Re: Turning a PC Into a Franken-PIX [7:26539]
Francis Lind wrote: Hello all, I am currently planning on earning my CQS in Security but don't have the money to buy a PIX. I had heard from my CCNP instructor that there are directions out there on turning a PC into one. If anyone has a link or the info I'd greatly appreciate it. Word on the CCIE Security list is that you require a PIX flash card, which sells for ~ $700 US. With that, you could easily buy a 501 or maybe even a used 506 on Ebay. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26547t=26539 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Spanning Tree Protocol [7:26538]
Randy Lopez wrote: What Multicast address does STP use? Since spanning tree is a layer 2 protocol, why would it use any multicast address? STP is used between directly connected switches and uses BPDU packets, flooded out all ports for set up. Not multicast. http://www.cisco.com/warp/public/473/5.html Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=26548t=26538 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCNP exams [7:24062]
Ken W. Alger wrote: A quick question about the CCNP exams... How much of the covered material is IOS specific versus knowledge about protocols etc. I guess the real question is how difficult is it to pass the exams without spending a gob of cash on lab equipment? Its easy to pass the tests without any hands on, but you won't be better off for it. It's really up to you, and what you want to gain. If you want to master the subject matter, hands on experience of some type is a must. But you need not spend gobs of cash. I have put together a smallish lab (4 2500's and 1 2600 and 1 Pix so far) for ~$3500. Even with a switch it will be less than 5K, which isn't bad at all. I think. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=24070t=24062 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: O.T : Heart By-pass Surgery...Anyone got any links???? [7:6452]
Howard C. Berkowitz wrote: Hi, i have seen recently a vast amount of non-cisco related questions recently and i thought that i would try my luck my uncle needs some heart surgery and was wondering if anyone has some advise. Well, I'm not sure exactly what you are asking, but both having done some biomedical engineering and also having been through angioplasties, bypass, pacemakers, and various research procedures... Did anyone see that they just accomplished bypass surgery without cutting into the chest? I guess thats like wireless technology, eh? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=6452t=6452 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: certificate [7:5200]
Jim Bond wrote: Hello, My client wants to use certificate server to authenticate PCs on the network. Is there a way to do it? I thought certificate has to be used with browser. How do you give PC a certificate? 1. What the hell does this have to do with Cisco, with Cisco certifications or with study for Cisco certifications? Why on God's green earth would you think that this is the sort of place for your question? I'm really curious. 2. Of course you can authenticate users (who log into a PC on a network) using certificates. How do you give a PC a certificate? You copy the file on to it. Viola. Check the web, use a search engine, and learn the answers. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5211t=5200 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Is it legal to distribute of Juniper Olive (JUNOS) code for [7:5131]
fingers wrote: Hi Sean I'm hoping it is legal, as I've been looking for this software for quite some time. We'll be purchasing a few M40's in the next few months, and I'd like to prepare for the new platform before the time. A quick search of some meial archives on the web shows that Juniper has asked that it not be distributed, and stated that there is no lisence to use it, so it should not be used. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5131t=5131 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Is it legal to distribute of Juniper Olive (JUNOS) code for [7:5170]
Nnanna Obuba wrote: Could you post this search result for us to see? I see no such warning on there website http://puck.nether.net/lists/juniper-nsp/0463.html The author used an @juniper.net email, so I assume he's in the know. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=5170t=5170 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Question for EE majors [7:4566]
[EMAIL PROTECTED] wrote: This may be a rudimentary question for all the EE majors out there. Can anyone tell me what the 0x in front of 0x00-80-C2?( Why don't they just use the 00?) 0x indicates hex. IIRC, 00 would indicate Octal. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4614t=4566 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what is a good intrusion detection software? [7:4610]
Sean Young wrote: I have a few suggestions for you: 1) get rid of Microsoft windows servers and Sun Solaris; Use only NetBSD and software that are open-source, This is the most ignorant suggestion I have ever seen. How many times will it have to be repeated before it gets through... OS's aren't secure. None of them. Proper administration, among other things, makes them more secure, but nothing is ever totally secure. Anyone who thinks otherwise is a fool. And furthermore, I wish everyone would stop thumping their chests about *BSD and how wonderfully secure it is... 2) Replace Cisco routers with Juniper routers, Do you actually think this makes sense? 3) For IDS software, I strongly recommend Man-Trap and Man-Hunt. If you are just a cheap-skate like me, Tripwire is a pretty solution too. Tripwire (or AIDE, take your pick) is not an IDS solution. It is a file integrity checker. I will not detect an intrusion, it detects the consequences of an intrusion, specifically the modification of files. For a network IDS, I think the general consensus is that SNORT is tops. For a host based IDS... well, I use commercial ones, so I really have no opinion. And to the OP... to be specifically technical, an IDS does nothing to assist your security. It allows you a greater incident response capability. (and anyone who mentions things like dynamic ACL updates and router shunning, etc... Show me a network that does this, I'd love to see one.) Maybe one day someone will release an IPS (intrusion prevention system) but until then, we can only react. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4635t=4610 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How work in large environment? [7:4420]
