Possible Errata Additions: CCIE(TM): Cisco Certified [7:74091]
Edition By Rob Payne; Kevin Manweiler If someone is reading this book can they confirm some inconsistencies I've come across while reading the book. I'm currently on Chapter 7 and I've found the following problems (at least I think they are problems) Pg 98. Paragraph Five last sentence reads: "DTE devices include terminals, PCs, routers, and bridges (customer-owned end node and internetworking devices) and DTE devices are devices such as packet switches" Shouldn't it read: ".. and DCE devices are devices such as packet switches" Pg. 193. Figure 6.1 Bit 46 should read U/L and not I/G as listed in bit 47. Pg. 194 Figure 6.2 (Ethernet II Frame) Sync (Pattern 11) should read 2 bits and not "11 bits" Pg. 207 set port duplex 2/10 full is issued in the config but the show port output lists the duplex speed as being half. All the other config changes match up with the output. Pg. 223 (Explanation of the command channel-group 1 mode desirable) Should read PAgP and not DTP. I've come across more , a few matched up with the Errata on Sybex's website. I just haven't been keeping track. I guess I'll start noting mistakes as I find them. If someone can confirm this with me I would appreciate it, and I'm sure the authors would too. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74091&t=74091 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
how does firewall & switch port block Blaster virus? [7:74092]
Hi.. My friends told me other than the microsoft patches can prevent Blaster virus , a firewall and blocking switch ports can block the virus too. Is there any configuration need to be added in my PIX and Cisco switch ports in order to block them? If yes, is there any example?? But I don't understand the concept, can you explain to me the concept? How can a firewall and switch port block Virus??? For example, my PIX disallow every incoming traffic except the ping reply, doesn't it mean it block the virus too?? _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74092&t=74092 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Possible Errata Additions: CCIE(TM): Cisco Certified [7:74093]
Marco I have found very many errata in this book. Mostly they are easy to spot, and there are few factual inaccuracies. I have been through the whole book, noting errors as I have found them, but I haven't had time to collate them yet. Peter ""Marco P. Rodrigues"" wrote in message news:[EMAIL PROTECTED] > Edition > By Rob Payne; Kevin Manweiler > > > If someone is reading this book can they confirm some inconsistencies > I've come across while reading the book. I'm currently on Chapter 7 > and I've found the following problems (at least I think they are > problems) > > > Pg 98. > > Paragraph Five last sentence reads: > > "DTE devices include terminals, PCs, routers, and bridges > (customer-owned end node and internetworking devices) and DTE devices > are devices such as packet switches" > > Shouldn't it read: > ".. and DCE devices are devices such as packet switches" > > Pg. 193. > > Figure 6.1 Bit 46 should read U/L and not I/G as listed in bit 47. > > Pg. 194 > > Figure 6.2 (Ethernet II Frame) > > Sync (Pattern 11) should read 2 bits and not "11 bits" > > Pg. 207 > > set port duplex 2/10 full is issued in the config but the show port > output lists the duplex speed as being half. All the other config > changes match up with the output. > > Pg. 223 (Explanation of the command channel-group 1 mode desirable) > > Should read PAgP and not DTP. > > > > I've come across more , a few matched up with the Errata on Sybex's > website. I just haven't been keeping track. I guess I'll start noting > mistakes as I find them. > > If someone can confirm this with me I would appreciate it, and I'm > sure the authors would too. > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74093&t=74093 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
ATM PVCs Switching on Router 7200 [7:74094]
Can I switch PVC coming from on ATM interface to be connected to another PVC on another interface on the same 7200 router? Any configuration guidelines? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74094&t=74094 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BSCI 640-901 [7:74056]
The sample or full chapter on IS-IS is available on www.ciscopress.com web site. It was an additional chapter done in PDF format to the CCNP Routing Exam Certification Guide so look for that book. Hope this helps. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74095&t=74056 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Cisco Safe Security Exam -->9E0-131 CSI or [7:73971]
Sybex has books for the new CCSP coming out in November/December too late for the CCS1 conversion but if your starting from scratch... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74096&t=73971 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
OSPF Cost [7:74098]
Guys, Just to confirm that this is the correct costing default for OSPF :- 10*8 (1,,) \ bandwidth in kbps BW 1000 Kbit - 10Gig = OSPF Cost 10 BW 100 Kbit - 1Gig= OSPF Cost 100 BW 10 Kbit - 100Meg = OSPF Cost 1000 BW1 Kbit - 10Meg = OSPF Cost 1 BW 1544 Kbit - T1 = OSPF Cost 64767 (rounded up) BW 64 kbit - DS0 = OSPF Cost 1562500 Many thx indeed. Ken For more information about Barclays Capital, please visit our web site at http://www.barcap.com. Internet communications are not secure and therefore the Barclays Group does not accept legal responsibility for the contents of this message. Although the Barclays Group operates anti-virus programmes, it does not accept responsibility for any damage whatsoever that is caused by viruses being passed. Any views or opinions presented are solely those of the author and do not necessarily represent those of the Barclays Group. Replies to this email may be monitored by the Barclays Group for operational or business reasons. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74098&t=74098 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Cisco Safe Security Exam -->9E0-131 CSI or [7:73971]
Sybex has books for the new CCSP coming out in November/December too late for the CCS1 conversion but if your starting from scratch... Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74097&t=73971 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
BGP Connectivity Problem [7:74100]
Hi all, I have done a sample bgp configuration at r1r2.com. My network setup is as follows: TFTP_Server-(e0)r1(s0)--(s0)r2 s0 = 192.168.100.0/24 (.1 for r1, .2 for r2) and e0 = 10.1.4.1/24. The problem is that while I can ping the TFTP server (10.1.4.3 from Rtr1's e0 interface), I can't ping from r2, or from r1's s0 interface. Here are the configs (I give more if needed) r1#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set C192.168.200.0/24 is directly connected, Loopback0 10.0.0.0/24 is subnetted, 1 subnets C 10.1.4.0 is directly connected, Ethernet0 C192.168.100.0/24 is directly connected, Serial0 r1#sh ip bgp BGP table version is 2, local router ID is 192.168.100.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *> 10.1.4.0/24 0.0.0.0 0 32768 i r2#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set C192.168.201.0/24 is directly connected, Loopback0 10.0.0.0/24 is subnetted, 1 subnets B 10.1.4.0 [200/0] via 192.168.100.1, 01:18:32 C192.168.100.0/24 is directly connected, Serial0 r2#sh ip bgp BGP table version is 2, local router ID is 192.168.100.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *>i10.1.4.0/24 192.168.100.10100 0 i TIA, Matthew. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74100&t=74100 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: OSPF Cost [7:74098]
I think you got it wrong. 10^8 bites/second has cost 1. That means that cost 1 is 100 Mb/s. If you have higher bandwiths in you environment, you should set 'ospf auto-cost reference-bandwidth' to correct reference bandwith (if I get it right, this will then be cost 1 and all other costs will use this as a reference instead of 10^8). Be careful with this, especially with older IOSes and in multi-vendor env. Marko. - Original Message - From: To: Sent: Monday, August 18, 2003 9:31 AM Subject: OSPF Cost [7:74098] > Guys, > > Just to confirm that this is the correct costing default for OSPF :- > > 10*8 (1,,) \ bandwidth in kbps > > BW 1000 Kbit - 10Gig = OSPF Cost 10 > BW 100 Kbit - 1Gig= OSPF Cost 100 > BW 10 Kbit - 100Meg = OSPF Cost 1000 > BW1 Kbit - 10Meg = OSPF Cost 1 > BW 1544 Kbit - T1= OSPF Cost 64767 (rounded up) > BW 64 kbit - DS0 = OSPF Cost 1562500 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74099&t=74098 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: how does firewall & switch port block Blaster virus? [7:74102]
