Ubiquiti tells customers to change passwords after security breach Networking |
- Ubiquiti tells customers to change passwords after security breach
- Where is the list of App-ID's on Palo Alto?
- AS9304 Route Leak January 6th
- Aruba Config Tricks
- Connect external Host to Private Docker Network
- USB/Serial over IP
- Microsegmentation and Overall Segmentation Options?
- Ruckus ICX | eBGP / ECMP
- How to increase the screen buffer size on a minicom session?
- Enterprise Wifi Resources
- Layer 2 ISP Loop Issue
- What skills, experience, and/or responsibilities are expected for moving from a mid-level engineer to senior level?
- Completely at my wits' end trying to load an image to an AIRCAP-2702I wireless AP [x-post /r/cisco]
- Anyone know what data Threat Stack does not send to a SIEM?
- Mako Networks, SD-WAN and disruptors in the business
- Which kinds of services or programs cannot deal with changing IP addresses?
- i need to send information using snmp, how to choose oid?
- Online VOIP software recommendation for Taiwan and South Korea
- Esxi host network err disabled
- Captive Portal solution
| Ubiquiti tells customers to change passwords after security breach Posted: 11 Jan 2021 02:59 PM PST Just saw this elsewhere. Turn on 2FA if you haven't already. At a minimum, change your password. https://www.zdnet.com/article/ubiquiti-tells-customers-to-change-passwords-after-security-breach/ [link] [comments]  |
| Where is the list of App-ID's on Palo Alto? Posted: 11 Jan 2021 11:47 AM PST Trying to block macros from the outside inbound. Something I see mentioned alot is block app-ID 39154 to accomplish this. However, when I try to do that, I see no database or reference documentation that lists the App-ID's, or even a way to block by specific App-ID numbers in the Palo. What am I missing here? [link] [comments]  |
| Posted: 11 Jan 2021 03:53 AM PST I found this online the other day but I couldn't find much more info anywhere. Anybody found anything of substance on this? https://radar.qrator.net/blog/as9304-leaking-8764-prefixes-through-as15412 [link] [comments]  |
| Posted: 11 Jan 2021 10:13 AM PST I'm needing to make some changes to Aruba switches, but I know my change would kick me out before I could finish. Anyone know of any tricks to make multi-stage config changes without affecting the current SSH session? [link] [comments]  |
| Connect external Host to Private Docker Network Posted: 11 Jan 2021 11:07 AM PST To showcase some security vulnerabilities I have set up multiple Docker containers with vulnerable services. They are connected using a bridge network with no outside connection to avoid compromising the vulnerable containers. I would like to showcase the security issues to 3-5 people, ideally by providing a VPN connection to each of them, which enables a tunnel into the private docker network. My current workaround is placing a Debian container with an exposed SSH port into the private network to allow for exploitation via command line, however web exploits are a lot more interesting when one can actually visit the vulnerable websites. I am aware this can be achieved by installing a browser on the Debian containers and using X-forwarding, however the performance is less than optimal. I am very grateful for any suggestions on how to expose the docker network with the vulnerable containers to an external host in a secure way. The ideal solution would also be scalable to provide an independent network to each of the participants [link] [comments]  |
| Posted: 11 Jan 2021 07:36 AM PST Hello networking. I have some equipment that's only practical output is USB (other being IEEE-488), however its the kind that uses the USB interface but masquerades as a serial RS-232 port. The rest of the equipment is all talking via ethernet and would simplify things greatly if we could get these pieces onto the network. A simple USB/ethernet adapter does not work, since they're looking for a regular USB signal not something like RS-232. I've looked at the digikey items (https://www.digi.com/products/networking/infrastructure-management/usb-connectivity/usb-over-ip/anywhereusb#overview) and some of the offerings by star tech. The digikey are nice, but expensive, and I'm not sure if the cheaper startech offerings can send that USB/RS-232 signal. If anyone has any suggestions, or if they know of a cheaper alternative, please let me know! Thank you. [link] [comments]  |
