Cisco acquired Meraki, the leader in cloud controlled WiFI, routing and security late 2012. For those that haven’t heard of Meraki, the concept behind the technology is pretty cool. All device configuration and management is handled using a cloud / web accessible GUI. You can configure everything and ship equipment to where it needs to provide network access prior to first powering things on. Once you are ready, all you do is plug in the equipment and it works (IE all configuration is sent to the device via encrypted tunnel from the cloud) . It really is that simple.
A few weeks ago Aamir Lakhani put up a blog post on how to install and configure Snort on Security Onion with Snorby. Since the release of the article He has received numerous requests on how to disable some of the rules. Here is a post on tuning by Aamir. The original post can be found HERE.
My buddy Aamir Lakhani and I performed a penetration test using social media sources (Facebook and LinkedIn) as a method to compromise users from our target. You can find more about our project aka Emily Williams HERE and HERE as well as at www.drchaos.com. Continue reading →
Mobile Device Management or MDM has become a very popular topic following the smart phone and tablet market explosion (more on this found HERE). Everybody seems to own a range of mobiles devices making provisioning wireless and maintaining security a ongoing challenge. To address this demand, a handful of vendors have developed mobile device management solutions to provide these and other capabilities. Continue reading →
I had a article published in PenTest Magazine earlier this year. Enough time has passed so I’m now able to post the entire article on my blog. You can find the original article in the PenTest Mag extra titled Backtrack Compendium found at http://pentestmag.com/. Continue reading →
For those not following recent technology news, Cisco just acquired Sourcefire for 2.7 billion dollars. This has generated a ton of interest in Sourcefire and something I’ve been hammered on the last few weeks being a Cisco engineer responsible for security. As a result, I’m posting a summary of what Sourcefire is all about.
NOTE: Expect changes as Cisco and Sourcefire merge. Also assume I may be off on some areas as I’m still learning the technology. Continue reading →
I recently posted about how to setup a Cisco ASA CX lab HERE. I ended the last post once I had access to the ASA CX GUI via local PRSM. This post will focus on configuring CX once its operational, review the local management GUI and creating some basic policies.
The ASA and CX module act as two separate systems exchanging traffic through policy maps. Unlike proxy-based solutions, all ports can be included in a security policy aka an Application Layer / Next Generation Firewall function. This post will touch upon enforcing Internet use policies such as denying gambling websites, viewing application layer traffic, blocking applications such as YouTube and monitoring for security threats leveraging Cisco’s global correlation engine via Cisco Security Intelligence Operations (SIO). Continue reading →
My Lab – ASA5515, w520 (hosting ISE, NCS, Lancope, WSA and ESA), 3560 8 port switch, 2504 Controller + AP
I recently picked up an ASA5515 with Solid State Drive to support the next generation firewall features also known as ASA CX. This post will explain how to build a ASA CX home lab. I found limited troubleshooting documentation so hopefully my lessons learned would help you avoid my mistakes. I will stop once I can access the ASA and CX via direct GUIs and ASDM management. I will do another post on adding ASA/ASACX to PRSM and features overview as a Part 2 post. Continue reading →
Physical security can range from door to mobile locks such as padlocks and handcuffs. I have posted about picking door locks in the past HERE. My next project is researching breaking out of handcuffs. To do this, I have purchased a pair of double lock police grade steel handcuffs and researched how escape artists break out of them.
Common handcuffs work by moving a rounded ridged bar into a system that engages a ratchet with ridges that prevent the handcuffs from opening. The ridges permit moving the teeth in the closing direction via a downward slant however prevent moving back when the ridges are engaged. To open the handcuffs, a key pushes the ridges inside the handcuffs down to permit the ridged bar to slide back out. Continue reading →