The Blaster worm exploits a vulnerability in the DCOM RPC component in Windows. RPC is used for accepting requests from remote computers. RPC/DCOM listens on TCP 135 and other ports. Successfully compromising an unpatched Windows box requires that TCP 135 or other ports be accessible. I've seen RPC ports other than 135 being probed, eg. TCP/UDP 593. In a default PIX configuration, any unrequested incoming traffic is denied by default. If you've mapped a global address to an unpatched/unprotected box and have allowed TCP 135 into it then that box is vulnerable from the Internet. On the LAN any unpatched Windows box is vulnerable if a mobile user plugs an infected machine into the network. To mitigate chances of infection you could use updated AV software or the ICF if you're using XP or if you're using Windows 2000 you can use TCP/IP filtering. See http://support.microsoft.com/default.aspx?kbid=826955 Vijay Ramcharan -Original Message- From: Richard Campbell [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2003 3:47 AM To: [EMAIL PROTECTED] Subject: how does firewall & switch port block Blaster virus? [7:74092] Hi.. My friends told me other than the microsoft patches can prevent Blaster virus , a firewall and blocking switch ports can block the virus too. Is there any configuration need to be added in my PIX and Cisco switch ports in order to block them? If yes, is there any example?? But I don't understand the concept, can you explain to me the concept? How can a firewall and switch port block Virus??? For example, my PIX disallow every incoming traffic except the ping reply, doesn't it mean it block the virus too?? _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74102&t=74102 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: how does firewall & switch port block Blaster virus? [7:74101]
Richard Campbell wrote: > Hi.. My friends told me other than the microsoft patches can prevent > Blaster virus , a firewall and blocking switch ports can block the virus > too. Is there any configuration need to be added in my PIX and Cisco switch > ports in order to block them? If yes, is there any example?? But I don't > understand the concept, can you explain to me the concept? How can a > firewall and switch port block Virus??? For example, my PIX disallow every > incoming traffic except the ping reply, doesn't it mean it block the virus > too?? > > _ > MSN 8 with e-mail virus protection service: 2 months FREE* > http://join.msn.com/?page=features/virus > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > The MSBlaster Worm propagates without email -- it scans for a host with open ports, enters through those ports, executes its package which takes advantage of RPC and/or DCOM vulnerabilities, then propagates. That's a very short version, more info is available at www.cert.org, www.sans.org, isc.sans.org. TCP Ports used are 135, 137-139, 445, and (I believe, no time to look it up now) 1026. TFTP downloads (which is part of the worm's internal execution) occur on (UDP), IIRC. Try the above references for better info. Annlee Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74101&t=74101 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: OT Microsoft worm [7:74045]
I know of several organizations in the Washington / NoVa / MD area that were effected - the MD Motor Vehicle Administration was offline for quite some time, for example. Sadly - too many people, many who should know better, assumed that as long as the "edge" was secured than all was good. Unfortunately it only takes one laptop (for ex) to break that theory :). Luckily - this was/is a very sloppy worm: Noisy enough to easily tracedown Poor propogation method Limited vectors of attack No destructive payload (don't get me wrong - having a backdoor is bad, but let's say it wiped data from hardrives 8 hours after infecting them, or performed some other non-randon act of data destruction) .. and, to top it all off, its attempted DoS was to the wrong URL and was easily sidestepped, although some people caused local RST floods on their network by attempting to mitigate it incorrectly :) Thanks! TJ .. not all windows admin's are incompetent .. and some are network admins as well :) -Original Message- From: Reimer, Fred [mailto:[EMAIL PROTECTED] Sent: Saturday, August 16, 2003 4:23 PM To: [EMAIL PROTECTED] Subject: RE: OT Microsoft worm [7:74045] For reasons of confidentiality I won't and can't name any names, but I am aware of several hospitals that were affected pretty seriously. Everyone here knows that Cisco Call Manager runs on Windows, so imagine what happens to your entire phone infrastructure if you are running VoIP. Network grinds to a halt and admitting can't access the applications to admit people in the ER. Lab orders don't go through, so meds can't be dispersed based on the results of tests. Everything goes back to a paper fall-back scheme until the Windows administrators patch the systems like they should have done weeks ago. So no, don't assume that even large organizations have a handle on things. Especially hospitals which are notoriously on the low end as far as adequately staffing, at the right levels, their IT staff. One thing I sincerely hope is changed in our lexicon is calling Windows administrators "network administrators." It makes me physically ill, because those folks don't "administer" the "network," if anything they actually do can be classified as competent administration. They should be called what they are "systems administrators," or, if you want to be more specific, "Windows administrators." I personally think they deserve a classification of their own. All I can say is that the Windows systems that our group has to use and is responsible for were patched long ago, and did not exhibit any issues. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Saturday, August 16, 2003 1:22 PM To: [EMAIL PROTECTED] Subject: OT Microsoft worm [7:74045] Just wondering, is this new LOVSAN msblast worm as big as it seems to be? I've been helping lots of Windows users clean up their machines. They all had the worm. These are mostly home users. I can't believe they would use broadband, "always-on" access and not have a firewall, but they didn't! What are you all seeing? Is this a big one? I suppose enterprise networks are much better protected (hopefully) than the home networks I've been helping out with. One has to wonder if the huge power outage could be related. I can imagine a Windows computer somewhere in Ohio that played a surprisingly important role in keeping the grid working and had been infected. But I read a lot of science fiction. :-) By the way, the stupid worm is attacking the wrong Microsoft URL! So that aspect of it isn't going to be as bad as once thought. Comments? Priscilla **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html ** The information in this email is confidential and may be legally privileged. Access to this email by anyone other than the intended addressee is unauthorized. If you are not the intended recipient of this message, any review, disclosure, copying, distribution, retention, or
Re: BGP Connectivity Problem [7:74100]
Matthew Webster wrote: > Hi all, > > I have done a sample bgp configuration at r1r2.com. My network setup is as > follows: > > TFTP_Server-(e0)r1(s0)--(s0)r2 > > s0 = 192.168.100.0/24 (.1 for r1, .2 for r2) and e0 = 10.1.4.1/24. > > The problem is that while I can ping the TFTP server (10.1.4.3 from Rtr1's > e0 interface), I can't ping from r2, or from r1's s0 interface. [..] I suppose your TFTP server doesn't have a route entry pointing to the network 192.168.100.0 EC Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74106&t=74100 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: how does firewall & switch port block Blaster virus? [7:74103]
Cisco PIX and IOS software (with the FW/IDS feature set) includes some virus/attack blocking capabilities. It is more limited than their stand-alone IDS products. For more detail, I think it would be helpful to know exactly what your friend said. What were they trying to suggest? Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Richard Campbell [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2003 3:47 AM To: [EMAIL PROTECTED] Subject: how does firewall & switch port block Blaster virus? [7:74092] Hi.. My friends told me other than the microsoft patches can prevent Blaster virus , a firewall and blocking switch ports can block the virus too. Is there any configuration need to be added in my PIX and Cisco switch ports in order to block them? If yes, is there any example?? But I don't understand the concept, can you explain to me the concept? How can a firewall and switch port block Virus??? For example, my PIX disallow every incoming traffic except the ping reply, doesn't it mean it block the virus too?? _ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74103&t=74103 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: BGP Connectivity Problem [7:74100]
The default route on your TFTP server is not set properly. Fred Reimer - CCNA Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 NOTICE; This email contains confidential or proprietary information which may be legally privileged. It is intended only for the named recipient(s). If an addressing or transmission error has misdirected the email, please notify the author by replying to this message. If you are not the named recipient, you are not authorized to use, disclose, distribute, copy, print or rely on this email, and should immediately delete it from your computer. -Original Message- From: Matthew Webster [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2003 7:29 AM To: [EMAIL PROTECTED] Subject: BGP Connectivity Problem [7:74100] Hi all, I have done a sample bgp configuration at r1r2.com. My network setup is as follows: TFTP_Server-(e0)r1(s0)--(s0)r2 s0 = 192.168.100.0/24 (.1 for r1, .2 for r2) and e0 = 10.1.4.1/24. The problem is that while I can ping the TFTP server (10.1.4.3 from Rtr1's e0 interface), I can't ping from r2, or from r1's s0 interface. Here are the configs (I give more if needed) r1#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set C192.168.200.0/24 is directly connected, Loopback0 10.0.0.0/24 is subnetted, 1 subnets C 10.1.4.0 is directly connected, Ethernet0 C192.168.100.0/24 is directly connected, Serial0 r1#sh ip bgp BGP table version is 2, local router ID is 192.168.100.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *> 10.1.4.0/24 0.0.0.0 0 32768 i r2#sh ip route Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default U - per-user static route, o - ODR Gateway of last resort is not set C192.168.201.0/24 is directly connected, Loopback0 10.0.0.0/24 is subnetted, 1 subnets B 10.1.4.0 [200/0] via 192.168.100.1, 01:18:32 C192.168.100.0/24 is directly connected, Serial0 r2#sh ip bgp BGP table version is 2, local router ID is 192.168.100.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next HopMetric LocPrf Weight Path *>i10.1.4.0/24 192.168.100.10100 0 i TIA, Matthew. **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74104&t=74100 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: ATM PVCs Switching on Router 7200 [7:74094]
