I needed to update some documentation today and needed some updated Visio stencils for updated Cisco products.
Looks like the updates can be found here:
http://www.cisco.com/en/US/products/hw/prod_cat_visios.html
Tuesday 29 November 2011
Monday 28 November 2011
Cisco Global Internet Speed Test (GIST) for your mobile device
The Cisco Global Internet Speed Test (GIST) app is a free and simply app that you can use to test your network network (3G, wifi). It will provide you with the speed in kbps and catergorises the typical connection type it can handle. You can then use it to compare previous results or results compared to other locations. Good thing is that its available for your iPhone, Blackberry or Android device.
Note: you'll need to turn on location services for the app.
More details can be found there: http://ciscovni.com/gist/index.html
Although the simple test is quite handy, seems like the charts and graphics don't always appear correctly and takes some time.
Note: you'll need to turn on location services for the app.
More details can be found there: http://ciscovni.com/gist/index.html
Although the simple test is quite handy, seems like the charts and graphics don't always appear correctly and takes some time.
Thursday 24 November 2011
Using Screen as a terminal emulator
I've been using ZTerm and various terminal emulation software on the Mac for a while.
Most have been a bit clunky, so I've reverted back to screen.
Came across an issue with it not connecting properly using my Keyspan USB to Serial adapter.
When I run the command:
screen /dev/tty.USA19Hfa14P1.1
I get the following error:
Cannot open line 'dev/tty.USA19Hfa14P1.1' for R/W. Resource busy.
Sorry, could not find a PTY.
After some digging around turns out that when I last used screen, I didn't exit out of it properly.
Out of doing a: ps -f
ps -f
UID PID PPID C STIME TTY TIME CMD
501 666 1 0 0:00.00 tty.KeySerial1 0:00.00 SCREEN /dev/tty.USA19Hfa14P1.1
501 670 669 0 0:00.01 ttys000 0:00.02 -bash
I killed the process:
kill 666
Tried to use screen again and it worked this time around.
This is a reminder, more to myself, that you should always exit screen using the CONTROL-A followed by the CONTROL-\.
Most have been a bit clunky, so I've reverted back to screen.
Came across an issue with it not connecting properly using my Keyspan USB to Serial adapter.
When I run the command:
screen /dev/tty.USA19Hfa14P1.1
I get the following error:
Cannot open line 'dev/tty.USA19Hfa14P1.1' for R/W. Resource busy.
Sorry, could not find a PTY.
After some digging around turns out that when I last used screen, I didn't exit out of it properly.
Out of doing a: ps -f
ps -f
UID PID PPID C STIME TTY TIME CMD
501 666 1 0 0:00.00 tty.KeySerial1 0:00.00 SCREEN /dev/tty.USA19Hfa14P1.1
501 670 669 0 0:00.01 ttys000 0:00.02 -bash
I killed the process:
kill 666
Tried to use screen again and it worked this time around.
This is a reminder, more to myself, that you should always exit screen using the CONTROL-A followed by the CONTROL-\.
Monday 21 November 2011
Error: ssh_exchange_identification.
Was helping a colleague with an issue today, he was reconfiguring the ip address and dhcp scope of an old Cisco PIX515E. When we tried to ssh to the PIX we got the following error:
ssh_exchange_identification: Connection closed by remote host
At first we suspected an issue with ~/.ssh/known_hosts file. (on Solaris). Removing the entry for the PIX in the known_hosts file and even removing the file itself did not fix the issue.
Or if you are using some Linux distribution under, /etc/hosts.allow and /etc/hosts.deny.
We checked these and this didn't resolve the issue.
Recalled having a similar issue around a year ago and it was to do with the RSA key on the PIX itself.
If you do the following on the PIX:
show ca mypubkey rsa
This will display the rsa key. We found that there was only one key that was a, General Purpose Key.
There should be one listed as an Encryption Key.
To correct this we did the following:
ca zeroize rsa
ca generate rsa key 1024
ca save all
We then used the second command to generate a new RSA key with size of 1024 and then saved the configuration.
Attempted to ssh to the PIX and bingo!
ssh_exchange_identification: Connection closed by remote host
At first we suspected an issue with ~/.ssh/known_hosts file. (on Solaris). Removing the entry for the PIX in the known_hosts file and even removing the file itself did not fix the issue.
Or if you are using some Linux distribution under, /etc/hosts.allow and /etc/hosts.deny.
We checked these and this didn't resolve the issue.
Recalled having a similar issue around a year ago and it was to do with the RSA key on the PIX itself.
If you do the following on the PIX:
show ca mypubkey rsa
This will display the rsa key. We found that there was only one key that was a, General Purpose Key.
