CVE-2017-12542 – HP iLO 4 Authentication Bypass

An authentication bypass and execution of code vulnerability exits within all of HPE’s Integrated Lights-out 4 (iLO 4)  controllers prior to version 2.54.  This is triggered by a buffer overflow in how the web server handles the Connection HTTP header.  Unrestricted access to the REST API is possible allowing for administrative account creation.  With unrestricted […]

Use diskpart in Windows to shrink VHD files

Recently, I had a need to shrink a VHD file.  Ater running the Resize-VHD command with PowerShell, I realized that it would not work unless the Virtual Machine Management service was installed and running.  Instead of performing a Hyper-V install to get this feature, a little research led to diskpart.  It turns out that it […]

How to use DHCP Snooping on Cisco devices

This post will deal with the problem of DHCP attacks that can occur within an enterprise and how you can quickly and easily tighten security within a network. First off, attacks can be malicious or completely by accident without the end-user knowing what they are doing. Let’s say someone brings their home laptop to the […]