I-BLOG

I almost look like a stupid when I think of this :-) I bought my car and got it delievered on Tuesday but the whole week I used Auto for lack of confidence! I haven't driven in India and that too with Manual Gear. Kinda difficult you know, it is ... Continue Reading

In Windows XP by default the 'Administrator' account is not displayed in the Logon Screen (XP style logon screen). It is by design but can be enabled though registry edit; Registry Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon Modify/Create the Value Data Type(s) and Value Name(s) as detailed below. Data Type: String Value // Value Name: ... Continue Reading

Everyday I learn something and one such thing is this; Think of a scenario where you have to build site-to-site VPN between 2 PIXs. Adding interest to this is, the outside interfaces of both the pixes are connected to each other directly like this; Internal-----PIX1--Outside----------Outside--PIX2-----Internal With all configuration options as mentioned at ... Continue Reading

Got networking problems/questions/queries/concerns? Cisco has a couple of tools out there on the site which I guess not many are aware of; You need to have CCO access to get those though... Output Intrepreter: This basically gives you a way of putting your configuration into it and analyzes it for problems/improvement ... Continue Reading

Watching over your webserver's logs??? or Routers/Firewalls log files and felt like you want to know which country the IP is coming from? well here is a cool link, it will tell you exactly which country it is coming from; http://www.maxmind.com/app/locate_ip Here's a sample of my ip address find. MaxMind GeoIP City/ISP/Organization Edition Results ... Continue Reading

The egress filtering is often forgotten since the theory of Enterprises is that 'allow everything from my internal network to go outside' and by default nothing will be allowed back into internal from Internet. This seems to make a lot of people happy about their networks nevertheless, it is good ... Continue Reading

One of the best thing I like about Juniper Netscreen Firewalls is the fact that you can have multiple ISP's directly connected to it. The Cisco PIX 500 series lack these and often you would be in trouble if multiple ISP's are involved and you want both 'redundancy' and 'load ... Continue Reading

Ever noticed this fact ? When a trace route is done from a network which is protected by PIX firewall, the pix interface doesn't appear in the hop list ? Consider this network; 10.1.1.1--------(10.1.1.2)Router(100.100.100.100)----(100.100.100.101)(PIX)(200.200.200.200)-----InternetIP Trace route will list; 10.1.1.2 100.100.100.101 InternetIP The PIX interfaces will not be listed in it, either the trace route in 'inbound' or ... Continue Reading

Ever wondered if you could set all the networking parameters through command prompt ? Well there is a way; netsh int ip  set address name="Local Area Connection" source=dhcp Above for Dynamic ip address assignment; netsh int ip set address local static 10.0.0.9 255.0.0.0 10.0.0.1 1 Above for static ip and gateway netsh int ip set ... Continue Reading

Some time back when I was testing the Cisco IDS system at a Cisco Offshore Development center, I often felt like we are in an era of 'converged solutions' but often the elements are not converged at all. A distributed Intrusion Detection/Prevention System should be able to manage itself to a ... Continue Reading