Type: Posts; User: ammo; Keyword(s):
Search took 0.04 seconds.
April 23rd, 2010, 04:58 AM
Haha, by some funny coincidence, I just happened to stumble across this old bookmark thought I'd peek in... I guess I'm not the only one that had forgot about AO..!
June 26th, 2008, 03:32 AM
October 9th, 2007, 07:10 AM
Indeed, you are bridging, hence there is no need for the ip helper.
Your dhcp server should handle your wifi clients in a normal fashion (broadcast dhcp without relay)...
October 9th, 2007, 04:13 AM
Couple of things:
-What version of IOS are you using?
-Show us the config of your wireless interface
-Are you receiving anything
You could always do a debug ip packet (match on port 67 and...
January 30th, 2007, 03:18 AM
The "router in front for security reasons" way doesn't really hold ground anymore IMHO:
It used to be that firewalls couldn't hold the load of being the edge device; that isn't so true anymore. ...
January 16th, 2007, 05:00 AM
You might want to have a look at the Cisco ASA 5505, ASA being the PIX newer replacement line, and the 5505 being the equivalent of the 501...
November 30th, 2006, 04:00 AM
You'll need to define a global pool and use it in your nat instead of the nat "0" which tells the pix NOT to nat on traffic matching that acl...
Should look something like this:
November 28th, 2006, 02:20 AM
You need a normal nat entry to enable inside traffic to leave on the outside interface.
November 20th, 2006, 04:10 AM
Careful with the self-signed certificate; make sure users validate the certificate hash when they first log on and that they then install the certificate if valid. And of course, never continu on a...
November 18th, 2006, 05:22 PM
You'll find better help over at the openbsd mailing list: email@example.com
1- make sure to search the archives (http://marc.theaimsgroup.com/?l=openbsd-misc) before posting
November 18th, 2006, 05:19 PM
Don't dismiss basic or digest authenticaiton too quickly..:
Both will do just fine IF you use then inside an SSL connection...
November 18th, 2006, 05:11 PM
Funny, I just assisted to a demo of pointsec this thrusday..!
Pointsec has versions of BartPE boot disk that are preset with the appropriate stuff to boot/read off a pointsec encrypted drive; it...
November 9th, 2006, 03:12 AM
If you can't run a sniffer, just do the next best thing and capture on the pix itself:
I don't have the exact syntax in front of me, but it should run something like this:
November 5th, 2006, 08:30 PM
Use a real throughput testing tool like ttcp; This tool is often included on linux (or in packages) and also availible as a windows port (http://www.pcausa.com/Utilities/pcattcp.htm).
This way you...
November 1st, 2006, 03:16 AM
I routinely use Visio at work, although I despise it...
My personal favorite is LanFlow (EdgeDiagramer) from PaceStar (www.pacestar.com).
October 22nd, 2006, 04:12 PM
Did you say DSL? Do they use PPPoE?
I'll bet you 10 antipoints your problem is with the Path MTU.
My coworker had the same issue a couple weeks back: dsl line, cisco vpn, cheap router.
August 20th, 2006, 04:43 AM
Well, it's totally debateable, but I disagree...
The 80/20 rule doesn't stand much nowadays. Routing is fast enough that you're much better off segmenting your servers inside server vlan(s) and...
August 19th, 2006, 05:20 AM
Depending on how well the dns server is configured, you might be able to do a zone transfer from it.
I'll leave it up to you to google how one does a zone transfer...
August 15th, 2006, 02:21 AM
(Depending on what you meant by or if the emphasis was on "from a single node")
There are other means also:
1- mac table flooding: spoof enough source mac addresses to overload the switch's...
July 27th, 2006, 05:00 PM
Indeed, you usually try to drop traffic as close to the edge as possible.
However, one reason for filtering out on an interface could be if you have a router with multiple interfaces and wanted...
July 25th, 2006, 05:10 AM
Backtrack is really nice...
July 19th, 2006, 05:07 AM
Our intent with port-security is mostly to prevent users from uplinking hubs or switches of their own. We'll limit each switchport to a single mac address (dynamicaly learned).
Indeed, we also...
July 14th, 2006, 02:09 AM
Couldn't agree more.
People are claiming 2-factor auth to be the wrong, while in fact it is the right answer... if you keep in mind the original question; now they're changing the question and,...
July 13th, 2006, 03:40 AM
We're currently in the process of upgrading our access layer switches to Catalysts 3560s, which offer the folowing layer 2 security features:
Ok, here it goes:
1- Install OpenBSD from ftp (stable branch).