Articles with the tag: #security

Testing for Cisco security vulnerabilities with Ansible

In this blog post I'm demonstrating how to test for Cisco security vulnerabilities with Ansible.

NetFlow with Elastic-Stack

This blog post shows how to setup a NetFlow collector with Elastic-Stack, Fleet and Elastic-Agent. NetFlow data is sent by a Cisco ASA Firewall cluster.

Technischer Schutz und Prozesse bei Datenlecks

In diesem Blog-Post beschreibe ich meine technischen Schutzmaßnahmen (Email) und Prozesse, wenn ich von einem Datenleck betroffen bin.

Cisco Wireless Intrusion Detection Events to Elastic-Stack

In this blog post I'm showing how to get Wireless Intrusion Detection Events from Cisco's WIDS included in Cisco's Wireless Controllers into an Elastic-Stack.

802.1X Switch port is amber when only IP Phone is connected

When 802.1X (wired) is configured on a 3750G switch, the port LED is amber when only an IP Phone is connected (mab). When connecting on the IP Phone a downstream device like a laptop (dot1x), the port LED goes to green.

Login-Block (DoS and Dict-Attack Protection) in Cisco IOS

Cisco offers a method to protect against DoS (Denial-of-Service) and Dictionary attacks for IOS devices called Login-Block.

Mapping of IP addresses blocked by Russia

Mapping of IP addresses blocked by Russia

Cisco WLC - No secured WebUI after failover switching

Cisco WLC 3504 secured WebUI is not working on Secondary Unit in a failover (SSO) setup. When switched back to the Primary Unit, the secured WebUI is working again. Troubleshooting and solution of this strange behavior.

Some security settings for Apache Web Server

I'm showing in this blog post some security settings for the Apache web server including disabling of Directory Browsing, Server Signature and Server Token.

WiFicalypse 2021

WiFicalypse 2021, FragAttacks. Design and Implementation flaws in WiFi.

Small Python script to quick test DMARCDKIM and SPF records

For a given occasion I wrote Small Python script to test a domain for DMARC, DKIM and SPF records. Those records are managed in a DNS Zone and are typically used in Anti-SPAM techniques.

Concept for DNS security with Bind9, Pi-hole and OpenDNS

This is my new concept for DNS security with Bind9, Pi-hole and OpenDNS in my network. Bind9 is used as Enterprise DNS to resolve hostnames and IP addresses in the local area network, Pi-hole and OpenDNS are used for Internet DNS traffic. DNS traffic is passed by Cisco ASA Firewall ACL.

Blocking of Google Chrome FLoC

Blocking of Google Chrome FLoC (Federated Learning of Cohorts) on my web server

Weeks of the data leaks

Weeks of the data leaks and my approach after data leaks or breaches

Debian Unattended upgrades

Automatically install security-related upgrades on Debian Linux with unattended-upgrades

Security and Security Research

Bookmarks and links to Security and security research related web sites

Creating ROOT-CA-based certificates for Cisco Wireless Controller

Creating ROOT-CA-based certificates for Cisco Wireless Controller

Creating ROOT-CA-based certificates for Synology Diskstation

Creating ROOT-CA-based certificates for Synology Diskstation

WiFicalypse continued

WiFicalypse continued, new method to speed up cracking of WPAv1 / WPAv2 Pre-sharded keys