• Slack for the Community

    A few of us recently started an open Slack team for use by the community. I encourage anyone that wants to hangout with us to join via this link or by clicking the slack button below.

  • Implementing Disqus with Jekyll

    I recently migrated this blog from WordPress to Jekyll. After doing the basic content migration and a few minor layout tweeks I wanted to get comments working. Since Jekyll simply renders HTML templates and Markdown into static files there is no commenting system. For simplicities sake I decided to embed Disqus.

  • Why Javascript?

    I’ve been doing scripting to some degree throughout my career, but rarely more than a simple script to accomplish a repetitive task. When I started at SolidFire I decided I needed to up my game, considering the entire product is built around API configuration and management.

  • Cisco C-Series CIMC Active/Active Load Balancing

    I’ve decided to start studying for the CCNP Data Center. I’m quite familiar with the B-Series with plenty of hands on experience and previous CCIE Data Center studies, but other than some UC deployments I’ve not touched the C-Series much. One of the first questions that came up for me was, how does the CIMC (Cisco Integrated Management Controller, similar to HP iLO or Dell DRAC) level active/active redundancy work?

  • #CLUS Against Humanity

    2013 was my first year attending Cisco Live. I was never a terribly social person and this was only the second IT conference I had attended. I was on Twitter but I rarely posted anything and had only a handful of followers, but I made a point of going to the social media lounge and introducing myself. The conference wasn’t in full swing yet so there were only a few folks in the lounge and they happily welcomed me to the group. To make a long story short, the friends I made hang out in the lounge really made the trip for me.

  • DHCP Snooping, IP Source Guard, and DHCP Option 82

    One of the most secure methods of protecting layer two is IP source guard with MAC verification. IP source guard works in conjunction with port security and DHCP snooping to block all ingress traffic not sourced from the IP and MAC recorded in the DHCP snooping database. (This article only discusses IP source guard with MAC verification, port security and option 82 is not necessary if you are not using MAC verification.)

  • CAM Table Overflow Attack

    Most IT pros have heard of CAM table overflow attacks or MAC address flooding attacks and understand at least the basic concept; send a ton of frames with different source MAC addresses to a switch, thereby causing the CAM table to fill and the switch begins to act more like a hub. While the basic idea is correct it’s not quite that simple. An important factor is how the switch manages the entries in the CAM table, Cisco switches maintain an entry until the aging timer for the entry expires. Even if the CAM table fills due to an attack the existing valid entries will continue to be honored and traffic for those addresses will not be flooded out all ports.

  • Building a Passive Network Tap

    Have you ever wanted to view the traffic on a link without forcing it to half-duplex with a hub or spending an exorbitant amount of money on a aggregating tap? A cheap DIY passive tap may be your answer.

subscribe via RSS