Farzand Ali

How Does NAT-T (NAT Traversal) work with IPSec?

ESP encrypts all critical information, encapsulating the entire inner TCP/UDP datagram within an ESP header. ESP is an IP protocol in the same sense that TCP and UDP are IP protocols (OSI Network Layer 3), but it does not have any port information like TCP/UDP (OSI Transport Layer 4). This is a difference from ISAKMPContinue reading “How Does NAT-T (NAT Traversal) work with IPSec?”

Cisco ASAV 9.2 VMware and ASDM 722 integrated with GNS3

Cisco VIRL (Virtual Internet Routing Lab)

Cisco Devices: IOSv, IOSvL2, IOS-XRv, CSR1000v, NX-OSv, ASAv List of supported features for IOSv: 802.1Q, AAA, ACL, BGP, DHCP, DNS, EEM, EIGRP, EoMPLS, Flex Netflow + TNF, GRE, ICMP, IGMP, IP SLA, IPSec, IPv6, ISIS, L2TPv3, MPLS, MPLS L2VPN, MPLS L3VPN, MPLS TE, Multicast, NAT, NTP, OSPF, PfR, PIM, PPPoE, RADIUS, RIP, SNMP, SSH, SYSLOG,Continue reading “Cisco VIRL (Virtual Internet Routing Lab)”

ASA Quick Review

CCNA RnS Subnetting_Commands_Notes

Data-plane attacks and Mitigation Techniques

CAM Table OverFlow Attack (DoS attack)(macof –i eth0): Port-Security DHCP Starvation Attack (DoS attack): Port-Security and Rate-limiting requests. DHCP Spoofing/Rogue DHCP Attack (Mitm attack): DHCP Snooping VLAN Hopping attack (negotiate trunk using DTP)(yersinia -G): set all the ports not connected to switches to no-negotiate and access ports, as by default they are set to negotiateContinue reading “Data-plane attacks and Mitigation Techniques”

Different Cisco OS

Cisco has a whole bunch of different operating systems for a variety of products: IOS runs on most Cisco routers and switches. IOS XE is a more modern, modular version of IOS. IOS XR runs on high-end routers. NX-OS runs on the Nexus line of datacenter switches. ASA OS runs on Cisco ASA devices. AireOSContinue reading “Different Cisco OS”

Author Archives: Farzand Ali