Montag, August 23, 2010

Cisco PIX Packet Capture

Hi there my blog has moved to Wordpress so if you are looking for this post please take look here.

How to direct Ballistic Missiles to my Web Site

Hi there my blog has moved to Wordpress so if you are looking for this post please take look here.

MacDive 2.0.2 has been released.

MacDive 2.0.2 has been released lately. A wonderful Tool for keeping an electronic record of you Dives.

MacDive Website

Samstag, August 21, 2010

Moderne Dekompression - Deep Stops

Hi there my blog has moved to Wordpress so if you are looking for this post please take look here.

Meine Oma

Meine Oma ist am 12.08.2010 entschlafen.

Möge Gott ihrer Seele gnädig sein.

Ewige Ruhe schenke ihr, o Herr!
Und das ewige Licht leuchte ihr!
Lasse sie ruhen in Frieden.
Amen.

Regina Schlagenwerth (geb. Krüll)

* 05.11.1921
+12.08.2010

Requiescat in pace

Cisco ASA and lot of email recipients

Those days we faced the problem that we recived a mail with approx 150 recipients.
Somewhere in the communication it seams that a mail address is broken by the asa.

On the Outside of the ASA you see following in the trace:

        Inside E-Mail Server (Blue) mail.example.com
        Outside E-Mail Server (Red) mail.asdf.com
        220-mail.example.com ESMTP Server [Wed, 18 Aug 2010 10:30:58 +0200]
        220-Ready to recycle your bits, but we don't want 
        220 your unsolicited or bulk e-mail (ie: spam) 
        EHLO mail.asdf.com 
        250-mail.example.com Hello mail.asdf.com [192.168.0.1] 
        250-SIZE 4194304
        250-PIPELINING 
        250-AUTH PLAIN LOGIN CRAM-MD5 NTLM 
        250-STARTTLS 
        250 HELP 
        MAIL FROM:<asdf@asdf.com> SIZE=42157 
        RCPT TO:<user1@example.com> 
        <output omited> 
        RCPT TO:<user20@example.com> 
        RCPT TO:<user21@ 
        250 OK 
        example.com> 
        RCPT TO:<user22@example.com> 
        RCPT TO:<user23@example.com> 
        RCPT TO:<user24@example.com>
        <output omited> 
        250 Accepted 
        <output omited> 
        250 Accepted 
        
            501 <user21@XXXXXXXXXXXXXX: '>' missing at end of address
          
        250 Accepted 
        250 Accepted
        250 Accepted

On the Inside of the ASA you see following in the trace:

        Inside E-Mail Server (Blue) mail.example.com
        Outside E-Mail Server (Red) mail.asdf.com
        220-mail.example.com ESMTP Server [Wed, 18 Aug 2010 10:30:58 +0200]
        220-Ready to recycle your bits, but we don't want
        220 your unsolicited or bulk e-mail (ie: spam)
        EHLO mail.asdf.com
        250-mail.example.com Hello mail.asdf.com [192.168.0.1]
        250-SIZE 4194304
        250-PIPELINING
        250-AUTH PLAIN LOGIN CRAM-MD5 NTLM
        250-STARTTLS
        250 HELP
        MAIL FROM:<asdf@asdf.com> SIZE=42157
        RCPT TO:<user1@example.com>
        <output omited> 
        RCPT TO:<user20@example.com>
        RCPT TO:<user21@ 250 OK
        XXXXXXXXXXXXXX
        RCPT TO:<user22@example.com>
        RCPT TO:<user23@example.com>
        RCPT TO:<user24@example.com>
        <output omited> 
        250 Accepted
        <output omited> 
        250 Accepted
        
            501 <user21@XXXXXXXXXXXXXX: '>' missing at end of address
          
        250 Accepted
        250 Accepted
        250 Accepted

This is a little bit strange so i will ask the Guys from Cisco if this is a known feature or a bug.

For the Momemt we have disabled the esmtp fixup, on monday we will do future analysis.

If you feel this helps a bit or may be not ? Please leave a comment.

