RE: IDS IPS
Brilliant that went directly to my sense of humour! -Original Message- From: Fréderic [mailto:frede...@placenet.org] Sent: Wednesday, September 22, 2010 6:45 PM To: nanog@nanog.org Subject: Re: IDS IPS http://en.lmgtfy.com/?q=ips+iss bst rgds Le 22/09/2010 18:29, Joshua William Klubi a écrit : > What is ISS > > Joshua > > On Wed, Sep 22, 2010 at 4:24 PM, Adefisayo Adegoke wrote: > >> ISS ideal for the Defense and Banking industry ... >> >> 'Ayo >> >> On Wed, Sep 22, 2010 at 10:11 AM, Joshua William Klubi < >> joshua.kl...@gmail.com> wrote: >> >>> Hi, >>> >>> I have been tasked to get the best IDS and IPS for our internal LAN >>> and WAN in a Banking infrastructure. >>> I would like ask if any one has deployed in any network with such >>> technology, and also if any one can recommend a very good IDS and >>> IPS for me to recommend to management >>> >>> Thank you. >>> >>> Joshua >>> >> >> >> >> -- >> ... the sky is too low to be my limit. >> >> Success is getting what you want, happiness is wanting what you >> get - Ingrid Bergman >> >> >
Shaping on a large scale
Hi, Does anyone know of any Shaping appliances to shape customers based on IP, allow for a quota per IP and qos mechanisms like LLQ?, This is should be something that can sit in between two border router's and support a small ISP (2 customers), also an opensource solution would be great! Regards, Bruce
RE: Shaping on a large scale
Hi, Thanks for all the comments!, do you know of any web frontends for these apps? (don't want to go reinventing the wheel) Something that preferably uses a mysql backend. Regards, Bruce Grobler Yo! Africa - Network Engineer Cell : 0912364532 Skype: bruce.grobler -Original Message- From: Chris Caputo [mailto:ccap...@alt.net] Sent: Friday, January 30, 2009 9:54 PM To: C. Jon Larsen Cc: Scott Berkman; nanog@nanog.org Subject: RE: Shaping on a large scale On Fri, 30 Jan 2009, C. Jon Larsen wrote: > > Open source you can do a custom setup with IPTables and iproute2, but it > > will take some work to get the same kind of features and management > > interface. LARTC is a good reference for this kind of topic: > > http://lartc.org/. Also I'm not sure if someone has built this into any > > of the firewall specific linux distros yet, so you may want to explore > > those a little. > > The scripts below will set max bandwidth on an interface to 60mbit, and setup > a queue to shape a.b.c.d to 3Mbit. Seems to work ok for me. Its used on a > physical server to limit bandwidth to a virtual server(s) on the physical > server. Should work just as well on a dual-armed router/firewall shaping > devices behind it. You would just create more classes (1:11, 1:12, etc) for > more clients/ips to shape and you might want to knock the ceiling on the > default (1:30) class down to guarantee the bandwidth to the 1:10, > 1:11...classes. > > tc qdisc add dev eth0 root handle 1: htb default 30 > > tc class add dev eth0 parent 1: classid 1:1 htb rate 60mbit burst 150k > tc class add dev eth0 parent 1:1 classid 1:10 htb rate 3mbit burst 15k > tc class add dev eth0 parent 1:1 classid 1:30 htb rate 1kbit ceil 60mbit burst > 150k > > tc qdisc add dev eth0 parent 1:10 handle 10: sfq perturb 10 > tc qdisc add dev eth0 parent 1:30 handle 30: sfq perturb 10 > > ## limit a.b.c.d to 3mbit/sec: > U32="tc filter add dev eth0 protocol ip parent 1:0 prio 1 u32" > $U32 match ip src a.b.c.d/32 flowid 1:10 > $U32 match ip dst a.b.c.d/32 flowid 1:10 > > tc -s -d qdisc show dev eth0 tcng - Traffic Control Next Generation (http://tcng.sourceforge.net/) provides a configuration language that abstracts the gnarliness above. Chris
RE: Private use of non-RFC1918 IP space
Yep!, go ahead and trace it. -Original Message- From: David Conrad [mailto:d...@virtualized.org] Sent: Monday, February 02, 2009 9:48 PM To: Bruce Grobler Cc: NANOG list Subject: Re: Private use of non-RFC1918 IP space On Feb 2, 2009, at 8:10 AM, Bruce Grobler wrote: > Most ISP's, if not all, null route 1.0.0.0/8 therefore you shouldn't > encounter any problems using it in a private network. Is this true? This will cause endless entertainment when IANA allocates 1.0.0.0/8 sometime within the next two or three years... Regards, -drc
RE: Private use of non-RFC1918 IP space
Most ISP's, if not all, null route 1.0.0.0/8 therefore you shouldn't encounter any problems using it in a private network. -Original Message- From: Michael Butler [mailto:i...@protected-networks.net] Sent: Monday, February 02, 2009 5:59 PM To: t...@kingfisherops.com Cc: nanog@nanog.org Subject: Re: Private use of non-RFC1918 IP space -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Trey Darley wrote: > Some colleagues and I are running into a bit of a problem. We've been > using RFC 1918 Class A space but due to the way subnets have been > allocated we are pondering the use of public IP space. As the network in > question is strictly closed I don't anticipate any problems with this as > the addresses would be unambiguous within our environment. I'm curious if > anyone else is doing this. This is a *VERY BAD IDEA* - why not take the hit now rather than exponentiate the problem and, in so doing, make it nearly impossible to reverse later? Michael -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkmHGCgACgkQQv9rrgRC1JLWrACfTxrfxz/6DFCCByldBqMv/MjL ssYAn3Se0GRA+s3Szn9dMUN8c7AlQzj/ =FZWG -END PGP SIGNATURE-
