• Hyper-V Concepts

    It's time to get familiar with Hyper-V Virtualization, virtual servers, virtual switches, virtual CPUs, virtual deployment infrastructure (VDI) and more.
    Read more

    Hyper-V Installation

    Learn how to install and monitor the Windows 2012 Hyper-V platform via Server Manager & Windows PowerShell

    read more

Hot Downloads

How and Why You Should Verify IOS Images On Cisco Routers & Catalyst Switches. Identify Corrupt & Tampered Images using SHA2 or MD5 Verification

Posted in Cisco Routers - Configuring Cisco Routers

How and Why You Should Verify IOS Images On Cisco Routers & Catalyst Switches. Identify Corrupt & Tampered Images using SHA2 or MD5 Verification - 4.0 out of 5 based on 2 votes

cisco-router-switch-ios-image-verification-sha2-md5-1Chances are we’ve all needed to upgrade our Cisco’s device IOS software at some point. While upgrading the IOS software on a Cisco device is considered to be a fairly simple process, it can turn out to be a very stressful and destructive process if something goes wrong, especially if the upgrade is being performed on a remote Cisco device. Uploading a corrupt IOS image or having it become corrupt during the upload process is a common problem Cisco engineers encounter.

If a corrupted IOS image is not identified before the reload/reboot of the device, it’s most likely the device will not boot again unless a special recovery procedure is followed. A corrupt IOS image translates to network downtime, service disruption and possibly financial loss for the company.

Therefore verifying an IOS image that has been uploaded to a Cisco device is a very important step, regardless how experienced one might be.  Unfortunately most network engineers skip or are totally unaware of the image verification process and the trouble it can help them avoid.

Here are a few reasons why Cisco IOS image verification should become a mandatory step during any upgrade:

  • It helps ensure the IOS image is not corrupt
  • It avoids unnecessary surprises after a router/switch reload - especially when it’s at a remote location!
  • It verifies the integrity of the software
  • Reduces the risk of malicious code being installed on the Cisco IOS device
  • TFTP, the method often used to upload files, cannot guarantee error-free transfers
  • Helps maintain your professional image and reliability :)


Using the SHA2/MD5 File Verification Feature

The MD5 File Validation feature was added in Cisco IOS Software Releases 12.2(4)T and 12.0(22)S onwards. This feature allows the administrator to calculate the MD5 hash of a Cisco IOS software image previously loaded on a device's flash.

Newer IOS images and ISR routers now make use of the SHA2 algorithm, rather than the older MD5, however we can optionally verify the image using MD5.

Cisco publishes the MD5 hash value (Checksum) for every software image in their download area. This enables the network engineer to easily check and compare the calculated MD5 hash value against Cisco’s site and identify any signs of tampering.

Note: The commands might slightly differ depending on the device you are working on (Cisco Router or Catalyst Switch) and the running version of the IOS software.

Below is a Cisco 2921 router that has just had an IOS image uploaded (c2900-universalk9-mz.SPA.152-4.M6a.bin):

Free Webinar & eBook on Microsoft Licensing for Virtual Environments (Hyper-V)

Posted in Windows 2012 Server

Free Webinar & eBook on Microsoft Licensing for Virtual Environments (Hyper-V) - 5.0 out of 5 based on 2 votes

hyper-v-altaro-free-webinar-ebook-1Microsoft Licensing for Virtual environments can become a very complicated topic, especially with all the misconceptions and false information out there. Thankfully Altaro, the leader in Hyper-V Backup solutions, has gathered Hyper-V MVP experts Thomas Maurer and Andrew Syrewicze to walk us through the theory and present us with real licensing scenarios to help us gain a solid understanding of Microsoft licensing in virtual environments.

Their Hyper-V experts will also be available to answer all questions presented during the free webinar.  Registration and participation for this webinar is complete free.

Webinar Details: Thursday 4th December 10am EST / 4pm CET - Register Now!

As a bonus, a free eBook written by Hyper-V expert Eric Siron, covering Licensing Microsoft Server in a Virtual Environment, is now available as a free download.

To download your free eBook copy and register for the Free Webinar click here.

The Importance of Monitoring and Controlling Web Traffic in Enterprise & SMB Networks - Protecting from Malicious Websites - Part 1

Posted in Security Articles

The Importance of Monitoring and Controlling Web Traffic in Enterprise & SMB Networks - Protecting from Malicious Websites - Part 1 - 5.0 out of 5 based on 4 votes

security-protect-enterprise-smb-network-web-monitoring-p1-1This article expands on our popular security articles (Part 1 & Part 2) that covered the importance of patching enterprise and SMB network systems to protect them from hijacking, hacking attempts, unauthorized access to sensitive data and more. While patching systems is essential, another equally important step is the monitoring of Web traffic to control user activity on the web and prevent users from accessing dangerous sites and Internet resources that could jeopardize the company’s security.

The ancient maxim – prevention is better than cure – holds good in cyberspace as well, and it is prudent to detect beforehand signs of trouble, which if allowed to continue, might snowball into something uncontrollable. One of the best means of such prevention is through monitoring web traffic and to locate potential sources of trouble.

Even if attackers are unable to gain access to your network, they can still hold you to ransom by launching a Distributed Denial of Service or DDoS attack, wherein they choke the bandwidth of your network. Regular customers will not be able to gain access to your servers. Generally downtime for any company these days translates to loss of income and damage to the company’s reputation. Attackers these days might also refuse to relent until a ransom amount is paid up. Sounds a bit too far-fetched? Not really.

Optimise Bandwidth Usage and Protect your Network from Malware. Free WebMonitor Download Now!