| Microsegmentation and Overall Segmentation Options? Posted: 11 Jan 2021 12:52 PM PST Hi All. Maybe it would be easier to talk solution if I talk problem first: We run Cisco HA ASA internet security stacks at our edges. On those firewalls we have the typical SSL VPN setup for our employees but additionally we have 50 or so unique users we create manually using dynamic access policies to assign network acls to them. The reason for that is employees have full access but these 'special users' do not and need specific access locked down. They keep pouring in and we're gonna have another 100 we'll need to setup soon. The problem is constantly creating special setups on all our firewalls and modifying network acls associated with them is not sustainable everytime they need something or leave the company. What are my options for limiting access to internal and external resources beyond layer 3 and 4 in a centralized location? We have ISE but i'm not about to pass out dacls to everyone. Yeah it's centralized, but it's still a ton of dacls we can't sustain. There are some cloud-based items we have a solution for, but most of what they access is internal and homegrown. From what I've seen Cisco Secure Workload, formerly Tetration, may be an option but I feel like almost all of the documentation surrounding it is sales talk. Not to mention that requirements for running it are hefty af. Hardware or virtual. Not really digging the SaaS option. Can anyone recommend what they do to lock down access at the application level? Hell, even at the layer 3-4 level? Need something that can scale and has plenty of documentation and maturity rather than a bunch of powerpoint slides. Thanks! [link] [comments]  |
| Posted: 11 Jan 2021 01:57 PM PST Hey all, Anyone have any experience using ECMP over eBGP on a ruckus platform? I've enabled ip load-sharing and setup maximum paths to be 2 inside router BGP, but my routing table is only putting 1 of the 2 next-hops into the routing table. I would expect that my routing table would show two next hops for my destination, learned via BGP? Running show ip bgp route summary I DO show the second route and it picks up traffic instantly if I drop the first connection, but that's not exactly "load balancing", more of an active/passive. [link] [comments]  |
| How to increase the screen buffer size on a minicom session? Posted: 11 Jan 2021 02:53 PM PST I am trying to see if there is way to increase the screen buffer size on a minicom session and I haven't been able to find a solution yet. I am SSHing to a Linux machine and from there I'm running the command <minicom -b 115200> to access a Juniper router. The screen buffer is too less and the moment I go beyond a screen size I am losing everything in the previous screen. Appreciate the help! [link] [comments]  |
| Posted: 11 Jan 2021 07:17 AM PST I've been tasked with determining the feasiblity of providing wifi in one of our parks in Philadelphia. The idea is to encourage people to come and work outside when the weather gets warmer (WFP instead of WFH). I've never done anything on this scale but am sure it involves considerations of the following:
I don't know where to begin, especially when trying to come up with a round number for costs. I have the google, but it would be helpful to have someone with experience point me towards a concise definitive source for information. Thanks in advance. Edited to add more details:
[link] [comments]  |
| Posted: 11 Jan 2021 02:52 PM PST I have a client that has two layer-2 circuits from two separate providers. One Cox one AT&T. Recently it was discovered that one of the circuits was ordered incorrectly with a vlan tag and they wanted it untagged so we had them remove the tag but now that both layer 2 circuits are untagged we have created a layer 2 loop. Before we got to telling the customer to simply create a LAG to stop the loop, I found that on the juniper switch I control into the Cox network that when both circuits were up that the access port facing his Dell switch would go into BPDU error detected and disable the port. I have to manually clear the error for the port to come back online and it will go back into a disabled state within about 5-10 seconds if the AT&T circuit is up. If we disable the AT&T circuit/path and clear the BPDU error the Cox circuit stays up just fine. "If L2PT-encapsulated packets are received on an access interface, the switch reacts as it does when there is a loop between the service provider network and the customer network and shuts down (disables) the access interface. Once an interface is disabled, you must explicitly reenable it using the clear ethernet-switching layer2-protocol-tunneling error command or else the interface will remain disabled." When we looked at the interface on the Dell facing my switch and I look at the interface facing his Dell we see that both of us are sending BPDU's but we are both not getting any. The vlan that we are L2PT across the Cox service network is set to tunnel all protocols so I don't quite get why we're not getting any BPDU's across the link. We like 1 of 2 things to work. Either setup a LAG and eliminate the need for STP basically. Or leave it with a loop in a properly blocking state so if one fails the other comes up and takes over like STP should do. [link] [comments]  |