RE: real hardware router VS linux router
Not much really, besides your personal preference and the configurability of the device (will maintaining some semblance of sanity), there are some very nice custom linux based appliances out there e.g. vyatta routers, which boast 10 times throughput of Cisco (2800 series) routers, however it all comes down to what you want to do. -Original Message- From: Deric Kwok [mailto:deric.kwok2...@gmail.com] Sent: Thursday, February 19, 2009 4:30 PM To: nanog@nanog.org Subject: real hardware router VS linux router Hi All Actually, what is the different hardware router VS linux router? Have you had experience to compare real router eg: cisco VS linux router? eg: streaming speed... tcp / udp Thank you for your information
FW: Ctrl+Shift+6 then X
Hi Guys, If anyone can tell me how to resolve this issue there's a strong possibility of a fedex'd beer. Using Putty or any other ssh/telnet terminal I find that Ctrl+Shift+6 then X (on a cisco) works only sometimes after beating your keyboard multiple times with a hammer, has anyone else come across or had a solution to this problem ? Regards, Bruce Grobler Yo!Africa - Network Engineer Landline: +263-4-701300, Cellphone: +263-91-2364532 Skype ID: bruce.grobler
RE: FW: Ctrl+Shift+6 then X
Ye, exact same things happens for me, then after it decides to execute it you have a nice long line of 6x6x66x6x666x6, tried the Ctrl+6 no such luck... -Original Message- From: Shon Elliott [mailto:s...@unwiredbb.com] Sent: Monday, February 23, 2009 10:48 AM To: nanog@nanog.org >> nanog Subject: Re: FW: Ctrl+Shift+6 then X Bruce, I have that problem using any terminal program (I use SecureCRT).. I have to bang the command like 10-20 times for the device to recognize it. Kind of wished CTRL-C or something worked better and actually worked well. Shon Elliott Senior Network Engineer unWired Broadband, Inc. Bruce Grobler wrote: > Hi Guys, > > > > If anyone can tell me how to resolve this issue there's a strong possibility > of a fedex'd beer. > > > > Using Putty or any other ssh/telnet terminal I find that Ctrl+Shift+6 then X > (on a cisco) works only sometimes after beating your keyboard multiple times > with a hammer, has anyone else come across or had a solution to this problem > ? > > > > Regards, > > > > Bruce Grobler > > Yo!Africa - Network Engineer > > Landline: +263-4-701300, Cellphone: +263-91-2364532 > > Skype ID: bruce.grobler > > > >
RE: Ctrl+Shift+6 then X
Oh wow, that worked like a charm Thanks a bunch!!! :D -Original Message- From: Moriniaux Michel [mailto:mmorini...@prosodie.com] Sent: Monday, February 23, 2009 11:18 AM To: Bruce Grobler; nanog@nanog.org Subject: RE: Ctrl+Shift+6 then X Hi, Yep does that all the time the worst is on a traceroute where it seems you need to wait for the end of line to send the ctrl+shift+6. Workaround on cisco: Line con 0 Escape-character 3 Line vty 0 4 Escape-character 3 Whith this you can just CTRL+C Cheers, Michel Moriniaux -Message d'origine- De : Bruce Grobler [mailto:br...@yoafrica.com] Envoyé : lundi 23 février 2009 09:22 À : nanog@nanog.org Objet : FW: Ctrl+Shift+6 then X Hi Guys, If anyone can tell me how to resolve this issue there's a strong possibility of a fedex'd beer. Using Putty or any other ssh/telnet terminal I find that Ctrl+Shift+6 then X (on a cisco) works only sometimes after beating your keyboard multiple times with a hammer, has anyone else come across or had a solution to this problem ? Regards, Bruce Grobler Yo!Africa - Network Engineer Landline: +263-4-701300, Cellphone: +263-91-2364532 Skype ID: bruce.grobler
RE: switch speed question
Hi, It depends on how heavily loaded your switch is expected to be, for instance two machines using the switch will be able to get a full 1Gbps, however depending on the backplane (switching fabric), it limits how many ports will receive full 1Gbps when the switch is congested, e.g. a 2 gig backplane against a 24 gig. Regards, Bruce -Original Message- From: Deric Kwok [mailto:deric.kwok2...@gmail.com] Sent: Monday, February 23, 2009 5:08 PM To: nanog@nanog.org Subject: switch speed question Hi Can you share your experience what is fastest Gig switch? I see there is CEF feature in cisco. ls it big different when i enable it in switch vs other switch? ls there any problem? Thank you
RE: Looking Glass script
Try rancid-lg (debian) else freebsd ports comes with it if i'm not mistaken, and a great one is iBGPlay nothing beats it but it doesn't have the granularity you are looking for. Regards, Bruce Grobler Yo!Africa - Network Engineer Landline: +263-4-701300, Cellphone: +263-91-2364532 Skype ID: bruce.grobler -Original Message- From: Andy BIERLAIR [mailto:a...@root.lu] Sent: Monday, March 02, 2009 4:10 PM To: nanog@nanog.org Subject: Looking Glass script I was wondering if somebody knows where to find a decent looking glass script (PHP or Perl) that is compatible with Cisco 6500 Routers and can parse the results (bgp, bgp summary, ping, traceroute) so that they can easily be integrated into good looking HTML tables. I know there are plenty of good scripts available, but they all generate raw output. Parsing this data is a lot of coding work and I was hoping that I did not have to reinvent the wheel. Thanks, Andy
