Archive for the ‘Cisco Switching’ Category

Don’t ever count on L2 segmentation for security

Friday, May 1st, 2009

Recently I have done a penetration test and it once again showed why you should never trust the L2 segmentation for security.
The obvious reason not to trust L2 segmentation is that by using arp poisoning all your data between one ore more machines can be routed through another machine, and thus one is able to read all data sent and received between these machines. Introducing VLANs would help a lot, but even then there are techniques to circumvent these limitations.
(more…)

Tags:
Posted in Cisco Switching, Security, TCP/IP | No Comments »

Network problem turned out to be AD problem

Sunday, October 26th, 2008

Last week one of our stores had a problem with seemingly slow starting workstations. These workstations where hanging for at least 15 minutes on “Applying computers settings”.
The workstations that where affected at first seemed to be randomly.

Because the local admin had created a new master-copy a few weeks earlier, and he couldn’t remember whether the machines that where affected had received this new image I decided to first investigate the master before attempting to monitor the network.
All dynamic DHCP settings where okay, netsh int ip reset didn’t work, neither did deleting the whole network card and re-adding it.
(more…)

Tags:
Posted in Cisco Switching, TCP/IP, Windows | 1 Comment »

Unexpected behaviour Cisco 2950 switch while adding VLAN

Friday, January 4th, 2008

Yesterday I noticed something strange when configuring a 2950 switch.
I had to create a new VLAN, so I went in to configuration mode and added a new vlan (interface) by entering “interface vlan 234″  and did a “no shutdown”  on the interface. When I had done this I immediatly lost connection to the switch.
(more…)

Posted in Cisco Switching | No Comments »

Strange MST ( Multiple Spanning Tree ) loop problem

Thursday, September 27th, 2007

A few months ago, before I started working for the company I now work for, one of the store outlets of the company had a big networking issues.
They figured out that the source of the problem was a local employee of the store who had connected a small US Robotics switch to the outlet, to provide for more UTP connections.
Recently, I had to logon to that switch and noticed that Spanning Tree had been enabled, and because I was told that the switch configuration had never been changed since the issue, I thought this was strange. Spanning Tree should have seen the loop, and prevented it by just disabling the port with the switch on it.
(more…)

Posted in Cisco Switching, Security, TCP/IP | No Comments »