Hi Mohammad, You can not really switch an ATM PVC on a router, you need to have a switch (popularly called WAN Switch) for that. But even then, if you have 2 ATM PVCs facing different sides, you can exchange traffic between them, by IP routing. e.g. you have one PVC configured on interface atm 1/0 with IP 10.10.1.1/30 and another interface atm 1/1 with IP 10.10.2.1/30. Now both these interfaces will be talking to their respective counterparts on the other side, but on the router you can simply configure adequate IP routing and the router will get ATM cells from atm 1/0, convert them to IP packets, hand them to in IP shape to atm 1/1, which will again convert the IP packets to ATM cells and those cells will be sent out to remote location. Please revert in case more information is required. HTH Vikram -Original Message- From: Mohamed Saro [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2003 2:08 PM To: [EMAIL PROTECTED] Subject: ATM PVCs Switching on Router 7200 [7:74094] Can I switch PVC coming from on ATM interface to be connected to another PVC on another interface on the same 7200 router? Any configuration guidelines? **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74108&t=74094 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: PIX xlate question [7:74012]
Here are the Global and NAT statements global (outside) 1 213.213.128.100-213.213.128.200 global (outside) 2 213.213.128.50 global (dmz) 1 192.168.17.150 nat (inside) 0 access-list 100 nat (inside) 2 157.157.144.49 255.255.255.255 0 0 nat (inside) 2 10.100.0.0 255.255.0.0 0 0 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 nat (dmz) 1 0.0.0.0 0.0.0.0 0 0 Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74107&t=74012 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Need help in setting up PEAP with Cisco ACS Version 3.2 and [7:74109]
I have the following scenario: Cisco Access-Point AP340 with IP address 172.16.1.1/24, Cisco ACS version 3.2 on Win2k Server with IP address 172.16.1.2/24, DHCP, WINS and DNS Servers are running on a linux server with IP 172.16.1.3/24, Default Gateway for network 172.16.1.0/24 points to 172.16.1.254 (Pix firewall). Microsoft Certificate Authority (CA) is running on the same machine as the ACS Server (i.e. 172.16.1.2), Currently, wireless uses Cisco LEAP authentication to connect to 172.16.1.0/24 network. Everything is working fine. Now I would like to use PEAP to authenticate wirleless users. Cisco documentation really sucks so I don't know if I am doing the right thing. Here are the steps that I did with Cisco ACS: Adding a Certificate Authority Certificate Step 1 In the navigation bar, click System Configuration. Step 2 Click ACS Certificate Setup. Step 3 Click ACS Certification Authority Setup. Result: Cisco Secure ACS displays the CA Operations table on the Certification Authorities Setup page. Step 4 In the CA certificate file box, type the full path and filename for the certificate you want to use. Step 5 Click Submit. Editing the Certificate Trust List Step 1 In the navigation bar, click System Configuration. Step 2 Click Cisco Secure ACS Certificate Setup. Step 3 Click Edit Certificate Trust List. Step 5 Click Submit Generating a Certificate Signing Request Step 1 In the navigation bar, click System Configuration. Step 2 Click ACS Certificate Setup. Step 3 Click Generate Certificate Signing Request. Result: Cisco Secure ACS displays the Generate new request table on the Generate Certificate Signing Request page. Step 4 In the Certificate subject box, type cn= followed by the name that you would like to use as subject name in this ACS certificate, for example, cn=ACSWireless. Step 5 In the Private key file box, type the full directory path and name of the file in which the private key is saved, for example, c:\privateKeyFile.pem. Step 6 In the Private key password box, type the private key password (that you have invented). Step 7 In the Retype private key password box, retype the private key password. Step 8 From the Key length list, select the length of the key to be used. Step 9 From the Digest to sign with list, select the digest (or hashing algorithm). Step 10 Click Submit Step 11 Restart ACS Afterward, I go into "Global Authentication Setup" and turn-on "PEAP". I think the ACS is done. Assume my configuration with PEAP on the ACS is done, what do I need to do on the client side (i.e. WinXP Service Pack 1)? I know that I don't have to make any changes on the Access Point? Since PEAP uses Certificate, which certificate should the client use? Does it mean the client will be using the same certificate that was generated in the "certificate generate request" phase? Does it also mean that everyone will be using the same certificate? If this is the case, if the certifcate is compromised, then I have to re-issue a new certficate to everyone? Even with certificate, users must still have an account on the ACS server corect? How do I setup PEAP on the client side? Do I even need Cisco Access Control Utility (ACU) with PEAP? Anyone has successfully setup PEAP with Cisco ACS3.x? Please contact me offline to offer me some guidances with this. Thanks. D. - Do you Yahoo!? The New Yahoo! Search - Faster. Easier. Bingo. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74109&t=74109 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
PIX failure when using NTP [7:74111]
Hi all, I am using a pair of PIX 525 as a resilience firewall but I found some problems and I hope someone can help me. When I use PDM, add and delete an entry at the NTP field, I found that the Primary PIX will either halt up or reboot. I tried several times and I got the same results. Is it a software bug? The PIX information are as follow: Model: PIX 525 PIX Version: 6.3(1) PDM Version: 3.0(1) Regards, Dovelet Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74111&t=74111 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Off topic - MCSE study groups [7:74112]
Hay, Any one know of some good MCP or MCSE study groups? If so can let me know the news server? Thanks all, Steve Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74112&t=74112 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
DRAM and FLASH for 4500 and 4700 [7:74113]
Hi, Having a hard time trying to find DRAM and Flash memory for 4500 and 4700 routers. Any Idea ? Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74113&t=74113 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
overrun problems [7:74115]
i have problem with overrun errors in my fastethernet interface, how can solve it Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74115&t=74115 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: OT Microsoft worm [7:74045]
Evans, Timothy R (BearingPoint) wrote: > > I know of several organizations in the Washington / NoVa / MD > area that were > effected - the MD Motor Vehicle Administration was offline for > quite some > time, for example. > > > Sadly - too many people, many who should know better, assumed > that as long > as the "edge" was secured than all was good. Unfortunately it > only takes > one laptop (for ex) to break that theory :). Makes me wonder about people's security policies. Bringing in a laptop that isn't running software approved by IT shouldn't be allowed. This software should include patched OSs, anti-virus, and personal firewall. Of course, enforcing that is difficult. Friday night I was walking by a local bank and noticed that the ligths were still on. I had to chuckle when I looked inside and noticed IT guys hunched over PCs at the tellers' stations. I'm pretty sure I know what they were doing. And yes, IT guys are easy to recognize. You know who you are. :-) Today I went to my favoriate local coffee shop. The public Internet acccess PC was turned off with a sign that said, "Not in service due to virus. Bye, bye Miss American Pie." Ah, the day the music died. This blaster thing is yet another wake-up call. The big one is still coming. We are lucky that so far it's been benign tricksters attacking our networks. Sorry for the dire warning, but I truly predict a huge failure at some point. Argh > > > Luckily - this was/is a very sloppy worm: > Noisy enough to easily tracedown > Poor propogation method > Limited vectors of attack > No destructive payload > (don't get me wrong - having a backdoor is bad, but let's say > it wiped data > from hardrives 8 hours after infecting them, or performed some > other > non-randon act of data destruction) > ... and, to