How to configure an ASA with built-in Sourcefire Firepower home lab

ASASF How to configure an ASA with built in Sourcefire Firepower home labFor those following Cisco security, you probably know Cisco acquired Sourcefire last year (more found HERE). The most anticipated release has been adding Sourcefire’s flagship Firepower offering inside Cisco’s most popular firewall offering the Adaptive Security Appliance (ASA). As of September 16th, this offering is officially available. You can find data sheets, configuration guides and more on the new release HERE. This post will cover steps I used to build my ASA with Soucefire lab. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Fun building a CCIE Security home Lab

homelab Fun building a CCIE Security home LabI built a CCIE lab a while back and found the process to be a bit cumbersome. The hardware and software requirements were clear (4.0 version found HERE), but not the actual construction of a home lab. Here is an explanation of how I built my lab. This is my experience so I’m not saying it’s the right way, but its how I did it. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Recon-ng – advanced reconnaissance framework

Starting recon ng 1024x621 Recon ng – advanced reconnaissance frameworkMy buddy Aamir Lakhani wrote about a cool reconnaissance tool called recon-ng. This tool can automate researching a target using multiple sources. The original post can be found HERE

Reconnaissance techniques are the one of the first steps penetration testers practice when learning how to exploit systems for vulnerabilities. Traditional reconnaissance techniques are used to gather intelligence, define scope, and identifying weaknesses. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Snowshoe Spam Attack Comes and Goes in a Flurry

Jaeson Schultz and Craig Williams recently posed on the Cisco security blog about research on the latest snowshoe spam trends being seen. They explain the problem, what they are seeing and suggestions for remediation. The original post can be found HERE.

Every so often, we observe certain spam campaigns that catch our interest. On August 15, we observed a particular spam campaign that caught our attention because it was using “snowshoe” spam techniques combined with PDF exploitation. While neither of these techniques are new, we have seen a growing trend involving snowshoe spam and we wanted to explain why the bad guys seem to be moving in that direction with a real world example. As you can see from the chart below, we’ve seen the amount of snowshoe spam double since November of 2013.snowshoe1 Snowshoe Spam Attack Comes and Goes in a Flurry

Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Payment Card Industry PCI Security Best Practices

PCI 1 Payment Card Industry PCI Security Best PracticesMany industries rely on revenue generated by sales and if credit is used, Payment Card Industry (PCI) compliance is mandated. This includes all industries that process, store or transmit credit card information. Like any compliancy standard, this is the minimal level of real security and should not be considered the goal to protect sensitive data. All compliance mandates that matter must go through various review and audit processes that take time and cause the results to be dated compared to the speed of new attacks you should expect against your network. This means meeting mandates such as PCI should just be part of your overall security strategy. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Cisco Midyear Security Report Highlights Weak Links in Increasingly Dynamic Threat Landscape

Cisco Security Report Cisco Midyear Security Report Highlights Weak Links in Increasingly Dynamic Threat Landscape

The Cisco 2014 Midyear Security Report found HERE examines threat intelligence and security trends for the first half of 2014. Cisco’s research helps to underscore just how many different types of weak links exist in the systems we use. These weak links – which could be outdated software, bad code, abandoned digital properties, or user errors – contribute to the adversary’s ability to exploit vulnerabilities with methods such as DNS queries, exploit kits, amplification attacks, point-of-sale (POS) system compromise, malvertising, ransomware, infiltration of encryption protocols, social engineering and “life event” spam. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Beating Telemarketers With Customized Automated Call Center Management

 Beating Telemarketers With Customized Automated Call Center Management

A buddy of mine at Cisco is truly a genius when it comes to thinking outside the box. He loves technology and hates annoying telemarketers. Over time, he developed a call management system that involves a combination of open source software and proprietary hardware. He took advantage of the numerous application programing interfaces (API’s) available to create a tightly integrated environment. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Russia offers over $100,000 to de-anonymize Tor

Russia1 Russia offers over $100,000 to de anonymize Tor

Patrick Howell O’Neill from the dailydot.com posted about how Russia is offering a reward for de-anonymizing Tor. The original post can be found HERE.

Here are the highlights: Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Cisco ISE with VPN overview: ASA Version 9.2.1 with ISE 1.2 remediation without an IPN

remote access Cisco ISE with VPN overview: ASA Version 9.2.1 with ISE 1.2 remediation without an IPN

One common question I’ve been asked is what are the current requirements to perform authentication, authorization, and remediation when using VPN (usually Cisco ASA VPN) and Cisco Identity Services Engine ISE. This post will cover this subject however I suggest for those with Cisco ASA 9.2.1 and ISE should reference this really good configuration guide found HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 2.0/5 (1 vote cast)