anthony wrote: I have been in the field now for about 4 years. I worked my way up from the bottom as a desktop support tech and for the last year and a half been working with cisco equipment and alteon equipment in a small environment. I have set up a web site, VRRP, HSRP, BGP multihoming, VLANs, VPNs, and PIX firewalls. I got my CCNA and have one exam left for CCNP. How do I make the jump from a small company to a large company? I understand the concepts and I am fairly proficient with the lower line of Cisco equipment like 4000 and below switches and 2600 and below routers. I really want to get a job with a larger company or even and ISP where I can challenge myself and get the experience to someday get the CCIE. Any suggestions are much appreciated. I worked for two large networks, and both of them used such routers for customer site connections, so there is a market for these skills. My guess would be to hit Monster/Dice/Headhunter, etc and aim for the stars. I wouldn't think you'd have a problem getting a gig, esp. once you complete the CCNP and can show good, real world experience. Best of luck and good hunting. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4429t=4420 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Anyone used SNORT [7:4436]
Roberts, Timothy wrote: Has anyone used SNORT for IDS purposes? Any reviews? You'll find a whole lot of SNORT users on the SNORT mailing list. Just don't go asking them Cisco questions... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4445t=4436 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE #7354 - for Jeff McCoy [7:3998]
Marc Quibell was seen in the killfile saying: Ha ha you guys are too funny, but failed to contribute anything of substance. Way to go newbies and wannabies. LOL! You sure are a master of contributing nothing. BTW, youngen Eric, I was troubleshooting Cabletrons b4 there was Cisco. And the relationship? Guess where Cisco and IOS came from? CABLETRON. You learn something new everyday don't ya newbie. Fortunatley, not from you. Still waiting for DUNG to answer the really simple questions. Geez people, maybe he's got real good, satisfying answers and THEN I can congradulateotherwise, congrats are not warranted merely for passing a Cisco test, albiet a very difficult one. There are more things in Internetworking than Cisco, including better/faster routers, switches, firewalls...etc. And Engineers don't need to troubleshoot IPX and token ring crap anymore like they do in the CCIE lab...You Cisco weenies need to get off your high horses: CCIE is not INternetworking God. I'd like to see a CCIE troubleshoot a Cellworks atm/frame-relay cloud. Heh.. This is a list for people who are studying for Cisco certifications. I know you may have difficulty grasping it, but that is probably a big reason people here tend to discuss Cisco more than usual. Get a fscking life already, will ya? Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4176t=3998 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Vlan Question [7:4038]
Brad Shifflett wrote: The user is a very high political figure who is real cautious about security and paranoid. I like the idea of a seperate nic in the server and two subnets. The cost of switches could be a deciding factor. Thanks for the input guys! I hope he doesn't figure out that if the server gets compromised, he may be compromised along with it... =) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4038t=4038 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE #7354 - for Jeff McCoy [7:3998]
Q wrote: Yeah, but what do u do for a living? And do you have any real experience and to what extent? Survey says! Q Survey says... you're a twit. *PLONK* Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=4043t=3998 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: security opinions please [7:3666]
ccnawan wrote: In my experience I have been taught, it not a good idea to write about How tos in regards to security in a open forum like this? Dan Evensen Go tell that to SecurityFocus... I guess they'll want to pull their penetration test, incidents, and bugtraq mailing lists. And their online vulnerability database. Point being, this stuff isn't secret as it is. The more people know about it, the _less_ the risk. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3792t=3666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: FW: security opinions please [7:3666]
Eric Rivard wrote: If Cisco recommends and companies like Microsoft and Excite are implementing it, I don't see how it can be a security risk. It can be, and it is. But, so is just about everything. It is the probability of the risk being exploited that really matters, and in this case I see that as a small one. Now, lets talk about using Microsoft as a security benchmark... ;-) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3706t=3666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: security opinions please [7:3666]
Michael Cohen wrote: How does one go upon penetrating the internal VLAN on a switch while only having access to the external VLAN and not traversing the PIX in the middle? I have heard the response from numerous security engineers that anything is possible however I guess I'm a novice because I have never seen nor heard of this being done in the situation mentioned above. I attribute the idea of physically seperating these networks (even though VLAN based seperation is just as effective) as security paranoia. They say you have to do is flood the switch with ARP requests and overflow the CAM table... easy to talk about, hard to do in practice. There are, however, some tools that suppose to help you attack a switch. macof, part of dsniff, comes to mind. As does ettercap. In fact, I've never seen VLAN's mentioned as anything more than a handy way to break up broadcast domains. I don't consider them a security feature, and I don't know anyone else who does either. Some decent reads: http://mlarchive.ima.com/firewalls/1999/4507.html http://packetstorm.securify.com/9909-exploits/vlan_security.txt Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3712t=3666 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Just been Hacked!!!!! [7:3452]