Powered by Zoundry Raven

The Truth is out there

IOS Tastatur Hints

IOS Tastatur Hints

Ctrl+B or Left Move the cursor one character to the left
Ctrl+F or Right Move the cursor one character to the right
Esc, B Move the cursor one word to the left
Esc, F Move the cursor one word to the right
Ctrl+A Move cursor to the beginning of the line
Ctrl+E Move cursor to the end of the line
Ctrl+P or Up Retrieve last command from history
Ctrl+N or Down Retrieve next command from history
Ctrl+T Swap the current character with the one before it
Ctrl+W Erase one word
Ctrl+U Erase the entire line
Ctrl+L Reprint the line
Ctrl+C Exit configuration mode
Ctrl+Z Apply the current command and exit configuration mode

Midnight Snack

[caption id="" align="alignnone" width="401" caption="http://www.filemagazine.com/thecollection/archives/2009/06/midnight_snack.html"]What happens when Darth is sleeping:http://www.filemagazine.com/thecollection/archives/2009/06/midnight_snack.html[/caption]

Enterasys C2 Switch Traffic Shaping

Configuring Traffic Shaping on the Enterasys C2 Switch.

Enterasys C2 SNMPv2

To enable SNMPv2 access on the Enterasys C2 Switches you have to issue following commands:


         set snmp access gReadOnlyV1V2C security-model v1 exact read vUnsecured
         set snmp access gReadOnlyV1V2C security-model v2c exact read vUnsecured
         set snmp community mycomunity securityname sn_v1v2c_ro
         set snmp group gReadOnlyV1V2C user sn_v1v2c_ro security-model v1
         set snmp group gReadWriteV1V2C user sn_v1v2c_rw security-model v1
         set snmp group gReadOnlyV1V2C user sn_v1v2c_ro security-model v2c
         set snmp group gReadWriteV1V2C user sn_v1v2c_rw security-model v2c
         set snmp view viewname vUnsecured subtree 1
         set snmp view viewname vUnsecured subtree 0.0

If you feel this helps a bit or may be not ? Please leave a comment.

Enterasys C2 and SSH

To enable the SSH Service on a Enterasys SecureStack C2 and similar you have to issue "set ssh enabled" on the cli.

         C2(su)->set ssh enabled
         SSH hostkey generation initiated. Process should complete in 60 seconds.
         C2(su)->


If you feel this helps a bit or may be not ? Please leave a comment.

Montag, August 16, 2010

Cisco ASA and Tacacs+

How to use Tacacs+ on Cisco ASA

          aaa-server TACACS+ protocol tacacs+
          aaa-server TACACS+ (intern) host X.X.X.X
                     key YYYYXXXYYY
          no aaa authentication http console LOCAL
          no aaa authentication ssh console LOCAL
          aaa authentication http console TACACS+ LOCAL
          aaa authentication ssh console TACACS+ LOCAL
          aaa authentication enable console TACACS+ LOCAL
          aaa authorization command TACACS+ LOCAL

If you have allready configured ssh you might see something like

          asa1(config)# aaa authentication ssh console TACACS+ LOCAL
          Range already exists.

If you feel this helps a bit or may be not ? Please leave a comment.

Cisco ASA and SMTP

We recently bought so new Firewalls to replace to aged Cisco PIX515e with some new Gear. We decided to use Ciscos new Firewall flagship the Cisco ASA Devices. Everything was fine after the replacement, we transfered the configuration from the old boxes to the new with the help of the Cisco Security Manager.

Later that day there was complains about e-mails are not delivered properly.

On the Cisco PIX with Software 6.2 we had implemented following:

   
        no fixup smtp



For the ASA5510 we had to implement following

        policy-map type inspect esmtp esmtp_pmap
            parameters
              allow-tls action log
        policy-map global_policy
            class inspection_default
                no inspect esmtp
                inspect esmtp esmtp_pmap
            exit
        exit

If you feel this helps a bit or may be not ? Please leave a comment.

Freitag, August 13, 2010

Access-based Enumeration (ABE) and Cisco WAAS

Access-based Enumeration (ABE) is a smart feature to let users see only the folders they have access to.
But if you have Cisco WAAS deployed in your network please be aware you have to add a Dynamic share to the waas configuration so the waas knows about this.

Cisco Wide Area Application Services Configuration Guide (Software Version 4.1.7)

Step 1
For creating a dynamic share you have to add a Domain to the Cental Manager eg "Dynamic Shares"

Step 2
Create a entry under the dynamic shares in the global configuration.

On the WAE CLI

 
ToBe Done


If you feel this helps a bit or may be not ? Please leave a comment.

Cisco MDS 9222i with ACS

If you want to configure tacacs+ on the Cisoc MDS9222i Series you have to enable first the feature.

        feature tacacs+

After this the commands to configure the Tacacs+ are available.

