Podcasts about cisco asa

UnitedHealth confirms breach numbers. Patient privacy pains. Amazon vs. APT29. CDK vulnerability threatens user security. Fog and Akira take aim at SonicWall. Level up or log off. LinkedIn in hot water. Open source, closed doors.  Watt's the risk? Today, we are joined by Itzik Alvas, Entro Security's CEO and Co-Founder, discussing their research team's work on non-human identities and secrets management. And Muni Metro hits Ctrl+Alt+Delete on floppy disks! Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we are joined by Itzik Alvas, Entro Security's CEO and Co-Founder, discussing their research team's work on non-human identities and secrets management. You can learn more here.  Selected Reading UnitedHealth: 100 Million Individuals Affected by the Change Healthcare Data Breach (Heimdal) OnePoint Patient Care data breach impacted 795916 individuals (Security Affairs) Amazon identified internet domains abused by APT29 (AWS Security Blog)  RDP configuration files as a means of obtaining remote access to a computer or "Rogue RDP" (CERT-UA#11690) (CERT-UA)  AWS Cloud Development Kit flaw exposed accounts to full takeover (The Register)  Arctic Wolf Labs Observes Increased Fog and Akira Ransomware Activity Linked to SonicWall SSL VPN (Arctic Wolf)  Lazarus Group Exploits Chrome 0-Day for Crypto with Fake NFT Game (Hackread)  LinkedIn hit with $335 million fine for using member data for ad targeting without consent (The Record)  Linux creator approves de-listing of several kernel maintainers associated with Russia (The Record)  U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog (Security Affairs) Cybersecurity Isn't Easy When You're Trying to Be Green (Dark Reading)  Goodbye, floppies - San Francisco pays Hitachi $212 million to remove 5.25-inch disks from its light rail service (TechSpot) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this week's show Patrick and Adam discuss the week's security news, including: Microsoft reassures* us that they take security very seriously* Cisco ASA firewalls get sneakily backdoored, but no one's quite sure how Change Healthcare was 1FA Citrix all along The FTC, FCC and other government sticks get waved at tech Lizard Squad Finn who hacked the Vastaamo therapy chain gets sentenced And much, much more. This week's sponsor is Zero Networks, who make a network micro-segmentation product that is actually usable. Zero Networks CEO Benny Lakunishok joins us to talk through why firewalling everything everywhere is finally workable. * You'll forgive us for being… a tad sceptical.

https://youtu.be/GnxViRW1A24 This week on the podcast, we cover a nation-state backed attack against Cisco ASA appliances which Cisco TALOS themselves have dubbed "ArcaneDoor." After that, we discuss a phishing tookit being used to target LastPass users before ending with a new way to deliver malware payloads using legitimate services.

This episode reports on the malicious plugin worm that refuses to die, and more

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.ZScaler ThreatLabz are reporting on some recent campaigns, which started in February 2024, where they observed Pikabot reemerging with significant changes in its code base and structure.OpenAi is claiming that they have terminated accounts associated with state-affiliated threat actorsA January 2024 court-authorized operation has neutralized a network of hundreds of small office/home office (SOHO) routers that were used to commit crimes by the GRU Military Unit 26165.SecurityWeek is reporting on the fine folks at CISA who are urging the patching of a Cisco ASA flaw that is being used in ransomware.A document naming APT groups and operations can be found here.

A joint advisory warns of Volt Typhoon's extended network infiltration. Check your Cisco devices for patches. Fortinet clarifies its latest vulnerabilities. Internet outages plague Pakistan on election day. Kaspersky describes the new Coyote banking trojan. Cyber insurance is projected to reach new heights. The White House appoints a leader for the AI Safety Institute, and sees pushback on proposed reporting regulations. Can we hold AI liable for its foreseeable harms? Joe Carrigan joins us with insights on the Mother of All Data Breaches. The potential of Passkeys versus the comfort of passwords. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Podcast partner and Hacking Humans co-host Joe Carrigan stops by today to discuss the mother of all data breaches. Selected Reading Chinese hackers hid in US infrastructure network for 5 years (BleepingComputer)  Akira, LockBit actively searching for vulnerable Cisco ASA devices (Help Net Security) Cisco fixes critical Expressway Series CSRF vulnerabilities (SecurityAffairs) Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure (BleepingComputer)  Pakistani telcos suffer widespread Internet blackouts on election day (DCD) Coyote: A multi-stage banking Trojan abusing the Squirrel installer (Securelist) Cyber insurance market growing dramatically, Triple-I Finds (AI-TechPark) Biden Administration Names a Director of the New AI Safety Institute (SecurityWeek) No one's happy with latest US cyber incident reporting plan (The Register) DHS Is Recruiting Techies for the AI Corps (BankInfoSecurity) Can the courts save us from dangerous AI? (Vox) I Stopped Using Passwords. It's Great—and a Total Mess (WIRED) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Learn more about some of our favorite presentations from the Vegas conferences, including: Susan Paskey on threat hunting in MFA logsJeremi Gosney on "passwords, but nihilism" (an apparently unscheduled, live threat modeling exercise on password risks)Patrick Wardle on Zoom LPE vulnerabilitiesGaurav Keerthi, Pete Cooper, and Lily Newman on global policy challengesJake Baines on Cisco ASA vulnerabilities and weaknesses (check out the blog post, too)Jonathan Leitschuh on fixing OSS vulnerabilities at scaleEugene Lim on so many iCal standards within standards Like the show? Want to keep Jen and Tod in the podcasting business? Feel free to rate and review with your favorite podcast purveyor, like Apple Podcasts.

