Use Talos IP Blacklist on your ASA
Create bash script:
#!/bin/bash
wget -q https://talosintelligence.com/documents/ip-blacklist
ipblack=( $(cut -d ';' -f2 ip-blacklist ) )
echo "conf t"
for ip in "${ipblack[@]}"
do
echo "name $ip TALOS_BLACKLIST_$ip"
done
echo "no object-group network TALOS_BLACKLIST"
echo "object-group network TALOS_BLACKLIST"
for ip in "${ipblack[@]}"
do
echo "network-object host $ip"
done
echo "!"
echo "exit"Run it, copy-paste output to your ASA:
./talos-ipblacklist.sh > talos-blacklist.cfg
SSH to ASA mgmt interface from raVPN
ASA(config)# management-access mgmt_interface
ASA(config)# nat (outside,mmgt_interface) source static RAVPN_POOL RAVPN_POOL destination static ASA_MGMT_IP ASA_MGMT_IP no-proxy-arp route-lookup
ASA(config)# ssh RAVPN_POOL management
FTD support diagnostic CLI
system support diagnostic-cli
Cisco ACS backup/restore procedure
show repository <repository name> | i <repository name>
acs restore <backup name> repository <repository name>
show application status acs
VMware can’t find headers
user@host:~$ sudo aptitude install linux-headers-$(uname -r)
grub-install: error: failed to register the EFI boot entry: Operation not permitted.
- umount /boot/efi
- apt install -f
- mount -a
- apt update && sudo apt upgrade
Firepower FTD 11X0,21X0 management address change
configure network ipv4 manual <ip address> <subnet mask> <df gateway> management0
show network
Fortigate – get interface MAC address
Use CLI and enter: get hardware nic port <name> or diag hardware deviceinfo nic <name>
Change windows password via RDP session
Start -> RUN -> osk
You’ll get on screen keyboard and now you can press CTRL + ALT + DEL to change your password.
