Articles in category: Blog
When 802.1X (wired) is configured on a 3750G switch, the port LED is amber when only an IP Phone is connected (mab). When connecting on the IP Phone a downstream device like a laptop (dot1x), the port LED goes to green.
Cisco offers a method to protect against DoS (Denial-of-Service) and Dictionary attacks for IOS devices called Login-Block.
In this blog post I'm showing how to update a Schneider-APC UPS with Linux.
Mapping of IP addresses blocked by Russia
Werbeemails aufgrund LinkedIn Profils / SPAM mails due to LinkedIn Profile.
Tor project / Tor bridge.
New fiber optics cables for my network. OM4, LC/LC connectors, 4x1 Gigabit link.
The 90's reported in and delivered a phone book.
Configuration of LCAP (Link Aggregation Control Protocol) for Synology DiskStation and Cisco Switch.
Small how-to about Schneider-APC UPS battery replacement and setting replacement date in Network management card.
Switching from traditional log monitoring to Elastic-Stack is like switching from a horse-drawn carriage to the Falcon 9 rocket. Join the journey!
This is another blog post for Cisco SSM On-Prem server where I'm showing the upgrade process.
Quick notes about Cisco Identity Services Engine password lifetime and admin password reset.
For a Cisco Smart Software Manager Test Drive installation I used the older version 8-202010 and I wanted to perform an upgrade to the latest version 8-202108. And of course it is a test drive, I did not save or wrote down the password :). In this document I'm describing how to perform a password recovery for a Cisco SSM On-Prem installation.
Yesterday, the version v3.0 of Netbox was released. Modernized WebUI and Off-canvas sidebar. My first impression: Version v3.0 is awesome! Note: Version v3.0.1 was released on 2021-09-01.
In this blog post I'm showing how to integrate GitLab Server with a Samba-based Active Directory.
In an older blog post I was writing about "Useful Cisco Commands for Troubleshooting cable problems". In this blog post I'm showing an additional, useful command for Fiber Optics troubleshooting and packet capturing on Cisco switches.
Based on the latest SiSyPHuS Analysis of BSI I built a small blocklist for Pi-Hole to drop Win 10 Telemetry data collection
Cisco WLC 3504 secured WebUI is not working on Secondary Unit in a failover (SSO) setup. When switched back to the Primary Unit, the secured WebUI is working again. Troubleshooting and solution of this strange behavior.
I'm showing in this blog post some security settings for the Apache web server including disabling of Directory Browsing, Server Signature and Server Token.
In this blog post I'm showing how to integrate NextBox UI Plugin into my Netbox installation. NextBox UI Plugin is a topology visualization plugin which is based on Cisco's neXt toolkit.
City of Erbach is ending their partnership with "Odenwald gegen rechts" ("Odenwald against Right")
WiFicalypse 2021, FragAttacks. Design and Implementation flaws in WiFi.
For a given occasion I wrote Small Python script to test a domain for DMARC, DKIM and SPF records. Those records are managed in a DNS Zone and are typically used in Anti-SPAM techniques.
In my newest blog post I show how to setup Netbox with Active Directory as backend for users and groups.
This is my new concept for DNS security with Bind9, Pi-hole and OpenDNS in my network. Bind9 is used as Enterprise DNS to resolve hostnames and IP addresses in the local area network, Pi-hole and OpenDNS are used for Internet DNS traffic. DNS traffic is passed by Cisco ASA Firewall ACL.
Humble Book Bundle - The Ultimate Python Bookshelf by Packt including Data Analysis, Artificial Intelligence, Machine Learning, Django, Automation
Blocking of Google Chrome FLoC (Federated Learning of Cohorts) on my web server
Weeks of the data leaks and my approach after data leaks or breaches
Automatically install security-related upgrades on Debian Linux with unattended-upgrades
Most useful tip from Cisco Live 2021 and it's implementation
Fritzbox rack mounted on a 19" shelf and it's hardware issues: white description on a white box, no LED on ports for activity, height unit issues, Square wood and Velcro to fix ;)
This is the third part of a series of blog posts about Cisco configuration backup with Netbox and Gitlab. This blog post covers the check in of configuration files to a Gitlab server
This is the second part of a series of blog posts about Cisco configuration backup with Netbox and Gitlab. This blog post covers the low level functions to connect to network devices with pexpect.