[Referências do Episódio] - Rapid7 Discovered Vulnerabilities in Cisco ASA, ASDM, and FirePOWER Services Software - https://www.rapid7.com/blog/post/2022/08/11/rapid7-discovered-vulnerabilities-in-cisco-asa-asdm-and-firepower-services-software/ - Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software RSA Private Key Leak Vulnerability - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-rsa-key-leak-Ms7UEfZz - CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering - https://security.paloaltonetworks.com/CVE-2022-0028 - Alert (AA22-223A) #StopRansomware: Zeppelin Ransomware - https://www.cisa.gov/uscert/ncas/alerts/aa22-223a - Lockbit, Hive, and BlackCat attack automotive supplier in triple ransomware attack - https://news.sophos.com/en-us/2022/08/10/lockbit-hive-and-blackcat-attack-automotive-supplier-in-triple-ransomware-attack/ [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

[Referências do Episódio] - CVE-2022-22972 e CVE-2022-22973 no VMWare - https://www.vmware.com/security/advisories/VMSA-2022-0014.html - Mudanças nos acessos de revendedores da Microsoft - https://docs.microsoft.com/en-gb/partner-center/announcements/2022-may#13 - CVE-2022-20759 no Cisco ASA e FTD - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-mgmt-privesc-BMFMUvye - Freelancers da Coreia do Norte - https://www.bleepingcomputer.com/news/security/north-korean-devs-pose-as-us-freelancers-to-aid-drpk-govt-hackers/ - Falhas na NVIDIA - https://nvidia.custhelp.com/app/answers/detail/a_id/5353 - Ransomware Chaos - https://www.fortinet.com/blog/threat-research/chaos-ransomware-variant-sides-with-russia - Space Pirates - https://www.ptsecurity.com/ru-ru/research/pt-esc-threat-intelligence/space-pirates-tools-and-connections/ [Ficha técnica] Roteiro e apresentação: Carlos Cabral Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

Hello, today I want to experiment with a new format. I will be reading last week's news from my @avleonovnews channel, which I found the most interesting. I do this mostly for myself, but if you like it too, then that would be great. Please subscribe to my YouTube channel and my Telegram @avleonovcom. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.

It's really easy to go from zero to a working Cisco ASA network using Cisco VIRL 2. No longer do you need to struggle to build networks that consist of Cisco ASAs - you can get a network up and running in a few minutes using Cisco VIRL. The initial installation of VIRL 2 is easy. The import of ASAv appliances is easy. It is also easy to get things working. VIRL 2 is so much better than VIRL 1. This is Part 3 of my VIRL series showing you how to download, install and configure Cisco VIRL 2. The new version of Cisco VIRL allows you to create virtual Cisco networks using just your Web browser. You don't have to use a thick client or any other software - everything is included and everything is easy to use. The new version of Cisco VIRL 2 is one of your best options for CCNA, CCNP and CCIE Labs. VIRL 2 has multiple advantages over other platforms such as GNS3 or EVE-NG. VIRL 2 supports an HTML5 web client and contains all the Cisco IOS images. You don't have to use a thick client like you do with GNS3. You don't have to follow a convoluted process to get Cisco images working like you do with EVE-NG. You don't have to try to find images as they are all included as part of your VIRL subscription and by simply mapping an ISO drive to your virtual machine you can immediately start using all Cisco IOS images in your topologies. Both EVE-NG and GNS3 require that you provide your own IOS images - typically they recommend that you buy a VIRL subscription anyway. That means that you are already paying for VIRL. VIRL2 is also an official Cisco product - that means that you don't have to worry about any gray legal issues with regards to running Cisco IOS images on your laptop. This is an official Cisco product that is supported by Cisco. By paying your yearly subscription fee of $199, you can use Cisco IOS images such as IOSv, IOSvL2, ASAv, NX-OSv and others without any worries. VIRL 2 has everything you need to get started. Disadvantages include the requirement to license your installation. That however has been simplified dramatically from previous releases. There is also a 20 node limited in topologies. However, for most of us that is fine for a lot of labs. Is VIRL better than GNS3 or EVE-NG? In many ways it is. But, all platforms have advantages and disadvantages. If you are studying for your ccie, you many prefer gns3 or eve-ng as they don't limit the number of devices in a topology like virl does. VIRL-PE limits you to 20 devices - so your topologies cannot be massive like they could with gns3 or eve ng. However, if you are studying for your ccna or ccnp, VIRL may be more than enough. Cisco have made massive changes to their certification programs and it is fantastic to see the new version of VIRL in action. Menu: Overview: 0:01 Requirements: 1:36 Import OVA: 2:38 macBook specifications: 3:20 Customize VMware Settings: 3:34 Start VIRL: 4:30 Initial system wizard: 4:47 Browse to VIRL Web UI: 7:30 License the server: 8:09 Build my ASA Lab: 9:23 Start Lab: 10:34 Configure ASA: 14:05 Test network: 17:50 Conclusion: 18:38 Videos mentioned: VIR2 Part 1: https://youtu.be/sW5-jHLygFg VIRL 2 Cisco Live: https://youtu.be/5xUvqDMxH3g VIRL 1 installation: https://youtu.be/Ie5GwqtUVc8 ============================ Cisco ASAv configuration: ============================ interface GigabitEthernet0/1 nameif outside security-level 0 ip address 8.8.8.254 255.255.255.0 no shut ! interface GigabitEthernet0/0 nameif inside security-level 100 ip address 10.1.1.254 255.255.255.0 no shut route outside 0.0.0.0 0.0.0.0 8.8.8.8 object network obj_any subnet 0.0.0.0 0.0.0.0 nat (inside,outside) dynamic interface policy-map global_policy class inspection_default inspect icmp ============================

The History Of Cisco Welcome to the History of Computing Podcast, where we explore the history of information technology. Because understanding the past prepares us to innovate (and sometimes cope with) the future! Today we're going to talk about the history of Cisco. They have defined the routing and switching world for decades. Practically since the beginning of the modern era. They've bought companies, they've grown and shrunk and grown again. And their story feels similar in many ways to the organizations that came out of the tail end of the grants tossed around by DARPA. These companies harnessed the incredibly innovative ideas and technology to found the companies who commercialized all of that amazing research and changed the world. These companies ushered in a globally connected network, almost instantaneously transmitting thoughts and hopes and dreams and failures and atrocities. They made money. Massive, massive truckloads of money. But they changed the world for the better. Hopefully in an irrevocable kind of way. The Cisco story is interesting because it symbolizes a time when we were moving from the beginnings of the Internet. Stanford had been involved in ARPAnet since the late 60s but Vint Cerf and Bob Kahn had been advancing TCP and IP in the 70s, establishing IPv4 in 1983. And inspired by ALOHAnet, Bob Metcaffe and the team at Xerox PARC had developed Ethernet in 74. And the computer science research community had embraced these, with the use of Email and time sharing spurring more and more computers to be connected to the Internet. Raw research being done out of curiosity and to make the world a better place. The number of devices connected to the growing network was increasing. And Stanford was right in the center of it. Silicon Valley founders just keep coming out of Stanford but this one, they were professors, and early on. They invented the multi-protocol router and finance the startup with their own personal credit cards. Leonard Bosack and Sandy K. Lerner are credited for starting Cisco, but the company rose out of projects to network computers on the Stanford campus. The project got started after Xerox PARC donated some Alto workstations and Ethernet boards they didn't need anymore in 1980, shortly after Metcaffe left Xerox to start 3COM. And by then Cerf was off to MCI to help spur development of the backbones faster. And NSFnet came along in 1981, bringing even more teams from universities and private companies into the fold. The Director of Computer Facilities, Ralph Gorin, needed to be able to get longer network cables to get even more devices connected. He got what would amount to a switch today. The team was informal. They used a mother board from Andy Bechtolsheim, later the founder of Sun Microsystems. They borrow boards from other people. Bosack himself, who had been an ARPAnet contributor, donated a board. And amongst the most important was the software, which William Yeager wrote, which had a little routing program that connected medical center computers to the computer science department computers and could use the Parc Universal Packet (PUP), XNS, IP and CHAOSNet.. The network linked any types of computers, from Xerox Altos to mainframes using a number of protocols, including the most important for the future, IP, or the Internet Protocol. They called it the Blue Box. And given the number of computers that were at Stanford, various departments around campus started asking for them, as did other universities. There were 5,000 computers connected at Stanford by the time they were done. Seeing a potential business here, Bosack, then running the computers for the Computer Science department, and Lerner, then the Director of Computer Facilities for the Graduate School of Business, founded Cisco Systems in 1984, short for San Francisco, and used an image of the Golden Gate Bridge a their logo. You can see the same pattern unfold all over. When people from MIT built something cool, it was all good. Until someone decided to monetize it. Same with chip makers and others. By 1985, Stanford formally started a new project to link all the computers they could on the campus. Yeager gave the source to Bosack and Kirk Lougheed so they could strip out everything but the Internet Protocol and beef that up. I guess Yeager saw routers as commercially viable and he asked the university if he could sell the Blue Box. They said no. But Bosack and Lougheed were plowing ahead, using Stanford time and resources. But Bosack and Lerner hadn't asked and they were building these routers in their home and it was basically the same thing as the Blue Box, including the software. Most of the people at Stanford thought they were crazy. They kept adding more code and logic and the devices kept getting better. By 1986, Bosack's supervisor Les Earnest caught wind and started to investigate. He went to the dean and Bosack was given an ultimatum, it was go the wacky Cisco thing or stay at Stanford. Bosack quit to try to build Cisco into a company. Lougheed ran into something similar and quit as well. Lerner had already left but Greg Satz and Richard Troiano left as well, bringing them up to 5 people. Yeager was not one of them, even though he'd worked a lot on the software, including on nights and weekends. But everyone was learning and when it was to benefit the university, it was fine. But then when things went commercial, Stanford got the lawyers involved. Yeager looked at the code and still saw some of his in there. I'm sure the Cisco team considered that technical debt. Cisco launched the Advanced Gateway Server (AGS) router in 1986, two years after the Mac was released. The software was initially written by Yeager but improved by Bosack and Lougheed, as the operating system, later called Cisco IOS. Stanford thought about filing a criminal complaint of theft but realized it would be hard to prosecute, and ugly especially given that Stanford itself is a non-profit. They had $200,000 in contracts and couldn't really be paying all this attention to lawsuits and not building the foundations of the emerging Internet. So instead they all agreed to license the software and the imprint of the physical boards being used (known as photomasks), to the fledgling Cisco Systems in 1987. This was crucial as now Cisco could go to market with products without the fear of law suits. Stanford got discounts on future products, $19,300 up front, and $150,000 in royalties. No one knew what Cisco would become so it was considered a fair settlement at the time. Yeager, being a mensch and all, split his 80% of the royalties