IPSec VPN’s are the de-facto standard for connecting multiple sites together over the Internet. Unfortunately, interoperability between multiple vendor’s IPSec implementations can be “fun”. IPSec leaves many options to individual implementations, so it can be somewhat configuration heavy. And multiple Continue reading IPSec VPN between JunOS and Ubiquiti EdgeOS / Vyatta
Hey, here are some more JunOS related config snippets. Again, these are taking from a branch office SRX. The stateless ACL syntax is the same across most JunOS devices. The stateful firewall and screens are fairly specific to the SRX Continue reading JunOS Config Snippets – Firewalls and ACL’s
The previous posts I’ve made around access layer security features have been somewhat more focused on protecting the network itself from attack. One of the biggest security issues with Ethernet / IP is that there are no built-in protections against Continue reading Access Layer Security Features Part 3: Spoofing Protections
Spanning tree is the only commonly deployed Ethernet control plane protocol today. Eventually, something like TRILL or maybe Shortest Path Bridging will probably eliminate the need for Spanning Tree, but we’re definitely not there yet. Since access ports are designed Continue reading Access Layer Security Features Part 2: Spanning Tree
Ethernet and IP by themselves don’t really provide security at the access layer. They can easily be spoofed and attacked by hosts connected to the same network. Accordingly, over the years vendors have created a variety of mechanisms to secure Continue reading Access Layer Security Features Part 1: Port Security
I’ve written some PHP scripts to parse through my Postfix and Spamassassin log files lately. I’ll write another post about that later, but I wanted to share something interesting that I just noticed. I prefer not to give out my Continue reading Possible Timeframe for Linked In / Last.fm Attacks?