Since I work with ASA boxes every day this was an interesting read. This could very well save you a ton of grief one day if you work with them as well.

“As engineers, we don’t always document things as well as we should OR someone you work with is always “too busy” to document their work. This little trick will show you how to recover pre-shared keys on a Cisco Pix or ASA firewall.”

Full post here with video

I only have 10 people that come here anyhow 😛

Jeremy over on Packet life has posted his new Multicast cheat sheet. Along with his other cheat sheets, it is a good reference and worth checking out.

Also he has posted his notes on his readings so far of Routing TCP/IP Volume I if you would like to read those as well.


Nice Work!

Cisco Subnet over on Network World has an article from Vyatta stating better performance from their product than Ciso’s 2821’s and so forth. Here is my problem with their gear: It runs from a PC! Now I am a big open source kind of person, but I will never run any routers off of PC hardware. PC’s are too prone to failure. So you start to look at 1u servers with all redundant hardware. Which starts to become even more costly. I have had plenty of servers as well that lost motherboards, raid batteries and so forth. Plus if it does crap out on you, are you left reloading the whole OS again? Any guess as to one of the reason I love working with network hardware? My backup and restore consists of “copy start tftp, copy tftp start…”

The last thing I would ever want to worry about is PC/Server hardware on my node ends…

Jeremy has an excellent site I found today while reading a post on Cisco’s Subnet over on Network World. Packetlife is full of great matrerial for anyone trying to grasp the core topics for their CCIE or routing in general. Excellent PDF’s and posts on core material so far. Very education to say the least. If you want to know more check out his site. I know I always have to go back and review topics for the simple fact is at 33 years old my memory pretty much sucks now :(.


– Benjamin Franklin

“Cisco has scrapped plans to pilot its long-awaited Cisco Certified Design Expert practical exam at Networkers in June and will instead jump straight into offering the practical lab test to the public, untested, later this year, reports Cisco Subnet blogger Michael Morris. Michael had been originally invited to take part in the June beta. Michael writes: “I spoke with a CCDE team member and he indicated they are still on track to deliver the practical exam in the fall. The need for a beta test, like the one they conducted for the written exam, was unnecessary based on their analysis of the practical format and their internal progress on the test. Still, it seems awkward that the new, expert level design certification will be released to the public without a test run. Sort of like running your core routers on 12.5(99)T code.”

Read More

A quick little interesting article, but a big change none the less.

“If you’ve ever had to configure OSPF on a Cisco router, you’re well familiar with the venerable network statement, which effectively assigns interfaces into OSPF areas based on their IP addresses. Although our life became simpler when the network statements stopped being order-dependent (the order dependency allowed for a few nasty surprises in the troubleshooting part of the CCIE lab … when the CCIE title still implied you had to be able to fix other people’s mistakes :), it was still an awkward way of configuring what belongs where…”

Full article here

Just tell me that the IOS is more secure than Windows 🙂

Cisco Wednesday ‘celebrated’ its first six-monthly patch schedule for IOS by delivering five separate security alerts. The alerts affect Cisco IOS Multicast VPN (MPVN); IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Router Switch Processor 720; IOS user datagram protocol delivery; and IOS’ Data-link Switching feature.

Cisco warned that its MVPN could be exploited to allow a malicious user to create extra multicast states on the core routers or receive multicast traffic from other MPLS-based VPNs by sending specially crafted messages. Patches and workarounds are available for this vulnerability.

Certain Cisco Catalyst 6500 Series and Cisco 7600 Router devices that run branches of Cisco IOS based on version 12.2 could be open to a denial-of-service attack, preventing any traffic from entering an affected interface,according to Cisco. Devices are vulnerable if they are configured for Open Shortest Path First (OSPF) Sham-Link and MPLS VPN. Workaround and fixes are available for this problem.”

Full article here

← Previous PageNext Page →