between the team. He would go on to give us IMAP and Kermit, before moving to Sun Microsystems. Speaking of Sun, there was bad blood between Cisco and Stanford, which I always considered ironic given that a similar thing happened when Sun was founded in some part, using Stanford intellectual property and unused hardware back in 1982. I think the difference is trying to hide things and being effusive with the credit for code and inventions. But as sales increased, Lougheed continued to improve the code and the company hired Bill Graves to be CEO in 1987 who was replaced with John Mordridge in 1988. And the sales continued to skyrocket. Cisco went public in 1990 when they were valued at $224 million. Lerner was fired later that year and Bosack decided to join her. And as is so often the case after a company goes public, the founders who had a vision of monetizing great research, were no longer at the startup. Seeing a need for more switching, Cisco acquired a number of companies including Grand Junction and Crescendo Communications which formed like Voltron to become the Cisco Catalyst, arguably the most prolific switching line in computing. Seeing the success of Cisco and the needs of the market, a number of others started building routers and firewalls. The ocean was getting redder. John Mays had the idea to build a device that would be called the PIX in 1994 and Branley Coile in Athens, Georgia programmed it to become a PBX running on IP. We were running out of IP addresses because at the time, organizations used public IPs. But NAT was about to become a thing and RFC 1918 was being reviewed by the IETF. They brought in Johnson Wu and shipped a device that could run NAT that year, ushering in the era of the Local Area Network. John T. Chambers replaced Mordridge in 1995 and led Cisco as its CEO until 2015. Cisco quickly acquired the company and the Cisco PIX would become the standard firewall used in organizations looking to get their computers on the Internets. The PIX would sell and make Cisco all the monies until it was replaced by the Cisco ASA in 2008. In 1996, Cisco's revenues hit $5.4 billion, making it one of Silicon Valley's biggest success stories. By 1998 they were up to $6B. Their stock peaked in 2000. By the end of the dot-com bubble in the year 2000, Cisco had a more than $500 billion market capitalization. They were building an industry. The CCNA, or Cisco Certified Network Associate, and CCNE, Cisco Certified Network Engineer were the hottest certifications on the market. When I got mine it was much easier than it is today. The market started to fragment after that. Juniper came out strong in 1999 and led a host of competitors that landed in niche markets and expanded into core markets. But the ASA combined Cisco's IPS, VPN concentration, and NAT functionality into one simpler box that actually came with a decent GUI. The GUI seemed like sacrilege at the time. And instead of sitting on top of a network operating system, it ran on Linux. At the top end they could handle 10 million connections, important once devices established and maintained so many connections to various services. And you could bolt on antivirus and other features that were becoming increasingly necessary at various layers of connectivity at the time. They went down-market for routing devices with an acquisition of Linksys in 2003. They acquired Webex in 2007 for over $3 billion dollars and that became the standard in video conferencing until a solid competitor called Zoom emerged recently. They acquired SourceFire in 2013 for $2.7B and have taken the various services offered there to develop Cisco products, such as the anti-virus to be a client-side malware scanning tool called Cisco AMP. Juniper gave away free training unlike the Cisco training that cost thousands of dollars and Alcatel-Lucent, Linksys, Palo Alto Networks, Fortinet, SonicWall, Barracuda, CheckPoint, and rising giant Huawei led to a death by a thousand competitors and Cisco's first true layoffs by 2011. Cisco acquired OpenDNS in 2015 to establish a core part of what's now known as Cisco Umbrella. This gives organizations insight into what's happening on increasingly geographically distributed devices; especially mobile devices due to a close partnership with Apple. And they acquired Broadsoft in 2017 to get access to even more sellers and technology in the cloud communication space. Why? Because while they continue to pump out appliances for IP connectivity, they just probably can't command a higher market share due to the market dynamics. Every vendor they acquire in that space will spawn two or more new serious competitors. Reaching into other spaces provides a more diverse product portfolio and gives their sellers more SKUs in the quiver to make quotas. And pushes the world forward with newer concepts, like fog computing. Today, Cisco is still based in San Jose and makes around $50 billion a year in revenue and boasts close to 75,000 employees. A lot has happened since those early days. Cisco is one of the most innovative and operationally masterful companies on the planet. Mature companies can have the occasional bumps in the road and will go through peaks and valleys. But their revenues are a reflection of their market leadership, sitting around 50 billion dollars. Yes, most of their true innovation comes from acquisitions today. However, the insights on whom to buy and how to combine technologies, and how to get teams to work well with one another. That's a crazy level of operational efficiency. There's a chance that the Internet explosion could have happened without Cisco effectively taking the mantle in a weird kind of way from BBN for selling and supporting routing during the storm when it came. There's also a chance that without a supply chain of routing appliances to help connect the world that the whole thing might have tumbled down. So consider this: technological determinism. If it hadn't of been Cisco, would someone else have stepped up to get us to the period of the dot com bubble? Maybe. And since they made so much money off the whole thing I've heard that Cisco doesn't deserve our thanks for the part they played. But they do. Without their training and appliances and then intrusion prevention, we might not be where we are today. So thank you Cisco for teaching me everything I know about OSI models and layers and all that. And you know… helping the Internet become ubiquitous and all. And thank you, listener, for tuning in to yet another episode of the history of computing podcast. We are so very lucky to have you. Have a great day!