top it all off, its attempted DoS was to the wrong > URL and > was easily sidestepped, although some people caused local RST > floods on > their network by attempting to mitigate it incorrectly :) It's not just Microsoft that has software bugs! Getting the wrong URL was an amazingly stupid bug, but benign. A lot of the infamous worms of the past spread unintentionally like wildfire because of software bugs. Why is software so hard to get right? Well, I know why. But this has gotta change Priscilla > > > > Thanks! > TJ > ... not all windows admin's are incompetent > ... and some are network admins as well :) > > -Original Message- > From: Reimer, Fred [mailto:[EMAIL PROTECTED] > Sent: Saturday, August 16, 2003 4:23 PM > To: [EMAIL PROTECTED] > Subject: RE: OT Microsoft worm [7:74045] > > For reasons of confidentiality I won't and can't name any > names, but I am > aware of several hospitals that were affected pretty > seriously. Everyone > here knows that Cisco Call Manager runs on Windows, so imagine > what happens > to your entire phone infrastructure if you are running VoIP. > Network grinds > to a halt and admitting can't access the applications to admit > people in the > ER. Lab orders don't go through, so meds can't be dispersed > based on the > results of tests. Everything goes back to a paper fall-back > scheme until > the Windows administrators patch the systems like they should > have done > weeks ago. > > So no, don't assume that even large organizations have a handle > on things. > Especially hospitals which are notoriously on the low end as > far as > adequately staffing, at the right levels, their IT staff. > > One thing I sincerely hope is changed in our lexicon is calling > Windows > administrators "network administrators." It makes me > physically ill, > because those folks don't "administer" the "network," if > anything they > actually do can be classified as competent administration. > They should be > called what they are "systems administrators," or, if you want > to be more > specific, "Windows administrators." I personally think they > deserve a > classification of their own. > > All I can say is that the Windows systems that our group has to > use and is > responsible for were patched long ago, and did not exhibit any > issues. > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information which > may be legally privileged. It is intended only for the named > recipient(s). > If an addressing or transmission error has misdirected the > email, please > notify the author by replying to this message. If you are not > the named > recipient, you are not authorized to use, disclose, distribute, > copy, print > or rely on this email, and should immediately delete it from > your computer. > > > -Original Message- > From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] > Sent: Saturday, August 16, 2003 1:22 PM > To: [EMAIL PROTECTED] > Subject: OT Microsoft worm [7:74045] > > Just
RE: how does firewall & switch port block Blaster [7:74092]
Richard Campbell wrote: > > Hi.. My friends told me other than the microsoft patches can > prevent > Blaster virus , a firewall and blocking switch ports can block > the virus > too. Is there any configuration need to be added in my PIX and > Cisco switch > ports in order to block them? If yes, is there any example?? > But I don't > understand the concept, can you explain to me the concept? How > can a > firewall and switch port block Virus??? Blaster isn't really a virus. It's a worm. Experts have argued over the terms for years and I hope I have this right, but a virus requires host software to help spread it, for exmaple e-mail software. Computers get viruses because users open e-mail attachments, for example. The virus spreads by using features of its host software, for example, address books. It sends the evil attachemnt to every address in the program's address book, for example. Worms, on the other, can run standalone. A worm consumes computer resources, but it doesn't need a host application to do this or to spread. It can propagate a complete working version of itself on to other machines by connecting to other machines over a network and exploiting operating system bugs or anomolies. So, in the case of Blaster, it spreads itself by opening a TCP connection to port 135. Then it takes advantage of the bad Microsoft RPC software... (Variants use other ports too.) To make a long story short, people with firewalls were protected because connection establishment requests to TCP port 135 failed. Unbelieveably, huge (and I mean huge) numbers of windows machines were not protected with a global or personal firewall! Shame on us. Sounds like you're protected. A properly configured PIX, which you seem to have, should protect you. Priscilla Oppenheimer Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74116&t=74092 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
DSL over Dry Copper [7:74117]
Hi All, Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS or Celsian G250 LAN Extenders? I want to create a dsl connection over dry copper between two sites. Cisco reseller helpline was mildly helpfull. What are some of you using for this type of situation? Thanks, -- Dain Deutschman ccnp, css-1, cnss infosec, mcp, cna Data Communications Manager New Star Sales and Service, Inc. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74117&t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: DRAM and FLASH for 4500 and 4700 [7:74113]
try http://store.yahoo.com/memx/routers.html Dave alaerte Vidali wrote: > Hi, > > Having a hard time trying to find DRAM and Flash memory for 4500 and 4700 > routers. > > Any Idea ? > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 "Government can do something for the people only in proportion as it can do something to the people." -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74118&t=74113 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: DRAM and FLASH for 4500 and 4700 [7:74113]
www.rockymountainram.com 800-543-0932 They build to order. Price is reasonable. or Ron Rodrigues [EMAIL PROTECTED] 714-432-9411 or Kelly D Griffin, CCNA CCDA (Has posted to GroupStudy) Network Engineer Kg2 Network Design 877.418.4025 Toll-Free 479.464.8833 Voice 479.464.8998 Fax http://kg2.com or www.crucial.com or etc. > -Original Message- > From: alaerte Vidali [mailto:[EMAIL PROTECTED] > Sent: Monday, August 18, 2003 11:51 AM > To: [EMAIL PROTECTED] > Subject: DRAM and FLASH for 4500 and 4700 [7:74113] > > > Hi, > > Having a hard time trying to find DRAM and Flash memory for > 4500 and 4700 > routers. > > Any Idea ? > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74120&t=74113 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: overrun problems [7:74115]
Overruns are what they sound like, the receiver hardware can't hand off the data fast enough. Is this interface really busy? Dave star star7 wrote: > i have problem with overrun errors in my fastethernet interface, how can > solve it > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 "Government can do something for the people only in proportion as it can do something to the people." -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74121&t=74115 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Is it possible to upgrade 2500 series to a 2600 series router? [7:74122]
Hi all, I would like to know if it is possible to upgrade a 2500 series router to a 2600 series router and if it is possible I would also want to know the required materials for upgrade. Regards, Osaz. CCNA Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74122&t=74122 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Is it possible to upgrade 2500 series to a 2600 series [7:74124]
Sleek 8/18/03 2:33:01 PM >>> >Hi all, > >I would like to know if it is possible to upgrade a 2500 series router to a >2600 series router and if it is possible I would also want to know the >required materials for upgrade. > >Regards, > >Osaz. CCNA No, this is not possible. They are entirely different platforms, not to mention that the 2600 series is modular and the 2500 series mostly isn't. If you want a 2600, you'll have to buy a 2600, unfortunately. Regards, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74124&t=74124 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Is it possible to upgrade 2500 series to a 2600 series [7:74125]
Sleek wrote: > I would like to know if it is possible to upgrade a 2500 series router to a > 2600 series router and if it is possible I would also want to know the > required materials for upgrade. No. What makes you think it's possible at all? The 2500 & 2600 series are nothing alike. Completely different boxes. Regards, Marco. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74125&t=74125 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Data Center Design [7:74126]
Team, Where will I be able to find information about designing a Data Center Room. As always I appreciate your help and recommendation. Thanks, Juan Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74126&t=74126 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Is it possible to upgrade 2500 series to a 2600 series [7:74128]
