Skip to Content

Adam's blog

Free Visio Stencils

Thu, 2010-09-30 06:41
router_icon.jpg

Ever go searching for the right Visio icon and you end up with one of the default, generic white boxes to represent some cool new device? Well, I went for a hunt last night to find the best Visio stencils for the most commonly used products out there. 

Here is a list of what I've come up with:  

Free Training for F5 BIG IP LTM

Wed, 2010-09-29 21:56
f5.JPG

F5 has been in the business of application delivery since the mid 90's and they are one of the industry leading providers of network load balancers. They are famous for their BIG IP product line with one of the most popular "modules" being the Local Traffic Manager, or LTM. If this is the first time that you've heard of this company, just know that BIG IP's help make some of the worlds largest websites and application deployments work.

For all of you that have been chomping at the bit to get some hands on experience with LTMs, but the "application guys" or the "data center guys" or the "whoever manages your F5 load balancer guys" never let you get near them, then have I got some news for you! 

HP Makes More Than Printers?

Tue, 2010-09-28 19:29
inkjet_printer.jpg

Whenever I think of HP, my thirst thought is a junky old inkjet printer that I still have taking up space in my office. I haven't used it since I bought a newer Xerox Phaser 6130 Color Laser (which is awesome). That's not really a fair representation of HP though, since they sell a wide range of enterprise grade products including servers (thank you Compaq) and network gear (thank you 3COM). 

Cisco IOS H.323 Denial of Service Vulnerabilities

Tue, 2010-09-28 05:43

Cisco recently announced a vulnerability in their IOS software related to H.323 that could be exploited to DoS your router with malformed packets. If you have a router running versions of code that are vulnerable (they range from 12.1 all the way to 15.0 code versions) AND you have the H323 process running, then someone could send malformed packets to the router and cause it to reboot. This could even happen by accident if you have video conferencing software that doesn't adhere to the H323 standard. 

IOS 12.4 EOL, Universal IOS, and Cisco License Manager

Mon, 2010-09-27 07:25
keys.jpg

Many of you may have heard by now, IOS 15 is the way of the future for IOS based devices. Cisco made their official End-of-Sale and End-of-Life Announcement for Cisco IOS Software Release 12.4So, if you weren't planning on upgrading to IOS 15 ever, at least now you can know when you won't be able to call Cisco for help. The specific dates for EOL and EOS are detailed in the link above, but here's is a screen shot of the dates to save you a click:


 
Cisco IOS 12.4 EOS, EOL

VOIP Hacking - Not a good career path

Sat, 2010-09-25 13:34
prison.jpg

If you read How to hack IP voice and video in real-time, you might have realized that with the right tools, network engineers can gain access to a lot of things. You might even find yourself in a situation that allows you to overhear some important calls that include trade secrets or other secret information. Most large organizations realize this and require employees to swear to company oaths or sign waivers. I've personally been subject to background checks and even credit checks to make sure I'm not getting paid by foreign countries to do their bidding. (FYI to all you crooked politicians and evil countries out there, you can't buy me out).

NTP and SNTP Configuration

Fri, 2010-09-24 07:00
clock.jpg

Have you reviewed your company's NTP configuration recently? Is it secure or can it be totally PWND? Let's talk about the "Why" and then we'll get to the How to configure NTP. 

First, what does NTP do? It provides the same time, enterprise wide. What happens if you log into a router on some distant continent that does not have the correct time? If you are trying to correlate logs, good luck! You are going to need more than a slide rule to match things up. 

Second, if a person with ill-intent decides to hack into your network, what better way to cover their tracks than to completely mess up your time settings. Imagine if the clocks were different on every device, there's no way you would be able to correlate what happened and when. 

So, that is why you need to have synchronized time. Take the bull by the horns like this is a military operation. Now let's talk about the how.

Free IP Address Management from Infoblox

Fri, 2010-09-24 01:12
infoblox_logo.jpg

IPAM is typically an acronym you don't hear until you start working on large networks. Most small to medium size networks have either a couple large networks (i.e., "the 10.0.0.0/8 network is over there, and the 192.168.0.0/16 network is over there...") or a few /24 subnets like 172.16.1.0/24 for Data, 172.16.2.0/24 for IP Phones, etc. 

