thierolf.org - Vom Hirn ins Terminal seit 1998.

Articles by author: Stefan

Add Virtual Machine to NetBox with an Ansible playbook

In this blog post I'm showing how to get a Virtual Machine, defined in an Ansible inventory file, into the NetBox DCIM (Data Center Information Management) tool.


NetFlow with Elastic-Stack

This blog post shows how to setup a NetFlow collector with Elastic-Stack, Fleet and Elastic-Agent. NetFlow data is sent by a Cisco ASA Firewall cluster.


Technischer Schutz und Prozesse bei Datenlecks

In diesem Blog-Post beschreibe ich meine technischen Schutzmaßnahmen (Email) und Prozesse, wenn ich von einem Datenleck betroffen bin.


odenwald.social

Just a quick announcement: Die Mastodon-Instanz odenwald.social ist freigeschaltet. Viel Spass ;)


Cisco Wireless Intrusion Detection Events to Elastic-Stack

In this blog post I'm showing how to get Wireless Intrusion Detection Events from Cisco's WIDS included in Cisco's Wireless Controllers into an Elastic-Stack.


802.1X Switch port is amber when only IP Phone is connected

When 802.1X (wired) is configured on a 3750G switch, the port LED is amber when only an IP Phone is connected (mab). When connecting on the IP Phone a downstream device like a laptop (dot1x), the port LED goes to green.


Login-Block (DoS and Dict-Attack Protection) in Cisco IOS

Cisco offers a method to protect against DoS (Denial-of-Service) and Dictionary attacks for IOS devices called Login-Block.


Update Schneider-APCUPS firmware with Linux

In this blog post I'm showing how to update a Schneider-APC UPS with Linux.


Mapping of IP addresses blocked by Russia

Mapping of IP addresses blocked by Russia


Werbeemails aufgrund LinkedIn Profils

Werbeemails aufgrund LinkedIn Profils / SPAM mails due to LinkedIn Profile.


Tor project / Tor bridge

Tor project / Tor bridge.


New fiber optics cables for my network

New fiber optics cables for my network. OM4, LC/LC connectors, 4x1 Gigabit link.


The 90’s reported in and delivered a phone book

The 90's reported in and delivered a phone book.


Synology DiskStation to Cisco Core Switch redundant setup with LACP

Configuration of LCAP (Link Aggregation Control Protocol) for Synology DiskStation and Cisco Switch.


Schneider-APCUPS battery replacement

Small how-to about Schneider-APC UPS battery replacement and setting replacement date in Network management card.


Elastic-Stack for network engineers (Initial setup)

Switching from traditional log monitoring to Elastic-Stack is like switching from a horse-drawn carriage to the Falcon 9 rocket. Join the journey!


Cisco SSM On-Prem Upgrade procedure

This is another blog post for Cisco SSM On-Prem server where I'm showing the upgrade process.


Cisco ISE admin password lifecycle and reset

Quick notes about Cisco Identity Services Engine password lifetime and admin password reset.


Cisco SSM On-Prem password recovery procedure

For a Cisco Smart Software Manager Test Drive installation I used the older version 8-202010 and I wanted to perform an upgrade to the latest version 8-202108. And of course it is a test drive, I did not save or wrote down the password :). In this document I'm describing how to perform a password recovery for a Cisco SSM On-Prem installation.


Upgrading Netbox to Version 3.0

Yesterday, the version v3.0 of Netbox was released. Modernized WebUI and Off-canvas sidebar. My first impression: Version v3.0 is awesome! Note: Version v3.0.1 was released on 2021-09-01.


Gitlab AD-LDAP Integration

In this blog post I'm showing how to integrate GitLab Server with a Samba-based Active Directory.


Troubleshooting SFP transceivers and Packet captures

In an older blog post I was writing about "Useful Cisco Commands for Troubleshooting cable problems". In this blog post I'm showing an additional, useful command for Fiber Optics troubleshooting and packet capturing on Cisco switches.


SiSyPHuS Win 10 Telemetry blocklist for Pi-Hole

Based on the latest SiSyPHuS Analysis of BSI I built a small blocklist for Pi-Hole to drop Win 10 Telemetry data collection


Cisco WLC - No secured WebUI after failover switching

Cisco WLC 3504 secured WebUI is not working on Secondary Unit in a failover (SSO) setup. When switched back to the Primary Unit, the secured WebUI is working again. Troubleshooting and solution of this strange behavior.


