You searched for: attack
Ask INE #3
Thank you to all those who have submitted questions and comments to our blog and our CCIE Instructors. If you have a question, please email them to blog@ine.com.
Question 1:
Can anyone explain what is VPN intercept?
–
Bhavik Joshi
VPN Intercept can mean a few different things, depending on the specific context.
One interpretation is from a driver perspective, where a VPN connection breaks the binding between TCP/IP and the physical interface, acting as a shim. See also:
http://www.informit.com/articles/article.aspx?p=25042
Another meaning can be in regards to intercepting SSL traffic.
Tags: Ask INE, ask-the-expert, ccie, exam, routing and switching ccie
Let me start by saying hello and happy studying to our many blog faithful. Each week I find myself having various things I want to mention, but they certainly do not warrant a full blog post. So here is the first in an ongoing series I will do regarding these Random Notes:
- I have an Open Lecture coming up on Monday, May 3 at 12 PM PST. This Open Lecture is one in a series I have been doing on PfR/OER. It is titled PfR/OER – Apply Phase. I hope you will join me in the live classroom for that.
- Keith Barker tackled one of the most important/toughest topics for students this week in the new Advanced Technologies Class on Demand. He did IGP redistribution (Chapter 4). It is now posted for everyone to enjoy.
- Everyone has been emailing me about the new QoS Bootcamp from INE. I am so thrilled that everyone is excited for this new class. Details will be published very, very soon, and this course will be unlike anything ever produced here at INE.
- Check out the free vSeminars page and enjoy free training from INE!
- I want to send a “shout out” to everyone from the April 2010 Tampa 12 Day R&S Bootcamp that is reading this. I miss you guys and be sure to keep posting in our class Google Group so we stay in touch. I also miss our class social events at the Green Iguana!
- Have you noticed more and more attacking INE as “Grey Market” in the CCIE Blogsphere and Forums? I can only assume these attacks are based from jealousy and/or fear. I will also say that if you are considering a live or online CCIE class from ANY vendor, do yourself a huge favor and make sure you can meet and converse with your instructor prior to signing up. What is the truly priceless commodity about the class? YOUR INSTRUCTOR and their skills in educating and inspiring their audience!
- Wisely realizing that I would do nothing other than play Texas Hold Em at the Bellagio during Cisco Networkers, INE is sending me to London for our 6 Day R&S Bootcamp during the week of Networkers Live in Las Vegas. For those of you in that hemisphere, I hope to meet you in the UK. There are two seats left for that event.
- After singing in the last vSeminar, I bet most people interpret my new Random Notes column as a reference to my vocal abilities.
- Petr Lapukhov is helping me with the QoS Bootcamp, he is whicked smart.
Last week I had the opportunity to spend time with several CCIE security candidates in Texas, and had a blast. One of the questions that came up was regarding ARP inspection on the ASA in transparent mode. This topic comes up a lot, so I wanted to share it with y’all 
in this blog.
Here is the diagram we can work with:
ARP inspection on the ASA in transparent mode, is really very simple. The intent is to stop attackers from spoofing the L2 address of another host, such as a default gateway or some other critical system. The ASA does this by verifying that all ARP traffic is accurate for the specific key devices you are protecting against spoofing.
As we already know, Continue Reading
It is with great pride that we announce our esteemed colleague and friend, Scott Morris, quad-CCIE, has passed the Cisco Certified Design Expert (CCDE) exam. Scott joins a select few in the world to have passed this daunting certification. It seems like just yesterday (1998), when Scott passed the Cisco Design Specialist certification.
Please help us DoS attack the comments area of this site to help congratulate Scott!
CCDE #20090013
Scott Morris (left) and Keith Barker in a pre-celebration at Ice Lounge (Las Vegas, USA)
We have had many requests to share this forum post with the blog, so here it is. I also wanted to share a conversation Hadi had with Sales here at INE. I am so proud to be a part of INE! I have so much respect for my fellow instructors - and our incredible students!
Kady Dennis: Thank you for visiting Internetwork Expert. How may I help you today?
Hadi Esper: Hi Kady, I dont really have any questions to say.. I passed my CCIE R&S (25869) 2 days ago and wanted to say thank you to the sales team who have been very helpful and supportive of me over the last 1 year and 2 months.. i couldnt have made it without your excellent workbooks nor without ur amazing discounts
IOS IPS is fair game for the CCIE Security and CCIE R/S labs. With IOS IPS now using v5 signatures, (just like the sensor appliance), the ability to setup up IOS is not as simple, but very important. The intention of this post is to provide a streamlined process to use as a jumpstart into IOS IPS. For full details, examples and explanations, please refer to our lab workbooks. Both RS and Security cover the topic. Lets get started!
First, we need a place for IPS configuration files to call home. IPS wants a folder. Lets make a directory on the router flash. Optionally if there were other IOS file systems present, we could use those writable file systems as well.
R6#mkdir ips Create directory filename [ips]? Created dir flash:/ips R6#
We are putting the final touches together for the CCSP bootcamp that is launching soon. (PS, it is going to ROCK! ) As I was going through the demo’s on L2 security, I was reminded of how this topic is often an Achilles heel for many CCIE candidates, both R/S and Security.
This blog post is to refresh your memories and provide some examples for layer 2 security on the Catalyst switch. We will begin with DHCP snooping. Continue Reading
INE is thrilled to announce the release of CCNA Security for Jan 2010. Pricing, and exact availablity will be announced soon. Here is the outline for this exciting new course. CCIE Routing and Switching students should note how much this course can aid with the version 4.x blueprint!
Module 1: Security Threats
Lesson 1: Attack Mitigation
Lesson 2: Mitigating Worms, Viruses, and Trojan Horse Attacks
Lesson 3: Cisco Self Defending Networks
Module 2: Securing Cisco Routers
Lesson 1: SDM Security Audit
Lesson 2: SDM One-Step Lockdown
Lesson 3: Secure Admin Access
Lesson 4: Securing Router Files
Things sure can get spooky in the Troubleshooting section of the new Version 4 Blueprint! Cisco can present a pretty vague issue; give you a very lame diagram; and then really press you for time to solve the Trouble Ticket. In this blog post, I will walk you through this graveyard and attempt to provide some ideas on an efficient and effective approach. For much more detail and practice, our premier products for this exam section are the Volume 4 workbook (currently being edited and improved upon), and the brand new 5-Day Troubleshooting Bootcamp.
Are you ready to find prefixes that go bump in the night? Here is the sample Trouble Ticket we will attack, and the appropriate portion of the Cisco diagram. You will want to have some scratch paper handy (just like in the actual exam). Diagramming can prove to be more important here then in any exam section. You should practice a diagram now based on the show output that follows.
Tags: ccie, practice, strategy, troubleshooting
Beginning in October 2009, students will be required to demonstrate mastery of the Cisco IOS Intrusion Prevention System (IPS) for the CCIE R/S track. This blog post introduces candidates to this relatively new security feature. Note this series of blog posts will focus on Tier 1 knowledge. This information allows mastery for the Core Knowledge section and builds a foundation for later mastery at the Command Line Interface.
Intrusion Prevention replaces mere Intrusion Detection from previous IOS versions. IDS for the IOS was certainly nice (you get alerted when a security attack is occurring), but obviously, stopping an attack is much more powerful.
Loading ...