There should be one listed as an Encryption Key.
To correct this we did the following:
ca zeroize rsa
ca generate rsa key 1024
ca save all
The "ca zeorize rsa" deletes all RSA keys generated on the PIX.
We then used the second command to generate a new RSA key with size of 1024 and then saved the configuration.
Attempted to ssh to the PIX and bingo!
Sunday 20 November 2011
Tip: Grep for non-matching lines
I've been working on a lot of .config files lately and I've found the following grep command very handy.
grep -v -E '^\#|^$' test.conf
Basicaly returning all lines that don't begin with # (comments) and blank lines. It's a quick way to see whats configured in the conf file.
The -v is the invert match, to show non-matching lines.
The -E is for extended regular expression.
The ^\# regex of line beginning with #
The | regex for OR
The ^$ representing empty lines
And of course the file you which to perform the search on.
grep -v -E '^\#|^$' test.conf
Basicaly returning all lines that don't begin with # (comments) and blank lines. It's a quick way to see whats configured in the conf file.
The -v is the invert match, to show non-matching lines.
The -E is for extended regular expression.
The ^\# regex of line beginning with #
The | regex for OR
The ^$ representing empty lines
And of course the file you which to perform the search on.
Thursday 17 November 2011
WifiKill - Kick users off the wireless network
Was playing around with my Android phone and came across this app called WiFiKill.
It's a simple app that allows you to "kick" users off wireless network that you are in. You'll need to root your android device before you can install the app, as it needs root access.
Details and download can be found on their project page, same guy(s) that do faceniff:
http://forum.ponury.net/
I tried this at home and it worked like a charm. Clean user interface and easy to use. Simply select the client you want to drop and that's it. I tested this on an enterprise wireless network and it failed to work.
My suspicion is that the app uses ARP spoofing and hence why it doesn't work on enterprise networks that have DHCP and ARP protection. Will need to do some packet captures to confirm this.
It's a simple app that allows you to "kick" users off wireless network that you are in. You'll need to root your android device before you can install the app, as it needs root access.
Details and download can be found on their project page, same guy(s) that do faceniff:
http://forum.ponury.net/
I tried this at home and it worked like a charm. Clean user interface and easy to use. Simply select the client you want to drop and that's it. I tested this on an enterprise wireless network and it failed to work.
My suspicion is that the app uses ARP spoofing and hence why it doesn't work on enterprise networks that have DHCP and ARP protection. Will need to do some packet captures to confirm this.
DHCP info from your Mac OSX
A handy way of finding DHCP information on your Mac OSX is to use the ipconfig command. In your terminal simply type the following;
ipconfig getpacket en0
"en0" can be substituted with any interface name. i.e. en1 for wireless/airport NIC.
The output displayed provides the DHCP/BOOTP packet that is received from the DHCP server. A sample output is below:
$ ipconfig getpacket en0
op = BOOTREPLY
htype = 1
flags = 0
hlen = 6
hops = 0
xid = 824055788
secs = 0
ciaddr = 0.0.0.0
yiaddr = 192.168.1.10
siaddr = 0.0.0.0
giaddr = 0.0.0.0
chaddr = c4:2c:1:1:68:cd
sname =
file =
options:
Options count is 12
dhcp_message_type (uint8): ACK 0x5
renewal_t1_time_value (uint32): 0xa8c0
rebinding_t2_time_value (uint32): 0x12750
lease_time (uint32): 0x15180
server_identifier (ip): 192.168.1.5
subnet_mask (ip): 255.255.255.192
router (ip_mult): {192.168.1.1}
domain_name_server (ip_mult): {4.2.2.2}
domain_name (string): test.com
nb_over_tcpip_name_server (ip_mult): {4.2.2.2}
nb_over_tcpip_node_type (uint8): 0x8
end (none):
This can be handy if you want to quickly identify your DHCP server or find DHCP information.
The output shows the option name followed by the value.
From the output we can tell that the my iMac ip address is: 192.168.1.10.
yiaddr = 192.168.1.10
Your hardware/MAC address is: c4:2c:1:1:68:cd
chaddr = c4:2c:1:1:68:cd
The DHCP server is: 192.168.1.5
server_identifier (ip): 192.168.1.5
Another way is to use the ipconfig command to obtain the server address is to use the getoption parameter.
ipconfig getoption en0 server_identifier
This will simply display the DHCP server address.
If you don't get any output, just simply means you haven't received a successful response from the DHCP server. i.e. you're using a static address or you aren't getting an ip address from the server.
As always, if you want to dig deeper, use go to the man page for ipconfig.
Subscribe to:
Posts (Atom)