Tag Archives: Security

A little bit about Firepower Network Analysis Policy (NAP)

We have previously talked about Intrusion Prevention Policy, or IPS, and saw how to configure and tweak the same. What we did not talk about and is closely tied to the IPS policy is Network Analysis Policy or NAP. So, … Continue reading

Posted in Cisco, FirePOWER, FireSight, IPS, Security, Sourcefire, Uncategorized | Tagged , , , , | Leave a comment

Client side exploitation attacks

Let’s take a short break from Sourcefire and talk a little bit about client side exploitation. Don’t worry, we will go back to SF soon. So, what is client side exploitation? Well, let’s talk a little bit about “regular” exploitation. Perhaps … Continue reading

Posted in Metasploit, PENTEST, Security | Tagged , , , | Leave a comment

Connecting Sourcefire to SIEM with eStreamer

Currently we are satisfied with our Sourcefire set up. Our effort was not in vain. Let’s now connect our Sourcefire to the SIEM solution. Briefly, SIEM is an abbreviation of “Security Information and Event Management” and is a system that … Continue reading

Posted in Cisco, FirePOWER, Security, Sourcefire | Tagged , , , , , | 1 Comment

Sourcefire File Policies (aka Advanced Malware Protection)

With Sourcefire ASA software modules we are able to control what file types are allowed and what are not to be downloaded or uploaded. What can be tracked depends on protocols supported by the Sourcefire and the direction of file … Continue reading

Posted in Cisco, FirePOWER, IPS, Security, Sourcefire | Tagged , , , , , | 13 Comments

Sourcefire Security Intelligence

Let’s talk a little bit about a nice capability of Sourcefire system called “Security Intelligence” (SI). With the SI we have the option to block the traffic based on its reputation, before it reaches detection engine. We had this functionality … Continue reading

Posted in ASA, Cisco, FirePOWER, Firewall, IPS, Security, Sourcefire | Tagged , , , , , | 18 Comments

Introduction to Cisco ASA modules

We have been using ASA firewalls for years now, and we know it is a great firewall. But, over the years threats evolved and needs for something more than just a traditional firewall emerged. The ASA is considered a traditional … Continue reading

Posted in ASA, Cisco, Security | Tagged , , | 1 Comment

Preparing Kali linux for penetration testing/vulnerability assessment

We all know what Kali linux is and what it’s used for. What we need is a comprehensive guide or reminder how to install it and set it up from the scratch. And make it more powerful by adding some … Continue reading

Posted in LINUX, PENTEST, Security | Tagged , , , , , , , , | 1 Comment