BPDU Filter and its Potential to Cause a Network Loop

Spanning-tree “BPDU Filter” works similar to “BPDU Guard”, as it allows you to block BPDU’s. The major difference is that “BPDU Guard” will place an interface that receives the BPDU into an “err-disabled” state pretty much protecting the violating port while “BPDU Filter” just “filters” it leaving the port to stay up. If a user… Read More »

BPDU Guard Concept, STP Attack and Mitigation

BPDU Guard, BPDU Filter, Root Guard and Loop Guard are all considered spanning tree security features, they all have different characteristics as to what they protect and how they work. Spanning tree attacks can harm the data-plane at Layer 2 therefore using spanning tree security we can mitigate “Man in the Middle” type attacks, protect… Read More »

Dynamic ARP Inspection (DAI) Concept/Attack Example and Implementation

Dynamic ARP Inspection is a security feature that rejects invalid and malicious ARP packets, by using DAI we can prevent ARP Poisoning/Spoofing Attacks. The Address Resolution Protocol works the following way “” wants to communicate with “” however the switch does not know how to reach the layer 3 address as switches only understands L2… Read More »

Private VLAN Concept/Implementation

Private VLANs are basically VLANs within a VLAN, they partition a regular VLAN domain into sub-domains. A sub-domain is represented by a “Primary” VLAN and a “Secondary” VLAN, this is called a “VLAN pair”. You can have multiple VLAN pairs for example one VLAN pair for each sub-domain. All VLAN pairs share the same primary VLAN. The secondary VLAN… Read More »

DHCP Snooping Concept/Implementation

DHCP Snooping is a layer 2 security technology built into the IOS of a switch. The switch will drop DHCP Server messages in order to prevent unauthorized/rogue DHCP servers from offering IP addresses to DHCP clients. This is a very valuable security measure that can be used to help mitigate the network from attacks. DHCP… Read More »

Cisco Port-Security Concept/Implementation

Cisco port security is a layer 2 traffic control feature used to protect the network from unknown devices which may be plugged into the network either via a network point in a publicly available space or by a malicious user who has physical access to a network point. Port security works by first setting a… Read More »

“You must disable Sophos Tamper Protection before you continue. Contact your administrator or see Sophos KBA119175”.

You may have come across an issue where you have deleted a Server or workstation from Sophos Central not realising that by default these devices are protected for “Tamper Protection”.   So now on the local machine you are attempting to uninstall “Sophos” but you can’t and keep getting an error “You must disable “Sophos… Read More »

Solarwinds TFTP Server

Download: SolarWinds TFTP Server To use the Solarwinds TFTP server, simply download, unzip and install. The server will start when the application is launched and will be listening on the standard port “UDP 69”   The default file location is C:\TFTP-Root. This can be changed if required by selecting “File-Configure” If any issues are encountered… Read More »