People might still be interested in about Cisco Wildcard Masks. I try to summarize interesting information about Wildcard Masks in this post.Use Case 1: IPv4 Access Control Lists on Cisco IOS, IOS XE, and IOS XRWildcard masks are for us to select only subsets of IPv4 addresses.When we define selected source or destination IPv4 addresses for an Access Control List (ACL), we use Wildcard Mask. Here is an example for Cisco IOS and IOS XE.ip access-list extended ACL-NAME deny tcp 172.16.9.0 0.0.0.255 172.16.0.0 0.0.255.255 eq 22 permit ip any anyHere is an equivalent ACL example for Cisco IOS XR.ipv4 access-list ACL-NAME deny tcp 172.16.9.0 0.0.0.255 172.16.0.0 0.0.255.255 eq 22 permit ip any anyAll Cisco IOS XR Access Control Lists are “extended, and named” in Cisco IOS’s sense. And we don’t need “extended” keyword in IOS XR commands.Use Case 2: Selecting interfaces to start Routing Protocols on Cisco IOS, and IOS XEThe “network” commands for OSPFv2 and EIGRP are to select interfaces to start OSPF or EIGRP by interfaces’ IPv4 addresses. For example:router eigrp 99 network 192.168.199.0 0.0.0.255router ospf 1 network 192.168.201.0 0.0.0.255 area 0Here, all interfaces with IPv4 addresses covered by “192.168.199.0 0.0.0.255” would be enabled with EIGRP AS 99, and all interfaces with IPv4 addresses covered by “192.168.201.0 0.0.0.255“ would be enabled with OSPF and assigned to area 0.Just in case you need some help about visualizing Wildcard Masks, you can download an Excel Spreadsheet Wildcard Mask Calculator in this post:Revised post: Covering Subnet Calculator to understand more about Wildcard MaskThat's all for use cases. We simply don't use Wildcard Masks, in any other scenarios.NX-OS, ASA, and IPv6 we do not have Wildcard MasksIf you are lucky enough to work on Cisco NX-OS, Cisco ASA alone, you don’t need Wildcard Masks because they are not supported at all on these operating systems.Or, if you work in IPv6-only world without IPv4, you don’t need Wildcard Masks at all because all IPv6 commands of any Cisco’s operating systems do not use Wildcard Masks at all.Tamsui River (淡水河) Estuary after sunset.Tamsui District, New Taipei City, Taiwan.One more thing…I always say that we can simply assume Cisco IOS Wildcard Mask are derived by mapping 1s to 0s and 0s to 1s of equivalent subnet mask in binary notation. This brings up a question: why do we need Wildcard Mask at the first place? Why not just reuse IP subnet masks instead of creating new objects like Wildcard Masks?I don’t have any official information source. In my opinion, “flexibility” might be the cause.I try to imagine two possible cases. We only want to select IP subnets with “even-number 3rd digits”, or, we want to select any hosts end with number “77”. Here are single line Wildcard Masks to select them out.Single line Wildcard Mask “192.168.0.0 0.0.254.255” selects IP subnets 192.168.0.0/24, 192.168.2.0/24. 192.168.4.0/24 … 192.168.254.0/24.Single line Wildcard Mask “192.168.0.77 0.0.255.0” selects 192.168.0.77, 192.168.1.77, 192.168.2.77 … 192.168.255.77.Subnet masks are not flexible. All subnet masks must begin with contiguous “1”s, and rest of the digits must be “0”s, it is complex to combine many more subnet masks to define the identical selections for above two imaginary examples.Please don’t get me wrong! I don’t like Wildcard Masks, either. I always avoid Wildcard Masks when managing a network. I do Wildcard Masks only when taking exams. These two imaginary examples are rare in practical networks. Most administrators I know of always group endpoints with IP subnets, instead of confusing even-odd way.Maybe I will create another post to tell you how I avoid Wildcard Masks!I am Li-Ji Hong. And this is my blog “Show IP Protocols”. See you next time!