Live Attacks & Hacking Attempts on the Internet

It’s hard to image what really is happening right now on the Internet: How many attacks are taking place, the magnitude of these attacks, the services used to launch attacks, attack origins, attack targets and much more.  Hopefully we’ll be able to help change than for you right now…

The screenshot below was taken after monitoring the Norse network (http://map.ipviking.com/) which collects and analyzes live threat intelligence from darknets in hundreds of locations in over 40 countries. The attacks are taken from a small subset of live flows against the Norse honeypot infrastructure and represent actual worldwide cyber-attacks:

security-protect-enterprise-smb-network-web-monitoring-p1-2aClick to enlarge

In around 15 minutes of monitoring attacks, we saw more than 5000 different origins launching attacks to over 5800 targets, of which 99% of the targets are located in the United States and 50% of the attack origins were from China.

The sad truth is that the majority of these attacks are initiated from compromised computer systems & servers, with unrestricted web access. All it takes today is for one system to visit an infected site and that could be enough to bring down the whole enterprise network infrastructure while at the same time launch a massive attack against Internet targets.

Resolving Cisco Switch & Router ‘DHCP Server Pool Exhausted-Empty’ Error – Client IP Assignment Failure

Posted in Cisco Switches - Catalyst Switch Configuration

Resolving Cisco Switch & Router ‘DHCP Server Pool Exhausted-Empty’ Error – Client IP Assignment Failure - 5.0 out of 5 based on 2 votes

cisco-switch-router-dhcp-server-conflicts-1In previous articles, we showed how it is possible to configure a Cisco router or Catalyst switch to provide DHCP server services to network clients. Everything usually works without a problem, however there are times when the Cisco DHCP server stops assigning IP addresses and we need to look into the issue and resolve it as quickly as possible. System messages such as ‘POOL EXHAUSTED’, ‘ASSIGNMENT FAILURE’ & ‘address pool Guest-VLAN is empty’ provide some basic information, however further investigation is required to identify the real cause.

Small-sized networks usually have DHCP services configured on their Cisco router, while large-sized networks (with multiple VLANs) assign DHCP services to their backbone layer-3 switch (Catalyst 6500, 4500, 3750 etc). The good news is that configuration and debugging commands are identical for both Cisco Catalyst switches and Cisco routers.

 

Debugging DHCP Server on Cisco Catalyst Switch & Cisco Router

The first symptoms of DHCP server issues are users nagging that they cannot connect to the network because they haven’t got an IP address, and that’s where the fun begins.

Assuming no configuration changes have been made to the Cisco DHCP server, the best way to troubleshoot the problem is to enable debugging on the dhcp server.  The debug ip dhcp events & debug ip dhcp server packets are useful debugging commands that will help us identify what is happening:

How To Stop CallManager (CUCM) 7, 8, 9, 10.5 with MGCP / H.323 Voice Gateway From Rejecting Anonymous (Hidden Caller-ID) Calls

Posted in Cisco VoIP/CCME - CallManager - Unity Express

How To Stop CallManager (CUCM) 7, 8, 9, 10.5 with MGCP / H.323 Voice Gateway From Rejecting Anonymous (Hidden Caller-ID) Calls - 5.0 out of 5 based on 3 votes

cucm-rejecting-anonymous-caller-id-workaround-1Cisco Unified CallManager (CUCM) and its Voice Gateway relies on the telecommunication provider (telco) to send the correct call details for every incoming call, to allow the system to correctly process it and route it.

One problem many engineers stumble upon is the routing of incoming calls which have their caller-id blocked.  In these cases, quite a few telcos send Anonymous instead of N/A as the Calling Party Number (the number that is calling us), instead of the typical N/A string:

Jan 30 07:42:16.892: ISDN Se0/1/0:15 Q931: RX <- SETUP pd = 8  callref = 0x1075
 Sending Complete      
 Bearer Capability i = 0x8090A3
                Standard = CCITT
                Transfer Capability = Speech 
                Transfer Mode = Circuit
                Transfer Rate = 64 kbit/s
        Channel ID i = 0xA98381
                Exclusive, Channel 1
        Calling Party Number i = 0x0180, 'anonymous'
                Plan:ISDN, Type:Unknown
        Called Party Number i = 0x81, '0298889994'
                Plan:ISDN, Type:Unknown
Jan 30 07:42:16.900: ISDN Se0/1/0:15 Q931: TX -> CALL_PROC pd = 8  callref = 0x9075
        Channel ID i = 0xA98381
                Exclusive, Channel 1
Jan 30 07:42:16.904: ISDN Se0/1/0:15 Q931: TX -> DISCONNECT pd = 8  callref = 0x9075
        Cause i = 0x8095 - Call rejected
Jan 30 07:42:16.912: ISDN Se0/1/0:15 Q931: RX <- RELEASE pd = 8  callref = 0x1075
Jan 30 07:42:16.944: ISDN Se0/1/0:15 Q931: TX -> RELEASE_COMP pd = 8  callref = 0x9075
The problem becomes more difficult to solve when the Voice Gateway is configured to use MGCP (Media Gateway Control Protocol) as the control protocol with CUCM. With MGCP, there is no control in manipulating the Calling Party Number (as opposed to H.323). Despite the fallback, most engineers use MGCP as it dramatically simplifies the configuration on both CUCM and the Voice Gateway.

By default, all CUCM versions from version 6 and above will automatically reject calls when Calling Party Number set to Anonymous, making it impossible for callers with hidden ID to successfully call the company.

Solutions to Stop CUCM From Rejecting Anonymous Caller-IDs

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup