Fiber Factoids, Part 1 – A primer on common fiber optic cable types

If you’ve been in the IT industry for any amount of time you are likely to have ran across fiber optic patch cables in use in various different installations. Typically, you will most often see fiber optic cables used for an uplink to an internet service provider, in between network devices between buildings in a campus network, or in a datacenter where large amounts of bandwidth and high speeds are required.

Continue reading Fiber Factoids, Part 1 – A primer on common fiber optic cable types

What is a null route and why do I need one?

Definition

There are several names for a null route, such as a “bit bucket”, a “black hole”, or just a null0 route. They all refer to the same basic mechanism that points traffic to a virtual interface on a router. That in turn is used for managing unwanted traffic to prevent loops or entering routes into the RIB (routing information base) of a router.

Continue reading What is a null route and why do I need one?

FIREPOWER DNS Sinkhole

Many admins inadvertently design a sinkhole by null routing unused ranges within their core in order to limit unnecessary traffic. Some may even advertise these ranges from a Linux server running zebra or quagga for advanced alerting while monitoring for the propagation of worms or enumeration scans. In this post, we will discuss a similar idea for DNS using Firepower.

Continue reading FIREPOWER DNS Sinkhole

Basic DHCP Setup

Introduction

When it comes to efficiently assigning IP addresses to multiple clients, DHCP is the de facto standard in most networks. In this post, we’ll explore DHCP configuration on Red Hat Enterprise Linux 7 and give an example of how to install it, as well as a few configuration options for dhcpd. With a basic understanding of DHCP, you can get your network up and running almost immediately.

Continue reading Basic DHCP Setup

Unboxing and initial setup of a Meraki MX Security Appliance

Meraki is a pretty well known company, and has been a part of Cisco since 2012. There are a multitude of cloud based managed Wi-Fi solutions, but Meraki is one of the most prolific and has a variety of cloud managed products to suit most any size company’s needs. Several of their devices have similar setup steps, but today we will cover the initial out of the box setup of a Meraki MX64 security appliance that will have your MX appliance online and configured in your dashboard in no time.

Continue reading

AIDE – File Integrity Monitoring

The idea of using file integrity monitoring to validate your operating system and applications has been around since the late ’90s, with programs like Tripwire. Today, we have a steady stream of companies offering their own version for FIM. However, one consistent and reliable open source solution for Linux is AIDE or the Advanced Intrusion Detection Environment.

Continue reading AIDE – File Integrity Monitoring

Configuring snmpv3 in Linux

We have all used snmp for many years to help monitor our systems and networks but most admins have been reluctant to migrate to v3 due to the perceived increase in complexity. This post will show you how to quickly and easily enable snmpv3 on your linux system to take advantage of the additional security features to support authentication and privacy.

Install software packages

# yum install net-snmp net-snmp-utils
Continue reading Configuring snmpv3 in Linux

Linux Lab – Access Control Lists

Overview

As you know, Linux has a standard set of file access settings based on the concept of read, write, and execute permissions that determine who may access the file or directory in question. The most common way to set and change these permissions is to use commands like chmod, chown or chgrp. While these are powerful commands and have their place, there are occasions where it may be advantageous to fine tune the access to a file or directory. This is where file access control lists or FACLS come in.

Continue reading Linux Lab – Access Control Lists