traps
Techniques for the job interview day
Non-verbal Messages: Non-verbal language speaks larger than words. As you walk in the interview room, here are a few things that you must keep in mind: Start it off like a winner. · The handshake: Offer your hand, and give a firm handshake, a pleasant smile and a positive and confident attitude. Introduce yourself. · [...]
How to Monitor Network Services with TCP Wrappers in Linux
Most Linux distributions ship with tcp_wrappers “wrapping” all your TCP services. A tcp_wrapper (known as /usr/sbin/tcpd) is invoked from/sbin/inetd instead of the real service, such as telnet or ftp. tcpd then checks the host that is requesting the service and either executes the real server or denies access from that host. tcpd allows you to restrict access to your tcp services. You should make [...]
How to Configure Redundant or Backup ISP Links with ASA/PIX 7.x
This document provides an example of how to use the static route tracking feature on the PIX 500 Series Security Appliance or the ASA 5500 Series Adaptive Security Appliance in order to enable the device to use redundant or backup Internet connections. In this example, static route tracking allows the security appliance to use an [...]
How to configure PIX/ASA Security Appliance 7.x with syslog
syslog is a standard for forwarding log messages in an IP network. The term “syslog” is often used for both the actual syslog protocol, as well as the application or library sending syslog messages .
Syslog is a client/server protocol: the syslog sender sends a small (less than 1KB) textual message to the syslog receiver. The receiver is commonly called “syslogd”, “syslog daemon” or “syslog server”. Syslog messages can be sent via UDP and/or TCP. The data is sent in cleartext; although not part of the syslog protocol itself, an SSL wrapper can be used to provide for a layer of encryption through SSL/TLS.
PIX/ASA URL Filtering Configuration Example
When filtering is enabled and a request for content is directed through the security appliance, the request is sent to the content server and to the filtering server at the same time. If the filtering server allows the connection, the security appliance forwards the response from the content server to the client that originated the request. If the filtering server denies the connection, the security appliance drops the response and sends a message or return code that indicates that the connection is not successful.
Cisco PIX Logging: Debugging to Emergency
Logging is rated on 8 different levels. “0″ or Emergency is for catastrophic errors like shutdown or loss of connectivity to the inside. Level “7″ is debugging information, REALLY in-depth information on even the smallest detail. Debugging should only be used for short periods of time to isolate an issue because it generates so much information. Whatever logging level you use, it will automatically log the lower levels as well. For example, a good place to start is logging level 4 or the warning level. A good thing to remember is when you set logging 4, you get levels 3, 2, 1 and 0, as well.
Popular Unix and Linux forums
Below are a collection of popular Linux/Unix forums which I found to enjoy a strong community backing. Linux Questions.org – One of the foremost Linux forums which has a very strong community following. I may add that it is one of the most active Linux/Unix forums I have come across in recent times. Ubuntu Forums [...]
How to Configure PIX−to−PIX−to−PIX IPSec (Hub and Spoke)
Introduction This configuration allows a central Cisco Secure PIX Firewall to communicate with networks behind two other PIX Firewall boxes through VPN tunnels over the Internet or any public network using IPsec. The two outlying networks have no need to communicate with each other, but there is connectivity to the central network. The two outlying [...]
How to Configuring Cisco PIX to Use a Syslog Server
Most Cisco devices use the syslog protocol to manage system logs and alerts. But unlike their PC and server counterparts, Cisco devices lack large internal storage space for storing these logs. To overcome this limitation, Cisco devices offer the following two options: * Internal buffer— The device’s operating system allocates a small part of memory [...]