0

Healthy Paranoia Show 11: Bro – the Outer Limits of IDS

Join Mrs. Y, Taylor Banks and esteemed Nerd Captain Ivan Pepelnjak for another exciting episode of Healthy Paranoia!  In this installment, we discover the day the security industry stood still for Bro IDS with expert and project contributor Liam Randall. Just a few of the fun facts you’ll learn include: The real meaning of “bromance.” […]

Author information

The post Healthy Paranoia Show 11: Bro – the Outer Limits of IDS appeared first on Packet Pushers Podcast and was written by Mrs. Y.

0

A Small Yellow Wooden Door: Thinking Practically About SDN

As I do most days, I took a walk in the woods at the back of my garden after a hearty dinner. I was quite surprised to come across a small wooden yellow door I’d never seen before, set into the trunk of a tree I’d never noticed until today. I opened the door and squeezed […]

Author information

The post A Small Yellow Wooden Door: Thinking Practically About SDN appeared first on Packet Pushers Podcast and was written by Steven Iveson.

0

PQ Show 23 – OpenFlow and SDN – ONF Testing & Interoperability with Michael Haugh

In this show we speak with Michael Haugh, the chairperson of Testing and Interoperability Working Group  https://www.opennetworking.org/working-groups/testing-a-interop  at the Open Networking Foundation. Michael is a Senior Product Line Manager and oversees Ixia’s Carrier Ethernet go-to-market strategy and product line on the Ixia core and IxN2X platforms. Michael has been in networking for 17 years and […]

Author information

The post PQ Show 23 – OpenFlow and SDN – ONF Testing & Interoperability with Michael Haugh appeared first on Packet Pushers Podcast and was written by Greg Ferro.

0

Handling Tech Support Interaction Effectively

Network engineers deal with technical support frequently. That’s the nature of the networking business: the products often don’t work as advertised or break down under their own complexity. Throw in some ambiguous documentation that leaves you scratching your head, and you’ll finally resort to opening a case with the vendor to resolve the issue. In […]

Author information

The post Handling Tech Support Interaction Effectively appeared first on Packet Pushers Podcast and was written by Ethan Banks.

0

Data Center design constraints

0

Cisco Nexus 7K ISSU features

0

Quiz #11 &#8211 NAT both Source and Destination

Your company makes a new contract with a Partner Company for a new research project. To provide network connectivity, NAT is being configured on your side but something does not work as desired. What is it?

0

Dealing with Corrupt Opegear Firmware

It was inevitable. Now that I'm proudly compiling my own cellular router firmware, I'm also becoming familiar with the process of recovering from corrupt firmware.

I'm using an Ubuntu VM (described in the previous post) running in my MacBook for recovery purposes.

The Opengear instructions for recovering from bad firmware suggest that holding down the reset button is required, but I find that my router attempts to load firmware from the network no matter what. Maybe that's because I've wiped out my configuration? <- Update: yes, this seems to be the case. I haven't nailed it down exactly, but my router doesn't try to netboot every time.

Here's how I'm using that Ubuntu VM:

Required Packages
sudo apt-get install -y tftpd-hpa dhcp3-server

0

The Software-Defined Nerds of Tomorrow

This is one of my favorite times of the year. Despite the terrible weather that Ohio usually affords the month of March, I brave the wet cold and return to my alma mater for this year’s round of senior presentations. During the five-year IT program, students are required to learn just about anything and everything you can imagine in IT. This ranges from software development of all kinds, database administration, systems administration, network services and even pure route/switch.

0

The Software-Defined Nerds of Tomorrow

This is one of my favorite times of the year. Despite the terrible weather that Ohio usually affords the month of March, I brave the wet cold and return to my alma mater for this year’s round of senior presentations. During the five-year IT program, students are required to learn just about anything and everything you can imagine in IT. This ranges from software development of all kinds, database administration, systems administration, network services and even pure route/switch.

0

The Man in the White Suit

I know this is a technical blog, but I’ve always agreed with those that believe the best way to deliver a message is through a story. As imaginative and creative as I feel I can sometimes be, writing fiction just isn’t one of my strong points. So, rather than tell you an original story of my own I’m going to relate […]

Author information

The post The Man in the White Suit appeared first on Packet Pushers Podcast and was written by Steven Iveson.

0

IDP – FN, TN, TP, FP

I have talked with a few security administrators that seem to struggle with the understanding of FN, TN, FP, TP. I have decided to try to create a simple method to remember.

