-
Subscribe
Subscribed
Already have a WordPress.com account? Log in now.
🧩 Topology 1️⃣ Basic Device & SSH Setup (Mandatory) 2️⃣ Create Local Fallback User (IMPORTANT) Used when RADIUS server is unreachable. 3️⃣ Enable AAA 4️⃣ Configure RADIUS Server 🔹 IOS / IOS-XE (Classic Method) (Older IOS alternative) 5️⃣ Create AAA Method Lists (Best Practice) Explanation: 6️⃣ Apply AAA to VTY Lines (SSH Only) ✔ SSH
Goal: Secure L2 attacks, management access, and user ports 🔐 1. Identity & Management Security 🔑 2. Secure VTY Access 🎯 3. Management VLAN & ACL 🚫 4. Disable Unused Services 🔌 5. Shut Down Unused Ports 🔐 6. Port Security (Access Ports) 🛡 7. Layer-2 Attack Protection 🧾 8. Logging & NTP 📊 9.
Goal: Secure management, control plane, routing, and services 🔐 1. Identity, Passwords & AAA 🔑 2. Secure Management Access (SSH only) 🎯 3. Restrict Management Access (VTY ACL) 🚫 4. Disable Insecure & Unused Services 🧠 5. Control Plane Protection (CoPP – Basic) 📡 6. Interface Hardening 🧾 7. Logging & Time Sync 📊 8.
(Routers, Switches, IOS / IOS-XE / NX-OS – CCNA / CCNP / Real-World) Device hardening reduces the attack surface and protects your Cisco infrastructure from unauthorized access, misconfiguration, and exploits. 1️⃣ Secure Device Access (Management Plane) 🔹 Use Strong Authentication (AAA) 🔹 Use Local User Accounts (Minimum) ❌ Avoid: ✔ Use: 🔹 Secure VTY Access
NAT (Network Address Translation) allows private IP addresses to communicate with public networks like the Internet. PAT (Port Address Translation) is a form of NAT that uses port numbers to map multiple private IPs to a single public IP. 🔁 Types of NAT in Cisco 1️⃣ Static NAT (One-to-One) Configuration Example 2️⃣ Dynamic NAT (Many-to-Many)
An ACL is an ordered list of rules (statements) that a router checks top to bottom to decide whether to permit or deny traffic. 👉 Implicit deny exists at the end of every ACL (anything not matched is denied). 🧩 Types of Cisco ACLs 1️⃣ Standard ACL Example Apply to interface 2️⃣ Extended ACL Example
A pass-the-hash attack is a cybersecurity attack in which a malicious user steals hashed credentials from a compromised system and uses them to log in as the original user. Hashing is an essential concept in cybersecurity and computer science. It involves using a mathematical algorithm, a hash function, to convert input data into a hash
Microsoft is actively rolling out a new security feature in Teams called “Prevent screen Capture”. This will block screenshots and recordings in sensitive meetings. Any screenshot attempts will show a black rectangle over the screen and will not record anything . On Android devices, it will pop up a message that says “Screen capture is
When your PC communicates with Google’s server (e.g., http://www.google.com), there’s a sequence of events happening from your local network to Google’s global infrastructure. 🧩 Step-by-Step Communication Flow 1️⃣ You type “http://www.google.com” in your browser Your browser doesn’t know where Google is yet—it only has a domain name. 2️⃣ DNS Resolution (Finding the IP Address) 🔸
This morning, I received a text from AIB asking me to confirm a money transfer via a link. Panic set in—until I remembered that I don’t even have an AIB account. Another day, another phishing attempt. Cybercriminals are increasingly targeting Irish individuals and businesses with sophisticated scams. These include: Phishing & Smishing Fake emails and
The Lazy Networker 