Sleek wrote: > Hi all, > > I would like to know if it is possible to upgrade a 2500 series router to a > 2600 series router and if it is possible I would also want to know the > required materials for upgrade. > > Regards, > > Osaz. CCNA Yes. a P.O. or credit card should do the trick ;) Dave > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > -- David Madland CCIE# 2016 Sr. Network Engineer Qwest Communications 612-664-3367 "Government can do something for the people only in proportion as it can do something to the people." -- Thomas Jefferson Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74128&t=74128 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: OT Microsoft worm [7:74045]
Tom Lisa wrote: > Hmmm, are IT Gals also easy to recognize??? > > Prof. Tom Lisa, CCAI > Community College of Southern Nevada > Cisco ATC/Regional Networking Academy > "Cunctando restituit rem" > > Priscilla Oppenheimer wrote: > > Evans, Timothy R (BearingPoint) wrote: > > > > I know of several organizations in the Washington / NoVa / MD > > area that were > > effected - the MD Motor Vehicle Administration was offline for > > quite some > > time, for example. > > > > > > Sadly - too many people, many who should know better, assumed > > that as long > > as the "edge" was secured than all was good. Unfortunately it > > only takes > > one laptop (for ex) to break that theory :). > > Makes me wonder about people's security policies. Bringing in a > laptop that > isn't running software approved by IT shouldn't be allowed. This > software > should include patched OSs, anti-virus, and personal firewall. > > Of course, enforcing that is difficult. > > Friday night I was walking by a local bank and noticed that the > ligths were > still on. I had to chuckle when I looked inside and noticed IT guys > hunched > over PCs at the tellers' stations. I'm pretty sure I know what they > were > doing. And yes, IT guys are easy to recognize. You know who you are. > :-) > > Today I went to my favoriate local coffee shop. The public Internet > acccess > PC was turned off with a sign that said, "Not in service due to > virus. Bye, > bye Miss American Pie." Ah, the day the music died. > > This blaster thing is yet another wake-up call. The big one is still > coming. > We are lucky that so far it's been benign tricksters attacking our > networks. > Sorry for the dire warning, but I truly predict a huge failure at > some > point. Argh > > > > > > > Luckily - this was/is a very sloppy worm: > > Noisy enough to easily tracedown > > Poor propogation method > > Limited vectors of attack > > No destructive payload > > (don't get me wrong - having a backdoor is bad, but let's say > > it wiped data > > from hardrives 8 hours after infecting them, or performed some > > other > > non-randon act of data destruction) > > ... and, to top it all off, its attempted DoS was to the wrong > > URL and > > was easily sidestepped, although some people caused local RST > > floods on > > their network by attempting to mitigate it incorrectly :) > > It's not just Microsoft that has software bugs! Getting the wrong URL > was an > amazingly stupid bug, but benign. A lot of the infamous worms of the > past > spread unintentionally like wildfire because of software bugs. > > Why is software so hard to get right? Well, I know why. But this has > gotta > change > > Priscilla > > > > > > > > > Thanks! > > TJ > > ... not all windows admin's are incompetent > > ... and some are network admins as well :) > > > > -Original Message- > > From: Reimer, Fred [mailto:[EMAIL PROTECTED] > > Sent: Saturday, August 16, 2003 4:23 PM > > To: [EMAIL PROTECTED] > > Subject: RE: OT Microsoft worm [7:74045] > > > > For reasons of confidentiality I won't and can't name any > > names, but I am > > aware of several hospitals that were affected pretty > > seriously. Everyone > > here knows that Cisco Call Manager runs on Windows, so imagine > > what happens > > to your entire phone infrastructure if you are running VoIP. > > Network grinds > > to a halt and admitting can't access the applications to admit > > people in the > > ER. Lab orders don't go through, so meds can't be dispersed > > based on the > > results of tests. Everything goes back to a paper fall-back > > scheme until > > the Windows administrators patch the systems like they should > > have done > > weeks ago. > > > > So no, don't assume that even large organizations have a handle > > on things. > > Especially hospitals which are notoriously on the low end as > > far as > > adequately staffing, at the right levels, their IT staff. > > > > One thing I sincerely hope is changed in our lexicon is calling > > Windows > > administrators "network administrators." It makes me > > physically ill, > > because those folks don't "administer" the "network," if > > anything they > > actually do can be classified as competent administration. > > They should be > > called what they are "systems administrators," or, if you want > > to be more > > specific, "Windows administrators." I personally think they > > deserve a > > classification of their own. > > > > All I can say is that the Windows systems that our group has to > > use and is > > responsible for were patched long ago, and did not exhibit any > > issues. > > > > Fred Reimer - CCNA > > > > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > > 30338 >
Re: BGP Connectivity Problem [7:74100]
HI Eddie, Fred, thanks for your help...I think this most likely is the problem. As I do not have access to teh TFTP server, I am unable to fix it though. cheers, Matthew. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74130&t=74100 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: OT Microsoft worm [7:74045]
I now know of some that have survived the BLASTER, and have totally fallen to NACHIA. WRT the laptop / unmanaged machine issue - we shouldn't trivialize this totally, even in cases where you are allowed to require patches there are cases where there are 250+ users in a building for every tech support rep, and not like they weren't busy before ... Having said that, I still think they should be patched and 'surpervised' :). For those curious about NACHIA, the short version is: Attempts to patch machine (ms03-026) Attempts to remove BLASTER Generates a tremendous amount of ICMP traffic, to the point that just a few compromised hosts seem to be sufficient to hammer networks down. The longer versions: Symantechttp://www.sarc.com/avcenter/venc/data/w32.welchia.worm.html Sophos http://sophos.com/virusinfo/analyses/w32nachia.html Network Assoc. http://vil.nai.com/vil/content/v_100559.htm SANShttp://isc.sans.org/diary.html?date=2003-08-18 Truly amazing. Thanks! TJ [EMAIL PROTECTED] -Original Message- From: Priscilla Oppenheimer [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2003 3:23 PM To: [EMAIL PROTECTED] Subject: RE: OT Microsoft worm [7:74045] Evans, Timothy R (BearingPoint) wrote: > > I know of several organizations in the Washington / NoVa / MD > area that were > effected - the MD Motor Vehicle Administration was offline for > quite some > time, for example. > > > Sadly - too many people, many who should know better, assumed > that as long > as the "edge" was secured than all was good. Unfortunately it > only takes > one laptop (for ex) to break that theory :). Makes me wonder about people's security policies. Bringing in a laptop that isn't running software approved by IT shouldn't be allowed. This software should include patched OSs, anti-virus, and personal firewall. Of course, enforcing that is difficult. Friday night I was walking by a local bank and noticed that the ligths were still on. I had to chuckle when I looked inside and noticed IT guys hunched over PCs at the tellers' stations. I'm pretty sure I know what they were doing. And yes, IT guys are easy to recognize. You know who you are. :-) Today I went to my favoriate local coffee shop. The public Internet acccess PC was turned off with a sign that said, "Not in service due to virus. Bye, bye Miss American Pie." Ah, the day the music died. This blaster thing is yet another wake-up call. The big one is still coming. We are lucky that so far it's been benign tricksters attacking our networks. Sorry for the dire warning, but I truly predict a huge failure at some point. Argh > > > Luckily - this was/is a very sloppy worm: > Noisy enough to easily tracedown > Poor propogation method > Limited vectors of attack > No destructive payload > (don't get me wrong - having a backdoor is bad, but let's say > it wiped data > from hardrives 8 hours after infecting them, or performed some > other > non-randon act of data destruction) > ... and, to top it all off, its attempted DoS was to the wrong > URL and > was easily sidestepped, although some people caused local RST > floods on > their network by attempting to mitigate it incorrectly :) It's not just Microsoft that has software bugs! Getting the wrong URL was an amazingly stupid bug, but benign. A lot of the infamous worms of the past spread unintentionally like wildfire because of software bugs. Why is software so hard to get right? Well, I know why. But this has gotta change Priscilla > > > > Thanks! > TJ > ... not all windows admin's are incompetent > ... and some are network admins as well :) > > -Original Message- > From: Reimer, Fred [mailto:[EMAIL PROTECTED] > Sent: Saturday, August 16, 2003 4:23 PM > To: [EMAIL PROTECTED] > Subject: RE: OT Microsoft worm [7:74045] > > For reasons of confidentiality I won't and can't name any > names, but I am > aware of several hospitals that were affected pretty > seriously. Everyone > here knows that Cisco Call Manager runs on Windows, so imagine > what happens > to your entire phone infrastructure if you are running VoIP. > Network grinds > to a halt and admitting can't access the applications to admit > people in the > ER. Lab orders don't go through, so meds can't be dispersed > based on the > results of tests. Everything goes back to a paper fall-back > scheme until > the Windows administrators patch the systems like they should > have done > weeks ago. > > So no, don't assume that even large organizations have a handle > on things. > Especially hospitals which are notoriously on the low end as > far as > adequately staffing, at the right levels, their IT staff. > > One thing I sincerely hope is changed in our lexicon is calling > Windows > administrators "network administrators." It makes me > physically ill, > because those folks don't "administer" the "network," if > an
