Hi all
How does vlan dot1q tag native help us prevent double tagging attack? I
know it can help, but I want to discuss how and where it actually does the
job.
Can we have a discussion :-)
With regards
Kings
___
For more information regarding
Hi all
I have the following the topology. The ASA in multicontext mode is sitting
in between the KS and GM. I am using a GRE point to point tunnel interface
between R1 and R2.
I am using pim sparse mode and the loopback of R1 is the PIM RP
R1 (KS) L0 -- ASA (multicontext) --- R2 (GM)
Yes Dear ,
thanks so so so much now its ok , I was entering ccie@admin , now i did
ccie only and its authenticating :
User ccie has logged in from 192.168.1.100 to gateway ssl context
admin
2012/3/16 Kingsley Charles kingsley.char...@gmail.com
In the prompt, how did you enter the
Hello Dears ,
I am trying to configure ASA with Multicontext
1 , is it mandatory to have admin-context admin keywork ?
or i can creat any two contexts like con1 and con2 and make one of the
admin ?? like admin-context con1 without having context named admin
2, If i have tow contexts: context
The admin context is basiclly there to assign the physical resorce to the
virtual asa so you have to have it
The file system is not case sencetive so both admin and Admin are the same
Sent from Moxier Mail
(http://www.moxier.com)
- Original Message -
From: Aous SAlloum
NO, wait wait
Admin context is from where you can manage your device... some sort of like the
management interface on a single context based ASA... where you actually assign
the resources in on the System context... dont mix them up.. .
Regarding to your question, yes indeed is needed to
Hi All,
This is something I just thought off, when you get an exercise that says
excempt loopback blah to trigger any action on the virtual sensor blah. I
do actually need to configure 2 action filters right? One from it being the
attacker and other one to be as the victim? Is this correct?
Hello,
Another question (I know getting a little bit annoying, but I guess some others
may have the same doubts) In regards of the configuration on the Blocking
device when using ssh, you either have to do a bunch of stuffs configuring
Authorization (in case you dont have an enable password)
Thanks all .
2012/3/17 Mike Rojas mike_c...@hotmail.com
NO, wait wait
Admin context is from where you can manage your device... some sort of
like the management interface on a single context based ASA... where you
actually assign the resources in on the System context... dont mix
Hi Piotr,
Below are my findings:
1. Only Protocols that requires application layer inspection (DPI) are
reassembled for inspection.
2. The reassembly process happens on the copy of the packets, the original
OOO packets are sent unmodified to the destination.
3. OOO packets sourced from the
Not that I know of...oh wait, reload : )
On 3/17/12, Kingsley Charles kingsley.char...@gmail.com wrote:
Hi all
To enable error disable ports other than manually performing shut/no shut
or using the errdisable recovery command, are there any other methods?
With regards
Kings*
*
--
So here is something else that I find really concerning.
There was an exercise that said... authorize user Blah and make you sure that
the user falls into privilege level 12. Do not change anything on the group. So
I figured that it has to do with the Cisco AV pair boxes under the ACS
Here is how I understand the attack. Let's imagine the following setup
ATTACKER SW1 --- SW2 --- VICTIM HOST
- The switch port the attacker is connected to is an access port in VLAN 1
- The native VLAN from SW1 -- SW2 is the default VLAN 1
- VICTIM host is in VLAN 10
Now, let's look at how
Yes
On Sun, Mar 18, 2012 at 12:00 AM, Mike Rojas mike_c...@hotmail.com wrote:
Hi All,
This is something I just thought off, when you get an exercise that says
excempt loopback blah to trigger any action on the virtual sensor
blah. I do actually need to configure 2 action filters right? One
Now SW2 gets a double tagged frames and it will be also configured for vlan
dot1q tag native to accept double tagged. It strips the outer tag and then
what will happen to that frames?
It will be sent on ports that have vlan 1 or trunk ports that have native
vlan 1. So the frame will keeps
15 matches
Mail list logo
