The Cisco PSIRT openVuln API was released at the end of 2015 and I stumbled across it in 2016 and have written numerous post and scripts which access it. However a some point in the last three years access to the API has been restricted and a "Service Partner Contract" is now required. This means... Continue Reading →
One of the great things about being a network contractor is the frequent change of employers and the different networks and infrastructure that I am introduced to. I recently was introduced to the oldest datacentre I have seen to date. Deep inside an old looking concrete office building down winding corridors I was led into a... Continue Reading →
I have been using Netbox for a couple weeks and am really impressed with the product. It is an intuitive piece of software which flows well, however configuring passive infrastructure wasn't immediately obvious. This post will over of the process of connecting two devices in separate racks via four patch panels. Before we begin I... Continue Reading →
The SRX300 (and SRX550M) are configured to drop IPv6 traffic by default: see documentation: When IPv6 is configured on SRX300 Series and the SRX550M devices, the default behavior is set to drop mode because of memory constraints.https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/ipv6-flow-processing-enabling.html This can be confirmed: admin@CS7-HQ-FW02> show security flow status Flow forwarding mode: Inet forwarding mode: flow based Inet6... Continue Reading →
Example ansible playbook for upgrading Cisco IOS images.
Evaluation of different methods for accessing a REST API. Methods tested include Curl, Postman, Python - requests and Python - openVulnAPI.
A Python script using the Cisco PSIRT API to collect vulnerability information on a static inventory file.
Another 12 months pass and I'm pleased to receive notification of CiscoVIP selection: I'm no longer contracting for Cisco so this time it sticks. I'll be traveling to Australia in March for Cisco Live. Can't wait!
Whilst completing my studies for the JNCIA-Junos exam I was trying various configuration on my SRX110 and decided to expose it to the internet as my LAN 'DMZ host', after a little while I noticed the log filling up with messages like these: Feb 14 11:24:24 2018 CS7-SRX01 sshd: SSHD_LOGIN_FAILED: Login failed for user 'root'... Continue Reading →
After a recent spate of hardware lock-ups and random reloads I decided to replace my ASA5505. It was the first cisco device I ever purchased and set me on my networking career, but it was playing up so I decided to swap it out for a Juniper SRX110H2-VA. As far as I can tell they... Continue Reading →
