A running jot of notes for networking and other stuff. Security, Networking, Virtualization, Storage, Wireless, SD-WAN, Carrier Services like Hosted Voice, Voice over IP (VoIP), Contact Center Consulting, Internet services, Managed Services, Managed Security Services and Infrastructure fun in general... I am a Volkswagen Vanagon junkie. I also like snowboarding, coaching, mountain biking, camping, four wheeling, travelling and cooking.
Sunday, May 30, 2010
Microsoft OCS and Cisco interoperability blog post
Interoperability support between Cisco and Microsoft products in unified communications
Sunday, May 23, 2010
Great video on Copier (in)Security
----- Wow...pretty scary computer security risk in copy machines. Personal data abound. Be sure to clear your copier out before returning it. Watch this 5 minute video for a CBS News report with the details.
http://www.wimp.com/copymachines/
Doug Renner
Peak IP Solutions, LLC
Thursday, May 20, 2010
Cisco NAC Installation notes on VMware
We started out by settting up vmware host as Linux Other 32 bit. Installed Cisco NAC OS CD iso 2.7.2. The first server is the NAM or NAC Access Manager adn the second is the NAS or the NAC Access Server. The NAC acess server needed two nics. Both needed 1 GB of RAM. We also set up the NICS as E100 NICS. This seemed to help.
After booting up, the NIC's were all messed up. Had to shut down the eth1 interface, shut the eth0 interface bring backup eth0 and it replied.
could not add host nas server. error. Issue is with trust on self signed certs. Must import the cert for each server to each server.
go to;
https://NAS IP ADDRESS/Admin
why? because they remove all untrusted ssl certs. have to manually add the cert to each device. have to export nad import each way.
Manager. go to cca manager. ssl certs. trunsted cert authorities. IMPORT the cert from where you exported it to a file. now do the reverse.
go back to CAM Manager and now add the server. Should sync. had to down and up eth0 again for kicks...???? Hmmm. VMware???
manage device from the server tab.l
Enable L2 Strict mode [check]
Advanced Tab -- Mapping
now add all the vlans we will be monitioring. Since we are only monitoring one, the NIC on that vlan is already in teh list. if there were more we wouldhave to add them.
Added DHCP Scope and auto generated subnets
Back to Manager...
OOB Management Profiles -- Group -- NEW (adding switches) ADD
Devices -- New
snmp-server community public RO 15
snmp-server community public RO 15
snmp-server community publicRW RW 15
snmp-server enable traps snmp linkup
snmp-server enable traps snmp linkdown
snmp-server enable traps mac-notification change move threshold
snmp-server host 10.228.xxx.xx version 2c public
Devices - search- input ip range of switches to discover based on SNMP.
found em
SET up a port profile...
OOB Manaagement -- Profiles -- Ports
NEW Profile -- VLAN Settings -Auth Ports is what i called it.
VLAN id for the authvlan
Access Vlan is for a "Fail Open" situation
check all 3 bottom options - move to auth port.
set up ports and devices. set ports for auth
go to Administraton --- User Pages -- Edit the default page.
We imported an image and set some options.
From here we began to work with the SNMP strings and test some functionality. It seems that the server is quite grumpy on eth1 on the NAS server. the nic is not responding or giving out DHCP addresses as we configured it to do. We made a phone call for parachute help with our problem. The situation was relayed to us that the NAS Server secondary NIC should be on its own physical NIC. We didnt have another nic in our vsphere environment so we called it a night and will take it up later.
All good fun working with Doug from Cisco on the Cisco Clean Access NAC appliance. We at Peak IP Solutions really appreciate your help!
Cheers!
Doug
www.peakipsolutions.com
Tuesday, May 11, 2010
FW: SF Pac IT Pros: New attack bypasses EVERY Windows security product
-----Original Message-----
From: Pacific IT Pros [mailto:mlk@pacitpros.org]
Sent: Tuesday, May 11, 2010 12:28 PM
To: Douglas Renner
Subject: SF Pac IT Pros: New attack bypasses EVERY Windows security product
Pac IT Pros members: Have you heard of the KHOBE - 8.0
earthquake for Windows? This is a update to an attack Windows security
products from several years ago. The new attack can bypass every Windows
security product tested and allow malicious code to make its way to your
system. The KHOBE attack, (Kernel HOok Bypassing Engine), leverages a
Windows module called the System Service Descriptor Table, or SSDT, which is
hooked up to the Windows kernel. Unfortunately, SSDT is utilized by
antivirus software. This attack does NOT need admin privileges. If you are
running as a standard user you are susceptible.
Below is a list of software known (at this time) to be
susceptible to a KHOBE attack.
I'm still gathering info, not sure how serious of a threat
this really is. If you have information please share it with Pac IT Pro
members at
http://www.pacitnews.org
http://www.pacitnews.org/2010/05/11/new-attack-khobe-bypasses-every-windows-
security-product/
Doug
* 3D EQSecure Professional Edition 4.2
* avast! Internet Security 5.0.462
* AVG Internet Security 9.0.791
* Avira Premium Security Suite 10.0.0.536
* BitDefender Total Security 2010 13.0.20.347
* Blink Professional 4.6.1
* CA Internet Security Suite Plus 2010 6.0.0.272
* Comodo Internet Security Free 4.0.138377.779
* DefenseWall Personal Firewall 3.00
* Dr.Web Security Space Pro 6.0.0.03100
* ESET Smart Security 4.2.35.3
* F-Secure Internet Security 2010 10.00 build 246
* G DATA TotalCare 2010
* Kaspersky Internet Security 2010 9.0.0.736
* KingSoft Personal Firewall 9 Plus 2009.05.07.70
* Malware Defender 2.6.0
* McAfee Total Protection 2010 10.0.580
* Norman Security Suite PRO 8.0
* Norton Internet Security 2010 17.5.0.127
* Online Armor Premium 4.0.0.35
* Online Solutions Security Suite 1.5.14905.0
* Outpost Security Suite Pro 6.7.3.3063.452.0726
* Outpost Security Suite Pro 7.0.3330.505.1221 BETA VERSION
* Panda Internet Security 2010 15.01.00
* PC Tools Firewall Plus 6.0.0.88
* PrivateFirewall 7.0.20.37
* Security Shield 2010 13.0.16.313
* Sophos Endpoint Security and Control 9.0.5
* ThreatFire 4.7.0.17
* Trend Micro Internet Security Pro 2010 17.50.1647.0000
* Vba32 Personal 3.12.12.4
* VIPRE Antivirus Premium 4.0.3272
* VirusBuster Internet Security Suite 3.2
* Webroot Internet Security Essentials 6.1.0.145
Doug
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Doug Spindler
Pacific IT Professionals
http://www.pacitpros.org doug.spindler@gmail.com
925-258-6600
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pac IT News visit http://www.pacitnews.org
Pac IT Pros web site http://www.pacitpros.org
This email was sent to drenner@peakipsolutions.com. This email address is a member of the
following Pac IT Pros mailing lists: News,SF.
Manage your list subscriptions at http://www.pacitpros.org/Unsubscribe To
change your email address, unsubscribe and then re-join Pac IT Pros at
http://www.pacitpros.org/Join%20PacITPros