Image of Cortney & Jeremy

authentication

Access Controls for HP ProCurve Devices

August 6, 2010

Yesterday, the Internet Storm Center published a diary called “Access Controls for Network Infrastructure”. That particular diary is Cisco-centric, so I thought I’d put together something similar for HP ProCurve gear (at least the 2650, 2910s, and 5400s I’ve worked with). Default Credentials HP ProCurve gear ships without any type of authentication, by default. This […]

6 comments Read the full article →

Authenticating Cisco Devices Against Active Directory

March 30, 2010

Many packets ago, in a network several hops away, I wrote about configuring Cisco devices against FreeRADIUS. Since then, I’ve received many requests for a similar post, but with Active Directory as the backend for authentication. I finally got around to knocking that out this past weekend. Because Windows is “graphical”, I felt it would be […]

5 comments Read the full article →

Configuring MD5 Authentication for BGP Peers

July 10, 2009

I got an e-mail recently from a reader who asked me about how to set up MD5 authentication between a pair of BGP peers, so I thought I’d do a quick write-up and example. Setting up MD5 authentication is really simple. For our example, we’ll use a pair of routers connected over their serial 0/0 […]

2 comments Read the full article →

EIGRP Authentication

July 4, 2009

Here’s another quick little lab, using the same topology as last time: Two routers, R1 and R2, directly connected via their serial 0/0 interfaces. In the previous lab, we were using RIP. This time we’ll use EIGRP and authenticate our routing updates.

7 comments Read the full article →

RIP Authentication

July 4, 2009

I found this post saved and realized that it had never been uploaded to the site, so here you go. Two routers, R1 and R2, directly connected via their serial 0/0 interfaces. We want to authenticate the routing updates sent and received by these two routers. Note that we have to use RIP version 2 […]

7 comments Read the full article →

Configuring PPP Authentication (CHAP)

March 30, 2009
0 comments Read the full article →

Configuring OSPF Authentication (Dynamips)

November 26, 2008

Let’s continue on from yesterday’s lab, “Configuring Basic OSPF“. We’ve had a new requirement added to our original design: authenticated OSPF. Our security team has decided that it is a potential security risk to run unauthenticated OSPF across our network backbone and have asked us to implement a secure method of sending OSPF updates. OSPF […]

0 comments Read the full article →

Configuring FreeRADIUS to support Cisco AAA Clients

November 19, 2008

In this demonstration, we’re going to install FreeRADIUS onto a CentOS 5.2 server and configure it to support AAA on Cisco devices. “FreeRADIUS is the most widely deployed RADIUS server in the world. It is the basis for multiple commercial offerings. It supplies the AAA needs of many Fortune-500 companies and Tier 1 ISPs. It […]

34 comments Read the full article →

Switch-Based Security Features

October 4, 2008

New security features have been added to many enterprise switches. The availability of those features varies based on what vendor’s equipment you’re using (as well as the software version) and each vendor offers similar features but call them by different names. The following table illustrates a few.

0 comments Read the full article →