Understanding ‘transport output’ and ‘access-class’

Several years ago I wrote an article called The Elusive “access-class out” Command. My primary goal was to help CCNA students understand both the behavior of and placement of this command. My friend Anthony Sequeira done a great job in the video that is also shown in my original post. Today, I want to share another command and expand on there behavior.

For all of the demonstrations in this article, the following topology will be used. The router named iosv-2 will be the primary focus and the only place changes will be made.

Topology

Backing up for a moment, there are a couple of messages that might be displayed when an IOS device blocks outbound telnet or ssh sessions from the current exec session. These are demonstrated with a quick configuration of an transport output and access-class restriction.

//the first error is unique depending on
//if ssh or telnet is being used
iosv-2(config)line con 0
iosv-2(config-line)#transport output none
iosv-2(config-line)#do telnet 192.168.0.3
% telnet connections not permitted from this terminal
iosv-2(config-line)#do ssh -l cisco 192.168.0.3
% ssh connections not permitted from this terminal

//now we can re-enable all the protocols
//and demonstrate the other error message
iosv-2(config-line)#transport input all
iosv-2(config-line)#access-list  Continue reading

Facebook to launch OpenCellular, an open-source mobile networking framework

The world’s largest social network today announced that it will launch OpenCellular, a mobile infrastructure platform designed to lower barriers to entry for would-be providers of internet service to the developing world.OpenCellular, in essence, is designed to be a customizable base chassis for a wireless access point, able to connect devices using 2G, LTE or even Wi-Fi. Facebook said that the emphasis in the design process was on keeping the design as modular and inexpensive as possible, as well as making it easy to deploy.+ALSO ON NETWORK WORLD: Boston is nation’s top tech-talent exporter + Antivirus merger: Avast offers $1.3 billion for AVGTo read this article in full or to leave a comment, please click here

Facebook to launch OpenCellular, an open-source mobile networking framework

The world’s largest social network today announced that it will launch OpenCellular, a mobile infrastructure platform designed to lower barriers to entry for would-be providers of internet service to the developing world.OpenCellular, in essence, is designed to be a customizable base chassis for a wireless access point, able to connect devices using 2G, LTE or even Wi-Fi. Facebook said that the emphasis in the design process was on keeping the design as modular and inexpensive as possible, as well as making it easy to deploy.+ALSO ON NETWORK WORLD: Boston is nation’s top tech-talent exporter + Antivirus merger: Avast offers $1.3 billion for AVGTo read this article in full or to leave a comment, please click here

Wendy’s hack was bigger than thought and exposed credit card data

A data breach that hit Wendy's fast food restaurants was more than three times bigger than originally disclosed and exposed customer credit card data.The company said Thursday that malware installed in point-of-sale systems was discovered at over 1,000 of its franchised U.S. restaurants -- a big jump from the "fewer than 300 stores" it said in May had been affected.Hackers gained access to the machines using remote access credentials of a third-party service provider, Wendy’s said.The breach began in fall 2015 and wasn't discovered until early this year. As part of its investigation, the company discovered a second malware variant had infected its systems.To read this article in full or to leave a comment, please click here

Wendy’s hack was bigger than thought and exposed credit card data

A data breach that hit Wendy's fast food restaurants was more than three times bigger than originally disclosed and exposed customer credit card data.The company said Thursday that malware installed in point-of-sale systems was discovered at over 1,000 of its franchised U.S. restaurants -- a big jump from the "fewer than 300 stores" it said in May had been affected.Hackers gained access to the machines using remote access credentials of a third-party service provider, Wendy’s said.The breach began in fall 2015 and wasn't discovered until early this year. As part of its investigation, the company discovered a second malware variant had infected its systems.To read this article in full or to leave a comment, please click here

GigaSpaces Unleashes New Version of Cloudify Orchestration

It includes plug-ins for all major cloud platforms.