        !
        feature tacacs+
        !
        tacacs+ distribute
        tacacs-server timeout 10
        tacacs-server host 10.0.243.247 key 0 secertkey
        tacacs-server host 10.0.243.248 key 0 secretkey
        tacacs+ commit
        !
        aaa group server tacacs+ AAA-Servers
            server 10.0.243.247
            server 10.0.243.248
            deadtime 5
        !
        aaa authentication login default group AAA-Servers
        aaa authentication login console local
        aaa authentication login error-enable
        !
        ip route 10.0.243.247 255.255.255.255 10.0.160.1 interface mgmt0
        ip route 10.0.243.248 255.255.255.255 10.0.160.1 interface mgmt0
        !
        interface mgmt0
            ip address 10.0.160.99 255.255.255.0
            switchport description Management
            switchport speed 100

If you feel this helps a bit or may be not ? Please leave a comment.

Cisco WAAS and Tacacs+

How To use Tacacs+ with Cisco WAAS for Authentication.

Configuration with the Central Manager

Tacacs+ is configured in the Device Context at Configure > Security > AAA > TACACS+
Go to Configure > Security > AAA > Authentication Methods
Go to Configure > Security > AAA > Command Authorization
On the Accelerator CLI
   tacacs key ****
   tacacs host 10.0.243.247 primary
   tacacs host 10.0.243.248
   tacacs key ****
   authentication login local enable secondary
   authentication login tacacs enable primary
   authentication configuration local enable secondary
   authentication configuration tacacs enable primary
   authentication fail-over server-unreachable
   aaa authorization commands 15 default tacacs+


On the ACS you have to add following Attribute to the Profil
For the cetral manager to work also you have to create a group "admin" and assign the role admin Under Admin > AAA > User Groups
If you feel this helps a bit or may be not ? Please leave a comment.

Donnerstag, August 12, 2010

CMAS ** Tauchgang 1

Heute war dann der Tauchgang 1 für CMAS ** dran. Das heist geben von drei Unterwasserzeichen, abstandhalten vom Boden und keinen Staub aufwirbeln und dann einen Aufstieg von ca. 20 Metern mit Stop auf 9 Metern und dann bis 6 Meter und Ende.

Wir sind gemütlich im Blausteinsee unterwegs gewesen einfach raus bei ca 100° - 110° haben die Übungen gemacht und sind dann noch was bei 3-6 Metern rum geschwommen sehr schön zum Tarien üben.

Danke Klaus für das zeigen einer schönen Tarier Technik.

Tauchgang Nummer 43
Tauchplatz Blausteinsee, Eschweiler
Tiefe 20 Meter
Dauer 30 Minuten
Temperatur 7-21°
Sicht 1-10 Meter

Mein taucherischer Werdegang.
The worst day diving is better than the best day working:-)

Dienstag, August 10, 2010

Blausteinsee

Der Blausteinsee ist ein Badesee der bei der rekultivierung des Braunkohletagebaus "Zukunft" entstanden ist, nähers findet ihr in der Wikipedia.

Zum Tauchen ist der See mit einer Tiefe um die 40 Metern gut geeignet, die Sichtweiten schwanken zwischen 1 und 7 in den oberen Regionen und bis zu 20 Meter im tieferen Bereich. Die Sicht ist stark abhängig von der Anzahl der Taucher und der Algenschicht im Breich bis 6 Meter.

Die Wassertemperatur ist mässig bis kalt (4-6°) in den tieferen Regionen des Sees, werden im Sommer nicht überschritten. Im Flachwasser kann die Temperatur bis 21° betragen.

Daher ist ein guter Kälterschutz und Kaltwassertaugliche Ausrüstung empfehlenswert, die Lampe sollte auch nicht zu Hause bleiben.

Im Wasser gibt es eine Menge von Attraktionen, z.B. zwei LKW Kabinen, diverse Platformen.

Die Tauchbasis von Tauchaixperte

Die Tauchbasis am Blausteinsee.

DSC 0064

Nach dem Tauchgang.

DSC 0061

DSC 0046

Der Einstieg.

DSC 0033

DSC 0034

Nebenan der Segelklub.

DSC 0040

DSC 0041

Der Weg zum Einstieg.

DSC 0050

Die Seebühne neben an, soll woll sowas wie einen Bagger darstellen.

DSC 0051

Und noch mehr von der Bühne.

DSC 0055
Größere Karte anzeigen
Karte und weitere Beschreibung folgen.

Mein taucherischer Werdegang.