SYSLOG EVENT DETECTOR:
When an interface has been shutdown, the EEM applet re-enables interface and sends an email alert with logged in users information. Read more…
This EEM applet reads the Cisco “cpmCPUTotal5sec” object variable in the CISCO-PROCESS-MIB and triggers when the threshold exceeds 60 %. Three files are stored on the flash, containing the output of the CLI command “show process cpu | sorted” and “show ip traffic” as well as the current syslog. Read more…
Browsers can setup two or more TCP connections to an HTTP server to facilitate parallel downloads. As the browser parses the Web page it is aware of which objects it needs to download.
Rather than send the requests in series over a single connection, the requests are sent over parallel connections to enable faster downloading of the Web page. Another technique used by browsers to improve the performance is “HTTP pipelining”. Read more…
Debug flow basic
shows the flow of traffic through the firewall, allowing for troubleshooting route selection, policy selection, any address translation and whether the packet is received or dropped by the firewall. Read more…
Courtesy of Keith Barker
This post describes the tasks required for a basic configuration of the Cisco ASA. Please note that he smaller Cisco ASA 5505 has an 8-port 10/100 switch which operates at Layer 2 only. So you can not configure the physical ports as Layer 3 routed ports, you need to create VLAN interfaces. By default, interface Ethernet0/0 is assigned to VLAN 2 and it’s the outside (internet-facing or untrusted)interface. The remaining seven interfaces (Ethernet0/1 to 0/7) are assigned to VLAN 1 Read more…
+————-+—————————+
| Expression | Meaning |
|————-+—————————|
| .* | Anything |
|————-+—————————|
| ^$ | Locally originated routes |
|————-+—————————|
| ^100_ | Learned from AS 100 |
|————-+—————————|
| _100$ | Originated in AS 100 |
|————-+—————————|
| _100_ | Any instance of AS 100 |
|————-+—————————|
| ^[0-9]+$ | Directly connected ASes |
+————-+—————————+
Read more…
An aide-memoir:
Cisco3750#who
Line User Host(s) Idle Location
1 vty 0 idle 13w0d l00151267.domainl.com
2 vty 1 172.23.64.17 14w3d 172.23.64.10 Read more…
Another personal aide-memoir for SSL testing:
This method uses OpenSSL to create public/private keys pair and submit the public key to a Certificate Signing Authority to be signed by that CA. The procedure uses various methods to test certificates and SSL connections to web servers: Read more…
Useful Wireshark filters
To Find Inner channel splice setup: rvbd.sport.setup.type eq 0x1
Using Riverbed Wireshark 1.8.2 you can use a new feature to find all inner channel traffic for a conversation. You can for instance use the Inner channel splice setup filter rvbd.sport.setup.type eq 0x1 to display all splice setups or some other method.
When you have identified the splice connection you are interested in you can then right click on the connection in Wireshark and choose the ‘Find the inner channel’ option to try to locate the entire inner channel connection. You can also right click on any part of an optimised connection to obtain the same result.