This is the first part of a series of blog posts about Cisco configuration backup with Netbox and Gitlab. It covers the connection to the Netbox API and to get the data of network devices with the pynetbox filter function.
In case of fire: Leave the building before posting it on social media
Setup of two redundant Cisco ASA firewalls on a Fritzbox cable modem with Non-routed transfer network to keep the "PC-MAC"/"exposed host" configuration on Fritzbox during ASA failover switching
Cisco Smart Software Manager (SSM) On-Prem Test Drive installation, Virtual Machine setup and first steps in the Web UI
Humblebundle.com has a nice books bundle of Programming Fundamentals, available as PDF and as EPUB, DRM-free
Upgrading memory on my XCP-NG hypervisor servers from 32Gb RAM to 64Gb RAM
The blog post shows a Python script which can look up an Asset tag in Snipe-IT with a generated QR code
Creating QR code for wireless networks and a MeCard with Linux
Official Cert Guide Cisco Certified DevNet Associate DEV ASC 200-901 book available and arrived from the USA to Germany.
Some thoughts after the Cisco DevNet Create Live Event
Learning material for network automation with books, videos, podcasts, courses and API, libraries and tools
Installing Gitlab on Debian Linux and connecting with Atom editor
After an upgrade to the new released version 2.9.0 of NetBox the Login failed with Server Error (Missing required package/WSGI service not restarted after upgrade)
Python scripts with API calls as Custom Links for Snipe-IT and LibreNMS.
Today DEF CON 28 is starting in Safe Mode with Networking
Integration of Snipe-IT Asset Management into Netbox DCIM/IPAM as Custom Link with a PHP script and using Snipe-IT API call.
Moving my website to Pelican (Static Site Generator) with introduction to my toolchain, tricks for development, pelican-plugins used on my website and design changes and other improvements
Upgrading XCP-NG Hypervisor from version 7.6 to 8.1 remotely over VPN connection and KVM. Fixing IPTables and SNMP configuration for monitoring system.
This is the third part of a series of blog posts covering my new netbox installation. This part shows how to integrate NAPALM and Graphs on device Interfaces from the Monitoring system LibreNMS.
This is the second part of a series of blog posts covering my new netbox installation. The rack is filled up with the rest of the hardware and each network port is getting cabled. This part contains also IPAM (IP Address Management) and handling of Provider and Circuits.
This is the first part of a series of blog posts covering my new netbox installation. It covers the defining of manufacturers, device types, power panels and power feeds. An UPS, Power Strips and two Cisco switches are added including their Power cabling. As bonus, the Cisco switches are build as Virtual Chassis (Cisco Switch-stack).
Cisco CleanAir quality report for 2.4GHz WiFi in my area
Useful Cisco Commands for Troubleshooting problematic cabling (Cat.x and Fiber optics).
Simple High Availability with CARP (Common Address Redundancy Protocol)
Cisco Live 2020 Barcelona, Day #5 - SD-WAN, deployment strategies, managing and monitoring
Cisco Live 2020 Barcelona, Day #4 - Catalyst 9000 Access Switching Architecture and Resolving Network Faults Faster through Automating Entire Fault Management
Cisco Live 2020 Barcelona, Day #3 - About Garlic and Onions and Industrial automation
Cisco Live 2020 Barcelona, Day #2 - Attack Kill Chain and Packet Capturing
Cisco Live 2020 Barcelona, Day #1 - A cat and mouse Game
Simple load balancing with Apache proxy_balancer and testing with siege
Replacing faulty memory for Cisco ASA-5520, checking memory and failover
Princeton University and University of Chicago published a study of the tracking Ecosystem of Over-the-Top TV Streaming Devices
Humblebundle.com has a nice books bundle of Linux + Unix books by O'Reilly. And a tipp for the best Currywurst: Bruzzelhütte, Hamburg
NetBox, Snipe-It and LibreNMS: Three tools for Data Center Information Management (DCIM), IT Asset Management (ITAM) and Network Monitoring System (NMS).
