Home LookingPoint Blog

Blog

Dominic Zeni

Recent Posts

It’s been a long time coming. I’ve been searching for a reason to do it…and I finally did it! I solved my first real world networking problem using automation!

I know, I know. The many of you out there who do this every day all day don’t care, but for me, someone who is an expert network engineer and a n008 at python (programming in general), I’ve been waiting for the day that it made sense to...

Continue reading

As you saw in a previous post, DHCP Hacking Made Easy, poorly configured networks can serve as an attack vector for “The Attacker”. In this entry, we continue this exploration with another dead simple attack on the network, ARP spoofing. ARP is the protocol responsible for informing hosts within a given LAN, which IP addresses belong to which MAC addresses. What happens when we provide bad...

Continue reading

Poorly configured networks are vulnerable to many attacks. Easy attacks. In this blog we will demonstrate how easy it is to perform a DoS attack on a DHCP scope. Afterwards, we will remediate our poorly configured network devices with a security feature that you should include on every deployment to protect against this type of attack.

Continue reading

Everyone’s Favorite

Anyone operating a PKI or an application whose functionality requires one, can attest to the ever-increasing amount of time spent keeping certificates up-to-date and compliant with the contemporary cryptography standards. When certificates expire, things break. When cryptography standards evolve, things break. For these reasons, the typical network/systems operator may find it...

Continue reading

Endpoint Captive Portal Detection - Why?

This blog assumes that you have a general understanding of ISE Central Web Authentication. Endpoint Captive Portal Detection plays a critical role in improving the end-user experience when connecting to a captive portal protected WiFi network, such as an ISE CWA protected WiFi network. The captive portal detection brings to the attention of the user that...

Continue reading

In the first entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). In the second entry of this series, we narrowly focused on getting the ISE posture module provisioned. In the third entry, we took stock of all the available posture...

Continue reading

In the first entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). In the second entry of this series, we narrowly focused on getting the ISE posture module provisioned. If you haven’t check those out yet, please do, links below!

Continue reading

In the last entry of this series, we looked at the high-level mechanics involved in using AnyConnect with the ISE Posture module to perform endpoint host inspection (posture) when connecting to an AnyConnect VPN head-end (ASA/FTD). If you haven’t read that one yet, you can find it here!

In this entry, we will be narrowly focused on provisioning the ISE posture module. Enjoy!

Continue reading

Project Manager: “We need to give them access to our network.”

IT Security: “No.”

Project Manager: “We really need to give them access to our network.”

IT Security: “Still no.”

Project Manager: “C’mon, pleeease??”

IT Security: “Ok fine. But we’ll need to assess their computer for vulnerabilities.”

Continue reading

It’s been a while, but we’re finally back to close this blog series on Cisco TrustSec (CTS). If you haven’t yet, go check out the other entries in this series.

Learn what Cisco TrustSec is and why we care here.

Dip your toes into the components involved here.

Begin your Cisco TrustSec classification journey here.

Propagate yourself over here to learn about Cisco TrustSec propagation.

Now that...

Continue reading
1 2 3
  • There are no suggestions because the search field is empty.

Latest Tweets