Episode 48 - 24 December, 2018ThinkPHP exploit - https://www.zdnet.com/article/chinese-websites-have-been-under-attack-for-a-week-via-a-new-php-framework-bug/Hackers take a coffee and bagel break - https://threatpost.com/caribou-coffee-brueggers-bagels-bitten-by-months-long-breach/140242/Amazon confirmation email malspam - https://www.bleepingcomputer.com/news/security/fake-amazon-order-confirmations-push-banking-trojans-on-holiday-shoppers/Cisco ASA patch - https://www.scmagazine.com/home/security-news/cisco-patches-privilege-escalation-flaw-in-adaptive-securty-appliance-software/San Diego Unified hacked for 10 years - https://threatpost.com/san-diego-school-district-data-breach-hits-500k-students/140366/A daily look at the relevant information security news from overnight.

Michael Marriott flies in from San Francisco to cover the big vulnerability and exploit stories of the week. The team discuss the Cisco denial- of-service vulnerability affecting its Adaptive Security Appliance (ASA), as well as a vulnerability in Oracle’s VirtualBox technology posted to GitHub. Dr. Richard Gold, Rafael Amado and Michael debate the benefits and drawbacks of bug bounty programs, how you should consider operational value when assessing vulnerabilities, and the U.S. Cyber Command’s publication of malware samples to VirusTotal.

Chinese AR glasses, Cisco ASA flaws, Russian Nuclear Cryptomining, Marine quadcopters, POS Skimmers, Chrome HTTP, technology news, human news, discovery, notes, recommendations, and the aphorism of the week…

Featured In This Episode Cisco ASA Vulnerability, Wordpress Bug, ExtraHop & More

Участники подкаста: Артем Гавриченков, Дмитрий Шемонаев, Константин Игнатов и Александр Козлов. Спонсор подкаста: Glenmorangie. Темы первой части седьмого «Прокуратора»: 1 м. - К чему-то подключенные устройства - http://www.nielsen.com/us/en/insights/news/2010/the-connected-devices-age-ipads-kindles-smartphones-and-the-connected-consumer.html 3 м. - Windows Phone отмучался - https://twitter.com/joebelfiore/status/917071399541391360, рассказ Артема про андроиды 8 м. - Продолжаем обсуждать рукожопия андроидов, отличился One Plus - http://www.securitylab.ru/news/489022.php 10 м. - iPhone, его дыры и медленный калькулятор - How to Unlock ANY iPhone without PASSCODE iOS 11 Access Photo & more 15 м. - Play Store и малварь - https://threatpost.ru/google-deleted-sockbot-botnet-from-play-store/22907/ 18 м. - Зато в андроидах может появиться DNS over TLS - http://www.securitylab.ru/news/489270.php 21 м. - CVE-2017-12246, DoS в Cisco ASA - https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171004-asa 23 м. - Видеоняни с камерами без индикации 26 м. - Яндекс и Алиса 30 м. - Приложение для безопасного хранения интимных фотографий - https://www.anti-malware.ru/news/2017-10-18-3/24442 33 м. - Pornhub внедряет систему машинного зрения для автоматического распознавания лиц, поз и других атрибутов видео - https://geektimes.ru/post/294329/ 36 м. - Blade Runner 2049 и wearable love interest

AT&T Data Security Analysts are joined by Chris Hadnagy to discuss social engineering, a Cisco ASA patch, a scam targeting retail rewards, insider attacks, and the Internet Weather Report. Originally recorded February 16, 2016.

