Denise's Tech Blog

Cisco ASA Security Levels

blesseddlo — Fri, 23 Sep 2011 19:42:34 +0000

So I just discovered that the Cisco ASA’s in their documentation refer to security levels and that higher security levels have access to lower security levels. A few months ago I was playing with a Cisco ASA and using the firewall functionality. By defining one firewall rule on the Cisco ASA it negates the security level functionality.

If you define one firewall rule, you will need to specify all allowed traffic through firewall rules.

Disable weak cryptography Apache

blesseddlo — Sat, 17 Sep 2011 16:58:22 +0000

SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:!MEDIUM:!LOW:!SSLv2:!EXPORT 
SSLProtocol -ALL +SSLv3 +TLSv1

tar and 7zip

blesseddlo — Sat, 17 Sep 2011 16:00:09 +0000

tar cvfp – /directory/path [--exclude=/path/to/exclude] | 7za a -si -t7z -m0=lzma -mx=9 -mfb=64 -md=32m -ms=on filename.tar.7z

Rename files in directory

blesseddlo — Tue, 26 Jul 2011 22:37:17 +0000

for i in * ; do mv "$i" "`echo $i | sed 's/old/new/g'`"; done

ASA disable site to site VPN

blesseddlo — Wed, 20 Jul 2011 16:17:39 +0000

Taken from these instructions on how to setup the site to site VPN: https://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a0080950890.shtml#asa5510

All you need to do is remove the tunnel-group line

tunnel-group 172.16.1.1 type ipsec-l2l

Save changes to config:

wr mem