The OSI Model As many of you likely know the OSI (Open System Interconnection) Model serves as a framework to help struture and organize componets of larger systems into 8 Layers. Understanding the concepts of the OSI model is fundmental to sucess in IT. 7 Layers I will be attmpenting to go through the basics of each layer through different posts. Physical Layer 1 Overview of the Physical Layer Copper...
Wireless Security with WPA2 (802.11i) TLDR WEP is insecure WPA1 / WPA using TKIP is also insecure WPA2 is most secure (ensure KRACK is patched) 802.11i is complicated Old Wireless Security WEP / WPA'1' WEP (Wired Equivalent Privacy) Old and Insecure [See Aircrack-NG] (https://www.aircrack-ng.org/) Stream Cipher RC4 CRC-32 Checksum -WPA1 (AKA WPA using TKIP) Has similar attack vectors as WEP **Note 802.11 Authentication: has 802.11 Management Frame called “Authentication” this is not related to any real authentication and is just part of wireless association… again not authentication, who names this stuff **...
Traceroute is the go-to utility for troubleshooting many network related issues. Overview Traceroute launches a probe packet towards DST IP with a TTL of 1 Every router hop decrements the IP TTL of the packet by 1 When TTL equals 0 the packet is dropped, and the router sends an ICMP TTL exceeded packet to the SRC with the original probe packet as payloads The received message is displayed as a “hop” by traceroute The TTL is incremented by 1 and another probe sent This process is repeated until traceroute receives ICMP Dest Unreachable Probe Packets Each OS has a slightly different of implementing traceroute and its probe packets UNIX uses UDP probes UDP DST port 33434 incrementing once per probe Windows (and some others) use ICMP (each request) probes Look for some traceroute implementation that allows you to use TCP, UDP, or ICMP In most cases, three probes are sent per hop This is why you will see three latency results or *’s These three probes are important as in the case of load balancing path and latency might change Finding problems in your traceroute results Network Latency is normal It takes ~400 ms for a packet to travel across the world (around the equator) just in light propagation Many times ICMP is forwarded, and processed by routers general CPU, which can cause higher than normal delays Note the path your traffic is taking (see below for tips) Tip to understanding traceroute outputs on the internet Look for IATA Airport Code CLLI Codes UN/LOCode Provider names City Names Example Traceroute output from macOS traceroute to google....
The Problem ISE PSNs connect to AD domain controllers to authenticate users on the network. Let’s say there are 4 ISE PSNs and 3 AD Domain Controllers. Seemingly out of no where ISE “backlists” all 3 of our DCs. You only know of this because of the ISE Alarm “joined domain is unavailable” – Hint: Check the AD Connector Report in ISE. The Active Directory Integration Guide for 1.3 will tell you if “AD connector cannot communicate with it [DC] for some reason” it will blacklist that domain controller....
Hello World Hello World #Hello World