Kevin O'Gilvie wrote: Apparently over the weekend Poison Box got pass my Pix and overwrote some files on the intranet Box and maybe more damage than I know of at this Moment. I need help on finding out hjw they got in and how to prevent it happeneing in the future. Please help. Contact a professional Incident Response company if you are really concerned. If you are just curious, you may want to post the relevant information (logs, times, dates, etc) to the Incident mailing list that Security Focus maintains. http://www.securityfocus.com (browse for mailing lists) Just some advice...(forgive my indulgence of this OT post) don't mess with the machine that you think has been hacked. Take it offline and leave it alone. If you have suffered damages and want to take this to court, that system is evidence and should be treated as such. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3457t=3452 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Certifications worth? [7:3311]
ccnawan wrote: I have to ask this question in light of so many experienced certified people looking for work. Why is there so many advertising on the jobs list, and here. I see it everywhere, if being certified is worthwhile? It is not because of the recent down turn. I saw this before. The advertised figure is 150,000 supposedly open computer positions in the U.S. These figures are misleading. Open positions or not, companies tend to make do with what they have, and esp. in a time of uncertain economic conditions such as this. Certifications help, but they don't, IMO, do the job alone. You need a broad base of experience to give weight to the certifications, not the other way around. My last position my pay was 54,000 + expenses, mileage, pretty good for Kentucky. I recently got a call that wanted to pay me 40,000 for a more advanced position. Network engineer. Companies are trying to pay less, and less. Auto mechanics make more than 40,000 a year. College graduates in the computer field average 40K as a starting wage. I have been looking for a new position over the last few weeks, and have gotten several offers, the smallest of which was a 15% raise, and the greatest close to 40%. Its all in how you sell yourself, and what skills you have. As a reference, my current pay is closer to 100 than it is to 50. Keep looking, its out there. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3320t=3311 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: MCSE [7:3181]
David Chandler wrote: Is this a sneak peak at IOS 13.x ??? :- DaveC I thought it was ROT-13 =) Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3201t=3181 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco PIX vs Checkpoint FIrewall-1 [7:2878]
Maness, Drew wrote: But today firewalls protect the IP stack. While they are running, yes. You can cause the software to crash, often leaving the machine, and the network, exposed. This is one of the big problems with a software firewall. And most people know that a proxy is not a firewall. So this hardware based is better than software based stuff does not ring true. Don't tell this to Axent... Raptor is an application proxy firewall, and a right good one at that. I think the main problem is that not many people actually understand what an application proxy is, nor do they understand how one works. Also, the definitions are a bit mixed by the vendors... From the dictionary: Firewall. Computer Science. Any of a number of security schemes that prevent unauthorized users from gaining access to a computer network or that monitor transfers of information to and from the network. Proxy. A mechanism authorized to act for another; an agent or a substitute. Looking at it from this muddle, you can call many firewalls proxy servers, and most proxy servers firewalls. My rule has always been to be strictly technical... there are Layer 7, or application level gateways, and there are layer 2, circuit level gateways. Figuring out where a statefull inspection scheme like Checkpoint fits in is left as an excercise... Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3213t=2878 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: OT: Traffic analyzer [7:3223]
Roberts, Timothy wrote: I am looking for a tool that will perform a similar function to traceroute but will log the results and build reports from those results. So basically something that will test throughput from host-network-host and report where any slow downs occurred. Thanks Just my opinion, but I sure wouldn't want to rely on the UDP/ICMP packets that traceroute relies on to do performance measurment of any serious nature. Traceroute is handy to calculate a rough idea of round trip time, but nowhere near precise enough to be used for this sort of goal. http://www.cisco.com/warp/public/63/ping_traceroute.html#perf When a packet destination is the router itself, this packet has to be process-switched. The processor has to handle the information from this packet and send an answer back. This is not the main goal of a router. By definition, a router is built to route packets. Answering a ping is offered as a best-effort service. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3232t=3223 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Sniffers [7:3035]
Victor Chan wrote: Do anyone know of any free sniffers? Is there any web sites you can refer me to? NetMon on Windows, TCPDump on Linux, BSD, AIX, Snoop on Solaris, etc etc... a quick web search on this would have saved everyone some bandwith. Please refrain from laziness. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=3042t=3035 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: PIX Question [7:2061]
Sammi wrote: While the 520 chassis is significantly larger than the 515, I cannot discern added hardware or functionality that accounts for the differences. Probably the same reason that the NetRanger is shipped in a 4U case. Legacy from the Wheel Group. Small company, 4U cases are alot cheaper than 2U or 1U cases, and easier to construct. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=2087t=2061 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what does no logging console mean? [7:1708]
