We had a pen test completed on our wireless network recently and two elements that came out of it that surprised me were the following:
The guest wireless portal is using SSLv2 and they recommend that we use SSLv3. I haven't been able to see anywhere if this can be changed or checked for current version. Is it possible to upgrade?
The second item was with regards the broadcasting of the SSID. When the SSID is broadcasting the administrative name of the LAP's is visible using wireshark. Is there a setting to hide these within the controller or is the only option to rename all the LAP's to something simple like AP1?
It says that disabling SSLv2 will make it only possible to use SSLv3. (it did not mention that the "high" cipher should be enabled).
Brian you may check it if it is going to work if SSLv2 is disabled and "high" is disabled as well. Check please and let us know if it is going to use SSLv3 or you necessarily need to configure the "high" as well.
Rating useful replies is more useful than saying "Thank you"
Transferring Crash file from standby:
Login to the Active WLC in HA.
(Cisco Controller) >transfer upload datatype crash
(Cisco Controller) >transfer upload filename <Desired filename>
(Cisco Controller) >transfer up...
This is the start of a display filter cross reference between Wireshark and OmniPeek.
The 1st installment is a table of advanced filters. More filters will be added as time allows.
It is a living doc, so check back for changes every so often
Please feel ...
I have created a Powershell script to automatically add a Wireless Guest User on Cisco WLCs. (tested on 2500 Series)
The script should be completely self explanatory.
Powershell SNMP Module (Install-Module -Name SNMP)
SNMP Write Access to...