« Classroom File Share | Main | Who nedes a slepl chkecer aynawy? »

The Living Blog!

This Blog contains a repository of info on links to technologies, standards, training, useful tools, shortcuts, timesavers and other things of interest to the Technical Community.  This is a living Blog.  Updated Frequently so check back or subscribe.

10/20/2009 - XMODEM Sucks!  So here is how to recover using ROMMON and a TFTP Server

These are the minimum fields to get this going through TFTP rather than XModem.

rommon 1 > IP_ADDRESS=192.168.1.101

rommon 2 > IP_SUBNET_MASK=255.255.255.0

rommon 3 > DEFAULT_GATEWAY=192.168.1.1

rommon 4 > TFTP_SERVER=192.168.1.50

rommon 5 > TFTP_FILE=c2600-adventerprisek9-mz.124-5a.bin

rommon 6 > tftpdnld (this command kicks off the tftp download)

10/2/2009 My most recent last recent entry:

Host B / R3 ACL from CCNA Course

R3
access-list 100 permit tcp any eq 80 host 10.P0.36.100
access-list 100 permit tcp any eq 443 host 10.P0.36.100
access-list 100 permit udp host 4.2.2.2 eq 53 host 10.P0.36.100
access-list 100 deny ip any host 10.P0.36.100
access-list 100 permit ip any 10.P0.36.0 0.0.0.255
access-list 100 deny in any any log (for logging failed attempts to B)


int for assignment

int f0/1.36
ip access-group 100 out

 

3/9/2008 - Edge ACL

Following all rules: What should the first several lines in a CE Edge router really look like?

Assuming my PubNet range is a block of 32 66.238.29.0 - 31. See below

! no fragments
access-list 100 deny tcp any 66.238.29.0 0.0.0.31 log fragments
access-list 100 deny udp any 66.238.29.0 0.0.0.31 log fragments
access-list 100 deny icmp any 66.238.29.0 0.0.0.31 log fragments
! no snmp inbound from the Internet
access-list 100 deny udp any any eq snmp
access-list 100 deny udp any any eq snmptrap
! RFC 2827 Ingress, RFC 3804 Martian Filtering and RFC 1918 private Address Filtering 
access-list 100 deny ip 127.0.0.0 0.255.255.255 any log
access-list 100 deny ip 255.0.0.0 0.255.255.255 any log
access-list 100 deny ip 224.0.0.0 31.255.255.255 any log
access-list 100 deny ip host 0.0.0.0 any log
access-list 100 deny ip 10.0.0.0 0.255.255.255 any log
access-list 100 deny ip 172.16.0.0 0.15.255.255 any log
access-list 100 deny ip 192.0.2.0 0.0.0.255 any log
access-list 100 deny ip 192.168.0.0 0.0.255.255 any log
access-list 100 deny ip 14.0.0.0 0.255.255.255 any log
access-list 100 deny ip 169.254.0.0 0.0.255.255 any log
access-list 100 deny ip 198.18.0.0 0.0.255.255 any log
access-list 100 deny ip 66.238.29.0 0.0.0.31 any log
! no routing protocols inbound (unless needed) 
access-list 100 deny tcp any any eq bgp log
access-list 100 deny tcp any eq bgp any log
access-list 100 deny ipinip any any
access-list 100 deny gre any any
access-list 100 deny pim any any
access-list 100 deny 90 any any
access-list 100 deny ospf any any log
access-list 100 deny eigrp any any log
access-list 100 deny udp any eq rip any log
access-list 100 deny udp any any eq rip log
access-list 100 permit now begins your permits...if any

Notes:
192.0.2.0 0.0.0.255 any log (range known to be used exploit default pw on WLA devices) 1
4.0.0.0 0.255.255.255 any log (Known as Net-14, a Public use network, possibly used by attackers) 1
69.254.0.0 0.0.255.255 any log (RFC2026 Link Local)
198.18.0.0 0.0.255.255 any log (block for benchmark tests of network interconnect devices, RFC2544)
Storm - Out

 

 

3/4/2008 My last entry. The Configs for the Instructor Routers for 220 class.  Thanks to you all for a great week!!

Get the Configs Here: ccnp330-config.txt 

12/05/2007 Living List of Links:  (jc thx)

--> new 1.  Most Every hacking tool known to the human race, free and with full instructions: http://www.elhacker.net/hacking.htm
2. Undocumented IOS and Catalyst Commands: http://www.elemental.net/~lf/undoc/
3. 1. Top 100 Security Tools (http://sectools.org/)
2. Switch Inspector (sweet, inexpensive switchport mapper - http://www.switchinspector.com/)
3. MRTG (traffic statistics, free - http://oss.oetiker.ch/mrtg/), PRTG (traffic statistics, cheap - http://www.paessler.com/prtg)
4. Level 7 Password Decryption (http://cfz.ir/ot/?what=ciscocracker) Cain does it too
5. Cain and Abel Security Audit util (http://www.oxid.it/cain.html)
6. Kiwi Syslog (free, good syslog server - http://www.kiwisyslog.com/products.php#syslog)
7. Kiwi CatTools (configuration management / change tracking - http://www.kiwisyslog.com/products.php#cattools)
8. TFTP Server (overcomes 32MB limit - http://tftpd32.jounin.net/tftpd32_download.html)
9. IOS Configuration Editor, fairly cheap (http://www.winagents.com/en/products/cisco-config-editor/)
10. IP Chicken - external IP from anywhere...no pop-up ads (www.ipchicken.com)
-> new 11. Best Speed tester on the net!  www.speedtest.net

12. Tera Term - my favorite FREE Windows telnet/SSH client (http://hp.vector.co.jp/authors/VA002416/teraterm.html)  Still like SecureCRT better :-P
13. Boson's Free Utils - bunch of handy/goof around utils (http://www.boson.com/FreeUtilities.html)

Router Switch Aliases I Use to save time:

!Status and Management Aliases
!
alias exec sr sh run
alias exec gc config t
alias exec sri sh run | include
alias exec srb sh run | begin
alias exec sre sh run | exclude
alias exec srint sh run int
alias exec si sh int
alias exec sip sh ip proto
alias exec sib sh ip int brief
alias exec cl clear line
alias exec ds disconnect
alias exec ss show sessions
alias exec su show users
!
! Routing and Routing Protocol Related
! General
alias exec sir sh ip route
alias exec cir clear ip route *
alias router net network
alias configure ipr ip route
!
! EIGRP
alias configure re router eigrp
alias exec sen sh ip eigrp neighbors
alias exec set sh ip eigrp topology
alias exec cen clear ip eigrp neigh
alias exec sire show ip route eigrp
!
! OSPF
alias configure ro router ospf
alias exec son sh ip ospf neighbor
alias exec sod sh ip ospf database
alias exec soi sh ip ospf interface
alias exec siro sh ip route ospf
alias exec cop clear ip ospf process
!
! BGP
alias configure rb router bgp
alias exec sb sh ip bgp
alias exec sbs sh ip bgp summary
alias exec sbn sh ip bgp neighbor
alias exec sbp sh ip bgp path
alias exec cbgp clear ip bgp *
!
!  Misc Aliases
alias interface ipa ip address
alias configure rr router rip
alias exec sal show access-list
alias exec tr traceroute
alias exec cft copy flash tftp
alias exec ctf copy tftp flash
!

More to come.

Storm - out

Enclosure

Posted on Thursday, September 27, 2007 at 02:53PM by Registered CommenterMike Storm | CommentsPost a Comment

PrintView Printer Friendly Version

EmailEmail Article to Friend

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.
Editor Permission Required
You must have editing permission for this entry in order to post comments.