Spanning Tree : Root Bridge Election Process

STPs root bridge election is something that I have to look up every time I need to look up every time that I need to work with it. So here are some quick tips for working with root Bridge election. This will show examples from Cisco switches but the concepts …

more ...

Final parts – IPsec part 4

  • In part 1 I laid out the general configuration that I will be disusing through this series of posts.
  • In Part 2 I discussed ISAKMP polices.
  • Part 3 I discussed Transform-sets
  • Part 3 I will wrap it up and go over the last parts.

Pre-shared key

As we are using …

more ...

Transform-set – IPsec part 3

  • In part 1 I laid out the general configuration that I will be disusing through this series of posts. Part 1
  • In Part 2 I discussed ISAKMP polices.
  • Part 3 will be a shorter one about Transform-sets

Transform-set

Transform-sets are the ciphers that will be used in the actual Data …

more ...

ISAKMP Policy – IPSEC Part 2

  • In part 1 I laid out the general configuration that I will be disusing through this series of posts.
  • In Part 2 I will be discussing ISAKMP polices.

ISAKMP Policy

crypto isakmp policy 10
     hash md5
     authentication pre-share

Internet Security Association and key management Protocol (that’s a mouth full …

more ...

TarSnap – Online backups for the truly paranoid

I recently set up a backup solution for my Linux servers and I ended up going with Tarsnap for the cloud storage. I did this for a couple of reasons. The backup tool was built in the Unix fashion and does only the bare minimum of backup tasks, but it …

more ...

IPsec part 1

I have started learning about IPsec and related technologies.

But this is a very large subject that I will go going quite in-depth with so I will be doing this as a multi-part post over a couple of weeks.

Setup

To get started I followed a pretty good Cisco guide …

more ...

Cisco’s Built in TDR cable tests

Many Cisco Switches (3750, 2960x) support some basic cable tests that can be run from the CLI.

To start the tests you run

Switch# test cable-diagnostics tdr interface g0/1
TDR test started on interface Gi0/1
A TDR test can take a few seconds to run on an interface …
more ...

Automatic updates with Debian

Though I am taking some risk by automatically updating my servers. I prefer that they always update so that security patches are applied very quickly. Here is how I configured my Debian servers (jessie) to update on a daily bases.

I created a shell script in /root/update.sh

apt-get …
more ...

Dovecot autocreate plugin to mailbox { auto }

With dovecot 2.2 Autocreate was deprecated. and the very helpful message started popping up in my logs

Warning: autocreate plugin is deprecated, use mailbox { auto } setting instead

Dovecot’s wiki does have a page on this http://wiki2.dovecot.org/MailboxSettings but its not very helpful.

So here is …

more ...

Read .pem cert file

I needed to take a look at a .pem cert file to take a look at the expiration dates.

What do you know openssl makes it somewhat easy to do this.

openssl x509 -in invoke.coffee.pem -text

There you go all the signing info. expiration, signing algorithms etc.

more ...