Re: OT Microsoft worm [7:74045]
Hmmm, are IT Gals also easy to recognize??? Prof. Tom Lisa, CCAI Community College of Southern Nevada Cisco ATC/Regional Networking Academy "Cunctando restituit rem" Priscilla Oppenheimer wrote: Evans, Timothy R (BearingPoint) wrote: > > I know of several organizations in the Washington / NoVa / MD > area that were > effected - the MD Motor Vehicle Administration was offline for > quite some > time, for example. > > > Sadly - too many people, many who should know better, assumed > that as long > as the "edge" was secured than all was good. Unfortunately it > only takes > one laptop (for ex) to break that theory :). Makes me wonder about people's security policies. Bringing in a laptop that isn't running software approved by IT shouldn't be allowed. This software should include patched OSs, anti-virus, and personal firewall. Of course, enforcing that is difficult. Friday night I was walking by a local bank and noticed that the ligths were still on. I had to chuckle when I looked inside and noticed IT guys hunched over PCs at the tellers' stations. I'm pretty sure I know what they were doing. And yes, IT guys are easy to recognize. You know who you are. :-) Today I went to my favoriate local coffee shop. The public Internet acccess PC was turned off with a sign that said, "Not in service due to virus. Bye, bye Miss American Pie." Ah, the day the music died. This blaster thing is yet another wake-up call. The big one is still coming. We are lucky that so far it's been benign tricksters attacking our networks. Sorry for the dire warning, but I truly predict a huge failure at some point. Argh > > > Luckily - this was/is a very sloppy worm: > Noisy enough to easily tracedown > Poor propogation method > Limited vectors of attack > No destructive payload > (don't get me wrong - having a backdoor is bad, but let's say > it wiped data > from hardrives 8 hours after infecting them, or performed some > other > non-randon act of data destruction) > ... and, to top it all off, its attempted DoS was to the wrong > URL and > was easily sidestepped, although some people caused local RST > floods on > their network by attempting to mitigate it incorrectly :) It's not just Microsoft that has software bugs! Getting the wrong URL was an amazingly stupid bug, but benign. A lot of the infamous worms of the past spread unintentionally like wildfire because of software bugs. Why is software so hard to get right? Well, I know why. But this has gotta change Priscilla > > > > Thanks! > TJ > ... not all windows admin's are incompetent > ... and some are network admins as well :) > > -Original Message- > From: Reimer, Fred [mailto:[EMAIL PROTECTED] > Sent: Saturday, August 16, 2003 4:23 PM > To: [EMAIL PROTECTED] > Subject: RE: OT Microsoft worm [7:74045] > > For reasons of confidentiality I won't and can't name any > names, but I am > aware of several hospitals that were affected pretty > seriously. Everyone > here knows that Cisco Call Manager runs on Windows, so imagine > what happens > to your entire phone infrastructure if you are running VoIP. > Network grinds > to a halt and admitting can't access the applications to admit > people in the > ER. Lab orders don't go through, so meds can't be dispersed > based on the > results of tests. Everything goes back to a paper fall-back > scheme until > the Windows administrators patch the systems like they should > have done > weeks ago. > > So no, don't assume that even large organizations have a handle > on things. > Especially hospitals which are notoriously on the low end as > far as > adequately staffing, at the right levels, their IT staff. > > One thing I sincerely hope is changed in our lexicon is calling > Windows > administrators "network administrators." It makes me > physically ill, > because those folks don't "administer" the "network," if > anything they > actually do can be classified as competent administration. > They should be > called what they are "systems administrators," or, if you want > to be more > specific, "Windows administrators." I personally think they > deserve a > classification of their own. > > All I can say is that the Windows systems that our group has to > use and is > responsible for were patched long ago, and did not exhibit any > issues. > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA > 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary > information which > may be legally privileged. It is intended only for the named > recipient(s). > If an addressing or transmission error has misdirected the > email,
Re: Is it possible to upgrade 2500 series to a 2600 series [7:74131]
I can only assume this query was spawned by people running 3000s as 2500s?? Brian - Original Message - From: "MADMAN" To: Sent: Monday, August 18, 2003 2:43 PM Subject: Re: Is it possible to upgrade 2500 series to a 2600 series [7:74128] > Sleek wrote: > > Hi all, > > > > I would like to know if it is possible to upgrade a 2500 series router to a > > 2600 series router and if it is possible I would also want to know the > > required materials for upgrade. > > > > Regards, > > > > Osaz. CCNA > > Yes. a P.O. or credit card should do the trick ;) > >Dave > > **Please support GroupStudy by purchasing from the GroupStudy Store: > > http://shop.groupstudy.com > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > > > > -- > David Madland > CCIE# 2016 > Sr. Network Engineer > Qwest Communications > 612-664-3367 > > "Government can do something for the people only in proportion as it > can do something to the people." -- Thomas Jefferson > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74131&t=74131 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: QoS Exam 642-641 [7:74081]
Yea! I passed. It was pretty easy though. (No tricks or hazy questions in this test.) I guess I'm still bitter after having to take the Safe Exam 2x to pass. Now onto the CCNP recert which I hear is quite fun. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74132&t=74081 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Possible Errata Additions: CCIE(TM): Cisco Certifi [7:74091]
Marco P. Rodrigues wrote: > > Errata: CCIE(TM): Cisco Certified Internetwork Expert Study > Guide, Second Edition > By Rob Payne; Kevin Manweiler > > > If someone is reading this book can they confirm some > inconsistencies > I've come across while reading the book. I'm currently on > Chapter 7 > and I've found the following problems (at least I think they are > problems) > > > Pg 98. > > Paragraph Five last sentence reads: > > "DTE devices include terminals, PCs, routers, and bridges > (customer-owned end node and internetworking devices) and DTE > devices > are devices such as packet switches" > > Shouldn't it read: > ".. and DCE devices are devices such as packet switches" That's the kind of simple mistake that is unfortunately really easy to make when writing lots of material. Someone should have caught it, but publishing processes are not optimized for finding errors. (You would think they would be, but they aren't.) Sounds like your change is correct. > > Pg. 193. > > Figure 6.1 Bit 46 should read U/L and not I/G as listed in bit > 47. Tell us more and maybe we can confirm that your fix is right. Figures are very prone to copy-and-paste errors. It's probably just that. A lot of publishers have artists redraw the figures. I guess to make sure they get the font right they copy and paste a lot. > > Pg. 194 > > Figure 6.2 (Ethernet II Frame) > > Sync (Pattern 11) should read 2 bits and not "11 bits" Maybe they meant the value in binary, not the number of bits??? I realize you were hoping somebody who actually had the book would respond, but nobody did, so I did! :-) Bottom line, trust your instincts. You probably have truly found some mistakes that you should report to the publisher. By the way, is the book good otherwise? The Amazon reviews look positive. Priscilla > > Pg. 207 > > set port duplex 2/10 full is issued in the config but the show > port > output lists the duplex speed as being half. All the other > config > changes match up with the output. > > Pg. 223 (Explanation of the command channel-group 1 mode > desirable) > > Should read PAgP and not DTP. > > > > I've come across more , a few matched up with the Errata on > Sybex's > website. I just haven't been keeping track. I guess I'll start > noting > mistakes as I find them. > > If someone can confirm this with me I would appreciate it, and > I'm > sure the authors would too. > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74133&t=74091 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: OT Microsoft worm [7:74045]
