Posts

RPKI for Home Usage

Resource Public Key Infrastructure you may know what RPKI is … It’s a PKI Framework for improving Security for the Internet Routing Infrastructure based on BGP. As a HomeUser or Small/Medium Size Company, you normally don’t have a Full BGP Table and multipe Upstream Providers. You have one Internet Router or Firewall and you get a Default Route from your ISP. With OpenBGPD and the current rpki extensions, you “just” need a Full BGP Feed and then, you can filter all invalid ROA’s and keep your Routing (and Internet Access) more Secure.

Ruckus, Radius, Dynamic Vlan Assignment

How to Dynamic Assign Vlans with Ruckus Unleashed and FreeRadius Setup FreeRadius pkg_add freeradius--%freeradius3 clients.conf add your wlan ap client ruckus { ipaddr = 1.2.3.4/32 secret = das-sag-ich-dir-nicht } users.conf add some users # Admin to Admin Vlan (100) admin Cleartext-Password := "das-sag-ich-dir-nicht" Tunnel-Type = 13, Tunnel-Medium-Type = 6, Tunnel-Private-Group-Id = "100" # Guests to Guest Vlan (200) guest Cleartext-Password := "das-sag-ich-nur-dem-gast" Tunnel-Type = 13, Tunnel-Medium-Type = 6, Tunnel-Private-Group-Id = "200" /etc/raddb/sites-available/inner-tunnel enable Vlan rewrite on line 336 (set to 1)

Update Checkmk

how to update checkmk download raw edition https://checkmk.com/de/download?edition=cre&version=stable&dist=debian&os=buster root@erde:# wget https://download.checkmk.com/checkmk/1.6.0p20/check-mk-raw-1.6.0p20_0.buster_amd64.deb Install Package root@erde:# gdebi check-mk-raw-1.6.0p20_0.buster_amd64.deb Update Checkmk su - mysite omd status omd version omd stop omd update omd start exit Cleanup omd cleanup Check Application Open Browser, check News and Plugins sha256: 536db87b7fddc2f0e141196097e469739c90cfac025c0d0a8fe9835ae79e2188

Vuln IOS XE 03.06.04

Security posture via Cisco PSIRT OpenVuln API Platform: iosxe Version: 03.06.04.E Advisory-ID Impact CVSS CVE Fixed with First Published cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00 cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00 cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.

Vuln IOS XE 3.08.06

Security posture via Cisco PSIRT OpenVuln API Platform: iosxe Version: 03.08.06.E Advisory-ID Impact CVSS CVE Fixed with First Published cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00 cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.5 CVE-2020-3230 2020-06-03T16:00:00 cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.

Vuln IOS XE 17.01.01

Security posture via Cisco PSIRT OpenVuln API Platform: iosxe Version: 17.01.01 Advisory-ID Impact CVSS CVE Fixed with First Published cisco-sa-ios-profinet-dos-65qYG3W5 Cisco IOS and IOS XE Software PROFINET Link Layer Discovery Protocol Denial of Service Vulnerability 7.4 CVE-2020-3512 2020-09-24T16:00:00 cisco-sa-profinet-J9QMCHPB Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability 7.4 CVE-2020-3409 2020-09-24T16:00:00 cisco-sa-xbace-OnCEbyS Cisco IOS XE Software Arbitrary Code Execution Vulnerability 6.

Vuln IOS 15.4(1)SY4

Security posture via Cisco PSIRT OpenVuln API Platform: ios Version: 15.4(1)SY4 Advisory-ID Impact CVSS CVE Fixed with First Published cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00 cisco-sa-ios-bgp-evpn-dos-LNfYJxfF Cisco IOS and IOS XE Software MP-BGP EVPN Denial of Service Vulnerability 6.1 CVE-2020-3479 2020-09-24T16:00:00 cisco-sa-tcl-dos-MAZQUnMF Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability 6.

Vuln IOS 15.2(1)SY5

Security posture via Cisco PSIRT OpenVuln API Platform: ios Version: 15.2(1)SY5 Advisory-ID Impact CVSS CVE Fixed with First Published cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00 cisco-sa-tcl-dos-MAZQUnMF Cisco IOS and IOS XE Software Tcl Denial of Service Vulnerability 6.5 CVE-2020-3201 2020-06-03T16:00:00 cisco-sa-ikev2-9p23Jj2a Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Denial of Service Vulnerability 7.

Vuln NXOS 8.2(4)

Security posture via Cisco PSIRT OpenVuln API Platform: nxos Version: 8.2(4) Advisory-ID Impact CVSS CVE Fixed with First Published cisco-sa-fxos-nxos-cfs-dos-dAmnymbd Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability 8.6 CVE-2020-3517 8.2(6) 2020-08-26T16:00:00 cisco-sa-nxos-pim-memleak-dos-tC8eP7uw Cisco NX-OS Software IPv6 Protocol Independent Multicast Denial of Service Vulnerability 7.5 CVE-2020-3338 8.2(6) 2020-08-26T16:00:00 cisco-sa-ios-nxos-onepk-rce-6Hhyt4dC Cisco IOS, IOS XE, IOS XR, and NX-OS Software One Platform Kit Remote Code Execution Vulnerability 8.

Vuln IOS XE 03.08.09

Security posture via Cisco PSIRT OpenVuln API Platform: iosxe Version: 03.08.09.E Advisory-ID Impact CVSS CVE Fixed with First Published cisco-sa-info-disclosure-V4BmJBNF Cisco IOS and IOS XE Software Information Disclosure Vulnerability 5.5 CVE-2020-3477 2020-09-24T16:00:00 cisco-sa-cipdos-hkfTZXEx Cisco IOS and IOS XE Software Common Industrial Protocol Denial of Service Vulnerabilities 8.6 CVE-2020-3225 2020-06-03T16:00:00 cisco-sa-ssh-dos-Un22sd2A Cisco IOS and IOS XE Software Secure Shell Denial of Service Vulnerability 7.