Monthly Archives: June 2015

Kiwi Cattools – Awesome Tool for Network Engineers

As a network engineer, there are certain things that you must do, or face the consequences. Making backups of all your network devices on a regular basis is one of those things. Plus, monitoring your network for any configuration changes (whether authorized or not) is a good thing too. If you have a very small network you could keep track of all this manually, but if not, then you NEED a tool to take care of this. I would suggest using Kiwi Cattools (part of Solarwinds).

I’ve been using Cattools for many years, way back before Solarwinds acquired Kiwi. Cattools is very comprehensive…it can track configuration changes and alert you when they occur; it will perform regular backups and archiving of device configs; and you can use it to push changes out to your devices saving you lots of time (nothing like changing all your NTP server settings to over 100 devices in just a few minutes!!!).

If you recall from my post yesterday on securing SNMP, that configuration change triggered an email alert from Cattools last night letting me know that a change occurred on the switch, and showing me what the change was. The email had an attachment in HTML format that you can review in your web browser, and it shows the before and after configuration, high-lighting the changes…

Cattools alert showing ACL #2 change

Cattools alert showing ACL #2 addition

Entries in GREEN show additions, RED is changes, and BLUE is deletions. This is very cool stuff people!! Plus, the price is very reasonable. (Note…in case you are wondering, I do not get anything from Solarwinds for recommending their products. Unfortunately.)

So, for your peace of mind, get Cattools (or similar product) for your network. You will be glad you did!

Securing SNMP Access on Cisco Switches

Here is a quick and easy one…

I installed and configured Solarwinds Network Engineer’s Toolkit on a new server today, and did a quick SNMP (Simple Network Management Protocol) test to my core switch. Well, it didn’t work…which actually is good. It meant that I did configure access restrictions via SNMP. And you should too…if you don’t, then ANYONE can install an SNMP utility and try and gain access to your switches, or other network devices.

Here is my SNMP config on my switch…

SNMP Configuration

SNMP Configuration

The “2” at the end of the line references access control list number 2…

ACL #2 - Restricting SNMP access

ACL #2 – Restricting SNMP access

As you can see, I have configured SNMP access from two separate servers, which did not include the new server I was using today. (If no ACL was referenced, then anyone can access the switch via SNMP). I then added that server into ACL 2…

Adding another server to ACL 2

Adding another server to ACL 2

And everything worked just fine! So, moral of the story is to make sure and secure your SNMP access…and test it every now and then to make sure it’s working properly.

Thank You Dad…For Everything

My Dad - Grady Moore

My Dad – Grady Moore

Today is Father’s Day. And I still miss my Dad, even after all these years…he died of cancer in 1998, way too young at just 63. In all the ways you can measure the positive impact of a father, my Dad succeeded. I owe my intense curiosity to my Dad, and my love of aviation too. And even more importantly, my Dad showed me how to love the Lord, and how to treat a wife.

My Dad worked his entire career at Lockheed, starting on the line popping rivets. He helped build the Jetstar, C130 Hercules, C141 Starlifter and C5 Galaxy. I grew up in the traffic pattern of Dobbins Air Force Base, in Marietta Georgia, watching all these planes fly overhead night and day, for 15 years. Even now, I can identify a C130 or C5 just by the sound they make. During all of this, my Dad went back to school and obtained a degree in Education. And about the same time, during my high school years, Lockheed transferred my family to Lancaster California, where my Dad finished his career teaching the airlines how to maintain the Lockheed L1011 Tristar. He LOVED teaching, and did a great job with the airlines.

Lockheed L1011 Tristar

Lockheed L1011 Tristar

Thanks Dad for your example! There are generations of Moore’s growing up in your footsteps…and that’s a good thing!

Security Breaches…Here We Go Again

Greetings everyone…I’m back! My wife and I had a GREAT time in San Diego last week attending CiscoLive. It was an excellent conference, held in a great city (I love San Diego!!), and we had a wonderful time (my wife attended the Keynotes with me, along with the World of Solutions events, and the Customer Appreciation Event with Aerosmith). We tracked our steps and averaged between 13,000 and 15,000 steps each day…for each of us…wow!! We used a really nice app on our iPhones called Pacer, and it classified us as “Highly Active”. No kidding!! I’ll be posting some recaps of CiscoLive over the next several days.

Today, however, is more news within the field of security…or the lack thereof. And it’s not good folks…not good at all…

The US Office of Personnel Management announced a significant breach of their systems in which it’s estimated that personal information on between 10 to 14 million federal employees was stolen. (See the excellent report over at KrebsOnSecurity OPM Breach.) I heard a bit today from the Congressional Inquiry (that was very quickly organized I might add) that most of the affected systems were not properly secured (lack of timely patching of servers/systems, lack of robust authentication mechanisms…the list goes on). Part of me wants to stand up, turn towards Washington DC, and scream “Idiots!!”. But then the other part of me wants to run back to work, and double check my firewalls and routers…am I doing everything that I can to protect my company??

Ugh…security is a never ending process. One of the speakers at CiscoLive said that everyone has been hacked…whether you know it or not. I have realized now that I agree with that statement. I’m going to spend this summer double-checking all of my security processes and configurations. And I’m going to try and find evidence of an intrusion…I think it has already happened, but I’ve just not “seen” it yet.

One more bit of security news…if you are a user of LastPass, it too has suffered a breach. Here are a couple of good articles concerning it:  NetworkWorld LastPass Breach and over at KrebsOnSecurity LastPass Breach.

CiscoLive and a Leap Second

Greetings everyone…

Yes, I’ve been way too busy…sorry for the lack of posts. I am going to try and get back in the swing of things!!

First, a bit of fun news…I’ll be out of town next week, down in San Diego, attending CiscoLive 2015!! And even better, my wife is going with me! I bought her a Social Events Pass…this allows her to attend all of the Keynote speeches, the evening vendor meets, and the closing night concert with Aerosmith at Petco Park (the Padre’s stadium)!! We are both very excited!! I will try to post some notes next week from CiscoLive…if I can find the time.

Next…since we are talking about time….on Tuesday, June 30th, there is going to be a leap second event. (I’m not kidding folks…this is actually very cool stuff!!) Over time, the Earth is gradually slowing down…and to keep the “real” time sync’d with our perception of time (sundown, etc.) they have to add a second to the day. The last time this happened was back in 2012. Is this something you need to worry about? Probably not, but you should be aware of it, and keep an eye on things that might be acting strange (frozen, pegged CPU, etc). Here is Cisco’s take on this years leap second.

Details:  The leap second is going to occur at 23:59:59 UTC on June 30th, 2015. In other words, one second before midnight UTC time. For me, here on the west coast with daylight savings time, it will be 4:59:59 PM in the afternoon (PDT). That final minute will actually last 61 seconds. This will be orchestrated by all of the NTP servers on the Internet…so if all of your network equipment is time sync’d to NTP servers, you should be fine. If you equipment is not time sync’d, well…I guess you don’t really care about all of this anyway. (And you are not being a good network engineer either…get your network time sync’d!!)

Linux and UNIX systems should handle this well…NTP will announce to any system running true NTP that a leap second will occur (there is a leap second flag that gets set). Windows systems do not know how to handle the NTP announcement, so they will just end up a second off. However, within 20 minutes they will be re-sync’d properly. What to watch for? Anything acting strange that relies on exact time…applications that use GPS would be key to watch.

So…you have been warned. Hopefully the addition of a leap second will not trigger Armageddon.