beth shriver wrote: I noticed this in my main config and curious as to what it is preventing. Wow... you aren't the only one who has been baffled by this cryptic message. In fact, the millions of confused Cisco customers must have flooded the TAC and its support people, so some brilliant mind decided to document this, and every other, command on the Cisco webpage! This has become such a popular destination for the curious of mind that the search feature is prominently displayed right there on the first page of their website!! For the less curious... well... I'm sorry. From their page: no logging console This command limits the logging messages displayed on the console terminal to messages with a level at or below level. The argument level is one of the following keywords, listed here in order from the most severe to the least severe level: emergencies--System unusable alerts--Immediate action needed critical--Critical conditions errors--Error conditions warnings--Warning conditions notifications--Normal but significant condition informational--Informational messages only debugging--Debugging messages The default is to log messages to the console at the warnings level. The no logging console command disables logging to the console terminal. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1715t=1708 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Fwall Win2k Terminal server Clients [7:1598]
Russell Lusignan wrote: I assume your firewall is NAT'ng right? Make sure that you specify a source port range of 1-65535 and a destionation port of 3389. TCP randomly selects the source port number when a session starts, so if you are filtering on source port 3389 and destination port 3389, there is a 1 in 65535 chance you will get through the firewall. Make sense? Makes sense, but it is just slightly off. For outgoing connections a random port is selected. This is commonly known as an Ephemeral Port, and for Win2K is in the range of 1024 and 5000. Opening all ports, even if only to one destination, is not the best thing to do. You could roll the dice and select even a smaller range, say 1024 to 3000, since the mechanism for selecting ports is pretty simple and it is unlikely that a normal desktop user will have enough established connections to run all the way up into the 5000's. -Ds Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1638t=1598 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Token Ring in Lab [7:1640]
sdonoho wrote: I am fortunate enough to have 2 2514's in my home lab and I would like to utilize the token ring interface on each of these routers. However I do not have any other token ring hardware, No MSAUs, NICs or token ring switches. My question to the group is, how can I use these interfaces in my lab for CCIE study since I have nothing to connect them to? The obvious answer is to go out and by a 3900 token ring switch, but I have few dollars left to spend on my lab. Is there a way(cheap way) to loop back a token ring interface so I can at least get to an up/up state? Or is there a better way to use these interfaces? I have virtually no experience with token ring(besides the theory). I would appreciate any help. TR MAU's are dirt cheap on e-bay, and a NIC can be had fairly cheap. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1644t=1640 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security question [7:1079]
BASSOLE Rock wrote: Hello People, We currently putting security into our Border Routers. We intend to protect ourselfs form smurf, anti-spoofing and SYN Flood attacks. Can somebody tell me what is the difference between DDoS and DoS. DoS, or denial of service, is generally used to describe (strictly) the condition that occurs when an attacker uses methods to cut your connection off from the world. SYN flooding is the most common example. A DDoS, or distributed denial of service describes a coordinated attack by many (often more than several hundred) hosts against the target. What makes a DDoS special is that generally all of these hosts are acting under the control of one master to target you. A good example of DDoS software is stacheldracht. (or is it stacheldraht??? I can't spell) Anyway, the Internet is full of good information on this topic... I have another question what are matians Networks??. Matians? Take me to your leader Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1084t=1079 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Security exam 351-018 [7:1070]
Terence Lee wrote: Has this exam gone live yet? I see that it was in beta from October 20, 2000 to November 10, 2000. Has anyone taken it? Thanks Several folks here took the beta written, and there was some discussion on the list about the test, but not a whole lot. Last I looked at the blueprint, the lab wasn't supposed to be completed until May 1, so it might be a while before good info is available. Personally, my goal is the CCIE - Security, so any and all discussion is a benefit, but I think we are the minority here. I also get the feeling that we'll have to be pretty familiar with all of the R/S topic matter anyway, but I might be wrong. -Ds Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1085t=1070 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Opinions on Cisco Access Pro AP-EC's [7:1045]
I saw this device mentioned on another mailing list I read as a good item for a home lab. Basically, its a 2501 on a PC card. I wonder why I haven't seen this device mentioned in this group as a good piece to have. Are there any issues with this product that make it less suitable than a 1601, 2501, etc?? Curious... -Ds Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=1045t=1045 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Can you change Telnet's well known port? [7:717]
Fred Danson wrote: Thanks for the info, Does the telnet client that is built into Windows2000 Professional allow changing of the destination port? Could I just click start -- Run and type in telnet 63.1.1.1 :24 ?? more like: telnet 63.1.1.1 24 I use this all the time to read my mail on the server. Its also handy for such things as manually sending a mail message via SMTP and manually creating HTTP requests. Message Posted at: http://www.groupstudy.com/form/read.php?f=7i=729t=717 -- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security Spcialization/Exam Series?
