Cisco ASA SSL VPN Bug – CSCug23031

Just come across a nasty bug in version 8.4(6) that stops clientless VPN sessions from working.

Basically any session that needs to use extended plugins such as RDP won’t work following an upgrade – with a simple blank screen being displayed when clicking on the link.

Solution is to downgrade to 8.4(5) or upgrade to 9.1(2) or higher.

Cisco bug ID is CSCug23031

Barry Hesk
Intrinsic Network Solutions

Copying System Log on Cisco Devices

28 May 2013

Copying System Log on Cisco Devices

Small amount of geekieness on a wet Tuesday.

To copy the running log off a Cisco device, do the following:

show log | redirect ftp://_ip_address_/_file_name_

You can actually do this to redirect the output of any command.

Barry Hesk
Intrinsic Network Solutions

Genesco Lawsuit Could Shake PCI Compliance Regime To Its Core

A repost of a very interesting article from Network Computing. World-wide, business have spent millions in achieving compliance to the PCI standard. If it transpires that the fines levied by the credit card companies are not legal, then the implications will be far reaching and will touch the whole ecosystem that has sprung up around PCI and compliance. Hundreds of companies and thousands of employees provides services and products in the PCI compliance sector and this judgement could have a significant impact on them.

Barry Hesk
Intrinsic Network Solutions

As the security industry digests the news that for the first time a merchant is taking a major card brand and its payment processor to court over PCI noncompliance fines, speculation has started to fly about the long-range impact the case could have on the PCI compliance ecosystem.

On its face, the $13 million complaint from Tennessee-based retailer Genesco against Visa seems like pretty standard business litigation. But according to some, the suit has the potential to disrupt PCI’s influence in the merchant community.

“It really doesn’t look on the first account to be a very big case, but it’s the first retailer that kind of goes up against the establishment,” says Torsten George, vice president of worldwide marketing, products, and support for Agiliance. “If the court would decide to reverse the penalties imposed on Genesco, it would really shake the foundation of the PCI Security Standards Council to its core.”

Last week, Genesco petitioned the court in Tennessee to order to reimburse the company for more than $13.3 million in penalties collected on behalf of the card brand by payment processors Wells Fargo And Fifth Third Financial Corp. following a 2010 data breach at the sports retailer. The heart of the case revolves around Visa’s contractual language about what constitutes noncompliance for the sake of the levying of fines. In its suit, Genesco contends that it was in compliance with PCI rules at the time of the breach.

Genesco Lawsuit Could Shake PCI Compliance Regime To Its Core
Fri, 22 Mar 2013 14:02:00 GMT

New Cisco Branch Office hardware announced

New Cisco Branch Office hardware announced

13 March 2013

Cisco Systems have announced the latest generations of their ISR G2 routers. The key difference this time around is that the platforms will be bundled with security, application performance and WAN optimization technology.

Cisco claim this will be at a significantly lower price point that existing ISR G2 bundles. Whether this will be offering steep discounts on the ISR G2 hardware platforms and then clawing the money back on additional licensing for the bundled applications we will just have to wait to see.

More details are available here

Barry Hesk
Intrinsic Network Solutions

2e2: The Hindenburg of Cloud Providers & What It Means for Outsourcing

Very well written article, and precisely mirrors my own thoughts of companies, and particularly boards of companies, rushing to send all of their corporate IT “to the cloud”. There is a massive lesson here; alas, it may not be learnt until more cloud service providers go the way of 2e2.

I have a somewhat love/hate relationship with cloud services and outsource providers. In my day job, we provide a few cloud services, resell a couple more, and use a handful to support some backoffice systems. Some services make complete sense to outsource, to the point you wonder why anyone ever bothered to do it for […]

2e2: The Hindenburg of Cloud Providers & What It Means for Outsourcing
ssl_boy
Thu, 14 Feb 2013 19:34:35 GMT

Barry Hesk
Intrinsic Network Solutions