I just want to make sure you have known this news and updated your Cisco ASA OS already.Cisco announced a "critical" vulnerability of Cisco ASA OS and released patched OS for them at the same time. Hackers could make use of this vulnerability to gain control of your Cisco ASA.The first fixed version of ASA OS to fix this problem.Screen captured on Cisco's web site.Vulnerable ProductsCisco ASA Software is affected by this vulnerability if the system is configured to terminate IKEv1 or IKEv2 VPN connections.This includes the following:LAN-to-LAN IPsec VPNRemote access VPN using the IPsec VPN clientLayer 2 Tunneling Protocol (L2TP)-over-IPsec VPN connectionsIKEv2 AnyConnectCisco ASA Software can be downloaded from the Software Center on Cisco.com by visitinghttp://www.cisco.com/cisco/software/navigator.html.The full details about this vulnerability and patched OS is on Cisco's official web site:Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability (CVE-2016-1287)One more thing...I have learned one lesson several years ago. Around 2003, I secretly installed a SQL server right in my house. I thought I was the only one who knew I have installed that SQL server, and I was the only one who knew my public IP address. I put that server at public Internet side so I can get back to it any time I want.However, I was wrong. Within just 12 hours, hackers found and broke into my SQL server.The key lesson I have learned is, if I tried again to put some hardware or software with vulnerability unfixed at public Internet, the survival time for it would be far less than 12 hours. Remember, it was only year 2003.Go patch up your Cisco ASA OS ASAP!

