So like most IT security minded people I want to use SSH on everything I can because with telnet your username and password are sent over the wire in clear text. Now I know most of you say well if you are internal what matters it your password is sent in clear text who would […]
I have been looking far and wide for a good free file transfer program (not FTP, different protocol) for Amazon S3. S3 only has an API not an interface for you to upload your files. Since I am not a developer and can’t make a program to use their API I need to find one. […]
So ICMP is a double edge sword, it is great for helping you troubleshoot network issues and verifying the most basic connectivity is working. It also can give away a lot of information about what is going on in your network to people who shouldn’t know.
The question then becomes what kind of ICMP types do […]
I have put a service-policy in place on my companies high speed WAN link to control how much bandwidth the backup servers can use. This is a time-range based policy so that at night the backups can use as much bandwidth as is available and during the day it can only use 40 Mbps.
Scrubed config
time-range […]
I believe the reason this was happening was that the route-map I had in place for another node on this VLAN was causing packets to be dropped. What I did as a more permanent fix was to had an entry in the route-map’s match address list for the problem server. This route-map directs the traffic […]
I ran into an interesting problem today on our 7600 series router. One device on this router is unable to send traffic to anything on a particular subnet. There are lots of devices on the same VLAN that are about to access that same subnet and this device was up to the other day able […]
Just wanted to post about controlling services like DNS, FTP, SMTP etc… If you don’t have a firewall and have a Cisco router you can control ports with ACLs. You will need to use an extended ACL so the that command will start out with “ip access-list extended” typically with these since it can be […]
I retook a look at the settings that I in place before for shaping traffic going out a particular interface on our Cisco 7609. I wrote about is in a past post which can be viewed here. This policy was a hard policing of traffic from certain subnets going out on interface that was limited […]
Recently I had to put some rate limiting in place on our 7609 router. There are a couple of devices that have a tendency to hog our Internet bandwidth but have multiple IPs that live on many different VLANs. Since our Internet bandwidth is limited and is need for many different devices I couldn’t let […]
RSS Feed
