While attending the annual Texas Cyber Summit recently, I watched a talk by Marcus Guevara of Recon Infosec titled “The Best Free Resources to Get Started in Incident Response.” One of the things he mentioned in that talk is Windows Prefetch – something already built into Windows by default. I had never heard of Prefetch …
Network Fundamentals: The OSI Model
Networking is one of the fundamental pillars of computing. Networks allow us to communicate data across a global scale in a way which largely seems (to me) to be taken for granted. Networking, even on the most basic of levels, is a skill that will aid anyone in technology will find valuable to their career …
Cisco ISE: Adding Network Devices
In ISE, switches are referred to as a Network Access Device (NAD). Other NAD devices include wireless LAN controllers and VPN concentrators. NADs are responsible for enforcing ISE policies on devices connecting to the network with MAB authentication via RADIUS, as well as authorization of remote device administration over SSH via TACACS+. Before a switch …
Exam Review: Cisco SCOR 350-701
I have been putting off writing this review for a year and a half now. I did finally pass the SCOR exam and earn my CCNP Security certification, but only after four attempts and more hours than I care to try and estimate. Don’t get me wrong – this is the first time I’ve ever …
SolarWinds Orion NPM: Configuring Cisco Hardware Health Pollers
While troubleshooting an issue with a 4506 switch recently, I discovered an interesting discrepancy: Orion was reporting a critical hardware issue on the switch, but the switch itself didn’t seem to have any idea that anything was wrong. The exact error I was seeing was that a supply voltage sensor for a fiber switchport interface …
Continue reading SolarWinds Orion NPM: Configuring Cisco Hardware Health Pollers
Exam Review: Cisco SISE 300-715
Back in late 2019, I made a decision that I was going to attempt to take the Cisco IINS 210-260 and SISAS 300-208 tests prior to the “Certpocalypse” of exams retiring in late February 2020. My thinking was two-fold: My existing CCNA Cybersecurity Operations certification would be retitled as a “Cisco Certified CyberOps Associate.” By …
Cisco ISE 2.x: MAC Authentication Bypass (MAB)
MAC Authentication Bypass (MAB) is a method of network access authorization used for endpoints that cannot or are not configured to use 802.1x authentication. MAB uses the hardware address (MAC address) of the device connecting to the network to authenticate onto the network. This hardware-based authentication happens when a device connects to a Network Access …
Continue reading Cisco ISE 2.x: MAC Authentication Bypass (MAB)
Wireshark Fundamentals: Setup and Configuration
Wireshark is an open-source tool which is used to perform packet capture and analysis for wired or wireless network traffic. It can be intimidating to look at the first time you open a packet capture file (or pcap). Hopefully this introduction will help smooth the sharp edges on learning this tool. I was first introduced …
Continue reading Wireshark Fundamentals: Setup and Configuration
Reset Configurations on a Cisco Switch
There are several instances where you may need to reset a Cisco switch back to a blank configuration. Perhaps you purchased a switch for your home lab off of the internet and it didn’t get wiped before it got sent out to you; or perhaps your company acquired a new contract at an existing property …
Hands-On With the Ubiquiti USG-PRO-4: Year 1
In July of 2018, exactly a year ago, I was looking for just about any reason at all to pull the trigger on a firewall device for my home network and found myself split between the Meraki MX series, the Fortinet FortiGate line, or one of the two Ubiquiti USG options available at the time. …
Continue reading Hands-On With the Ubiquiti USG-PRO-4: Year 1