on that topic, the following has been circulating regaring Cisco vulnerabilities. I think the real worry is not that some joker is going to attmept to bring down a couple of routers with a half assed exploit. The very real concern is that some more sinister group or organization might try to destroy data communications with a well thought out well planned attack. as I said previously, nobody should be getting smug or looking down their noses at Microsoft or any other OS. All OS's are vulnerable. > Subject: THREE VULNERABILITIES THREATEN CISCO SOFTWARE > > FYI > > *THREE VULNERABILITIES THREATEN CISCO SOFTWARE > Attackers can leverage a trio of unrelated problems to cause data > compromise, reboot, a denial of service, or execution of arbitrary code in > three separate pieces of Cisco Systems software. > > The first vulnerability affects the CS800 chassis system controller module > (SCM). Since the SCM waits for responses to its pings, an external flood > of SYN packets to the SCM's circuit address can fool the SCM into > rebooting the CS800, causing a denial of service. Such an attack is > possible with only a few TCP sessions over a fast Internet connection. > Cisco recommends users of models 11050, 11150 and 11800 upgrade to WebNS > 5.00.110s. Using access control lists to limit the traffic to the SCM's > circuit address is an effective mitigation. > > The second vulnerability is in the udp-small-servers service on Cisco > devices running IOS 12.0 (3.2) and earlier is the source of another > vulnerability. An attacker sending malformed UDP packets receives replies > that contain portions of the data in router memory, which could include > confidential information. Alternatively, users can disable > udp-small-servers--the default since release 11.2(1). A fix is also > available. > > A third vulnerability in releases up to 12.3 and 12.3T requires a great > deal of effort to exploit: a malformed GET request with more than 2 GB of > data directed to the IOS HTTP server can cause a buffer overflow and could > lead to the execution of arbitrary code. A workaround uses ACLs to limit > which hosts can access the http server. Software fixes and workarounds are > available from Cisco. > http://www.cisco.com/warp/public/707/cisco-sn-20030731-ios-udp-echo.shtml > > > > ""Reimer, Fred"" wrote in message news:[EMAIL PROTECTED] > I agree with you. Again, without naming names, I know several customers > that have not upgraded their IOS software to patch the IPv4 vulnerability, > and some don't even have a plan or schedule to do so! We upgraded to > appropriate code quite quickly after we were aware of the problem. > > Imagine if the recent worm had a timer set not to attack Microsoft's site, > but instead to attack Cisco routers with that vulnerability. Use a > Microsoft bug to DDoS on Cisco gear! That would have been catastrophic. > > Fred Reimer - CCNA > > > Eclipsys Corporation, 200 Ashford Center North, Atlanta, GA 30338 > Phone: 404-847-5177 Cell: 770-490-3071 Pager: 888-260-2050 > > > NOTICE; This email contains confidential or proprietary information which > may be legally privileged. It is intended only for the named recipient(s). > If an addressing or transmission error has misdirected the email, please > notify the author by replying to this message. If you are not the named > recipient, you are not authorized to use, disclose, distribute, copy, print > or rely on this email, and should immediately delete it from your computer. > > > -Original Message- > From: "Chuck Whose Road is Ever Shorter" [mailto:[EMAIL PROTECTED] > Sent: Saturday, August 16, 2003 11:26 PM > To: [EMAIL PROTECTED] > Subject: Re: OT Microsoft worm [7:74045] > > ""Reimer, Fred"" wrote in message > news:[EMAIL PROTECTED] > > For reasons of confidentiality I won't and can't name any names, but I am > > aware of several hospitals that were affected pretty seriously. Everyone > > here knows that Cisco Call Manager runs on Windows, so imagine what > happens > > to your entire phone infrastructure if you are running VoIP. Network > grinds > > to a halt and admitting can't access the applications to admit people in > the > > ER. Lab orders don't go through, so meds can't be dispersed based on the > > results of tests. Everything goes back to a paper fall-back scheme until > > the Windows administrators patch the systems like they should have done > > weeks ago. > > > > So no, don't assume that even large organizations have a handle on things. > > Especially hospitals which are notoriously on the low end as far as > > adequately staffing, at the right levels, their IT staff. > > > > One thing I sincerely hope is changed in our lexicon is calling Windows > > administrators "network administrators." It makes me physically ill, > > because those folks don't "administer" the "network," if anything they > > actually do can be classified as competent administration. They should be > > called what they are "systems administrato
Re: DSL over Dry Copper [7:74117]
""Dain Deutschman"" wrote in message news:[EMAIL PROTECTED] > Hi All, > > Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS > or Celsian G250 LAN Extenders? I want to create a dsl connection over dry > copper between two sites. Cisco reseller helpline was mildly helpfull. What > are some of you using for this type of situation? I have heard it said that all you need to do is connect a couple of 827's and you are done. I don't know the specifics.. :-> http://www.pbs.org/cringely/pulpit/pulpit20010823.html http://www.isp-planet.com/technology/homebrew_dsl.html one place I saw said to check out what alarm companies order - they use dry copper. or you can use the Long Reach ethernet product from Cisco at each end. I'm sure there are competitors. > > Thanks, > > -- > Dain Deutschman > ccnp, css-1, cnss infosec, mcp, cna > Data Communications Manager > New Star Sales and Service, Inc. > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74135&t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Data Center Design [7:74126]
Are you interested in doing the ground up, or just the network Side..I have been involved in both... Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Juan Blanco Sent: Monday, August 18, 2003 2:22 PM To: [EMAIL PROTECTED] Subject: Data Center Design [7:74126] Team, Where will I be able to find information about designing a Data Center Room. As always I appreciate your help and recommendation. Thanks, Juan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74136&t=74126 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: QoS Exam 642-641 [7:74081]
I used the knowledgenet QoS training course and Boson #1 QoS practice test to study for the test. (I probably could have gotten away with just using the knowledgenet QoS training course though.) Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74142&t=74081 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: QoS Exam 642-641 [7:74081]
Charlie, Congrats!! Good to let us know; I should do it some day. (Which materials did you use for this one?) Again, Congrats!! Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74140&t=74081 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
PIX and Router Setup Question [7:74141]
Network is as such: Internet - 1721 - 515 PIX - Network We do not have many live IP addresses, so we want to use one on the 1721 Outside. Between the 1721 and the PIX we want to use a private network, say 192.168.1.x /24. On the inside PIX we will use the IP of the internal network (also a private address). The problem comes in how to setup the PIX to work properly. The 1721 is using NAT, and I would assume I need NAT on the PIX as well. At this point things get confusing! We are hosting a website on the internal network, as well as an email server. I want to see them from the Internet. Question is, do I need to double NAT, or is there some way to have the PIX just pass the internal network to the Router? Thanks! Michael Barnhart Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74141&t=74141 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: Data Center Design [7:74126]
Larry just about designed my one also, so I recommend him as a vital source of info. Its still going strong here. -Original Message- From: Larry Letterman [mailto:[EMAIL PROTECTED] Sent: Tuesday, 19 August 2003 10:49 AM To: [EMAIL PROTECTED] Subject: RE: Data Center Design [7:74126] Are you interested in doing the ground up, or just the network Side..I have been involved in both... Larry Letterman Cisco Systems -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Juan Blanco Sent: Monday, August 18, 2003 2:22 PM To: [EMAIL PROTECTED] Subject: Data Center Design [7:74126] Team, Where will I be able to find information about designing a Data Center Room. As always I appreciate your help and recommendation. Thanks, Juan **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html ** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.solution6.com ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74138&t=74126 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: DSL over Dry Copper [7:74117]
