This blog was originally started to better help me understand the technologies in the CCIE R&S blueprint; after completing the R&S track I have decided to transition the blog into a technology blog.

CCIE #29033

This blog will continue to include questions, troubleshooting scenarios, and references to existing and new technologies but will grow to include a variety of different platforms and technologies. Currently I have created over 185 questions/answers in regards to the CCIE R&S track!! Note: answers are in the comment field or within "Read More" section.

You can also follow me on twitter @FE80CC1E


Wednesday, February 29, 2012

Logging - Levels


There are 8 different logging levels. Enabling higher level messages enables all lower level messages. EX: enabling Debugging level 7 enables all messages.


Level     Level Name         Description                                     Syslog Definition
0           Emergencies         The system is unusable                    LOG_EMERG
1           Alerts                   Immediate action is needed             LOG_ALERT
2           Critical                 Critical condition                             LOG_CRIT
3           Errors                  Error condition                                LOG_ERR
4          Warnings              Warning Condition                           LOG_WARNING
5          Notifications          Normal but significant condition       LOG_NOTICE
6          Informational         Informational message                     LOG_INFO
7          Debugging             Debugging message                         LOG_DEBUG

You have the option to send logging to the buffer, console, or a syslog host.

Posted by Packets Analyzed at 8:00 AM 0 comments
Labels:

Tuesday, February 28, 2012

Stream Ciphers Examples


Here is a list of some of the more common Stream Ciphers

SEAL (Software Encryption Algorithm)
RC4
DES and 3DES leveraging OFB (Output Feedback) or CFB (Cipher Feedback)
Posted by Packets Analyzed at 8:38 AM 0 comments
Labels: , ,

Monday, February 27, 2012

Block Ciphers Examples


Here is a list of some of the more common Block Ciphers

Blowfish
RSA
DES and 3DES leveraging ECB (Electronic Code Block) or CBC (Cipher Block Chaining)
AES
IDEA
Skipjack
SAFER (Secure and Fast Encryption Routine)
Posted by Packets Analyzed at 8:37 AM 0 comments
Labels: , ,

Sunday, February 26, 2012

Symmetric and Asymmetric Algorithms - Basic Differences


Symmetric uses only one key for both encryption and decryption. Sender and receiver share the same shared secret to transfer data securely. Algorithms include DES, 3DES, AES, IDEA, RC2/4/5/6, and Blowfish. Also referred to as "secret key" encryption.

DES - 56bit keys
3DES - 112bit and 168bit keys
AES - 128bit, 192bit, and 256bit keys
IDEA (International Data Encryption Alogrithm) - 128bit keys
RC2 - 40bit and 64bit keys
RC4 - 1bit to 256bit keys
RC5 - 0bit to 2040bit keys
RC6 - 128bit, 192bit, and 256bit keys
Blowfish - 32bit to 448bit keys


Asymmetric uses one key for encryption and another key for decryption referred to as public key infrastructure encryption. Key lengths generally ranging from 512 to 4096bits.

Example of asymmetric encryption RSA,EIGamal, Eliptical Curves, and Diffie Hellman
Posted by Packets Analyzed at 8:36 AM 1 comments
Labels: , ,

Sunday, February 12, 2012

Common EAP Methods


Challenge and Response methods

  • EAP-MD5: Uses MD5 based challenge and reponse for authentication
  •  EAP-GTC: Generic Token and OTP authentication

Certifcate based methods

  • EAP-TLS: Uses X509v3 OKI certificates and TLS mechanism for authentication

Tunneling Methods

  • PEAP: Tunnels over EAP types in an encrypted tunned, much like web-based SSL
  • EAP FAST: Tunneling method designed to require no certificates for deployment
Note: This is not a comprehensive list.

Posted by Packets Analyzed at 9:12 AM 0 comments
Labels: ,

Saturday, February 11, 2012

802.1x Roles


Role of the 802.1x Client Software

  • Supplicant is responsible for initiating on authenication sessions with the authenticator
  • Supplicant software can be included in the operating system or you can install a third party supplicant

Role of 802.1x Authenticator

  • The authenticator is refered to as the NAD (Network Access Device) such as a switch, WLAN controller, firewall, etc..
  • The supplicant is challenged by the authenicator, the supplicant enters credentials and the NAD passes credentitals to the authentication server. The authenticator also enforces policies on each 802.1x port.

Role of the 802.1x Authentication Server

  • Performs Authentication, Authorization and Accounting
  • Validates the authentication credentials of the supplicants that are forwarded by the NAD
  • Policy look-up based on the supplicant idenitiy and group affiliation and passes the policy to the NAD. This can be the for of DACL (Downloadable ACL) or VLAN assignment
  • An authentication server for Cisco can include Cisco ISE or Cisco ACS

Role of the Dirctory Server in 802.1x

  • Cisco ISE supports 
    • local user database (does not scale)
    • Supports Active Directory
    • LDAP
    • RSA Tokens
    • RSA Secure ID
    • Certificate

Posted by Packets Analyzed at 9:08 AM 0 comments
Labels:

Saturday, February 4, 2012

BYOD

BYOD (Bring Your Own Device) - There are security concerns when allowing employees, customers, and business partners to bring in there own device and plug it into the corporate network. Cisco has consolidated its ACS and NAC platform into a new product called ISE (Identity Services Engine). This new platform centralizes and simplifies the administration and empowers security groups the ability to make automated decisions. Have a look at the video below:



Terry: this one is for you as I am sure this challenge has come up many times.


Posted by Packets Analyzed at 9:12 AM 0 comments
Labels:
Subscribe to: Posts (Atom)