Some security settings for Apache Web Server

I'm showing in this blog post some security settings for the Apache web server including disabling of Directory Browsing, Server Signature and Server Token.


Integration of Nextbox UI Topology Viewer in Netbox

In this blog post I'm showing how to integrate NextBox UI Plugin into my Netbox installation. NextBox UI Plugin is a topology visualization plugin which is based on Cisco's neXt toolkit.


City of Erbach is ending their partnership with Odenwald gegen rechts

City of Erbach is ending their partnership with "Odenwald gegen rechts" ("Odenwald against Right")


WiFicalypse 2021

WiFicalypse 2021, FragAttacks. Design and Implementation flaws in WiFi.


Small Python script to quick test DMARCDKIM and SPF records

For a given occasion I wrote Small Python script to test a domain for DMARC, DKIM and SPF records. Those records are managed in a DNS Zone and are typically used in Anti-SPAM techniques.


Netbox Active Directory/LDAP Integration

In my newest blog post I show how to setup Netbox with Active Directory as backend for users and groups.


Concept for DNS security with Bind9, Pi-hole and OpenDNS

This is my new concept for DNS security with Bind9, Pi-hole and OpenDNS in my network. Bind9 is used as Enterprise DNS to resolve hostnames and IP addresses in the local area network, Pi-hole and OpenDNS are used for Internet DNS traffic. DNS traffic is passed by Cisco ASA Firewall ACL.


Album: Pi-hole installation on Debian Linux

Screenshots of Pi-hole installation on Debian Linux


Humble Book Bundle - The Ultimate Python Bookshelf by Packt

Humble Book Bundle - The Ultimate Python Bookshelf by Packt including Data Analysis, Artificial Intelligence, Machine Learning, Django, Automation


Blocking of Google Chrome FLoC

Blocking of Google Chrome FLoC (Federated Learning of Cohorts) on my web server


Weeks of the data leaks

Weeks of the data leaks and my approach after data leaks or breaches


Debian Unattended upgrades

Automatically install security-related upgrades on Debian Linux with unattended-upgrades


Most useful tip from Cisco Live 2021

Most useful tip from Cisco Live 2021 and it's implementation


Fritzbox rack mounted

Fritzbox rack mounted on a 19" shelf and it's hardware issues: white description on a white box, no LED on ports for activity, height unit issues, Square wood and Velcro to fix ;)


Check in of configuration files to a Gitlab server

This is the third part of a series of blog posts about Cisco configuration backup with Netbox and Gitlab. This blog post covers the check in of configuration files to a Gitlab server


Low Level Device functions for backup with Netbox and Gitlab

This is the second part of a series of blog posts about Cisco configuration backup with Netbox and Gitlab. This blog post covers the low level functions to connect to network devices with pexpect.


Cisco configuration backup with Netbox and Gitlab

This is the first part of a series of blog posts about Cisco configuration backup with Netbox and Gitlab. It covers the connection to the Netbox API and to get the data of network devices with the pynetbox filter function.


In case of fire

In case of fire: Leave the building before posting it on social media


Fritzbox on redundant ASA Firewall

Setup of two redundant Cisco ASA firewalls on a Fritzbox cable modem with Non-routed transfer network to keep the "PC-MAC"/"exposed host" configuration on Fritzbox during ASA failover switching


Cisco Smart Software Manager Test Drive

Cisco Smart Software Manager (SSM) On-Prem Test Drive installation, Virtual Machine setup and first steps in the Web UI


Humble Book Bundle Programming Fundamentals

Humblebundle.com has a nice books bundle of Programming Fundamentals, available as PDF and as EPUB, DRM-free


Upgrading memory on my XCP-NG hypervisors

Upgrading memory on my XCP-NG hypervisor servers from 32Gb RAM to 64Gb RAM


Looking up asset tags in Snipe-IT with QR code

The blog post shows a Python script which can look up an Asset tag in Snipe-IT with a generated QR code


Creating QR code for wireless networks

Creating QR code for wireless networks and a MeCard with Linux


Official Cert Guide Cisco Certified DevNet Associate

Official Cert Guide Cisco Certified DevNet Associate DEV ASC 200-901 book available and arrived from the USA to Germany.