Cisco ASA5520 stuck at Booting system, please wait... and how to check for faulty memory
The procedure how to convert a Cisco lightweight AP to a standalone AP
Humblebundle.com has a nice books bundle of IT Security books, available as PDF and as EPUB, DRM-free
Cisco Unified IP Phone 7975G with Sipgate, from configuring switches, setting up DHCP and TFTP, and do the correct SEPMAC.cnf.xml file configuration and firewall ACL.
Building a High-Availability cluster with XCP-NG
Alienware laptop hardware replacement
Connecting to Cisco console with Linux
Testing Panduit CBOT24K cabling organizer
Creating ROOT-CA-based certificates for Cisco Wireless Controller
Creating ROOT-CA-based certificates for Synology Diskstation
Blocking Facebooks networks on ASA firewall
35C3 and braindump about blocking of facebooks network range
Liste der Datenschutzbehoerden in Deutschland
How to securely put your boarding pass on the internet
Oh no, snow
Schnitzel Day (with Wiener Schnitzel) in Germany
Setting up Cisco 3504 series wireless controller redundancy
In Germany... Hacker-Conference comes to you
Setting up administrative RADIUS logins on AIR-AP2800 with Mobility Express
WiFicalypse continued, new method to speed up cracking of WPAv1 / WPAv2 Pre-sharded keys
A Trick to activate CLI Commands on Cisco Lightweight AP
Some impressions of the lunar eclipse 2018 over Germany
saveconfig, two scripts to backup configuration files from network devices
Optimierungen und Static Site Generator, Automatisierung für meine Website
A simple bash script to create ASA Firewall rules from Talos IP Blacklist
Anmerkungen zum Independence Day und Website Updates mit Volltext-Suche
Ältere Bilder meiner Modelleisenbahn (Lokomotiven und Wagen)
Added GDPR - General Data Protection Regulation / DSGVO - Datenschutzgrundverordnung
Icebound. Too much snow and ice for me.
Travel to Germany, returned with some fun stuff
WiFicalypse Update with vendor lists, press statements
WiFicalypse, KrackAttack to break WPA version 2
WiFi Spectrum Analysis with Cisco 3600 Series AP and Outdoor antenna
Websites updates, my old website thierolf.org is back online, yeah!
Mein privates Cisco Lab mit Switches, Firewall, Routers, WiFi Controller
Changing Rsyslog's default template for a MariaDB database
Solar Eclipse 2017, Impressionen der Sonnenfinsternis aus New Hampshire, USA
Cyber-Feuerwehr and Cyber-System failure
A quick overview of the 802.11 standards for Wireless networks
Theme and website updates and ticket for 34C3
Website updates and SHA2017 videos on CCC media server
CSAchecker, a Cisco Security Advisory checker
Short instructions how to convert a Cisco 2600 Series Access Point
Overview of common Cisco switch port errors and causes
Travel to Mexico: Photos of my trip from Metepec downtown
How to secure the Cisco console with AAA
Snow snow snow: After Winter Storm Orson
New Cisco switch for my network: WS-C3750G-24TS-S1U
How to move SSH port on Cisco devices to another port than TCP/22
Playing Elite:Dangerous - Welcome KEY-LOH-OSS-CAH-NO-VEM-BER.
Updated links and new Alienware laptop after my return flight to the US
How to setup Postfix as satellite System (smarthost)
Website update mit Flex Box, Motto: Vom Hirn ins Terminal seit 1998.
Spass mit der Console: Cowsay fortunes mit lolcat unter Debian Jessie
Sicherer Mail server fertig, mit Crypto und so
Neue Website online (Mal wieder richtige Website anstelle einer Mail-Info)