Security

So I have further evidence that I might be crazy:

I have decided to abandon any and all CCIE DC studies. Why you might ask? Simple: I dont have access to the required equipment continually so I can practice and reinforce any knowledge.

It seems like every day, there are some vulnerability or crack announced on the geek news-outlets.

For some reason, the recent publication of an exploit of a flaw in the SSL/TLS implementation in some versions, made me extra curious and it made me think a little harder about this whole security business.

In this small post i want to clarify the use of the “ip verify” command.

There has been some confusion on the usage of this command, especially in conjunction with the access-list parameter. I would like to clarify this here.

In this article i will try and setup a very simple example using Cisco IOS IPS (Intrusion Prevention System).

As before, a simple topology consisting of 3 routers will suffice.

They are configured as follows:

R1 will act as our source host. From this machine i will simulate an attacker trying to gain access to R3 through R2. This means R2 will be the device where we will be configuring the IPS functionality.

This small post will be about a little feature called “views”.

This feature is used to create a sort of profile, for which you could have a certain user do certain things. As you might know, the only way to do this previously was to use the priviledge level command. This command would in effect set the command to be available at a certain priviledge level. This can be very cumbersome to maintain, especially if you work in a large enterprise environment or a service provider.