eSubnet - Crib-Notes

Crib Notes

Here we provide short tips and reminders to things that will save time.

Blocking traffic
How to block traffic.

Protocol blocking: Use your firewall or router ACL to stop the traffic. This tactic applies to inward and outward traffic.

Website access: Use your DNS server to point the clients to an alternate IP address. 127.0.0.1 keeps the network traffic clean. Alternately you can use a web server to provide a reminder that they are going somewhere bad and to record who is trying to going where they should not.

VPN
Things to watch for when creating L2L VPN connections

Ensure that the name of the Tunnel-Group matches the IP address of the remote-peer.

Ensure the remote-peer is configured to send the IP address as the identifier

Ensure that remote-peer and the local PIX have the same LANs configured to be tunneled

Ensure that the re-key times match

Bash Commands
CLUI commands we hardly ever use

at This command allows you to schedule a task to run once at a given time such as rebooting a server
at 8:00
at> reboot
at> (CTRL+d to exit)

/usr/sbin/sendmail -bt sendmail test mode
# /usr/sbin/sendmail -bt
ADDRESS TEST MODE (ruleset 3 NOT automatically invoked)
Enter [ruleset] [address]
> 3,0 tester@testdomain.com

TCPdump to ignore SSH
Issue tcpdump -i eth0 -n 'port ! 22' when you need to use TCPdump on an SSH connection

linking files
Issue ln -s [source] [target] when you need to make a soft link. This is similar to the windows "shortcut" concept.

Here is a summary of the meanings for individual octal digit values:

	0 --- no permission
	1 --x execute 
	2 -w- write 
	3 -wx write and execute
	4 r-- read
	5 r-x read and execute
	6 rw- read and write
	7 rwx read, write and execute

In Cisco routers, the codes for a traceroute command reply are:

	! -- success
	* -- time out
	N -- network unreachable
	H -- host unreachable
	P -- protocol unreachable
	A -- admin denied
	Q -- source quench received (congestion)
	? -- unknown (any other ICMP message)

eSubnet Fragment
Receive insights into networking, security
and IT management from our newsletter