Cisco DevNet Create 2020

Some thoughts after the Cisco DevNet Create Live Event


Learning material for network automation

Learning material for network automation with books, videos, podcasts, courses and API, libraries and tools


Installing Gitlab on Debian Linux

Installing Gitlab on Debian Linux and connecting with Atom editor


Netbox Login failed after upgrade to version 2.9.0

After an upgrade to the new released version 2.9.0 of NetBox the Login failed with Server Error (Missing required package/WSGI service not restarted after upgrade)


Netbox Custom Links for Snipe-IT and LibreNMS

Python scripts with API calls as Custom Links for Snipe-IT and LibreNMS.


DEFCON 28 - Safe Mode with Networking

Today DEF CON 28 is starting in Safe Mode with Networking


Custom links in Netbox for Snipe-IT Asset Management

Integration of Snipe-IT Asset Management into Netbox DCIM/IPAM as Custom Link with a PHP script and using Snipe-IT API call.


Moving my website to Pelican (Static Site Generator)

Moving my website to Pelican (Static Site Generator) with introduction to my toolchain, tricks for development, pelican-plugins used on my website and design changes and other improvements


Album: XCP-NG Upgrade to 8.1

Screenshots of XCP-NG Upgrade to 8.1


Upgrading XCP-NG Hypervisor from version 7.6 to version 8.1

Upgrading XCP-NG Hypervisor from version 7.6 to 8.1 remotely over VPN connection and KVM. Fixing IPTables and SNMP configuration for monitoring system.


Netbox: New installation (2.8.5) and NAPALM plus LibreNMS API integration

This is the third part of a series of blog posts covering my new netbox installation. This part shows how to integrate NAPALM and Graphs on device Interfaces from the Monitoring system LibreNMS.


Netbox: New installation (2.8.5) and cabling and assigning IP addresses

This is the second part of a series of blog posts covering my new netbox installation. The rack is filled up with the rest of the hardware and each network port is getting cabled. This part contains also IPAM (IP Address Management) and handling of Provider and Circuits.


Album: Netbox 2.8.5 installation

Screenshots of Netbox 2.8.5 installation


Netbox: New installation (2.8.5) and filling up an empty rack

This is the first part of a series of blog posts covering my new netbox installation. It covers the defining of manufacturers, device types, power panels and power feeds. An UPS, Power Strips and two Cisco switches are added including their Power cabling. As bonus, the Cisco switches are build as Virtual Chassis (Cisco Switch-stack).


Why 2.4 GHz WiFi is bad

Cisco CleanAir quality report for 2.4GHz WiFi in my area


Useful Cisco Commands for Troubleshooting cable problems

Useful Cisco Commands for Troubleshooting problematic cabling (Cat.x and Fiber optics).


Simple High Availability with CARP

Simple High Availability with CARP (Common Address Redundancy Protocol)


Cisco Live 2020 Barcelona, Day 5

Cisco Live 2020 Barcelona, Day #5 - SD-WAN, deployment strategies, managing and monitoring


Cisco Live 2020 Barcelona, Day 4

Cisco Live 2020 Barcelona, Day #4 - Catalyst 9000 Access Switching Architecture and Resolving Network Faults Faster through Automating Entire Fault Management


Cisco Live 2020 Barcelona, Day 3

Cisco Live 2020 Barcelona, Day #3 - About Garlic and Onions and Industrial automation


Cisco Live 2020 Barcelona, Day 2

Cisco Live 2020 Barcelona, Day #2 - Attack Kill Chain and Packet Capturing


Cisco Live 2020 Barcelona, Day 1

Cisco Live 2020 Barcelona, Day #1 - A cat and mouse Game


Simple load balancing with Apache proxy_balancer

Simple load balancing with Apache proxy_balancer and testing with siege


Replacing faulty memory for Cisco ASA-5520

Replacing faulty memory for Cisco ASA-5520, checking memory and failover


Watching You Watch

Princeton University and University of Chicago published a study of the tracking Ecosystem of Over-the-Top TV Streaming Devices


Humble Book Bundle Linux Unix and Bruzzelhuette Hamburg

Humblebundle.com has a nice books bundle of Linux + Unix books by O'Reilly. And a tipp for the best Currywurst: Bruzzelhütte, Hamburg


NetBox, Snipe-It and LibreNMS

NetBox, Snipe-It and LibreNMS: Three tools for Data Center Information Management (DCIM), IT Asset Management (ITAM) and Network Monitoring System (NMS).