6 ‘data’ buzzwords you need to understand

Take one major trend spanning the business and technology worlds, add countless vendors and consultants hoping to cash in, and what do you get? A whole lot of buzzwords with unclear definitions.In the world of big data, the surrounding hype has spawned a brand-new lingo. Need a little clarity? Read on for a glossary of sorts highlighting some of the main data types you should understand.1. Fast data The shining star in this constellation of terms is "fast data," which is popping up with increasing frequency. It refers to "data whose utility is going to decline over time," said Tony Baer, a principal analyst at Ovum who says he coined the term back in 2012.To read this article in full or to leave a comment, please click here

Worth Reading: Independence from L2 data centers

We’ve all been there. That “non-disruptive” maintenance window that should “only be a blip”. You sit down at the terminal at 10pm expecting that adding a new server to the MLAG domain or upgrading a single switch will be a simple process, only to lose the rack of dual-attached servers and spend the rest of your Thursday night frantically trying to bring the cluster back online. If I never spend another evening troubleshooting an outage caused by MLAG, I’ll die happy! -Cumulus

The post Worth Reading: Independence from L2 data centers appeared first on 'net work.

FTC warning: The IRS does not accept payment in iTunes cards

The Federal Trade Commission issued a warning today about a scam that sounds ridiculous but is nonetheless surprisingly common: Con artists are convincing victims that they’re from the IRS and will accept outstanding payments in the form of iTunes cards.From an FTC blog post: People have told the FTC about scammers who called and demanded iTunes cards as “payment.” Bogus “IRS agents” told people they owed back taxes and would be arrested soon, unless they bought an iTunes card and gave the code to the “agent.” Phony “government grant” officers called and promised a big payout, after the person bought an iTunes card and read the code to the “grant officer.” Other fraudsters told people their grandkids were in jail and the only way to help was — you guessed it — to buy an iTunes card and read the code over the phone. All the stories were false.To read this article in full or to leave a comment, please click here

FTC warning: The IRS does not accept payment in iTunes cards

The Federal Trade Commission issued a warning today about a scam that sounds ridiculous but is nonetheless surprisingly common: Con artists are convincing victims that they’re from the IRS and will accept outstanding payments in the form of iTunes cards.From an FTC blog post: People have told the FTC about scammers who called and demanded iTunes cards as “payment.” Bogus “IRS agents” told people they owed back taxes and would be arrested soon, unless they bought an iTunes card and gave the code to the “agent.” Phony “government grant” officers called and promised a big payout, after the person bought an iTunes card and read the code to the “grant officer.” Other fraudsters told people their grandkids were in jail and the only way to help was — you guessed it — to buy an iTunes card and read the code over the phone. All the stories were false.To read this article in full or to leave a comment, please click here

NGMN to Write the 5G Trial Rulebook For Mobile Operators

The alliance will also compare 5G technologies and support standardization.

NetBox v1.1.0 Released

One year ago today, I made the first commit to a repository named "netbox" hosted internally at DigitalOcean. It was the first iteration of a tiny little app I scratched together using the Django Python framework to track IP prefix utilization. A year later, NetBox has grown into an extensive tool that we use to track IPs, racks, devices, connections, circuits, and even encrypted credentials. And I'm happy to say that it's now open source!

Continue reading · 18 comments

NetBox v1.1.0 Released

One year ago today, I made the first commit to a repository named "netbox" hosted internally at DigitalOcean. It was the first iteration of a tiny little app I scratched together using the Django Python framework to track IP prefix utilization. A year later, NetBox has grown into an extensive tool that we use to track IPs, racks, devices, connections, circuits, and even encrypted credentials. And I'm happy to say that it's now open source!

Continue reading · 21 comments

NetBox v1.1.0 Released

One year ago today, I made the first commit to a repository named "netbox" hosted internally at DigitalOcean. It was the first iteration of a tiny little app I scratched together using the Django Python framework to track IP prefix utilization. A year later, NetBox has grown into an extensive tool that we use to track IPs, racks, devices, connections, circuits, and even encrypted credentials. And I'm happy to say that it's now open source!

