Aug
20
2015
Is static port channel a good idea?
Is-static-port-channel-a-good-idea-loop

During my CCIE R&S studies (CCIE Routing and Switching v5.0 Official Cert Guide, Volume 1), I have discovered an unexpected behavior of the static port channel: a Layer2 loop! Obviously, in order for that happen, several things must happen. Suppose to have three switches:   The Ciscozine-ROOT switch, as the word suggest, is the root bridge (priority 4096); the Ciscozine-ROOT_SEC is the “backup root bridge” (priority 8192), while the Ciscozine-SW has the default priority.

Jun
27
2015
Leap Second 2015: a critical bug in NXOS
Leap-Second-2015-a-critical-bug-in-NXOS

In June 30, 2015 at 23:59:60 UTC, one minute will have 61 seconds when a leap second is added; the reason we have to add a second every now and then, is that Earth’s rotation around its own axis, is gradually slowing down, although very slowly. This will be the 26th leap second adjustment since 1972, and represents an important consideration for providers of computing, networking, and software solutions.

May
4
2015
Chuck Robbins, the new CEO of Cisco
Chuck-Robbins-the-new-CEO-of-Cisco

Cisco today announced that its Board of Directors has appointed Chuck Robbins as Chief Executive Officer effective July 26, 2015. In his previous role as Senior Vice President of Worldwide Field Operations for Cisco, Chuck Robbins has led the company’s Worldwide Sales Organization and Worldwide Partner Organization. John Chambers, who has led Cisco as its CEO for 20 years, will become the company’s executive chairman. “This is the perfect time for Chuck Robbins to become Cisco’s next Chief Executive Officer. We’ve selected a very strong leader at a time when Cisco is in a very strong position,” said Cisco Chairman and […]

Apr
21
2015
Send WhatsApp alert during a network fault
whatsapp-alert-network-fault

A good network engineer must react quickly during a fault. On the market, there are several solutions to monitor the network malfunctions: HP Openview, Solarwinds, PRTG and other solutions (open source or not). Generally, when an alert/warning is detected an event is triggered: email, SMS or text to a monitor. But why don’t you send these messages via whatsapp? It’s free and can reach everyone, everywhere! What you need: PHP with openssl extension enabled WART WhatsAPI-Official SIM In this tutorial, I use XAMPP Portable version 1.8.3 (http://sourceforge.net/projects/xampp/) on a Windows7 64bit machine. Note: The WhatsAPI-Official requires openssl extension enabled in the PHP settings; whitout this library the script cannot work! […]

Feb
2
2015
A Ghost in the device? CVE-2015-0235
cisco-ghost

On Tuesday January 27, 2015, Qualys security researchers discovered the GHOST vulnerability (CVE-2015-0235), a serious weakness in the Linux glibc library, that allows attackers to remotely take complete control of the victim system without having any prior knowledge of system credentials. This vulnerability affects the functions gethostbyname() and gethostbyname2() functions originally used to resolve a hostname to an IP address. However, these functions have been deprecated for approximately fifteen years, largely because of their lack of support for IPv6. The superseding function is getaddrinfo() which does support IPv6 and is not affected by this buffer overflow. Programs that still utilize the deprecated […]

Jan
29
2015
Cisco VSS: Failure scenarios
VSS-recovery-1

In the last article, I explained how to configure the Cisco 6500 in VSS configuration, but how does the VSS reacts during a failure? There are three possible scenarios: Link failure within a multichassis Cisco etherchannel link Active supervisor engine failure VSL failure Scenario #1: Link failure within a multichassis Cisco etherchannel link Availability is not affected for those data flows that do not use the failed link. For those traffic flows that use the failed link, the effect consists of the time it takes to detect the link failure and reprogram the indices within the system.

Jan
21
2015
Cisco 2015 Annual Security Report
CVSS-2015

Like every year, Cisco has released the Annual Security Report that is one of the preeminent security reports that examines the latest threat intelligence, providing industry insights, trends and key findings revealing cybersecurity trends. During this year, attackers have become more proficient at taking advantage of gaps in security to evade detection and conceal malicious activity. Security teams, must be constantly improving their approach to protect their organization from these increasingly sophisticated cyber attack campaigns.

Nov
26
2014
Cisco 6500 VSS configuration
Cisco-6500-VSS-Configuration-MEC-Physical

The Cisco Catalyst 6500 Series Virtual Switching System (VSS) allows the clustering of two chassis together into a single, logical entity. This technology allows for enhancements in all areas of network design, including high availability, scalability, management, and maintenance. The Virtual Switching System is created by converting two standalone Catalyst 6500 systems to a Virtual Switching System. The conversion is a one-time process that requires a few simple configuration steps and a system reload. Once the individual chassis reload, they are converted into the Virtual Switching System. All control plane functions are centrally managed by the active supervisor engine of the active virtual […]

Nov
2
2014
How to log everything with SecureCRT
how-to-log-securecrt-3

Unlike my technical articles about configurations, protocols and so on, in this tutorial I will explain how to log automatically all SecureCRT sessions. For those that are unaware, SecureCRT is one of the best SSH/telnet client. The question is “why save everything?” In my opinion, a good approach to work with many devices (network, security, …) is to save everything (show command, configuration command and so on..). This method gives several benefits, for instance when: The telnet/SSH client buffer is full Something goes wrong You mistakenly close SecureCRT You want to check what you have done

Sep
27
2014
Shellshock: a bug bigger than Heartbleed?
shellshock

Recently, the Red Hat team have found a critical remotely exploitable vulnerability in the Bash (aka the GNU Bourne Again Shell), that allow a remote attacker to inject arbitrary commands. GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash […]

Pages:1234567...25»