What is dry copper? Dry copper refers to twisted pairs that are not connected to a telephone switch, battery or anything else between customer locations. They are merely cross-connected in between. The term "dry" actually originated over 100 years ago, when batteries were first used to power telephones. A dry pair had no power applied to it from the CO and a "wet" one did. Some folks have been able to implement xDSL via dry copper connection between two sites. By simply placing xDSL modems at each end of the dry copper connection, a xDSL may be possible with little intervention from the perspective of the CO. However, this is a risky method of deploying xDSL, especially asymmetrical versions. The problems occur when there is interference between the dry copper xDSL lines and other lines nearby, such as T1 and POTS. Typically dry copper has been used for low speed alarm circuits. By implementing xDSL service over dry copper, you run the risk of future problems. You may disrupt service at the CO and hence, the CO's customers. Unless you have specifically contracted for this method of xDSL service in advance, beware > -Original Message- > From: Priscilla Oppenheimer [SMTP:[EMAIL PROTECTED] > Sent: Tuesday, August 19, 2003 2:38 PM > To: [EMAIL PROTECTED] > Subject: Re: DSL over Dry Copper [7:74117] > > Uh, what is dry copper? Is it analogous to "dark fiber?" > > Thanks > > Priscilla > > "Chuck Whose Road is Ever Shorte wrote: > > > > ""Dain Deutschman"" wrote in message > > news:[EMAIL PROTECTED] > > > Hi All, > > > > > > Does anyone know if Cisco makes a product similar to the > > Pairgain Campus > > HRS > > > or Celsian G250 LAN Extenders? I want to create a dsl > > connection over dry > > > copper between two sites. Cisco reseller helpline was mildly > > helpfull. > > What > > > are some of you using for this type of situation? > > > > > > I have heard it said that all you need to do is connect a > > couple of 827's > > and you are done. I don't know the specifics.. :-> > > > > http://www.pbs.org/cringely/pulpit/pulpit20010823.html > > > > http://www.isp-planet.com/technology/homebrew_dsl.html > > > > one place I saw said to check out what alarm companies order - > > they use dry > > copper. > > > > or you can use the Long Reach ethernet product from Cisco at > > each end. I'm > > sure there are competitors. > > > > > > > > > > Thanks, > > > > > > -- > > > Dain Deutschman > > > ccnp, css-1, cnss infosec, mcp, cna > > > Data Communications Manager > > > New Star Sales and Service, Inc. > > > **Please support GroupStudy by purchasing from the GroupStudy > > Store: > > > http://shop.groupstudy.com > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html ** This electronic message together with any attachments is confidential. If you receive it in error: (i) you must not use, disclose, copy or retain it; (ii) please contact the sender immediately by reply email and then delete the emails. Views expressed in this email may not be those of the Airways Corporation of New Zealand Limited ** Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74144&t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: DSL over Dry Copper [7:74117]
""Priscilla Oppenheimer"" wrote in message news:[EMAIL PROTECTED] > Uh, what is dry copper? Is it analogous to "dark fiber?" as a matter of fact, yes. copper from your friendly telco with no dial tone. a local loop with no signaling equipoment attached. alarm companies use it extensively, place their own signal on it, and thwart the burglars I have heard tell of folks using dry pair to create private point to point DSL. I don't personally know anyone who has done so. HTH > > Thanks > > Priscilla > > "Chuck Whose Road is Ever Shorte wrote: > > > > ""Dain Deutschman"" wrote in message > > news:[EMAIL PROTECTED] > > > Hi All, > > > > > > Does anyone know if Cisco makes a product similar to the > > Pairgain Campus > > HRS > > > or Celsian G250 LAN Extenders? I want to create a dsl > > connection over dry > > > copper between two sites. Cisco reseller helpline was mildly > > helpfull. > > What > > > are some of you using for this type of situation? > > > > > > I have heard it said that all you need to do is connect a > > couple of 827's > > and you are done. I don't know the specifics.. :-> > > > > http://www.pbs.org/cringely/pulpit/pulpit20010823.html > > > > http://www.isp-planet.com/technology/homebrew_dsl.html > > > > one place I saw said to check out what alarm companies order - > > they use dry > > copper. > > > > or you can use the Long Reach ethernet product from Cisco at > > each end. I'm > > sure there are competitors. > > > > > > > > > > Thanks, > > > > > > -- > > > Dain Deutschman > > > ccnp, css-1, cnss infosec, mcp, cna > > > Data Communications Manager > > > New Star Sales and Service, Inc. > > > **Please support GroupStudy by purchasing from the GroupStudy > > Store: > > > http://shop.groupstudy.com > > > FAQ, list archives, and subscription info: > > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74143&t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: DSL over Dry Copper [7:74117]
Uh, what is dry copper? Is it analogous to "dark fiber?" Thanks Priscilla "Chuck Whose Road is Ever Shorte wrote: > > ""Dain Deutschman"" wrote in message > news:[EMAIL PROTECTED] > > Hi All, > > > > Does anyone know if Cisco makes a product similar to the > Pairgain Campus > HRS > > or Celsian G250 LAN Extenders? I want to create a dsl > connection over dry > > copper between two sites. Cisco reseller helpline was mildly > helpfull. > What > > are some of you using for this type of situation? > > > I have heard it said that all you need to do is connect a > couple of 827's > and you are done. I don't know the specifics.. :-> > > http://www.pbs.org/cringely/pulpit/pulpit20010823.html > > http://www.isp-planet.com/technology/homebrew_dsl.html > > one place I saw said to check out what alarm companies order - > they use dry > copper. > > or you can use the Long Reach ethernet product from Cisco at > each end. I'm > sure there are competitors. > > > > > > Thanks, > > > > -- > > Dain Deutschman > > ccnp, css-1, cnss infosec, mcp, cna > > Data Communications Manager > > New Star Sales and Service, Inc. > > **Please support GroupStudy by purchasing from the GroupStudy > Store: > > http://shop.groupstudy.com > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74139&t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Re: Data Center Design [7:74126]
""John Brandis"" wrote in message news:[EMAIL PROTECTED] > Larry just about designed my one also, so I recommend him as a vital > source of info. Its still going strong here. I have had the privilege of a tour of one of Larry's data centers at Cisco. I agree - Larry Da Man. Excellent grasp of physical and logical design. > > -Original Message- > From: Larry Letterman [mailto:[EMAIL PROTECTED] > Sent: Tuesday, 19 August 2003 10:49 AM > To: [EMAIL PROTECTED] > Subject: RE: Data Center Design [7:74126] > > Are you interested in doing the ground up, or just the network > Side..I have been involved in both... > > > Larry Letterman > Cisco Systems > > > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of > Juan Blanco > Sent: Monday, August 18, 2003 2:22 PM > To: [EMAIL PROTECTED] > Subject: Data Center Design [7:74126] > > > Team, > Where will I be able to find information about designing a Data > Center Room. As always I appreciate your help and recommendation. > Thanks, > > Juan > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > > ** > This email and any files transmitted with it are confidential and > intended solely for the use of the individual or entity to whom they > are addressed. If you have received this email in error please notify > the system manager. > > This footnote also confirms that this email message has been swept by > MIMEsweeper for the presence of computer viruses. > www.solution6.com > ** > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74145&t=74126 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: DSL over Dry Copper [7:74117]
How do you order dry copper? Ryan -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Monday, August 18, 2003 8:44 PM To: [EMAIL PROTECTED] Subject: Re: DSL over Dry Copper [7:74117] ""Dain Deutschman"" wrote in message news:[EMAIL PROTECTED] > Hi All, > > Does anyone know if Cisco makes a product similar to the Pairgain Campus HRS > or Celsian G250 LAN Extenders? I want to create a dsl connection over dry > copper between two sites. Cisco reseller helpline was mildly helpfull. What > are some of you using for this type of situation? I have heard it said that all you need to do is connect a couple of 827's and you are done. I don't know the specifics.. :-> http://www.pbs.org/cringely/pulpit/pulpit20010823.html http://www.isp-planet.com/technology/homebrew_dsl.html one place I saw said to check out what alarm companies order - they use dry copper. or you can use the Long Reach ethernet product from Cisco at each end. I'm sure there are competitors. > > Thanks, > > -- > Dain Deutschman > ccnp, css-1, cnss infosec, mcp, cna > Data Communications Manager > New Star Sales and Service, Inc. > **Please support GroupStudy by purchasing from the GroupStudy Store: > http://shop.groupstudy.com > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74146&t=74117 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
RE: QoS Exam 642-641 [7:74081]
Charlie, Thanks. Actually, with knowledgenet, one may not need to buy practice exams a knowledgenet course, if it targets a given certification exam, is sufficient. How I wish that I could have unlimited means to buy these online courses:-) Anyway, Thanks a lot. Mwalie Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=74149&t=74081 -- **Please support GroupStudy by purchasing from the GroupStudy Store: http://shop.groupstudy.com FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
