Get Support

Archive

HomeKB Article
March 9, 2022by klowdadmin

APC UPS zero-day bugs can remotely burn out devices, disable power

Vulnerability

A set of three critical zero-day vulnerabilities now tracked as TLStorm could let hackers take control of uninterruptible power supply (UPS) devices from APC, a subsidiary of Schneider Electric.

The flaws affect APC Smart-UPS systems that are popular in a variety of activity sectors, including governmental, healthcare, industrial, IT, and retail.

Mitigation recommendations

  1. Install the patches available on the Schneider Electric website
  2. If you are using the NMC, change the default NMC password (“apc”) and install a publicly-signed SSL certificate so that an attacker on your network will not be able to intercept the new password. To further limit the attack surface of your NMC, refer to the Schneider Electric Security Handbook for NMC 2 and NMC 3.
  3. Deploy access control lists (ACLs) in which the UPS devices are only allowed to communicate with a small set of management devices and the Schneider Electric Cloud via encrypted communications.
Armis published Technical Whitepaper
 
Still Need Help? Open a Ticket

Let one of our experienced engineer resolve the issue

Open Ticket
Read More
February 7, 2022by klowdadmin

How to Configure Dynamic NAT on CISCO Routers

This artical covers how to configure dynamic NAT (Network Address Translation) on CISCO Routers.

Steps to configure dynamic NAT using CLI.

  1. Login to the device using SSH / TELNET
  2. Go into the config mode.

    Router#configure terminal

  3. Configure the router’s inside interface

    Router(config)#interface fa0/0

    Router(config-if)#ip nat inside

    Router(config-if)#exit

  4. Configure the router’s outside interface

    Router(config)#interface eth0/0/0

    Router(config-if)#ip nat outside

    Router(config-if)#exit

  5. Configure an ACL that has a list of the inside source addresses that will be translated.

    Router(config)#access-list 1 permit 192.168.0.0 0.0.0.255


    Configure the pool of global IP addresses

    Router(config)#ip nat pool POOL01 4.4.4.1 4.4.4.5 netmask 255.255.255.0

    NOTE: The pool configured above consists of 5 addresses: 4.4.4.1, 4.4.4.2, 4.4.4.3, 4.4.4.4, and 4.4.4.5.

  6. Enable dynamic NAT

    Router(config)#ip nat inside source list 1 pool POOL01

    NOTE: The command above instructs the router to translate all addresses specified in the access list 1 to the pool of global addresses called POOL01.

  7. Exit config mode

    Router(config)#exit

  8. Copy the running configuration into startup configuration using following command

    Router#write memory

    Building configuration... [OK]

 

Still Need Help? Open a Ticket

Let one of our experienced engineer resolve the issue

Open Ticket
Read More
February 6, 2022by klowdadmin

Configuring VLAN on Cisco IOS Switch

This article covers how to configure VLAN on CISCO Switches.

  1. First look at the default VLAN Configuration

    Swtich#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/22
                                                Fa0/23, Fa0/24, Gi0/1, Gi0/2
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup


  2.  Create a new VLAN

    Switch(config)#vlan 50
Switch(config-vlan)#name VLANNAME
Switch(config-vlan)#exit
    Replace VLANNAME with the name of your VLAN
  3. Check the newly created VLAN

    SW1#show vlan

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------

1    default                          active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15,
                                                Fa0/23, Fa0/24, Gi0/1, Gi0/2
50   Newvlan                          active
  4. Now VLAN 50 has been created. Now you need to associate VLAN to the network ports. 

    Switch(config)interface fa0/1
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 50

Switch(config)interface fa0/2
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 50
  5. Check VLAN port association

    SW1#show vlan 

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------

1    default                          active    Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10,, Fa0/12
                                                Fa0/13, Fa0/14, Fa0/15,
                                                Fa0/23, Fa0/24, Gi0/2

50   NEWVLAN                         active    Fa0/1, Fa0/2
      
Still Need Help? Open a Ticket

Let one of our experienced engineer resolve the issue

Open Ticket
Read More
Klowdesk

Klowdesk is a Remote Tech Support service connecting top IT Engineers from around the world with Businesses requiring IT Support on demand.

 
Instagram Linkedin-in Twitter Facebook-f

Contacts

 [email protected]

Company

Privacy

Your privacy is important to us

We do not share or sell your data to third parties. We use cookies and other third-party technologies to improve our website and services.

© 2022 — Klowdesk Inc All Rights Reserved.