Syslog on ASA

Syslog Packet: The syslog packet size is limited to 1024 bytes and carries the following information:   Facility Severity Hostname Timestamp Message — Syslog Port numbers: When sending messages using UDP the destination port is usually 514 When sending messages using TCP the destination port is usually 1468 — Syslog Message Format: Message This isContinue reading “Syslog on ASA”

Cisco Labs

CCP Configuration: ASA ASDM basic config: Cisco 861/871 basic router configuration: Cisco IOS DHCP Configuration: IOS Zone based Firewall configuration: IOS Site-to-Site IPSec VPN Configuration: ASA Site-to-Site IPSec VPN: Cisco ASA Site to Site VPN ‘Using ASDM’ Cisco VPN Client Configuration – Setup for IOS Router: HowContinue reading “Cisco Labs”

How Does NAT-T (NAT Traversal) work with IPSec?

ESP encrypts all critical information, encapsulating the entire inner TCP/UDP datagram within an ESP header. ESP is an IP protocol in the same sense that TCP and UDP are IP protocols (OSI Network Layer 3), but it does not have any port information like TCP/UDP (OSI Transport Layer 4). This is a difference from ISAKMPContinue reading “How Does NAT-T (NAT Traversal) work with IPSec?”

Data-plane attacks and Mitigation Techniques

CAM Table OverFlow Attack (DoS attack)(macof –i eth0): Port-Security DHCP Starvation Attack (DoS attack): Port-Security and Rate-limiting requests. DHCP Spoofing/Rogue DHCP Attack (Mitm attack): DHCP Snooping VLAN Hopping attack (negotiate trunk using DTP)(yersinia -G): set all the ports not connected to switches to no-negotiate and access ports, as by default they are set to negotiateContinue reading “Data-plane attacks and Mitigation Techniques”