Archive

Archive for September, 2013

RFC 2782 and SRV Records

September 27th, 2013 No comments

Some protocols such as SIP and XMPP require SRV records. SRV records have the form
_service._proto.name TTL class SRV priority weight port target

Example DNS entry with A and SRV record:
host.yourdomain.com 86400 IN A 195.88.229.113
_sipfederationtls._tcp.yourdomain.com   86400 IN SRV 0 5 5061 sip.yourdomain.com.  < == (which can be the SIP/SIP-TLS service on host.yourdomain.com) Read more…

Categories: DNS and BIND Tags:

Running Snoop on Netscreen Firewall

September 26th, 2013 No comments

An aide-memoir:

ScreenOS-> undebug all
ScreenOS-> clear db Read more…

Categories: Juniper, linux, Security Tags: ,

Cisco EEM Applet – interface rxload | apply ACL when threshold reached

September 7th, 2013 No comments

INTERFACE EVENTS:
Two EEM applets measure rxload on an interface at 30-second intervals.  When a threshold is reached an ACL is applied to only permit important traffic thereby reducing the load.

1) When the Rx load is above 50% the access-list is applied.
2) When the Rx load goes below 25, the access-list is removed. Read more…

Categories: CISCO, EEM Scripts Tags:

Cisco EEM Applet – Prevent debug being enabled by exec users

September 7th, 2013 No comments

CLI EVENT DETECTOR:
The EEM applet prevents the “debugging” command being executed on the CLI. Any attempt will store the system clock and user’s on the flash. Read more…

Categories: CISCO, EEM Scripts Tags:

Cisco EEM Applet – Prevent and alert upon interfaces being shutdown

September 7th, 2013 No comments

SYSLOG EVENT DETECTOR:
When an interface has been shutdown, the EEM applet re-enables interface and sends an email alert with logged in users information. Read more…

Categories: CISCO, EEM Scripts Tags:

Cisco EEM Applet – Measure CPU Utilisation

September 7th, 2013 No comments

This EEM applet reads the Cisco “cpmCPUTotal5sec” object variable in the CISCO-PROCESS-MIB and triggers when the threshold exceeds 60 %.  Three files are stored on the flash, containing the output of the CLI command “show process cpu | sorted” and “show ip traffic” as well as the current syslog. Read more…

Categories: CISCO, EEM Scripts Tags:

Juniper ScreenOS – Clearing Idle CLI Sessions

September 3rd, 2013 No comments

An idle CLI session can cause many problems including:

ScreenOS-> get config | inc “Untrust”
^—-Pipe command cannot be run concurrently. Being used by user:xxxxxxx(ID:97). Read more…

Categories: Juniper Tags: