Cisco IOS-related CVEs get announced consistently, but we will not be exploring any of those in this article. I will, however, demonstrate that attacking a Cisco IOS device is possible with SNMP misconfiguration. If interested, I covered another attack on a Cisco IOS device running HSRP here. I included this exercise on our Paradise Lost: Red Team versus Blue Team event during our CyberFest 2021. Unfortunately, only the blue team members touched this node. The red team focused on …
Cisco
Defending against SSH brute force attacks
I was a victim of SSH brute force attacks, which I covered here. As a result, I discovered a great solution without using SSH keys. As another layer of security, I added two-factor authentication to my server. A few years ago, I wondered if there was a solution in Cisco IOS. I discovered a security feature called login enhancements or login block. Let's look at how it can help defend from SSH brute force attacks by enabling this feature. What is login block? It is a Cisco …
[Read more...] about Defending against SSH brute force attacks
Securing Cisco IOS passwords
Over the years, Cisco has made improvements in storing passwords in the configuration file. As a result, securing Cisco IOS passwords is part of my checklist when hardening Cisco-based network infrastructure for clients. This article also appeared on Art of Network Engineering. History Cisco IOS has always had the option to store passwords in cleartext in the configuration file. As you and I both know, storing passwords in the configuration file is a big no-no. That said, …