Cisco ASA5520 stuck at Booting system, please wait…

Cisco ASA5520 stuck at Booting system, please wait... and how to check for faulty memory


Security and Security Research

Bookmarks and links to Security and security research related web sites


Various Blogs and Webites

Bookmarks and links to various other blogs and websites


Various Podcasts

Bookmarks and links to various Podcasts and Video channels


Convert Cisco lightweight AP to standalone AP

The procedure how to convert a Cisco lightweight AP to a standalone AP


Humble Book Bundle IT Security

Humblebundle.com has a nice books bundle of IT Security books, available as PDF and as EPUB, DRM-free


Cisco Unified IP Phone 7975G with Sipgate

Cisco Unified IP Phone 7975G with Sipgate, from configuring switches, setting up DHCP and TFTP, and do the correct SEPMAC.cnf.xml file configuration and firewall ACL.


Building a High-Availability cluster with XCP-NG

Building a High-Availability cluster with XCP-NG


Free and open source software

Bookmarks and links to Free and open source software web sites


Alienware laptop hardware replacement

Alienware laptop hardware replacement


Album: Alienware A51 Laptop

Pictures of my Alienware A51 Laptops


Connecting to Cisco console with Linux

Connecting to Cisco console with Linux


Various RSS-Feeds

Bookmarks and links to various RSS feeds


Testing Panduit CBOT24K cabling organizer

Testing Panduit CBOT24K cabling organizer


Creating ROOT-CA-based certificates for Cisco Wireless Controller

Creating ROOT-CA-based certificates for Cisco Wireless Controller


Creating ROOT-CA-based certificates for Synology Diskstation

Creating ROOT-CA-based certificates for Synology Diskstation


Blocking Facebooks networks on ASA firewall

Blocking Facebooks networks on ASA firewall


35C3 and braindump about blocking of facebooks network ranges

35C3 and braindump about blocking of facebooks network range


Datenschutzbehoerden in Deutschland

Liste der Datenschutzbehoerden in Deutschland


How to securely put your boarding pass on the internet

How to securely put your boarding pass on the internet


Oh no, snow

Oh no, snow


Schnitzel Day (with Wiener Schnitzel)

Schnitzel Day (with Wiener Schnitzel) in Germany


Setting up Cisco 3504 series wireless controller redundancy

Setting up Cisco 3504 series wireless controller redundancy


Album: Travel to Hamburg Germany in 2018

Bilder meiner Reise nach Hamburg Germany im August 2018


In Germany… Hacker-Conference comes to you

In Germany... Hacker-Conference comes to you


Setting up administrative RADIUS logins on AIR-AP2800 with Mobility Express

Setting up administrative RADIUS logins on AIR-AP2800 with Mobility Express


WiFicalypse continued

WiFicalypse continued, new method to speed up cracking of WPAv1 / WPAv2 Pre-sharded keys


Activate CLI Commands on Lightweight AP

A Trick to activate CLI Commands on Cisco Lightweight AP


Lunar Eclipse 2018

Some impressions of the lunar eclipse 2018 over Germany


Saveconfig Backup scripts

saveconfig, two scripts to backup configuration files from network devices


Optimierungen und Static Site Generator

Optimierungen und Static Site Generator, Automatisierung für meine Website


Album: The Cisco hardware I have at home

The Cisco hardware I have at home


Create ASA Firewall rule from Talos IP Blacklist

A simple bash script to create ASA Firewall rules from Talos IP Blacklist


Independence Day und Website Updates

Anmerkungen zum Independence Day und Website Updates mit Volltext-Suche


Bilder Modelleisenbahn

Ältere Bilder meiner Modelleisenbahn (Lokomotiven und Wagen)


Album: Travel to Toluca Mexico in 2018

Bilder meiner Reise nach Metepec, Mexico im April und Mai 2018, Metepec Downtown, Los Foquitos


Added GDPR (DSGVO)

Added GDPR - General Data Protection Regulation / DSGVO - Datenschutzgrundverordnung


Icebound

Icebound. Too much snow and ice for me.


