Category: Firewalls
DNS Sinkhole – What is it & Why do I need one?
In this post I will talk about DNS Sinkholing, what it is and how it can help you identify potentially infected machines. Useful in the fight against malware such as viruses, Ransomware and Crypto Jacking! What is DNS? Domain Name System – in very basic terms, the internet (and local networks) are all routed by […]
FortiGate :: HA Routed Failover w/ Session Failover
A recent requirement that came up was for there to be a redundant pair of firewalls, which allowed for session failover, configuration synchronisation and also maintain different external IPs and seperate BGP peering. A niche request, but something that was supported with FortiGates. Below details some configuration examples to achieve this. Config and Session Sync […]
Cisco :: Upgrade or Reimage Firepower 8300 Sensors
Recently I was tasked with upgrading some new Firepower 3D8350 sensors which would later be stacked into a 3D8360. These devices were shipped with software version 5.4.0.1 and I had a customer requirement to upgrade the sensors to version 6.2. I would normally stack these devices and upgrade them using the FMC, however, I didn’t […]
KT Labs EP2 :: Getting Started with the ASA & ASDM
In this knowledge transfer session, I show you how to configure basic settings on the Cisco Adaptive Security Appliance (ASA) and how we can manage the ASA using the Adaptive Security Device Manager (ASDM). Please see the video below; In the video, we couldn’t get outbound access to the Internet because of the GNS3 […]
CCIE Security v5 :: ICMP Redirects
Today I wanted to share my CCIE Security notes on ICMP redirect messages. ICMP Redirection is used to notify hosts that a better route is available for packets destined for a specific destination. This feature is available and enabled by default on all Cisco IOS releases but it is worth mentioning that there may be […]
Cisco :: Configure ASAv To Use Virtual Serial Ports
In this article, I will demonstrate how to configure the ASAv so that you use a virtual serial port. This article assumes that you have installed the virtual Cisco Adaptive Security Appliance using VMware workstation or it’s equivalent and that you can only access the ASAv CLI via the VMware client. By default, the virtual serial […]
Cisco :: FXOS Authentication Using TACACS
In this article, I will describe how to enable authentication and authorization for Firepower eXtensible Operating System (FXOS) devices. The use case presented in this document illustrates how Cisco Identity Services Engine (ISE) can be utilised with attribute-value pairs (AV-Pairs) to authenticate and authorize users accessing the Firepower Chassis Manager (FCM) or FXOS platforms via […]
Cisco ASA :: Verifying ICMP Reachability on the ASA
If you’re a firewall engineer or work closely with the Cisco ASA then no doubt you will often find yourself troubleshooting and verifying reachability of packets on a network. One great feature that the ASA has to test reachability is the ‘packet-tracer’ command which when given an input will provide you with a very handy […]
How to configure a Rotating, long term packet capture using Wireshark.
Introduction Wireshark is an awesome tool for troubleshooting network traffic. Although the Wireshark GUI is not designed for long term packet captures and left running would simply fill the hard drive of the server/pc running the program. Within Wireshark there is a tiny built in Windows command line tool called ‘dumpcap’ which at less than […]
Cisco ASA :: Object NAT
In this video demonstration, we take a look at Object NAT and how it can be used to map hosts statically.