1 February 2022

Cisco ASA and non-std SSH – the reprise

Any readers of this blog will possibly remember that I compared a few different vendors’ firewalls to see how easy it was to configure them to block ssh access when it was running on the non-standard port of tcp 80 which is typically used by http. (This is a little contrived because anyone trying to get out like this would probably use tcp 443 giving […]

20 December 2021

ISE work if you can get it…to work

I’ve decided to have a stab at CCNP Security and to this end thought a lab with an ISE server would be useful. This post is how I set up the lab (nothing on doing anything with it!) as I found fewer resources available than I expected detailing this. There may be better solutions available this is just the one I found. You’ll need a […]

19 November 2021

On yer IKE

I was reviewing a VPN configuration and wondered why the engineer was using IKEv1 (IKE being Internet Key Exchange) instead of IKEv2 and then it occurred to me I was merely following a play in the Bluffers’ Guide to IT: the newer the version, the longer the key, the fresher the acronym, the better it must be. I didn’t really have a deep understanding of […]

31 October 2021

Licence Revoked

Apparently the Bond film ‘Licence to Kill’ was originally going to be called ‘Licence Revoked’ but the producers were worried that the general public wouldn’t know what ‘revoked’ meant. (The use of ‘apparently’ in this sentence denotes a lack of fact checking). To revoke means to withdraw or cancel and in TLS, certificate revocation is the mechanism by which the owner of a certificate can […]

15 October 2021

Just Enough Education…

‘Just Enough Education to Perform’ is either one of Wayne Rooney’s tattoos or a Manic Street Preachers’ song, I forget which, but I often feel this way in IT. Let me expain. If you work in IT you generally know a few areas of it very well, others less well, and others just enough to get by. It’s a broad church, you can’t be an […]

30 August 2021

Mixed Blessings

I recently wanted to find a reliable way of testing the sandboxing facility on a particular security device in a safe and controlled fashion. To test anti-virus systems you can you use an eicar file but this won’t trigger a sandbox. Someone recommended the site 7blessings.co.uk which creates dummy malware with a unique hash which, the theory goes, your AV won’t recognise and bat along […]

21 June 2021

I Can See Clearly Now…

Wireshark is a powerful tool which captures no end of network protocols but 90% of the time you’re probably working with TCP and 90% of that TCP is probably http and 90% of that is probably encased in TLS encryption making it https. The problem here is that sometimes you need to see what’s inside those packets. The good news is you can using the […]

15 May 2021

Document, document, document

Long ago, I used to work on DEC OpenVMS systems. VMS was an elegant, logically constructed operating system which made the messiness of Unix and Linux a shock when I encountered it. For example, I can still remember the commands to check the disks, system and memory on VMS. When you see what they are you realise it’s not a great feat of recall on […]

1 May 2021

You Can’t Handle the Data!

Wireshark is a great tool but to my mind it’s only worth using when you’ve exhausted other avenues: firewall or event logs, browser developer tools or even tcpdump. However, there are some occasions when it’s all you have, especially if you don’t have access to intermediate network or filtering devices. I encountered a scenario recently where it was very useful but first I’d like to […]

3 April 2021

IT Engineers: a spotter’s guide.

I have worked with many IT engineers over the years and they’ve all been delightful, engaging people. They’ve told me about the types of engineers they’ve encoutered and I’ve passed on their descriptions below: The Unengaged Engineer Often an intelligent individual with wide-ranging interests from Sumerian numismatics to hot air ballooning but none whatsoever for doing the job they’ve been hired to do. They will […]