Re: questions asked during network engineer interview

One time I got asked in an interview how to estimate the number of manholes in a city. I replied that I would google 'pretentious interview questions' for a problem solving methodology. On Thu, Jul 23, 2020 at 5:06 AM wrote: > > Mark Tinka > > Sent: Thursday, July 23, 2020 5:04 AM > > > > On

Re: Synful Knock questions...

It's unlikely the routers that got exploited were the initial entry point of the attack. The chain of events can look like this: spearfishing email with exploit laden attachment end user opens attachment, internal windows endpoint compromised malware makes outbound connection to command &

Re: Synful Knock questions...

Wouldn't the calculated MD5/SHA sum for the IOS file change once it's modified (irrespective of staying the same size)? I'd be interested to see if one of these backdoors would pass the IOS verify command or not. Even if the backdoor changed the verify output; copying the IOS file off the router

Re: Synful Knock questions...

Does anyone have a sample of a backdoored IOS image? On Tue, Sep 15, 2015 at 2:15 PM, wrote: > I'm sure most have already seen the CVE from Cisco, and I was just reading > through the documentation from FireEye: > >

Re: The state of TACACS+

In the Cisco world the AAA config is typically set up to try tacacs first, and local accounts second. The local account is only usable if tacacs is unavailable. Knowledge of the local username/password does not equate to full time access with that credential. Also, you would usually filter the

Re: The state of TACACS+

If someone has physical access to a Cisco router they can initiate a password recovery; tacacs vs local account doesn't matter at that point. On Mon, Dec 29, 2014 at 12:28 PM, Colton Conor colton.co...@gmail.com wrote: Glad to know you can make local access only work if TACAS+ isn't available.