| Posted: 11 Jan 2021 02:13 PM PST I have been working in IT for 8 years, with 5 years specifically in Networking. I started at my current company 2 years ago as a mid-level engineer. My manager has previously talked about the way everyone on my team can "move up" in our careers, saying I would be on the same level of where our currently only sr. engineer is. Last month during pay raise discussions, they said that 2021 is the year for new job titles and re-evaluating compensation, implying that this is my chance. I'm planning to bust my ass and deserve that promotion, but I could use some direction and guidance. I will for sure ask the sr engineer I work with, but I would really appreciate some tips from this community. [link] [comments]  |
| Completely at my wits' end trying to load an image to an AIRCAP-2702I wireless AP [x-post /r/cisco] Posted: 11 Jan 2021 01:34 PM PST I am at a total loss right now and have tried every single thing I can imagine under the sun to get this image loaded but nothing works. Even if it's something stupidly simple that I missed at this point I don't care because I just want this Cisco nightmare to end. Quick summary: I found a spare AIRCAP-2702I-A-K9 that I wanted to add to our network. Booted it up and it added itself to our WLC no issues. I am wanting to use this AP in autonomous mode though instead so I downloaded the correct firmware (not the lightweight one), renamed it correctly as a .default, placed it in the tftp directory, went through the MODE method and.... nada. I got an error for invalid argument, etc. Well after several attempts, resets, power interruptions, etc. the booting of the AP became wonky. I reset everything and actually had to format the entire flash: directory as well. Now when I do the MODE method it tries to open my tftp server but I instantly get hit with: %Error opening tftp://255.255.255.255/filename.default (no such file or directory) I have used this tftp server already through the GUI and elsewhere so I know it works. Plus, I can see activity on the tftpd64 screen as the file is trying to send over but it times out with a "TIMEOUT waiting for Ack block #1" message. Here are the screenshots: https://imgur.com/a/LDHZKf9 I have spent hours on this trying every method suggested in the Cisco forums but none of them proved useful. Also note that I don't have any firewalls going when I try this, the AP is on the same subnet, I've set my computer to be within the suggested range, etc. Any help is greatly appreciated! [link] [comments]  |
| Anyone know what data Threat Stack does not send to a SIEM? Posted: 11 Jan 2021 07:21 AM PST I'm trying to find out what typical information that is sent to a SIEM is missing from what Threat Stack collects and sends to a SIEM [link] [comments]  |
| Mako Networks, SD-WAN and disruptors in the business Posted: 11 Jan 2021 12:41 AM PST Good morning, Overview here is we're a national retail outlet with approx 1000 stores with the ambition to continue growing in our country, we're a franchised model with the equity business owning around 50 stores the rest being franchised across different partners. Our store WAN is four models, one franchisee runs multi branded sites and handles their networking entirely, they have a VPN to us for the services and apps we provide. Other franchisees mostly use a service we provide through a national telco which is broadband tails (60/40 ADSL/FttC with some leased lines and a couple of FttP tails) onto a private MPLS with all traffic going through our WAN onto our DCs for internet eggress. Some franchisees still insist on using their own broadband with VPN utilising Cisco 800 routers as VPN devices, we manage the VPN devices the franchisee manages the ADSL router (usually a draytek). The final franchise is the disrupter, they're a larger business with outlets across Europe and North America and have their own WAN vendor, they have bought out a significant % of stores recently from another franchisee and are now rolling out their solution to their new stores. This is their broadband tail, using a Mako 6600. We specify a Cisco firepower 1010 to segregate the store traffic from their network. Services use to be 95% hosted by us but over the past 4 years have become more SaaS / Public cloud based and that is only going to become more predominent and internet traffic is increasing in both importance and volume, we're in a bit of a race at the moment to increase our MPLS tails into the DCs to keep up. I've recently been told (after mentioning it for over a year, before the disruptor turned up) that I can look into an SD-WAN solution, the goals mostly being; Lower Capex for the outlets. Lower Opex for our MPLS core. Reduce the dependancy on our two DCs for access to services. Support business decision to translate to a more public cloud delivered services environment. Improve network agility (i.e. reduce time taken to bring up new vendor connections or drop connections into other public clouds). To me this supports an SD-WAN approach were we can have virtualised SD-WAN appliances in AWS (and possibly Azure) with on appliance NGFW/UTM features. Our vendor is going to suggest Meraki at which point i'll push back with Fortinet (largely due to another part of the business in the US being fortinet based and Fortinet AWS appliance being able to call AWS Lambda functions when network conditions change, i.e outlet drops off the network turn off online delivery for that outlet). The issue here is the disruptor and the franchisee that runs their own networks, the latter i suspect we can just put a virtual appliance in on a DMZ on their network and let them route traffic through that, that then shoves traffic as required. The franchisee running the Mako's though, not sure. Currently this franchisee wants to route all AWS traffic via us not over the internet (their cellular failover uses dhcp addresses, our AWS team whitelist IP addresses). I'd like to avoid this (if for example we used AWS Global Accelerator to get a static IP address for AWS) as this would keep our DCs as a point of a failure for access to services. Note they are still buying the firepower 1010 and only started rolling them out last quarter 2020 so have no interest in buying a new device. Could the Mako 6600s themselves create multiple VPNs and route traffic appropriately? How smart are these devices ? they seem awfully cheap. [link] [comments]  |
| Which kinds of services or programs cannot deal with changing IP addresses? Posted: 11 Jan 2021 06:23 AM PST I would like to do load balancing between two WANs using a Ubiquiti USG-p3. Though without VPN/proxy this would mean my external IP is going to change often, right? I'm wondering whether this would mean things like video conferencing would get interrupted or similar issues. [link] [comments]  |
| i need to send information using snmp, how to choose oid? Posted: 11 Jan 2021 05:57 AM PST Hi, I have a task of sending information using SNMP. it is very generic data. timestamp, message, symptom code and may be few more stuff. i don't want to create brand new mibs file and distribute it. i just willing to use whatever basic oid that everyone have access to it. is there anything like that? where can i find it? [link] [comments]  |
| Online VOIP software recommendation for Taiwan and South Korea Posted: 11 Jan 2021 06:59 AM PST Hello, I would like to know if anyone of you knows about a reliable cloud-based service that allows me to get a cloud-based landline number in Taiwan and South Korea. At the moment we are using FlyNumber, but the problem is that not everyone is able to reach us for these specific countries. I would need to connect to this number using a SIP-based app on my mobile or pc. Thanks in advanced. [link] [comments]  |
| Esxi host network err disabled Posted: 10 Jan 2021 04:52 PM PST Hello , I'm a systems admin, not a network engineer. Recently hooked up a ESXi 6.7 server and one of the switchports keeps going into "err disable" I get an alert when it happens, open a ticket with the network team, they reenable the port and close the ticket, it stays up for a day or two and then err disables again. So we go through the same song and dance again, it's been going on for two weeks ... Is there some way that network engineers know why this would be going into err disable mode? Four other ports are hooked up to the same switch, only one goes into err disable mode and I don't see any strange configurations on the ESXI host networking side. Any where I should look or tell the network team to look? [link] [comments]  |
| Posted: 10 Jan 2021 11:18 PM PST Does anyone know of a solution that can be used that can run a captive portal with user self enrolment (email address and password) for Ubiquiti WiFi without also being the router? Ideally I'd like to connect the Unifi controller to the radius server and then have a web interface where a privileged user (non-technical staff member) can add and remove guest users. There's no need for billing functionality. Every fairly recently maintained solution that I've found is intended to be used as or installed on a router or is bundled with a VPN server. Through my wide search for solutions, I've become fairly familiar with Freeradius, so if that's what is used it would be preferred. The closest solution I've found is Daloradius, but the web interface is ancient and setting up clients has been too much of a struggle. Does anyone have any suggestions for something that would work? [link] [comments]  |
| You are subscribed to email updates from Enterprise Networking Design, Support, and Discussion.. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
| Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States | |
No comments:
Post a Comment