
Creating ROOT-CA-based certificates for Cisco Wireless Controller
Creating ROOT-CA-based certificates for Cisco Wireless Controller
Creating ROOT-CA-based certificates for Synology Diskstation
Creating ROOT-CA-based certificates for Synology Diskstation
WiFicalypse continued
WiFicalypse continued, new method to speed up cracking of WPAv1 / WPAv2 Pre-sharded keys