Continue reading · 2 comments

24% off TP-LINK AC1900 Wireless Wi-Fi Dual Band AC Router – Deal Alert

The AC1900 router from TP-LINK supports 802.11ac, the latest Wi-Fi tech. It operates on the 5GHz band as well as 2.4 for older devices. Dual USB 3.0 and 2.0 let you easily share files and media across your network. The AC1900 strives to create a stronger, faster and more reliable network that efficiently manages many connected devices simultaneously. Amazon currently has it listed for 24% off its typical list price of $170, so you can buy it now for $130. Over 2,700 customers rate it 4.5 out of 5 stars (read reviews). To read this article in full or to leave a comment, please click here

24% off TP-LINK AC1900 Wireless Wi-Fi Dual Band AC Router – Deal Alert

The AC1900 router from TP-LINK supports 802.11ac, the latest Wi-Fi tech. It operates on the 5GHz band as well as 2.4 for older devices. Dual USB 3.0 and 2.0 let you easily share files and media across your network. The AC1900 strives to create a stronger, faster and more reliable network that efficiently manages many connected devices simultaneously. Amazon currently has it listed for 24% off its typical list price of $170, so you can buy it now for $130. Over 2,700 customers rate it 4.5 out of 5 stars (read reviews). To read this article in full or to leave a comment, please click here

4 tips for buying cloud management software

Managing clouds can be a challenge given that virtual machines and storage are running in two different environments simultaneously. A crowded industry of cloud management platforms (CMP) has emerged to help.Gartner Research Director Mindy Cancila says the CMP market is young and maturing; customers should understand the limitations of various options.Here are four tips from Cancila for organizations considering cloud management products.IaaS needs its own tools Many organizations began their cloud journey by using SaaS tools like Office 365, Salesforce or some other business planning software. These SaaS platforms may require some new skills, but customers don’t usually need to purchase a whole new management platform to use them. Infrastructure as a Service (IaaS) is different. Consuming cloud-based virtual machines, storage, databases and other services is such a complex issue that Cancila says users can benefit greatly from using a dedicated management platform for IaaS, especially if they’re managing a hybrid cloud computing environment.To read this article in full or to leave a comment, please click here

Want to understand your apps better? Put a ThousandEyes on them

Cisco Live, the world’s largest network event, kicks off next week in Las Vegas. Every year at the conference, Cisco and many of its technology partners announce new products or features that hopefully capture the attention of Cisco’s customers. ThousandEyes put some news out ahead of the event by announcing it uses Linux containers to run its network performance monitoring (NPM) software to track Cisco Integrated Services Routers (ISR) and Aggregation Service Routers (ASR).+ Also on Network World: Annual State of the Network survey results +To read this article in full or to leave a comment, please click here

Want to understand your apps better? Put a ThousandEyes on them

Cisco Live, the world’s largest network event, kicks off next week in Las Vegas. Every year at the conference, Cisco and many of its technology partners announce new products or features that hopefully capture the attention of Cisco’s customers. ThousandEyes put some news out ahead of the event by announcing it uses Linux containers to run its network performance monitoring (NPM) software to track Cisco Integrated Services Routers (ISR) and Aggregation Service Routers (ASR).+ Also on Network World: Annual State of the Network survey results +To read this article in full or to leave a comment, please click here

Absorbing DDoS with Communities

Distributed Denial of Service attacks can damage your business—and they can be difficult to manage or counter. While there are a number of tools available to counter DDoS attacks, particularly in the commercial space, and there are a number of widely available DDoS protection services, sometimes it’s useful to know how to counter a DDoS on your own. One option is to absorb attacks across a broader set of inbound nodes. Let’s use the network below to illustrate (though often the scale needs to be quite a bit larger for this solution to be useful in the real world).

Assume, for the moment, that the attacker is injecting a DDoS stream from the black hat, sitting just behind AS65004. There are customers located in AS65001, 2, 3, 4, and 5. For whatever reason, the majority of the attacker’s traffic is coming in to site C, through AS65003. Normally this is a result of an anycast based service (such as active-active data centers, or a web based service, or a DNS service), combined with roughly geographical traffic patterns. Even a DDoS attack from a mid sized or large’ish botnet, or reflection off a set of DNS servers, can end up being Continue reading