We all know adding redundant supervisors/CPUs to any given system, we can increase the uptime for that system. With In-Service Software Upgrade (ISSU), Cisco hardware even allow us to upgrade the operating system software on-the-fly without stopping the whole system.Flowers of Cassia fistula was blooming together in southern Taiwan starting from mid-May.This photo was taken around this location in Baihe District of Tainan City, Taiwan.An interesting question might be asked. Does Cisco hardware keep track of system uptime even upon supervisor/CPU failover events? And how to display the system uptime, in addition to individual supervisor/CPU uptime?I spent some time and I summarize my findings in this post.[Cisco NX-OS on Nexus 7000 and MDS 9500]Basically the command “show system uptime” is for NX-OS to display system uptime for both Nexus 7000 and MDS 9500For Cisco MDS 9500, the official web site gives me an explaining example.http://www.cisco.com/c/en/us/td/docs/switches/datacenter/mds9000/sw/4_1/configuration/guides/cli_4_1/clibook/ha.html#pgfId-1120592switch# show system uptimeSystem start time: Fri Aug 27 09:00:02 2004System uptime: 1546 days, 2 hours, 59 minutes, 9 secondsKernel uptime: 117 days, 1 hours, 22 minutes, 40 secondsActive supervisor uptime: 117 days, 0 hours, 30 minutes, 32 seconds For Nexus 7000, the following link tell us “show system uptime” is a legal command for Nexus 7000.http://docwiki.cisco.com/wiki/Cisco_Nexus_7000_Series_NX-OS_Troubleshooting_Guide_--_Troubleshooting_Installs,_Upgrades,_and_RebootsHowever, the screen capture is not helpful for me to clarify system uptime and supervisor uptime.I found another more meaningful example here.http://ccie5851.blogspot.tw/2011/01/joys-of-issu-on-nexus-7000.htmlcmhlab-dc2-sw2-otv1# show system uptimeSystem start time: Tue Oct 26 19:46:38 2010System uptime: 89 days, 6 hours, 56 minutes, 26 secondsKernel uptime: 0 days, 0 hours, 29 minutes, 16 secondsActive supervisor uptime: 0 days, 0 hours, 19 minutes, 56 secondscmhlab-dc2-sw2-otv1#[Cisco IOS on Catalyst 6500 and Catalyst 4500]The command for Cisco IOS platforms, such as Catalyst 6500 and 4500, is “show redundancy”.http://www.cisco.com/c/en/us/support/docs/switches/catalyst-6500-series-switches/71585-cat6k-red-supeng-swimg-upg.htmlRouter#show redundancy Redundant System Information :------------------------------ Available system uptime = 34 minutesSwitchovers system experienced = 1 Standby failures = 0 Last switchover reason = unsupported Hardware Mode = Duplex Configured Redundancy Mode = Stateful SwitchOver - SSO Operating Redundancy Mode = Stateful SwitchOver - SSO!--- This verifies that software has set the redundancy mode !--- back to SSO after the software upgrade. Maintenance Mode = Disabled Communications = Up Current Processor Information :------------------------------- Active Location = slot 6 Current Software state = ACTIVE Uptime in current state = 4 minutes Image Version = Cisco Internetwork Operating System Software IOS (tm) MSFC2A Software (C6MSFC2A-IPBASE_WAN-M), Version 12.2(18)SXF6, RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2006 by cisco Systems, Inc.Compiled Mon 18-Sep-06 17:17 by tinhuang BOOT = bootflash:c6msfc2a-ipbase_wan-mz.122-18.SXF6.bin,1; CONFIG_FILE = BOOTLDR = Configuration register = 0x2102 Peer Processor Information :---------------------------- Standby Location = slot 5 Current Software state = STANDBY HOT Uptime in current state = 3 minutes Image Version = Cisco Internetwork Operating System Software IOS (tm) MSFC2A Software (C6MSFC2A-IPBASE_WAN-M), Version 12.2(18)SXF6, RELEASE SOFTWARE (fc1)Technical Support: http://www.cisco.com/techsupportCopyright (c) 1986-2006 by cisco Systems, Inc.Compiled Mon 18-Sep-06 17:17 by tinhuang BOOT = bootflash:c6msfc2a-ipbase_wan-mz.122-18.SXF6.bin,1; CONFIG_FILE = BOOTLDR = Configuration register = 0x2102This is for Catalyst 4500. However, the screen capture is not good.http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst4500/12-2/25ew/configuration/guide/conf/RPR.html[Cisco IOS XR, ASR 9000]The command for ASR 9000 is again “show redundancy”.http://www.cisco.com/c/en/us/td/docs/routers/asr9000/software/asr9k_r4-2/rommon/configuration/guide/b_rommon_cg_42asr9k/b_rommon_cg_42asr9k_chapter_0101.html#ID2119RP/0/RSP1/CPU0:router# show redundancy Redundancy information for node 0/RSP1/CPU0:==========================================Node 0/RSP1/CPU0 is in ACTIVE rolePartner node (0/RSP0/CPU0) is in STANDBY roleStandby node in 0/RSP0/CPU0 is readyStandby node in 0/RSP0/CPU0 is NSR-readyReload and boot info----------------------A9K-RSP-4G-HDD reloaded Thu Dec 11 14:50:47 2008: 2 hours, 41 minutes agoActive node booted Thu Dec 11 17:15:15 2008: 16 minutes agoLast switch-over Thu Dec 11 17:19:29 2008: 12 minutes agoStandby node boot Thu Dec 11 17:28:56 2008: 3 minutes agoStandby node last went not ready Thu Dec 11 17:30:02 2008: 2 minutes agoStandby node last went ready Thu Dec 11 17:31:02 2008: 1 minute agoThere has been 1 switch-over since reloadRP/0/RSP1/CPU0:router#One more thing…I also found one example for Cisco ASA.[Cisco ASA Cluster]For Cisco ASA, the hardware itself does not provide system-wide redundancy. It only provides cluster-wide (pair-wide) redundancy. Here is the “show version” command output example of Cisco ASA, which explains Cisco ASA also keeps track of cluster-wide uptime in addition to single hardware box uptime.https://supportforums.cisco.com/discussion/11291816/failover-cluster-uptimeasa-firewall> sh verCisco Adaptive Security Appliance Software Version 8.2(1)Compiled on Tue 05-May-09 22:45 by buildersSystem image file is "disk0:/asa821-k8.bin"Config file at boot was "startup-config"asa-firewall up 2 days 22 hoursfailover cluster up 1 year 79 daysHardware:   ASA5550, 4096 MB RAM, CPU Pentium 4 3000 MHzWhy do I have to write down this post? If I can capture the system-wide uptime (or cluster-wide uptime) in addition to single hardware uptime, I have something much more persuading to buying decision makers because the traffic is not stopped at all right here at this system (or cluster) for such a long time.By the way, what is the “longest” system or cluster uptime you have ever seen before? Please share your experiences with me here at the comments area!Thank you so much!

Security has always been a very “hot” issue in ICT and Nikos Mourtzinos, Security Account Manager, for Cisco Greece, Cyprus & Malta, tells us how Cisco ASA, a next generation firewall, protects its users much better against the ever increasing threats. He also talks about the security issues we are (and will be) facing in the era of Internet of Everything and suggests possible ways and solutions to most effectively overcome them. Interviewed by Yannis Rizopoulos for Tech Talks Central

This episode features discussion about the new Cisco ASA Services Module (ASASM). Topics discussed include the hardware architecture differences between the ASASM and the Firewall Services Module (FWSM), new features introduced with the ASASM, and FWSM to ASASM migration tools and strategies.

In this episode the team highlights some of their favorite Cisco ASA and IPS one-line commands, and explain when to use them and how to interpret the output. In the show notes for the episode, we give sample output for each command.