VERT’s Cybersecurity News for the Week of August 29, 2022

VERT’s Cybersecurity News for the Week of August 29, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 29th, 2022. I’ve also included some comments on these stories. WordPress 6.0.2 Patches Vulnerability That Could Impact Millions of Legacy Sites The WordPress team this week announced the release of version 6.0.2 of the content management system (CMS),…

Read More

IOS Tricks with TCLs

Parser Find the subcommands under a specific command such as ‘Clear’ that contain “call” keyword. Example: clear call voice … Router# show parser dump exec | inc clear .*[a-z]+.*call 1 clear controller call-counters timeslots 1 clear controller call-counters timeslots 1 clear controller call-counters timeslots 1 clear controller call-counters timeslots 1 clear controller call-counters timeslots 1 clear controller call-counters timeslots 1 clear controller call-counters 1 clear controller call-counters system-hwm 1 clear controller call-counters all 1 clear call voice causecode long-dur-call 1 clear call voice causecode calling-number 1 clear call voice causecode called-number 1 clear…

Read More
Posted in IOS

IP SLA with Object Tracking and Automatic Preempting in MPLS TE

Original post # https://rekrowten.wordpress.com/2012/10/19/ip-sla-with-object-tracking-and-automatic-preempting-in-mpls-te-part-5/ IP SLA was described in this post. Some of the examples were provided here. This post showed an option, where IP SLA was used to monitor static routes and preempting them. Today’s post will be similar to that one. Today I am monitoring MPLS TE tunnels and dynamically preempting to backup path, when certain threshold in IP SLA probe is met. Good example on how to monitor network and dynamically and…

Read More

IP-SLA DNS Tracking

Original Post # http://jcape.name/2011/04/23/anycast-ip-sla-howto/  Configuration to be performed on a server Configuration to be performed on the router in site A Configuration to be performed on the router in site B   The next step is to configure the routers to route packets destined for the anycast address via the primary network interface on the servers, run test queries against named on the primary network interface of that server, and remove the route to the anycast…

Read More

Cisco ISR G2 as a Video Bridge

Instead of buying an expensive, dedicated hardware video conference bridge to allow basic multiparty video calls on Cisco Unified Communications Manager you may be able to use the Existing 2900 or 3900 series router that you already have. An ISR G2 router equipped with the appropriate PVDM3 DSP modules is capable of providing video conference bridge (VCB) capabilities in addition to it’s traditional voice and network functions. The VCB functions aren’t as sophisticated and advanced…

Read More
Posted in IOS

EEM Send Email every 5 min

To monitor turn on debug to show message on syslog event manager session cli alexis !only needed if AAA is used and authentication needed by app event manager environment _email_server X.X.X.X event manager environment _email_to alex_katsavras@XXX.XXX event manager environment count15min503 0 event manager environment count1hour503 0 event manager applet Capture_503 event syslog pattern “012345676789” action 1000 syslog msg “503_Error_has been_Encountered” action 1010 set tmp15 “$count15min503” action 1020 set tmp1 “$count1hour503” action 1030 increment tmp15 action…

Read More
Posted in EEM

EEM Applet and TCL scrips (Count & email )

Below 2 email will be sent at 23:00. One will contain the contains of file RTPReport.txt and the second the contains of SIPcount.txt A snapshot of the number of rtp streams is taken every 30 minute. A counter of the number of SIP redirect message is recorded every 30 min and reset to 0. In the example below i am using EIGRP Hello messages for testing. event manager environment _email_server 10.1.1.1 event manager environment _email_to…

Read More
Posted in EEM

Cisco IOS- IP Helper Address Command

Original Link# http://www.ciscopress.com/articles/article.asp?p=330807&seqNum=9 Helper Addresses This section describes how networks and routers use helper addresses to forward broadcasts to another server or router on another network. This section describes some of the purposes of and scenarios in which to use helper addresses. Using Helper Addresses DHCP is not the only critical service that uses broadcasts. Cisco routers and other devices might use broadcasts to locate TFTP servers. Some clients might need to broadcast to locate…

Read More
1 2