True/False = This either CORRECTLY or INCORRECTLY identifies an attack
Positive/Negative = This performs and event that takes an ACTION or is ACTION-LESS

True Positive (TP) - A legitimate attack (CORRECTLY) which triggers an IDP to produce and alarm/alert or mitigate the risk (ACTION)

False Positive (FP) - An IDP believes there is an attack taking place (INCORRECTLY) and produces an alarm/alert or mitigates the risk (ACTION).This can cause disrupt legitimate traffic and flood your IDP with alerts drowning real alerts that may be taking place. Some traffic that may cause false positives include:

• Legitimate applications that do not follow RFC's 
• Legitimate traffic in one part of an organization that may not follow normal behaviors in another part of the organization causing alerts. 
• Signatures that we written poorly and identify both legitimate and illegitimate traffic. 

False Negative (FN) - There is an attack that has NOT been identified (INCORRECTLY) and no alarm/alert/mitigation was raised (ACTION-LESS). This causes a false sense of security. This can be caused for a variety Continue reading

0

When Am I Going to Use This?

I imagine that prior to the industrial revolution, people didn’t struggle with niche skillsets that didn’t transfer. They didn’t need to wonder if they were spending countless hours learning something with no particular use outside their current job, listen to well-meaning friends and spouses assure them they’re worrying about nothing, only to face a layoff […]

Author information

The post When Am I Going to Use This? appeared first on Packet Pushers Podcast and was written by Keith Tokash.

0

Show 141 – The Pace of Change Is Picking Up – #NFD5 Discussion

Greg Ferro and Ethan Banks of PacketPushers.net host a discussion with Dr. Peter Welcher, Brent Salisbury, and Stephen Foskett about many of the presentations from the Network Field Day 5 event held March 6-8, 2013 in San Jose, California. The leading podcast topic was software defined networking, as that was the vendor focus during the […]

Author information

The post Show 141 – The Pace of Change Is Picking Up – #NFD5 Discussion appeared first on Packet Pushers Podcast and was written by Ethan Banks.

0

Testing AAA Authentication with ACS – Part 1

Confirming that local authentication on the switch and ACS is working after you finished your configuration perform the following:










Step 5. Lets look Continue reading

0

MPLS LDP-IGP Synchronization

This post represents the solution and explanation for quiz-8. Adding a new link into the MPLS cloud created an outage for the customer. Read to understand how LDP-IGP Synchronization might help.

0

Firewalls: Expensive, Broken Routers

In a previous post on IPS, I made a fairly negative comment on the value that you get from enterprise firewalls in the modern environment. At the time, I said that I was just going leave that comment hanging and see what happened. Well, precisely no one challenged me on it, which means either everybody […]

Author information

The post Firewalls: Expensive, Broken Routers appeared first on Packet Pushers Podcast and was written by Neil Anderson.

0

Using IP SLA Delay Feature to Safely Monitor Lossy Links

IP SLA is a great feature if you want to add some automation and intelligence into the network. SLA is no SDN/OpenFlow, but it can be very useful. It can also take down a network. Let’s say you are using DMVPN for a number of spoke locations in your network. You have a primary Internet […]

Author information

The post Using IP SLA Delay Feature to Safely Monitor Lossy Links appeared first on Packet Pushers Podcast and was written by Charles Galler.

0

Compiling Firmware for Opengear ACM5000

Opengear gave me two ACM5000 units as a part of my attendance at Network Field Day 4 in October of last year. The gift has not influenced my opinion of the company nor their product: I continue to think they're a bunch of amazingly clever people, and that they make the best out-of-band access equipment on the market. I recommend them without hesitation nor reservation.

I've been waiting anxiously for the release of the Custom Development Kit (CDK) based on release 3.6 code, and it's finally out. The README that comes with the CDK is a bit dated, and not super easy to follow, so I'm sharing my notes on rolling custom firmware here.

I started with Ubuntu 12.04.2 Server i386 installed inside VMware Fusion on my MacBook. I pretty much took the defaults, allowing VMware to manage the install for me (how cool is this feature?)

Remote Access
Pretty soon I was looking at an Ubuntu login prompt in the VMware console, I logged in and then did:

sudo apt-get -y update
sudo apt-get -y upgrade
sudo apt-get -y install openssh-server
ifconfig eth0

Now I could log in via SSH, so I was done Continue reading

0

Weird NX-OS stuff