However, when you start having to design solutions to integrate with hundreds of remote sites connected via a massive mpls network, multiple redundant data centers, and several campuses with dozens of buildings all interconnected, it becomes challenging to know where 10.37.225.64/28 is located without a spiffy higherarchical IP address design, great documentation, or just plain crawling the network with traceroutes and "show ip route" commands. So because of all that, engineers that work with large networks rely on IPAM to help organize and allocate IP addresses.

How to hack IP voice and video in real-time

Thu, 2010-09-23 06:50

Network World has an interesting write up on the inherent vulnerabilities in Voice and Video over IP networks and how they can easily be compromised if security is not properly implemented. Securing IP networks has received a lot of attention over the last several years which has brought rise to many products, new standards, and even some new certifications

Does your organization have VOIP implemented securely or is it wide open for anyone to eavesdrop on calls? Or is your organization even more bleeding edge with video conference setups in every conference room, or everyone's desk? If so, I hope for your company's security sake that they have someone or a few someone's dedicated to this stuff.

Quick IOS Upgrade Tip: USB Flash Drive Support

Wed, 2010-09-22 07:12
usb_flash_drive.jpg

Ever have a project that involves deploying several, even dozens, of routers? Upgrading the IOS on each and every one is usually one of the first steps and it can be a time consuming task! 

Well, there is hope my friends. Cisco has been including USB ports on many of their devices for several years. Originally when they first started appearing, they didn't always do anything. You could plug something into them and nothing would happen. 

However, that has changed in many of the newer software versions that are being released, in particular Cisco's ISR series.  This has made the process of upgrading code on a non-production router so much easier it is worth writing about.  Here is the list of IOS versions that support USB:

An Amazing Little Device

Tue, 2010-09-21 07:01
usb.jpg

KVMs have been around for many years and as technology evolves, KVMs appear with new types of connectors, more features, and improved functionality. That said, I've been looking for an inexpensive, yet functional solution to sharing a USB keyboard and mouse between two machines. I have a monitor that supports dual input and is easily switched between systems, so that wasn't an issue. 

Senior Network Engineer Salaries

Mon, 2010-09-20 21:36
cash_pile.JPG

Seeing those numbers for a Network Engineer may have sparked your curiosity about what Senior Network Engineers pull in. Payscale has those figures too! Take a look:

Network Engineer Salaries

Sun, 2010-09-19 21:04
dollar.PNG

PayScale.com posted some "up to date" salary information on their site last week. If you are currently in the industry as an IT professional, how do you stand up against these numbers?

Heads Up! CCDA & CCDP Exam Refresh Coming!

Sun, 2010-09-19 09:44
certification

Cisco recently announced the pending refresh of their CCDA and CCDP exams. It looks like they're going to make the cut from the version 2.0 exam blueprints to version 2.1 on November 8th, 2010. So if you are studying for one of these exams right now, you might want to book your test and knock it out.

What should you expect to see different if you are currently studying for these exams and not quite ready to pass it by November? 

From the looks of it, there are a lot of the same topics and some updates to match the changes that were recently made in the CCNP track, but with the addition of new shiny technologies! 

EIGRP Auto-Summary Now Disabled By Default

Sat, 2010-09-18 11:13
command_line_eigrp.jpg

If you work on a network with mostly Cisco equipment, there is a good chance you've configured EIGRP or at least seen it configured. The most typical setup would be an RFC 1918 address range (such as 10.0.0.0) as the network, and a the dreaded auto-summary disabled. Most small to medium sized pure-Cisco shops don't use redistribution or modify the K values unless they have some well defined requirements that call for it. That said, here's an example of a fairly typical EIGRP configuration: 

router eigrp 100
network 10.0.0.0
no auto-summary

If this is similar to your configuration, Cisco wants to make things "easier" for you. Since nearly everyone disables auto-summary, they went ahead and started disabling it by default. Here is an excerpt from their command reference guide:


Syndicate content


Dr. Radut