securitywing

20 Ways to Secure Home Network

by

Almost every Internet user has their home network that every family member use to Internet access.For your home network security you can follow a few simple steps to eliminate the chances of your network being compromised. Before diving deep into the home network security issues, you may have a look at the vulnerability points in your network,  including your client machine. [Read more…]

Site to Site VPN Between Cisco VPN Concentrator and Router

by Leave a Comment

At times, it is economical to build a VPN tunnel with the available networking resources. For example, if you have a VPN concentrator and you need to connect a small office securely with your network, you can do so by installing a low priced Cisco router in the remote office. This post will demonstrate how you can build VPN using a VPN concentrator and a Cisco router. [Read more…]

Cisco Router Security Check for Auditor

by Leave a Comment

Since router is the key to access an organization’s  network from the outside world, the maximum security priority should be given to routers that are connected to the Internet and to the important application servers. ISO-27001 has already defined standard router security checklist, which any organization can use to improve  their router securities. This post aims to familiarize you with some critical router security checklist so that you can have an in-depth and clear understanding of router security standards.

[Read more…]

HSRP Configuration(Hot Standby Routing Protocol)

by Leave a Comment

HSRP or hot standby routing protocol provides network redundancy solutions to routers.By configuring HSRP in a number of routers in a network you can offer your customers  the opportunity to enjoy seamless network or Internet access opportunity. HSRP is mainly used in the perimeter network or in a network where high-available is a must or has zero tolerance to network downtime.

[Read more…]

Cisco VPN Configuration in IOS Routers

by 4 Comments

How to Configure VPN in Cisco Routers

Virtual private network can be configured with most of the Cisco routers( 800 to 7500 series) with IOS version 12 or higher.VPN can be implemented in a number of ways–with various level of security measures and configuration. To determine the right VPN configuration for your network, you need to have a solid understanding in cryptographic system and encryption algorithm.Besides, one needs to know which type of VPN is suitable for remote clients  and which type of VPN  is used to create secure site-to-site connection. This article explains the necessary steps with configuration script to setup VPN in Cisco routers. This configuration can be simulated in Cisco packet tracer software as well.  [Read more…]

Access Control List Configuration on Cisco Router

by 1 Comment

What is ACL: Access control list or ACLs are a set of if-then rules set on a router to allow or deny a specific group of IP to send or receive traffic from your network into another network.

When you apply an ACL to a route interface  for incoming traffic then every incoming packets will be compared with your ACL first, if a match is found then either permit or deny action will take place according to your configuration of the ACL. If there are more than one ACL and if there is no match after comparing the incoming packets with the first ACL, then the second ACL will be matched and so on. Remember there is an implicit deny after an ACL. That is why after permit or denies any IP or IP range you must add the command: access-list ip permit any any.

For example in your network you want that no computer or devices from 172.16.0.0 network can send traffic to your network. To implement this rule you need to write and ACL that will tell your router to discard all the traffic from 172.16.0.0. Now, let see how to implement this ACL into a router.

Rourter#configure terminal

Router(config)# access-list 10 deny ip 172.16.0.0 0.0.255.255

Router (config) #access-list 10 permits ip any any

[Read more…]

Screening Router Security Test

by Leave a Comment

Much small-scale business does not use firewall as their first line of defense any web attacks to their internal network. Instead, they use a router between the Internet and Internal network to control incoming and outgoing traffic flow- this type of use of router is known as screening router. In fact, configuring ACLs inside a router can be a viable and effective solution to deny any incoming malicious packets to your LAN. If you have to test one such type of network router that is used a screening router, then you have to identify the type of router and its features. List all the ACL policy and the types of data packets that are permitted to enter your network. What are the router responses to various types of incoming traffic? Finally list all the live systems The following are the list of activity the you have to perform to test a screening router

1. Identify router type

2. List NAT, if there is any

3. Use TTL setting test by using port scanning

4. Test all the ACLs in the router

5. Verify if the address spoofing is being detected by the router

6. Test inverse scanning

7. If the router is filtering local traffic(egress filtering)

8. How the router is handling small size packets

9. How over-sized packets are being handled in the router

10. How router responding to overlapped packets. Normally overlapped fragments are used in TEARDROP attack.

    • Syras is a telecommunication and IT security professional with over 10 years of experience in this field. He has been running his personal blog Securitywing.com since 2010. He has the following IT and Project management certifications:

      • CISA(Certified Information Systems Auditor)
      • MCSE(Microsoft Certified System Engineer)
      • CCNA(Cisco Certified Network Associates)
      • Prince2( Project Management)

Copyrights

Protected by Copyscape Duplicate Content Detection Software

Securitywing.com reserves the copyrights of all of its published articles.No contents of this site is permitted to be published to anywhere else in the Internet.If any contents are found in any other websites, securitywing reserves the rights to file a DMCA complaint. But you have the right to use the link of any relevant article of this site to point from your website if you consider that it might improve the quality of your article.

Tags

android audit backup basics browser check cisco cloud computer configuration data database email encryption firewall hsrp ids iis informaiton internet intrusion it linux load balancing malware microsoft network protection putty redundancy risk router security security tips server ssh test tools vpn vrrp web webserver website windows wordpress