So you want to connect securely to your Pix firewall? You will need to setup SSH instead of connecting using telnet. Telnet is clear text and SSH is encrypted.
Below are the required commands to run on your pix:
Hostname "Name"
domain "domain name"
ca generate rsa key 1024
ca save all
ssh 192.168.1.1 255.255.255.255 inside
writ m
The reasons for each […]
Do you want your workstations to connect to PPTP VPNs through a Cisco Pix firewall without having to setup a static NAT for each one.
Are you getting the following error in your syslogs when you try:
"regular translation creation failed for protocol 47"
All you should have to do is add a new fixup protocol entry.
"fixup […]
If you setup a folder to replicate using DFS and you want to lock down the folder rights on it you might have issues. You have to be sure to give the System account on each server write and modify rights for the replication to work.
If you add the system account to the folder you […]
So I ran into a new one today on my Windows XP Pro machine. I was trying to extract a program out of a zip file using XP’s built in compressed file program. The Zip file was 12MB in size, when I did an extract all it was only 100K worth of files in the […]
So like most IT security minded people I want to use SSH on everything I can because with telnet your username and password are sent over the wire in clear text. Now I know most of you say well if you are internal what matters it your password is sent in clear text who would […]
I ran across a pretty sweet product today. It is called Yoggie Pico and it is a security suite for your laptop that is based off of a USB stick. It is a hardened Linux box running off a 520MHz processor is a USB stick. It is supposed to provide all of the security you need […]
The U.S. Computer Emergency Response Team (US-CERT) has reported a network evasion technique using full-width and half-width unicode characters that affects several Cisco products. The US-CERT advisory is available at the following link:
http://www.kb.cert.org/vuls/id/739224
By encoding attacks using a full-width or half-width unicode character set, an attacker can exploit this vulnerability to evade detection by an […]
I ran across a pretty sweet article on how to access most blocked websites from places that use website filtering software.
Quick Breakdown:
-Use a website anoymizer
-Access the Website by IP instead of URL
-Use a service like tinyurl.com
-Use Google Mobile Search
-Search for Page in Google then go to the cached copy
-Use Google language tools service to […]
So AOL doesn’t really have a password monster but they will effectively eat part of your password. It turns out that even though AOL lets you put up to a 16 character password in for your AOL.com account it only reads the first 8. So if you put in password$&355# thinking that is a strong […]
If you are giving away a hard drive, selling it, or even disposing of a hard drive that you have had your data on you are going to want to wipe the drive clean.
Just because you have “deleted” your data doesn’t mean that someone can’t recover it. There is a utility called Secure Erase that […]
RSS Feed