Henry Rollins wrote: Anyone taken these four exams yet? Any comments re difficulty/overlap from one test to another? Is having a PIX in your lab a prerequisite to effective studying? Thanks http://www.cisco.com/warp/public/10/wwtraining/certprog/special1/course.html You have ~ 5 weeks to take all of these tests if you want the specialization. It (and the others as well, I think) is being retired as of May 14. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security Spcialization/Exam Series?
Arthur Stewart wrote: This is a new (non-CCNP+) security specialization and will not expire next month. This is new information, do you have a URL that explains this new certification? I have never heard of it. You may want to check the archives, I remember some discussion of the tests/beta tests in the fall of last year. All that I recall was talk of the beta for the CCIE - Security written. Global Knowledge has detailed course descriptions that you may want to see. If I recall correctly, product documentation was recommended as a resource. Are you double sure that you aren't thinking of CCIE - Security? I checked all of the links that the OP supplied, and they say: Exam Number: 640-442 Associated Certifications: CCNP Security Specialist Exam Number: 9E0-571 Associated Certifications: CCNP Security Specialist Exam Number: 9E0-558 Associated Certifications: CCNP Security Specialist Exam Number: 9E0-570 Associated Certifications: CCNP Security Specialist I'd be curious as to what other cert you were thinking of, since I personally had been aiming towards the CCNP - Security myself, but now I have to dig in deep and go for CCIE - Security, which puts a big delay in my grand plan! The GK website has nothing I can find refering to an alternate Cisco certification, nor does the Cisco web. I'm stumped. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE Lab Candidate???? [Formerly no subject]
Greg Macaulay wrote: Perhaps I'm missing something (but I am in a bad mood this AM -- and this is my first Flame) -- or maybe you are?? But did you somehow get a waiver from John Chambers personally so you don't have to sit for and pass the CCIE written??? I didn't see anywhere where the OP implied that he was exempt from the written exam. I would imagine that study for the lab would also be good preparation for the written exam, wouldn't you? As for being a CCNP, CCDP, it would seem that by this time you would have at least some of the answers to your questions!! He only asked 3 questions, and one was a plea for sage advice. I don't think that having a CCNP/DP gives someone insight about the quality of formal lab preparation programs, nor does having such certifications imply knowlege of the benefit of a home lab. On this list it seems to be common knowlege, but this poster seems to be new to the list. Lets put on our friendly faces. Normally, these questions are asked by newbies like CCNA Candidates, or those working towards the CCNP. But by the time one reaches the NP/DP level one would expect at least some familiarization with the process. Have you ever heard of the CCIE Blueprint?? What implies that he hasn't seen the blueprint? His questions aren't answered on the blueprint. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: How long does DNS server cache an entry
Ruihai An wrote: This question is not related to Cisco, but I am sure some Cisco engineer know the anwer Wow. Now here's a strict criteria for posting messages! Hey, I bet someone here can fix cars too. How long does DNS server cache an entry it resoved earlier ? The RFC for DNS, as well as any search engine (google too complex?) would have explaind this much quicker than a post to a mailing list dedicated to study for Cisco certifications... Since I'm bothering to make this post, further wasting bandwith, I might as well save you the search. Each DNS record has a TTL, which is used to specify how long that entry may be cached. So, long story short, its up to the owner of that domain as to how long it can be saved. Now back to cars... _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs Becoming Paper CCXX
B J wrote: The CCNA is far harder than any test one will encounter with a major in Education, Anthropology, History, Business Management, etc. Do you really think the dumbest CCNA isn't more knowledgable in many areas, one being math, than your daughters first grade teacher? Why do so many people feel that comparing apples to oranges will strengthen their point? Anthropology has nothing to do with networking, and knowlege of one has nothing to do with knowlege of the other. And Its been a while, but I don't really remember any math problems on my CCNA test, unless you consider subnetting to be a real mathmatical challenge. Bottom line: Remember this: As long as HR employees are hired because they are great looking babes, they will have no clue on talent. Certs give them something tangible and simple that they can understand. Degrees do the same. Oh, I see now. You are a schmuck. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: AW: Anyone tried setting up a Linux TFTP Server for Cisco?
