Displaying posts written in

October 2008

Oct
25
2008

Clear ARP table in Checkpoint

Yesterday my colleague asked how to clear all entries in the ARP table of the
NGX in question (Splat). I thought the arp command of the Linux would include some switch for that case too – but it didn’t. To delete ARP entry from the ARP  cache you use #arp -d <IP address to be deleted> [...]

Oct
10
2008

Guarding against brute force attack on VTY in Cisco IOS

Cisco starting IOS 12.3 introduced a simple but powerful feature to guard against brute force password guessing attack on remote access. The usual template followed when configuring VTY access is:
1) Configure ACL containing management IPs to be allowed to access the router through VTY
2) (Optional) Restrict VTY access protocol to ssh only (transport input ssh)
3) [...]