There are usually 5 VTY lines on Cisco routers (VTY 0 to 4). An attacker can perform a Denial of Service attack by opening several simultaneous Telnet or SSH connections to the router, thus occupying all available lines and prohibiting the legitimate administrators for managing the device. To protect from this kind of attack, we […]
Archives for April 2008
Cisco VPN Client Setup and Configuration
A Remote Access VPN (Virtual Private Network) is a connection technology to provide secure and confidential connection of remote users to internal company resources through the Internet. The remote company user needs to have a VPN client software (e.g Cisco VPN client) installed on his/her laptop plus a normal Internet connection (cable internet, broadband ADSL, […]
Is router uptime a measure of stability or insecurity ?
I was reading Cisco Packet Magazine the other day, and noticed a few mails from readers claiming that they have many Cisco routers in their network running continuously for more than 3 years. The continuous long uptime of a router shows stability and reliability of the specific hardware, but on the other hand it reveals also […]
ASA Firewall NAT Control Feature
With the original PIX firewall models, all traffic traversing a Cisco Firewall between inside to outside (higher security level to lower security level) had to match a NAT rule, otherwise the traffic was blocked. For example, in order for an inside web client host to access an outside web server host, there should have been a NAT translation […]