Udo Konstantin wrote: Please can you more specify A unix system is more secure than a Wxx system. So you need to configure your linux box for an nsecure connect. I know its off topic, but I hate such narrow minded comments... If you have ever installed any *ix system, you'd be darn well aware that the thing isw i d e open. There is almost no security there. It has to be added and maintained. Win32 systems are similar. Very trusting and friendly until they are properly taken care of. Is *ix inherently more secure? no way. I challenge anyone to make a valid, non-ideological based comparison of a base Win32 and a base Liux install. If Linux were so damned secure in its current state, I woulnd't see IDS logs filling up with folks scanning for obvious Linux vulns, now would I? Bottom dollar is, without proper administration, both Win32 and *ix suck big time. With proper care and feeding, they can both become releatively secure. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Linux Security
Elijah Savage wrote: No holy war here either. But I could not resist the reply to this comment. Of course it depends on the administrator of the box, but it depends also how you install it. I have never installed a linux box with ftp or telnet by default(openssh). Because these boxes I setup are usually dns or web servers you can install them so that they run in a chrooted environments which tends to be a tad bit more secure. This is one reason I like nix over any win platform because I can install what I want and how I want it, which usually makes a nix box more secure than any win platform. So to me how I stated above nix is more secure, but of course you have to know what you are doing. You probably will say well this is not a base install. And my reply is well if you do a custom install which you can do right out of the box without recompiling the kernel or anything fancy nix will me more secure than win32 platforms out of the box. I would like to see a custom install on win32 instead of click here to continue. These examples prove my point. You have provided examples of a properly configured system. These are not, however, the norm. You can just as secure a Win32 system, maybe not during the installation process, but does that make a difference? Most Unix systems require alot of post- installation work to be secured, so the difference is moot. And just for an FYI, I am a Sun Certified SysAdmin and Network Admin, as well as a IBM Certified AIX admin, so I feel I know a thing or two about Unix. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: New Tracks are up on the Cisco Website
Arthur Stewart wrote: Info on the new Communications Services and Security Tracks are up on the Cisco CCIE website How about a URL? (I know, I can look, but it is usually considered polite to reference the source of any news or updates) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Cisco Certs Becoming Paper CCXX - Reply to The Rock
"The.Rock" wrote: oh yeah one more thing...In case you forgot, certs don't prove anything you really are an idiot if you think they "prove " something). The only prove your ability to regurgitate info that you supposedly learned. Having the know how, and knowing how to use are two different things. Lets say your 8 years old and I give you a bunch of craftsman tools, does that mean you know how to work on a car if someone said fix it? probably not. And there's my point. You have the tools, but do you really know how to use them Your analogy is badly flawed. You start by referencing knowlege, but then drift into tools. In the internetworking world, tools would be the routers, switches, etc. And in the world of auto-mechanics, the knowlege would be your ASE certification. It would be a much stronger argument if you compared apples to apples instead of to oranges. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: TCPmag.com Salary Survey
Groupstudy wrote: What a joke. According to their chart an 18 year old kid right out of high school who lives in Detriot could spend 81 hours of studying and then land themselves a job paying $73K per year. Didn't the survey specify "3 to 9 years of experience"? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Slightly OT - Setting up syslog on Solaris for Remote logging of Cisco Routers
I've seen a million people ask about syslog for windows, but nobody has mentioned syslogd on Unix. I'm trying to find information on getting syslog on a Solaris platform to accept logging messages from Cisco routers. By default, the syslog service does not accept messages from external devices. I've found about 6 million links on how to get this working on Linux, but the Solaris version and the Linux version are different enough that those links have not been helpful. Anyone have a quick and dirty howto? http://www.cisco.com/univercd/cc/td/doc/cisintwk/intsolns/dialnms/syslog.pdf _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCxx Market: Going Off Topic!
hal9001 wrote: Robert has any one actually fathomed WHY this has suddenly happened. I'm not making any form of a political point here but it seems (just as a mark of time) to have happened at the ending of one administration and the take-up of another. Do people and the markets feel the "gravy train" has derailed what is the sentiment in the USA? Why the sudden halt? Is Japan also a factor? I think it affects us all world-wide now so is relevant in a general sense. Can we take "market economics 101" to personal email? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Internet usage?