Travel to Germany

Travel to Germany, returned with some fun stuff


WiFicalypse Update

WiFicalypse Update with vendor lists, press statements


WiFicalypse

WiFicalypse, KrackAttack to break WPA version 2


WiFi Spectrum Analysis

WiFi Spectrum Analysis with Cisco 3600 Series AP and Outdoor antenna


Websites updates

Websites updates, my old website thierolf.org is back online, yeah!


Mein privates Cisco Lab

Mein privates Cisco Lab mit Switches, Firewall, Routers, WiFi Controller


Rsyslog with MariaDB template

Changing Rsyslog's default template for a MariaDB database


Album: Solar Eclipse 2017

Bilder der Solar Eclipse 2017 aus New Hampshire, USA


Solar Eclipse 2017 in New Hampshire

Solar Eclipse 2017, Impressionen der Sonnenfinsternis aus New Hampshire, USA


Cyber-Feuerwehr

Cyber-Feuerwehr and Cyber-System failure


Quick overview of the 802.11 standards

A quick overview of the 802.11 standards for Wireless networks


Theme and website updates

Theme and website updates and ticket for 34C3


Website updates and SHA2017

Website updates and SHA2017 videos on CCC media server


CSAchecker

CSAchecker, a Cisco Security Advisory checker


Convert Cisco 2600 Series Access Point

Short instructions how to convert a Cisco 2600 Series Access Point


Common Cisco switch port errors

Overview of common Cisco switch port errors and causes


Album: Travel to Toluca Mexico in 2017

Bilder meiner Reise nach Metepec, Mexico im April 2017, Metepec Downtown und der Hill of the Magueyes


Travel to Mexico

Travel to Mexico: Photos of my trip from Metepec downtown


Album: Verschiedene Bilder aus den USA

Verschiedene Bilder aus den USA


Secure Cisco console with AAA

How to secure the Cisco console with AAA


Snow snow snow

Snow snow snow: After Winter Storm Orson


New Cisco switch for my network

New Cisco switch for my network: WS-C3750G-24TS-S1U


Move SSH port on Cisco devices

How to move SSH port on Cisco devices to another port than TCP/22


Welcome KEY-LOH-OSS-CAH-NO-VEM-BER

Playing Elite:Dangerous - Welcome KEY-LOH-OSS-CAH-NO-VEM-BER.


Updated links and new Alienware laptop

Updated links and new Alienware laptop after my return flight to the US


Setup Postfix satellite System

How to setup Postfix as satellite System (smarthost)


Album: Alienware Laptop

Bilder meines Alienware 17 Laptops


Website update mit Flex Box

Website update mit Flex Box, Motto: Vom Hirn ins Terminal seit 1998.


Cowsay fortunes mit lolcat

Spass mit der Console: Cowsay fortunes mit lolcat unter Debian Jessie


Sicherer Mail server fertig

Sicherer Mail server fertig, mit Crypto und so


Neue Website online

Neue Website online (Mal wieder richtige Website anstelle einer Mail-Info)


Album: Roman watchtower, Odenwald Germany, 2016

The Cisco hardware I have at home


Album: Travel to Wuxi China and Pattaya Thailand in 2015

Bilder meiner Reise nach Wuxi China und Pattaya Thailand im September 2015


Album: Travel to Queretaro Mexico in 2014

Bilder meiner Reise nach Queretaro Mexico im November 2014


Album: Travel to Old Sarum, England in 2012

Travel to Old Sarum, England in 2012


Album: Travel to Stonehenge, England in 2012

Travel to Stonehenge, England in 2012


Album: Travel to Woodhenge, England in 2012

Travel to Woodhenge, England in 2012


Album: Travel to Berlin, Pergamon Museum in 2012

Travel to Berlin, Pergamon Museum in 2012


Album: Travel to new Dehli, India in 2012

Bilder meiner Reise nach New Dehli, India in 2012


Album: Travel to Sao Paulo Brazil in 2011

Bilder meiner Reise nach Sao Paulo, Brasilien im November 2011, Sao Paulo Downtown


Album: Travel to Dover England in 2010

Bilder meiner Reise nach England im August 2010, Dover harbour


Album: Roman castle, Richborough England, 2010

Roman castle, Richborough England, 2010