Cisco

Cisco Security Manager logging SDEE messages from IPS in Event viewer

Cisco Security Manager +4 (I was trying 4.0.1 at the time of this post) has an "event viewer" feature thats actually pretty good! It can receive syslog and SDEE messages, parse them and display them in the nice gui for you. Syslog is pretty straight forward

Fedora

Fedora 15/16 (Xfce) auto login

I've got a couple of MythTV frontend machines where its very useful to be able to switch it on and have it login without prompting for a password then auto launch MythTV. In Fedora 15 / 16 and 17 this seems to be done a little differently and took

Linux

Script to check if a process is running and if not start it

A pretty simple script that uses pidof to check if a process is running and if not restart it (Thanks go to weirdo for warning me about the perils of grepping ps output) :) The script does use systemctl by default but you can comment the section out to use service.

Android

OpenVPN server on Fedora 16 connecting Cyanogenmod (7.1) Android phone [bridged]

I have already posted about openVPN on Ubuntu  but the config for Fedora is a little different so here's a updated post. I did the following setup using * Cyanogenmod 7.1 * OpenVPN 2.2 * Samsung Glaxy S 2 * Cisco 1800 router * Fedora 16 server I've used

Linux

Sort [SPAM] mail into a Spam folder (Postfix, Dovecot & procmail)

Quickly wanted to stop mail tagged by spamassasin as [SPAM] being delivered into my inbox. I did this using procmail and the following was configured on a Centos 6 server. Install procmail yum install procmail Next create a procmailrc file in the users home dir along (this can be done

CCNP Security

DMVPN with PKI authentication (GNS3 Lab)

Dynamic Multipoint VPNs (DMVPN) offer a low admin overhead and scalable VPN solution. It is also efficient at routing traffic as it can dynamically reconfigure itself from a hub and spoke to a partial or full mesh topology! This means that not all traffic has to pass through the hub

CCNP Security

Cisco IOS Certificate Server set-up and client enrolment (GNS3 Lab)

A quick step by step overview of how to configure the certificate server on a Cisco IOS device. The certificate server functionality was added in version 12.3(4). It is only available in in security images or higher. We can use this functionality to provide scalable authentication for VPN

CCNP Security

Dynamic point to point IPSEC VPN tunnels using DTVIs (GNS3 Lab)

Manually configuring point to point IPSEC tunnels can become a big administrative burden as the number of endpoints grows. In a hub and spoke environment we can use Dynamic Virtual Tunnel Interfaces (DVTI) to help ease this burden of lots of site to site or remote access tunnels When using

802.1x

EAP, EAPOL and EAP types

Extensible Authentication Protocol (EAP) - is a transport mechanism used in 802.1x to authenticate supplicants (hosts/pcs) against a backend server (Radius) via an authenticator (Switch). The first byte of the EAP header contains the code field, this identifies the EAP packet type. The four different codes are shown

Bash

Re-encode all videos in a directory using mencoder

I had ~50 videos in a directory that were encoded using on2 VP7 which was causing some problems on some of my home media players. Heres a quick one line command that will re-encode all files suffixed with .avi to use xvid  :) Once the script has completed all the re-encodes

Centos

Centos/Fedora install yubico-pam for yubikey 2 factor SSH authentication

I recently bought a yubikey to play around with as a two factor authentication method for VPNs. Easy – The YubiKey is placed in the USB port. The YubiKey is recognized as a USB keyboard so it works on all computers, platforms and browsers with no client software needed (Windows, Linux,

Cisco

Cisco (type 7) password decryption and encryption with Perl

I've often seen password decryption tools for the Cisco (type 7) passwords and wondered how they worked. To learn more about that and Perl I thought I'd give it a go :) The short story is it just seems to XOR each character against a value in

Eggdrop

Link Logging script for Eggdrop

A simple script for an eggdrop bot that will monitor a specified channel for URLs then log them with a time stamp against a username. I'm not a professional coder and I did this mainly to learn some more about TCL which I can use in EEM scripts

ASA

Cisco pipe options and some regex examples

Just a quick post about using the pipe (|) command on Cisco devices to help format the output of any command. Add the pipe to any show command then ? can show the available options. Below is from a 6500. 6509#show run | ? append Append redirected output to URL (URLs supporting append

backup

Configure automated Rsync backups

From rsync.samba.org/ rsync is an open source utility that provides fast incremental file transfer. rsync is freely available under theGNU General Public License and is currently being maintained by Wayne Davison. Its very easy to setup an automated incremental backup using rsync :) First we need to make sure

Cisco

Display the specific port used in an etherchannel for given src/dst info

Etherchannel on Cisco switches uses a hashing algorithm to determine which interface within the bundle to send the data over i.e. The port choice is deterministic and will always be the same unless ports are added to the bundle or the hashing algorithm is changed. It also means that

graphs

Create graph of bytes/s in open office from a Wireshark trace file

Since Im not studying for anything "official" at the moment I'm trying to learn more about the various tools I use most days. Hopefully there will be some useful posts in the coming days to help me stretch my memory muscle a bit :p This post

ASA

Cacti graph template for Cisco ASA VPN sessions (IPSEC, SSL, WEBVPN + Total)

Exported from Cacti 0.8.7e (including all dependencies) and made using a Cisco 5520 ASA running 8.4(1). OIDs used * IPSEC VPN count - .1.3.6.1.4.1.9.9.171.1.3.1.1.0 * SSL VPN count (Anyconnect) - .1.3.6.1.4.

640-553 CCNA Security

Role Based CLI access to Cisco IOS using Views

Just having a play around with role based access and "views". Not a feature I've used much in production. Below we will configure a view that only allows the use of the show interface commands. Then we will configure a use that when logging in via

ASA

Install & configure nfdump with nfsen on Ubuntu server 10.04

This was done using Ubuntu server 10.04 although everything is compiled from source so the commands should be very similar on any linux box. There are also example configs for Cisco ASA 8.2 near the bottom of the post. I was looking for a netflow collector/analyser that

Android

Setting up OpenVPN for Android phone (NAT & ZBFW on Cisco 1801)

I've been looking to get a decent "native" VPN setup on my android phone for a while. There doesn't seem to be native support for IPSEC VPNs terminating on Cisco routers. Long request topic for it [here] although ASA8.4(1) supposedly has support

Cisco

IOS ping with rotating data pattern/payload

Came across an interesting problem where depending on the ping payload the loss would vary quite a bit when being sent over a WAN link. Pings using windows machines were seeing higher loss than from linux boxes. It turns out windows uses a rotation from A-W for its ping payload

640-553 CCNA Security

Simple Zone Based IOS Firewall (GNS3 Lab)

Just a post about the basic config and options of Cisco IOS zone based firewall using the Topology below Grab the initial configs and GNS3 .net file [HERE]. From the initial configs all interfaces have connectivity to each other. First off lets configure the zones and assign each interface to

640-553 CCNA Security

Steps to configure an IPSEC site to site VPN on a Cisco IOS device (GNS3 Lab)

Just some short notes on basic IOS vpns using the topology below as an example. All the configuration examples are for the router Lefty. Grab the GNS3 .net file and initial configs [HERE] if you want to try. The following five steps need to configured in order to create an

Cisco

Petition for Educational IOS emulator – etherealmind.com

Please think about signing the petition since from 15.0 forwards it will become a huge problem for people looking to learn... We the undersigned ask Cisco to consider our petition for an open and usable IOS Emulator for learning, study and training. We are the people who are learning