The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About stevelarsen
stevelarsen

stevelarsen

Comes here often

Member since Sep 19, 2017

‎12-05-2022

Community Record

12
Posts
0
Kudos
0
Solutions

Badges

CMNO
1st Birthday
First 5 Posts View All
Latest Contributions by stevelarsen
  • Topics stevelarsen has Participated In
  • Latest Contributions by stevelarsen

Re: Layer 3 Stack with Public IP Uplink

by stevelarsen in Switching
‎11-03-2022 08:08 AM
‎11-03-2022 08:08 AM
Not common is different to not possible. Are you saying that using an uplink which is a public ip is not possible in the meraki stack configuration? ... View more

Layer 3 Stack with Public IP Uplink

by stevelarsen in Switching
‎11-01-2022 01:34 PM
‎11-01-2022 01:34 PM
I was able to get the stack online with an existing network which has DHCP. The stack obtained a 172 LAN IP and a Public IP ending .100   ms350 stack > switch (dhcp) > firewall > isp1   Once the stack was a success with IPS1 I need to move it over to a new network where it would be directly connected to the ISP2 link where no DHCP exists. If I configure the Uplink on the stack to use the new Public IP ending .178 the switch that is connected to the uplink works but the other one does not work. The LAN IP is also showing as the .178 address in this case.   ms350 stack > isp2   Is it possible to create a stack with a public IP uplink configuration and what else might need to be configured to make this setup work? ... View more

Meraki Certifications

by stevelarsen in Off the Stack
‎07-15-2019 03:46 PM
‎07-15-2019 03:46 PM
I picked up the CMNO cert back in '17 and I have that via email. I'm wondering if I should see it here in the portal. There was a slight mixup with the email I registered with and took the exam with but in the end it was changed so I thought and I received the cert at my current profile email. cmno-cert ... View more

Integrating with Google SecureLDAP

by stevelarsen in Wireless LAN
‎01-08-2019 11:01 AM
‎01-08-2019 11:01 AM
Has anyone successfully integrated Google with Meraki WAP2-Enterprise using SecureLDAP?  I'm wondering how to combine it with something like freeRADIUS and stunnel as a proxy as Meraki does not support certificates for the RADIUS server which is the only way Google allows connections.   ... View more

Re: Factory Reset Prevention android problem

by stevelarsen in Mobile Device Management
‎10-03-2017 01:55 AM
‎10-03-2017 01:55 AM
If you're using G Suite, you may want to consider company owned Android devices and preventing factory reset abilities. Or you can enable an admin that is required to login after a factory reset.     ... View more

Re: Password complexity ?

by stevelarsen in Community Tips & Tricks
‎09-20-2017 02:05 AM
‎09-20-2017 02:05 AM
i'm not arguing just to argue, i'm trying to provide a view that isn't often discussed or considered on how usernames and credentials can be made more secure which is the root of the whole post, making a users login harder to know.   of course the more entropy you add to a password makes it harder to guess, i've never said otherwise in any of my statements. what i'm trying to say is that allowing special characters is not the only way to make a login more secure and shouldn't be considered a requirement. ... View more

Re: Password complexity ?

by stevelarsen in Community Tips & Tricks
‎09-20-2017 01:17 AM
‎09-20-2017 01:17 AM
"If you have a X character long password without special characters and one without special characters the time to brute force is significantly longer." That's not entirely accurate, you're assuming too much when trying to solve for this. This is only true if you know what to look for and limit the characterset during the brute force. If I have a list of encrypted passwords, the character set is known to be 95 characters let's say, I will have just as much chance finding a password with just lowercase letters as one with all combinations of character types. Of course that also depends on how the brute force code iterates through finding matches. If it first tries all lowercase, for example, it will find it faster than one with more character types. ... View more

Re: Password complexity ?

by stevelarsen in Community Tips & Tricks
‎09-19-2017 04:27 PM
‎09-19-2017 04:27 PM
I'd feel more secure knowing my password in 1111111111111111111111111111111111111111111111111111111111111111 compared to (n4k7#L! any  ... View more

Re: Password complexity ?

by stevelarsen in Community Tips & Tricks
‎09-19-2017 04:15 PM
‎09-19-2017 04:15 PM
as you mentioned, having a larger pool of character as part of the potential options absolutely adds to the strength. this is why all unicode characters (160k+) should be supported and then a 4 character password takes drastically longer having ~6.5E+20 permutations than the 8 character upper/lower/number/special combination typically having just a pool of 95 characters with just ~4.90E+15 permutations. ... View more

Re: Password complexity ?

by stevelarsen in Community Tips & Tricks
‎09-19-2017 04:00 PM
‎09-19-2017 04:00 PM
when requiring these special characters and complex passwords, sites reveal how I'd go about building a smarter algorithm to crack these passwords. when listing the requirements like the cisco site does ( 1 uppercase, 1 lowercase, 1 number, 8 to 60 characters, english characters: A-z, 0-9, @, -, _, or ., cannot match your email address or User ID) I now can limit the scope of my brute force attack massively reducing the time it takes to go through the initial list of all possible combinations.   having a unique email/username to every site absolutely adds to the security. if I had my email and password stolen from a site not using modern password system, and let's be honest, not many do, having a unique email/username on every other site means I can't take those known credentials I now know and now use them on another site.   ... View more

Re: Password complexity ?

by stevelarsen in Community Tips & Tricks
‎09-19-2017 03:39 PM
‎09-19-2017 03:39 PM
of course when you look at brute forcing a password, 8 characters of more symbols available reduces the time to crack that. you're only thinking of this technical aspect though. the most recent nist recommendations also support removing the complexity component and enforcing more length along with a list of known bad passwords list. and remember that most 2fa isn't really secure as it's mostly defaulting to sms or not allowing sms to be removed.   One of the main points about increasing password length is how much easier is it for people to use and remember longer password. As per this study, a "comprehensive8" policy is the most challenging and also most likely to be written down on paper. http://users.ece.cmu.edu/~mmazurek/papers/chi2011_passwords_people.pdf   Study participants experienced the most difficulty with the comprehensive8 requirements from beginning to end. Only 17.7 percent were able to create a password that met all of the requirements in the first try, compared to well over 50 percent for the rest of the conditions. Twenty-five percent of comprehensive8 testers gave up before they could even make a password that satisfied the requirements, compared to 18.3 percent or less for other conditions. Over 50 percent of comprehensive8 participants stored their password either on paper or electronically, compared to 33 percent for those with the 16-character minimum and less for the rest of the conditions. ... View more

Re: Password complexity ?

by stevelarsen in Community Tips & Tricks
‎09-19-2017 02:46 PM
‎09-19-2017 02:46 PM
I do find that not allowing special characters is unusual, but they don't make a password more secure. making the password longer is the best options. if the db of stored passwords is compromised and encryption keys stollen, key logger, etc then neither are relevant really. the idea of having a 'strong' password I think is a myth. If you think of it, emails are also part of your password and should be unique as well. when a site has been compromised and emails and passwords obtained, as the owner of this info I can now use your email and password on all of the most popular sites to see if I get a match. Keeping your emails, username and passwords unique increase the likely hood that credential from one site can be used on another.   I later checked my cisco pwd and it does contain special characters so I'm curious to know if this is just for new accounts being created. I've had mine since 2014-11-01 ... View more
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2023 Meraki