Parser Views – Cisco Security

A post on techexams.net recently made me look into parser views in more detail.

I read the section in the CCNA: Security Official Certification Guide about them a while back (the entire one page of it), and never really gave it much thought, but I was prompted by the post on the forum to look into them in more detail.

Parser views are a useful way to control exactly what commands a user can use on the device, and are more granular than custom privilege levels.
Continue reading

MTU / Fragmentation / ACL Tests….Part 1

There was a throwaway line in a book I was reading (the CCNA: Security Official Certification Guide), that said that a disadvantage of ACL’s is:

Does not filter fragmented packets with the same accuracy as non fragmented packets.

I have no idea why this is true, and after a post on techexams.net, I decided to just set up a lab and have a go, and figure out the specifics of fragmentation as I go!

Continue reading

Brother PE Design 6 on Windows 7

Windows 7 64-bit (x64) Installation Instructions

NOTE: I wrote this tutorial some time ago, and the information in it may not be accurate. I wrote it after a friend asked me how to get Brother PE Design 6 working on her laptop. These are the exact steps which I took, and they worked for me. If they don’t work for you, unfortunately I can’t provide support or assistance to help. I actually took this tutorial down as I only received negative feedback saying it didn’t work, but due to a lot of demand for it, I’ve put it back up. Please comment if it works for you – so other people know that it worked, but note that I haven’t got the time or knowledge to be able to help if it doesn’t work – I’ve only listed what worked for me.

Continue reading

AAA Server with freeradius, Ubuntu, Virtualbox and GNS3

I’ve spent a fair few hours now trying to get a AAA Radius server working with GNS3, so I thought I’d share my experiences.

Just so you know, I’m using Windows 7.

First off, I installed VirtualBox. You can get this here: Oracle VM VirtualBox

Next, I downloaded Ubuntu Desktop. You can get this here: Download Ubuntu

I created a new VM, with 512MB RAM, a NAT type network adapter (to allow internet connectivity for updates / installs) and all default settings. The Operating System type was set to Linux / Ubuntu. I then installed Linux.

Continue reading

CCNA Security – Here We Go!

I’ve had a weekend to wipe the grin off my face having passed my CCNP Route.

I got asked in work today about Cisco Intrusion Detection Systems – “You’re a CCNP now, you must know about that”.

I looked at them blankly and said “That’s security sh*t!”, then ran away and decided I’d best knuckle down.

So here goes. I’m going to do my CCNA: Security, most likely followed by CCNP: Security.

CCIE will have to wait!

CCNP, I think so!

Well that’s that! Passed my TSHOOT this morning so I’m now a CCNP!

Happy as larry – whoever larry is.

It’s been a lot of hard work, long evenings and expensive electricity bills, but I’m there.

Continue reading

ROMMON tftpdnld is my friend

After watching my router go around and around in circles, continually failing to boot, I decided enough was enough. Time to break out ROMMON tftpdnld.

I’ve used ROMMON before to download a TFTP image, but it’s never something I remember off the top of my head. In the interests of this being my own personal wiki, and so it’s here for anyone else it benefits (though it’s a pretty well documented topic on Google!), here goes.

Firstly, tftpdnld will only work on the first LAN interface. (On some platforms that can be changed I believe, but I’ve never seen it). So make sure the cable is in the lowest number interface.

Continue reading

The Importance of Cisco Feature Navigator

The other day I was implementing BGP when I was presented, much to my horror, with a message stating that BGP was not available in this image.

Strange, because I had two identical routers, both the same model, and it worked fine on the other one! When I looked, one had and advancedIP image, and one had a baseIP image.

No problem, I thought. Set one up as a TFTP server, TFTP the image across and change the IOS. What could go wrong?

Continue reading