The Blog Returns

June 28, 2024

It has been almost 10 years since i last posted on this blog and alot has happened in that time. Websites i’ve created have come and gone. While i do have backups of those, they are no longer available online. What is though, is this blog of mine.

I created this blog to act as a record of my knowledge and also a resource to reference at a later date, and today that is exactly what i will continue to do as i begin my journey in learning HTML, CSS, Javascript, JQuery, Python, PHP and MySQL. There will also be Computer Science topics and Cyber Security topics at some point too.

If you found this blog welcome, it’s good to be back and i can’t wait to share and record my knowledge.



The Security Gap – DIY Security World

April 19, 2014

I don’t think i have ever done this but i did originally write up the websites scope to include thought provoking articles. So anyway a quick thought about Security and how it should matter for everyone, not just from an organisational/enterprise level but even the personal/home computer and network security category.

So where am i going with this ? , well not too long ago there was the huge news of the SSL hole that allowed the data to be bled from RAM of a remote server, there was a miscalculation in the code and this allowed the checksum or something to become overlooked. So what was so scary ?, well the fact that in that “bled” data you could possibly discover login credentials of someone who had authenticated before you etc. I’m not very well versed in the technical terminology here but you get the idea. So this was the first instance where Security was in the front of my eyes and i began thinking about it alot more.

Then i read an article about how people use the same passwords or AKA password recycling across many websites and this is (obviously) poor management, because if one account belonging to yourself is compromised, it’s likely the rest of your online world is too. There was also talk of mitigation techniques that could be integrated into the logon process such as OTP (one time passwords) (Is that the correct acronym ? ) which could be sent to your mobile phone instead of emailing a password reset, it’s likely that if your facebook was hacked and they got into your email they have full control, so the use of the OTP would stop them here. Anyway the article goes on and it makes a very convincing argument to do so.

Then, a friend who also works in the IT world had a rant on Facebook, which again highlighted the importance of security when it comes to passwords. Basically the ISP could read back the Password to the caller over the phone after they had passed a few identification questions. He had asked the company to assure him his passwords where hashed and that his personal data was safe but obviously they weren’t too keen to go into specifics because sharing security measures in place can be counter intuitive but nonetheless the concern here is security, as it would only take one clever nerd to discover the ISP’s flaws (if they exist) and recover 100’s if not thousands of company passwords, as they can obviously be unencrypted to be seen in plain text. The theme here again is Security.

Quickly recapping, we got the heartbleed flaw which enabled data to “bleed” out over during remote requests and this could’ve proven chaotic globally. Then the article on OTP and the reasons behind it, Facebook rant and hashing of passwords or in this case not. So right now your thinking “ok, there is obviously alot of security work to do in the IT world” you’d be right and i had complete faith in most “Security Professionals” basically because my skills, while they do involve security and authentication, it is not a speciality point for me whilst working. It’s the Routing and switching side of things i really love but after you read the excerpt below, i’m gonna make a huge effort to master security too and this is why:

Excerpt from an email received from Learning@cisco , dated 18/04/2014

The Cybersecurity Skills Gap Is Worse Than You Think — 
Network World, January 21, 2014
Enterprise Strategy Group (ESG) asked 315 security professionals working at enterprise organizations (i.e., employing more than 1,000 employees) whether they were familiar with multiple types of malware techniques.

  • 50 percent of security professionals are “not very familiar” or “not at all familiar” with command and control communications techniques.
  • 40 percent are “not very familiar” or “not at all familiar” with polymorphic malware.
  • 29 percent are “not very familiar” or “not at all familiar” with zero-day malware.

So that’s just three dot points, which brings us to my point, which here is SECURITY SECURITY SECURITY. If you want it done right, you gotta do it yourself.


Reasons For Using VLANs

August 15, 2013
  • Create designs that allow you to group users more easily by either those working together or department
  • Allows you to segment the LAN which has the positive affect of reducing the overhead on each LAN segment
  • Provide Spanning Tree Protocol (STP) with less work to do by limiting a VLAN to an access switch
  • By keeping hosts that work together on a single VLAN, you are able to enforce stronger security by keeping the data on a individual VLAN
  • Seperate CISCO IP Phone traffic from the PC traffic

You could simplify this further:

  • Security
  • Performance
  • Design

Three most Common Types of Attacks

May 30, 2013

Denial of Service (DoS)

  • Erasers try to harm the host, destroying hardware and files
  • Crashers cause hosts to fail or no longer allow hosts to connect to the network
  • Flooders flood the network with packets to make the network unusable.

Reconnaissance Attacks

  • The goal is to gather information to perform an access attack and causing harm can be a side effect.

Access Attack

  • An attempt to steal data typically for some type of financial gain.

*This topic will definitely be asked in the exam room, make note and have this stuff drilled in


Port Security

April 28, 2013

Switches examine the source MAC address of the received frame, switches can take a few possible options if it discovers that the incoming MAC address on that port is NOT SECURE.

  •  shutdown (the switch shuts down the port and sends a log message and drops the frame/s , also the interface status will read err-disabled you have to run a no shutdown to open the port again) ON BY DEFAULT
  • restrict (drops the frames and transmits a log message but does not shutdown the port)
  • protect (only drops the frames)

When configuring Port security and the source MAC address is unknown switchport port-security mac-address sticky can be used and the switch will use the first mac address learned as the Secure MAC address

 


Basic Switch Security

April 28, 2013

Cisco Switch Defaults

  • All cisco switch ports are open by (DEFAULT)
  • Attempting to trunk (DEFAULT)
  • Remember all ports are in VLAN1

Best practice habits should include

  • Close Unused ports (shutdown command)
  • Stop the port from trunking with (switchport mode access command)
  • Place all unused Ports into an unused VLAN

Remember the switches should be locked away in a secure room and or a cabinet

 


Spanning Tree Protocol (STP)

April 27, 2013

Switching loops form when multiple paths exist, when a frame is sent and the the frame travels between the switches and never ends up reaching it’s final destination.

STP is used to prevent switching loops and is on by default, it determines a loop free path and ports that are not on the path are put into a blocking mode. If the best path is no longer available STP will calculate a new “path” and ports on that path that where blocked are brought out of the blocking mode.

NB. the shortest physical path is not the best, STP looks at the speed of the links

STP Quick Overview

  • On by default
  • Used to prevent switching loops

 

STP