Do any of you know of any software utilities that can track and monitor what percentage of internet bandwidth is being used by various tasks such as streaming video, http, mp3, java, etc...? Thanks. Not sure why you think this is a topical issue for this group, but I'll do the ol' benefit of the doubt thing... Try SilentRunner from Raytheon... http://www.raytheon.com/c3i/c3iproducts/c3i021/c3i021.htm _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: GROUPSTUDY REGISTRATION
Charles Nunie wrote: Hello everyone, My pal wants to join in on this studygroup but the web page is off. Any help? About as much chance as I have of dumping my shares of Transmeta for anything less than a huge loss in the next 5 years... We all have to learn patience sooner or later. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: dumb Linux terminal-router question
Priscilla Oppenheimer wrote: Next week I'm teaching basic router configuration to some high school students. One of the students has a notebook computer that runs Linux. Assuming there is a normal serial port on the notebook, will he able to easily run a terminal emulator to connect to the console port on the Cisco routers? I know he'll be able to do Telnet once we have an initial config, but before we get to that point, can he config the routers in a similar fashion to the HyperTerminal the Windoze users will be using? I think minicom, which is a popular Linux term program, should do the trick. It should already be on the system. $ which minicom /usr/bin/minicom _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: cat 6509 Frame Distribution
"Hinds, Christopher" wrote: Hi, On the config of a 6509 I have inherited I have a command I don't understand nor ca find any info on ! Can anyone explain what : #frame distribution method set port channel all distribution ip both http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_5_3/cofigide/channel.htm (took all of 3 seconds to find that at the Cisco site...) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: IPSec, IKE, VPN study resources?
Brian Lodwick wrote: Group, Can anyone out there help me out. I am trying to find resources for study. I want to get learn as much as possible about IPSec and VPN technology. I would like to see if anyone knows of some good resources to learn more about this kind of stuff -IPSec tunnel and transport modes, Security Associations, ISAKMP\OAKLEY process, The Diffie-Hellman algorithm, and ... There's a great book by William Stallings called "Network Security Essentials: Applications and Standards" Very good coverage of everything you mention... but it has been known to cause headache's if read too fast. =) (watch for wrap) http://www.amazon.com/exec/obidos/ASIN/0130160938/qid=983293248/sr=1-2/ref=sc_b_2/105-2661977-5737525 -Ds _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: CCIE salary
Brian wrote: This really isn't true. Lets look at some basic facts: There are only ~6000 or so CCIE's in the world, possibly as many as 30% are employed by cisco. There are over 6000 ISP's in the US alone. There are over 7000 AS's in the world. My point is, that if most of your CCIE's work for cisco and big big companies, then their are a ton of networks, complex networks, that don't even have CCIE's at the healm. Even a large company like UUnet may only have a handfull of CCIE's. Also take into account the large number of CCIE's who make their wages at training companies, and who aren't in the field. I know that when I was with IBM Global Network Services, we had just 2 that I knew of... _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Problems?
List traffic has decreased dramatically in the last week (only 4 messages this week). Is it just me? -ds _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: SOLARIS SNMP MIB
[EMAIL PROTECTED] wrote: Hi, All I am looking for Sun's Solaris snmp mib about CPU UTILIZATION, MEM UTILIZATION. Please let me know these MIB oids. For the life of me, I can't imagine what this has to do with preparation for a Cisco exam. You'll find much better answers either on the Sun site (http://docs.sun.com) or on a Solaris related mailinglist or newsgroup... HAND _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Useful things to do with trolls
Chuck Larrieu wrote: The ladened versus unladened must have something to do with traffic shaping. That or MTU of the packet... _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: [Cisco Certs]
Ganesh Chintalapati wrote: Dear all, I do have the same question, can any one help us in this regard The only person that can answer this question is the person that is interviewing you. Unless, that is, there is a top secret cert-degree chart out there that none of us is aware of. Seriously, some managers don't give a squat what cert you may have (these are the good ones to work for, IMO, because they are generally old timers who came up the hard way and appreciate real skill) and others live and die by your letters... -Ds _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: what's the mean of lo0,qfe0 and hme0?
