Once upon a time reading some CCIE paper at work I asked myself a question : “Why would someone bother to invent ttl-security and even write RFC http://tools.ietf.org/html/rfc5082 on it when multi-hop EBGP feature provides the same end result ?” .
The results of my busy/doing-nothing activity I present here.First some background. For some (unknown to [...]
Feb
26
2010
26
2010
Difference between ebgp-multihop and ttl-security.
Feb
1
2010
1
2010
Capture packets at IOS Cisco router or finally we have a sniffer
Finally it is here – built-in sniffer on the Cisco IOS platform ! Starting IOS 12.4(20) release Cisco introduces brand new feature
called Embedded Packet Capture (EPC) that allows us to capture raw packets on the Cisco router and then later analyze it offline.
It can capture any traffic passing through the router, destined to it, [...]
Jan
23
2010
23
2010
IP Options are evil – drop them , drop them on Cisco Asa/IOS Microsoft ISA Juniper or Checkpoint
As you probably noticed IP header has variable length placeholder for the IP Options field. It has been there since the beginning , once a good idea for debug now turned into trouble. RFC 791 states that hosts/routers supporting IP protocol must implement Ip Options filed . It is up to the vendor to decide [...]
Jan
21
2010
21
2010
Cisco log: Missing cef table for tableid 65535 during CEF samecable event
Today I’ve noticed some strange error on my Cisco 1841 router :
%FIB-4-FIBCBLK: Missing cef table for tableid 65535 during CEF samecable event
After searching the net, i’ve found some Cisco bug that describes this.
“FIB-4-FIBCBLK errors with dns view
Symptoms
Message “%FIB-4-FIBCBLK: Missing cef table for tableid 65535 during CEF samecable event” displayed on the console logs.
Conditions
The message [...]
Oct
20
2009
20
2009
copy http flash – download from HTTP server to the Cisco router
The feature to download anything (mostly used to download IOS images) from remote HTTP server to the cisco router has
been with us for years, yet there are few caveats to be aware of before using it.
The command itself is pretty simple:
Router# copy http[:full URI specification] flash[: local path to save the file]
The facts you should [...]
May
28
2009
28
2009
Tracking the source of DOS attack with Cisco IOS
Problem: Enterprise is under Denial Of Service Attack that brings down key elements of the business or the whole network at all.
To track the attacker is the first step in handling the attack and unless the flood is coming from inside (most probably not in a well managed LAN) you will need help of [...]
Oct
10
2008
10
2008
Guarding against brute force attack on VTY in Cisco IOS
Cisco starting IOS 12.3 introduced a simple but powerful feature to guard against brute force password guessing attack on remote access. The usual template followed when configuring VTY access is:
1) Configure ACL containing management IPs to be allowed to access the router through VTY
2) (Optional) Restrict VTY access protocol to ssh only (transport input ssh)
3) [...]