How to Sub-Delegate Reverse DNS Records Part 1

The Purpose of DNS Sub-Delegation

Let’s say you have acquired a static IP range from your ISP. Now that you have that range, you decide you also want to control the PTR records for these addresses as well. But, PTR records typically belong to the ISP. However, you do not want to depend on the ISP for each change you’d like to make; you want more control. How can your gain more control over those PTR records?

The way to gain this control is through DNS Sub-Delegation. DNS Sub-Delegation is when your ISP forwards PTR requests to your name server so that you can have control over your record updates. In other words, the ISP delegates their authority over their PTR records to your DNS server.


If you understood the implications of that last sentence, you’ll realize that you will need your own local DNS service that controls your domain. After all, if you don’t control your own domain, how are you going to control the PTR records once they are delegated to you? In this post, we’ll assume that you will manage your PTR records with your own DNS server. Continue reading How to Sub-Delegate Reverse DNS Records Part 1

Cracking Cisco Type 7 passwords by hand

Although you should be using MD5 or SHA256 for password security, Type 7 passwords are still in use and so I thought this would be a fun learning exercise.

The ‘service password-encryption‘ or Type 7 password is based on a known proprietary weak encryption algorithm using XOR and can be recognized in the configuration file as,

password 7 030752180500

Note: Type 5 uses MD5 and looks similar to this,

enable secret 5 $1$OB1J$tNsFgEZ4kD1qituaAeYfa0

There are plenty of scripts or websites that can crack Type 7 passwords in less than a second, including one on Cisco’s website. This example will show how this can be done with just pen and paper. Continue reading Cracking Cisco Type 7 passwords by hand

Basic Cisco ASA firewall setup

There are many different firewall options out there, but one of the most prevalent seems to be the Cisco ASA. This post is a basic configuration outline of the general setup of an ASA firewall that has basic connectivity, as well as dynamic and static NAT functions. While there are many different services an ASA can provide, this post centers on an ASA configuration running on the 8.x code version doing only basic functions. This particular setup is on a firewall in routed mode, that is used for NAT/PAT with only an inside and outside interface setup.

The first config settings to enter on an ASA, or most any other Cisco networking devices is the hostname of the device, domain name, and the enable password for logging into privileged exec mode.

config t
hostname LabASA1
enable password Secret1 Continue reading Basic Cisco ASA firewall setup