Robert Padjen wrote: And for the trivia buffs - hme stands for... Happy MEal!!! It was a time when the Sun engineers were quite into fast food! Hrm... and all this time I thought it stood for Hundred Megabit Ethernet. Go figure. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Help about BGP regular expression
vtam wrote: In the book "Internet Architectures" by Hassam, it said that ^1 ?[0-9]*$ identify all the AS_paths that start with 1 and of length 2-that is, AS1 and its direct customs. But i think that ? means 0 or 1 occurrences, when it is 0, the expression can be equal ^1[0-9]*$,means any single AS number start with 1. Am I right? If so, which is the right answer of all the AS_paths that start with 1 and of length 2. Thanks. ^1 ?[0-9]*$ ^ ^ Is that space yours or the books? Broken apart, that regex matches (assuming standard egrep'ish metachars) ^ # beginning of line 1 # followed by the digit 1 (space) # followed by a space ? # 0 or 1 of the preceding characters (in this case a space) [0-9] # a single digit within the range of 0-9 * # 0 or more of the preceding characters, up to the end of # the pattern $ # end of line char So, is this equivalent to ^1[0-9]*$? I don't think so. Assuming that the pattern with a space was a typo, we are allowed an optional 1. Assuming it wasn't a typo, we are allowed the space character. Neither of these options would be matched by your more restrictive pattern. As for the specific pattern to match, you can't really say without knowing what you are matching with. Different regex engines support different metachars. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Need help with converting IP address to MAC address
Sisqo wrote: Cisco press book (BCMSN) does not really explain well the concept. I was wondering if someone can help me break the barrier. Example in the book: 224.163.163.45 = 01-00-5E-23-A3-2D I thought 163=A3, why is the 2nd octet converted to 23? There is no corelation between MAC address and IP address, save for the association you make when you assign an IP to an interface. _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Security Issues
Deepak Sharma wrote: 1st question Any security issues with ATM?...i know it kinda acts like a VPN (and those are pretty secure), but should i be running IPSEC or some other type of encryption? ATM has nothing to do with a VPN, nor does it "act like one". ATM describes a method of crafting frames of fixed size (53k ?) and nothing more. If security is of concern, you must use encryption, which is an application type of thing. 3661's latest IOS on a dedicated OC3?/...im thinking what if some1 vampire taps the line??..can they see the data??.. Yes 2nd question I need to hack into my companys router (they want me to attempt it)...any hacking scripts or holes i should be looking for?..there on a 3700 i beleive with 2500's on the wan for the branch offices...ios 10.0maybe...lol...maybe even lower... a quick web search will let you know enough to get started, this question has nothing to do with studying for a cisco certification, and is thus off topic here. 3rd question We have a checkpoint firewall...most "up to date" software revision ( thats what my boss says, but i dont believe him..lol )...any holes?...anything i can hack with??...progs and such Yes, but this question is also off topic, as it has equally nothing to do with studying for a cisco certification as the last question. In fact, its even more off topic since it has nothing to do with Cisco products at all. ps. Im not a hacker.i know you all are thinking that...hehehm, also any links or sites with this type of info would be nice Personally, that thought didn't even cross my mind. A hacker wouldn't have to be posting off topic questions trying to get info on holes in a particular OS or application, a hacker would find their own... As for links, allow me to introduce you to a thing called a search engine. My favorite is http://www.google.com _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Rumor Alert - Lab Changes - WAS: Flame bait.
Chuck Larrieu wrote: All these things together are what lead me to speculate that the Security Lab will include work on servers for the various Cisco Secure products, and on PC's for the client side of VPN. Which makes perfect sense, because security is far more than configuring access lists on routers and policies on firewalls. OK, got ya. Methinks you've been in routerworld for too long... Its been a long time since I've thought of servers and workstations as end user stuff =) _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: Rumor Alert - Lab Changes - WAS: Flame bait.
Chuck Larrieu wrote: Rumor #3 - The CCIE Security will involve configuring Cisco security products on both Unix and NT boxes and doing VPN tunnels end to end, meaning for the first time a candidate would be responsible for end user equipment in the lab. What do you mean when you say "end user equipment"? If what you say is true, it makes perfect sense to me, and seems reasonable. The CCIE Security isn't (shouldn't be?) about routers and friends, per se, but more about the Cisco Secure product line, which includes some software products. ACS is an application, not an appliance but it is an important part of the offering. Configuring a NetRanger is more about the Director software than it is about the sensor, for sure. Then we have the PIX and the VPN stuff, which I would expect to be more hands on hardware type events, but nowhere in my expectation do I see what could be considered "end user" stuff. Can you clarify what you meant? _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Quick question about pre-req for CCNP
I can't seem to find this anywhere, and haven't seen it discussed on the list. So, does anyone know if one must have a CCNA 2.0 in order to get the CCNP 2.0, or will my CCNA 1.0 qualify me? TIA **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: NetRanger
"Rossetti, Stan" wrote: Has anybody ever used NetRanger? Is it a worthwhile device? Also, can you monitor crc errors with it? Any information would be much appreciated. A bit off topic, but I have used and was pleased with the NR product. It is not, however, an IOS based device. It is really just a nice PC with dual NIC's in a rackmount case. The OS is Solaris x86, and the actual NR software is pre-installed and the box is hardened fairly well. The setup and configuration couldn't be easier, both on the sensor and the director unit. Also, on top of normal IDS stuff, the unit can monitor and log router ACL violations and, a neat feature, can be configured to shun connections for a certain period of time based on user configured criteria. **NOTE: New CCNA/CCDA List has been formed. For more information go to http://www.groupstudy.com/list/Associates.html _ UPDATED Posting Guidelines: http://www.groupstudy.com/list/guide.html FAQ, list archives, and subscription info: http://www.groupstudy.com Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]