Friday, April 22, 2016

Starting Something New

Well folks, this post is right at my 1200th post.  I've put quite a bit of time in on this blog, for sure.  And these next few weeks may be a little slow for me on the blog posting.  I have decided to take an opportunity with another company that solely provides security solutions, of which I'm very excited about.  And as I wind down this week with one employer and get ready to start a the new position at the next, I'm probably going to take a small break from the blog, so that I can get prepared and settled in at the new place.  I do plan on coming back to blogging at some point, I'm just not sure when right now.
Don't be a stranger though.  I can still be reached at the "contact me" on the side of this page.  Ill be back soon.

Thursday, April 21, 2016

Cisco R&S: Getting Lab Ready For Deployment

We are about to roll out a colocation site and setting it up in a lab ahead of time is the best way to do this. All Cisco Nexus gear.

Wednesday, April 20, 2016

Home Projects: Bathroom Remodel

Well, we are still working on this 1935s house.  We have contracted out the bathroom, as I have found that I just don't have enough time to get this done quickly.  Its coming along pretty well, and its starting to look much different now than it did.
One wall of white subway tile:

And the new shower:

Monday, April 18, 2016

Palo Alto Firewall: Ping With A Source Address

Just a quick post today about ping in CLI.  You can use a particular source address of your choice that belongs to the Palo, should you need to.  Typically, you do need to if you are going across a VPN.  Here is the quick command, fill in your IPs of choice:

PA-3020> ping source host

Friday, April 15, 2016

Quote For The Day: 15

"My home is in Heaven. I'm just traveling through this world."  ~~Billy Graham

Thursday, April 14, 2016

Cisco R&S: License Activation On The 3850 Switch

This is a little mind boggling, but it appears that the licensing activation is on an honor system with Cisco.  I needed to go from LANBASE to IPSERVICES on a pair of stacked 3850s.  I started pursing the licensing and was told by Cisco about the "honor system".  Sure enough, it appears to be true.  I did the following on the pair I mentioned:

Switch#license right-to-use activate ipservices all acceptEULA
% switch-1:stack-mgr:Reboot the switch to invoke the highest activated License level

Switch#wr mem
Building configuration...
Compressed configuration from 9034 bytes to 3710 bytes[OK]
Reload command is being issued on Active unit, this will reload the whole stack
Proceed with reload? [confirm]

Notice that the stack now functions, whereas it did not match before:
Switch#sh switch
Switch/Stack Mac Address : 0c11.6710.8480 - Local Mac Address
Mac persistency wait time: Indefinite
                                             H/W   Current
Switch#   Role    Mac Address     Priority Version  State
*1       Active   0c11.6710.8480     1      V06     Ready
 2       Member   5006.ab23.8600     1      V05     Ready

Now, do a show version, and lets see the licensing after the command:
Switch#sh ver
License Level: Ipservices
License Type: Permanent
Next reload license Level: Ipservices

Wednesday, April 13, 2016

SonicWall Firewall: Allowing RDP Access To An Internal Server

I dont personally recommend doing this config, but the customer asked for it.  They wanted to directly RDP to the public address of the firewall and do a port translation to an internal server so that they could access it from the outside.  I prefer VPN personally, but hey, its their call.
First, create a rule, then a NAT policy.

Now, NAT rule:

Monday, April 11, 2016

Cisco R&S: How "Man In The Middle Attacks" Happen

In doing some research about a particular problem I came across for a client, I read through a good Cisco document about how man in the middle attacks occur.  I thought this would be a interesting read for you as well, if you are interested in that sort of thing.  I copied and pasted this directly from the following document: Cisco document

Figure 34-1 ARP Cache Poisoning
Hosts HA, HB, and HC are connected to the switch on interfaces A, B and C, all of which are on the same subnet. Their IP and MAC addresses are shown in parentheses; for example, Host HA uses IP address IA and MAC address MA. When HA needs to communicate to HB at the IP Layer, HA broadcasts an ARP request for the MAC address associated with IB. As soon as HB receives the ARP request, the ARP cache on HB is populated with an ARP binding for a host with the IP address IA and a MAC address MA; for example, IP address IA is bound to MAC address MA. When HB responds, the ARP cache on HA is populated with a binding for a host with the IP address IB and a MAC address MB.

Host HC can "poison" the ARP caches of HA and HB by broadcasting forged ARP responses with bindings for a host with an IP address of IA (or IB) and a MAC address of MC. Hosts with poisoned ARP caches use the MAC address MC as the destination MAC address for traffic intended for IA or IB. This means that HC intercepts that traffic. Because HC knows the true MAC addresses associated with IA and IB, HC can forward the intercepted traffic to those hosts using the correct MAC address as the destination. HC has inserted itself into the traffic stream from HA to HB, the classic "man in the middle" attack.

Sunday, April 10, 2016

Friday, April 8, 2016

A Walk In The Woods

My wife and I took a walk in the woods two weekends ago. I really enjoy being outdoors and breathing the fresh air. When you live in the city like we do, moments like this are priceless.

And a nice sunset to end the day.

Thursday, April 7, 2016

Quote For The Day: 14

"Maybe if we focused on being light & less on the dark, we might actually see things change." --Michael M. Rose

Wednesday, April 6, 2016

Generally What You Need From The Server Guys

When the server guys need you to configure switch ports for them, then below is generally all you need in most scenarios.  This was my message to the team of what I needed from the server guys this past weekend.

Tuesday, April 5, 2016

Home Projects: Room Shiplaped

I really like this look. I think we will end up painting this room, but it really has a look about it that I'm fond of.

Monday, April 4, 2016

Check Point Firewall: Hard Drive Replacement

That beeping sound I talked about last Wednesday? Well, I replaced the hard drive in it, as you can see below. It has 4 drives and this one, when I put it in, did get rebuilt on its own. Only takes a minute to replace but a while to get the data back on it.