• Skip to main content
  • Skip to footer

Andrew Roderos

Tech Geek

  • Blog
  • Resources
    • Book List
    • Free Courses
  • Hire Me
  • About
  • Contact

Blog

Defending against SSH brute force attacks

01/11/2021 by Andrew Roderos Leave a Comment

Defending against SSH brute force attacks

I was a victim of SSH brute force attacks, which I covered here. As a result, I discovered a great solution without using SSH keys. As another layer of security, I added two-factor authentication to my server. A few years ago, I wondered if there was a solution in Cisco IOS. I discovered a security feature called login enhancements or login block. Let's look at how it can help defend from SSH brute force attacks by enabling this feature. What is login block? It is a Cisco …

[Read more...] about Defending against SSH brute force attacks

Filed Under: Security Tagged With: Cisco, Cybersecurity, Information Security, InfoSec, IOS, Network Security

Securing Cisco IOS passwords

01/06/2021 by Andrew Roderos Leave a Comment

Securing Cisco IOS passwords

Over the years, Cisco has made improvements in storing passwords in the configuration file. As a result, securing Cisco IOS passwords is part of my checklist when hardening Cisco-based network infrastructure for clients. This article also appeared on Art of Network Engineering. History Cisco IOS has always had the option to store passwords in cleartext in the configuration file. As you and I both know, storing passwords in the configuration file is a big no-no. That said, …

[Read more...] about Securing Cisco IOS passwords

Filed Under: Security Tagged With: Cisco, Cybersecurity, Information Security, InfoSec, IOS, Network Security

Penetration Testing 101 – CTF Edition

12/10/2020 by Andrew Roderos Leave a Comment

Penetration Testing 101

As mentioned in my previous article, I participated in a CTF competition. Part of that CTF competition included OSINT (Open-Source Intelligence) and penetration testing exercises. Today, I want to discuss penetration testing 101 in a CTF environment. Pre-engagement Pentesting in the real world starts with the pre-engagement phase. This phase involves engaging with the client to find out their goals, scope of work, etc. It's different in a CTF environment. Some CTF will give you the …

[Read more...] about Penetration Testing 101 – CTF Edition

Filed Under: Security Tagged With: Capture The Flag, CTF, Cybersecurity, Ethical Hacking, Hacking, Kali Linux, Network Security, Penetration Testing, Pentesting

My CTF Experience

11/03/2020 by Andrew Roderos Leave a Comment

Our Information Security Office (ISO) hosted its first-ever capture the flag (CTF) event recently during the Cybersecurity & Privacy Festival. The CTF was open to all staff for a whole week from 10/19 - 10/23. It was engaging, educational, exhausting, frustrating, and infuriating. In this post, I want to share my CTF experience. I will also include some information about the challenges and my thought process. Bonus: I incorporated a mini-CTF. I encourage you to try it out! Before this …

[Read more...] about My CTF Experience

Filed Under: Security Tagged With: Capture The Flag, CTF, Cybersecurity, Information Security, InfoSec, Steganography

Optimizing HSRP timers

10/19/2020 by Andrew Roderos Leave a Comment

A few weeks ago, I wrote an article about attacking HSRP (Hot Standby Redundancy Protocol) and how to defend it from such attacks. Today, I'm going to discuss how to optimize HSRP timers. You may ask, why bother optimizing HSRP timers? One of the main reasons is to provide a better user experience in the case of failure. HSRP timers There are two timers that you can manipulate to optimize HSRP. The first one is the hello time. The hello time is the interval in seconds or …

[Read more...] about Optimizing HSRP timers

Filed Under: Networking Tagged With: BFD, FHRP, HSRP

  • Go to page 1
  • Go to page 2
  • Go to page 3
  • Go to page 4
  • Go to Next Page »

Footer

WANT TO HIRE ME?

Let’s talk about your project!

CONTACT ME

Copyright © 2019–2021 · Andrew Roderos · All Rights Reserved · Privacy Policy · Terms of Use