John Marrett

John is Stack8's Director of Managed Services. John specializes in network and security, by developing innovative solutions for our clients and providing them with ongoing support.

Recent Posts

Cisco WebEx Plugin Vulnerabilities Affecting Chrome, Firefox and Internet Explorer (CVE-2017-3823)

Posted by John Marrett on Jan 24, 2017 4:26:52 PM

There is a severe bug in the WebEx extensions for Chrome, Firefox and Internet Explorer (CVE-2017-3823) that enables an attacker to execute arbitrary code on a machine if a user with the plugin installed visits a hostile website. A trusted website may also contain a hostile ad or XSS vulnerability that can be leveraged in this attack. This plugin is installed on approximately 10 - 20 million user machines.

Read More

Topics: chrome, firefox, CVE-2017-3823, webex

Diagnosing Firewall "Misbehaviour" with Packet Captures

Posted by John Marrett on Jun 22, 2016 8:30:00 AM

Our support team received a call from a customer complaining that their next generation firewall (NGFW) was intermittently blocking access to their new voting website. As we were in the process of making firewall changes inside their environment and are responsible for the management of their network they turned to us for help.

The website was a vanity domain hosted at GoDaddy that redirected users to a deep link within another website. We accessed the site and confirmed that it was working properly and sending a 301 redirect as expected, it worked properly both inside their and our environment. We reviewed the firewall logs and found no indications that traffic was blocked by any firewall or IPS. The customer insisted that there was an intermittent problem accessing the website that seemed to affect some users at random.

Read More

Topics: Network & Security Insights, Network

Cisco Cloud Services Router 1000v in Review

Posted by John Marrett on Apr 28, 2016 10:00:00 AM

 

The Cloud Services Router 1000v (CSR) is one of Cisco's best kept secrets in the routing and security space. The CSR is an incredibly powerful product that's flexible, adaptable and offers almost limitless functionality at a very low price point. In some cases, this router will cost less to license than the ongoing support costs of the traditional router that they could replace. While infrequently positioned in these roles by VARs and account teams the CSR is surprisingly capable.  In this blog post, we will review the advantages and limitations of the CSR in our experience using it on the routing and security side of the business although it's also starting to be used for some Unified Communications related roles.

Read More

Topics: Cisco Unified Communications Insights, Network & Security Insights, Cisco Release Notes and Product Reviews

Networking Segmentation for Security using VRF

Posted by John Marrett on Apr 7, 2016 9:08:56 AM

Many organisations today face a challenge in securing enterprise networks that were designed prior to internal segmentation and security becoming a primary concern. It is very difficult to retrofit security into a network design, especially when you want to avoid changing server configurations, minimize downtime and impact, maintain performance within existing network segments, and progressively phase in security rules. In this blog post, we'll discuss an approach we have developed and used for both new network deployments, as well as, retrofits. 

THE PROBLEM

Retrofitting security into a network design while avoiding server configuration changes, downtime and performance issues.

Read More

Topics: Security, Network & Security Insights, How to(s)

CVE-2015-7547, glibc vulnerability; its impact on Cisco products and our mitigation solutions

Posted by John Marrett on Feb 19, 2016 12:16:06 PM

 

 

The Vulnerability 

On Tuesday, February 16th, Google's security team announced a significant vulnerability in glibc . The vulnerability relates to the handling of DNS packets, and many Cisco systems are vulnerable to it if an attacker can cause an affected device to perform a DNS lookup against an attacker-controlled DNS server. As many services (ssh, some web servers, mail servers) do perform these requests in an externally controllable fashion, the risk and exposure of this vulnerability are extremely significant.

Cisco released their advisory for this issue on the 18th. Because of the extensive use of Linux in newer switching and routing products, UC servers, and security and management appliances, the potential scope of the issue is vast. Cisco is presently still in the process of qualifying products to determine if and how they are affected.

Read More

Topics: Security, Network & Security Insights, Network

Don’t miss out. Expert advice straight to your inbox!

Insightful tips, troubleshooting and solutions for your everyday Unified Communications challenges from our team of experts. You can look forward to:

  • Weekly UC tips;
  • Cisco Unified Communications insights;
  • UCCX - Contact Center insights;
  • Network and Security insights;
  • Cisco Release notes and Product reviews.
Join us for free live demo