Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - Dieselboy

#1
Forum Lobby / Re: Splunk? or?
July 12, 2023, 02:23:27 AM
Thanks... I didnt want just another log aggregator unless there were smarts to actually do something with the data. I have a home lab, so even there it would be a lot of data for one person.

I had been looking at Salesforce's LogAI last weekend.. Seems like it might be useful for doing something with that data but I hit a couple of snags when I tried to load in sample Windows log. First being, need to configure a .json to match on the log sections (why can't the AI do that) and second, probably because my .json was not exactly as required, the code was erroring out later on. It's only provided from salesforce for research purposes, it's not a polished/finished product.

Azure has models available over API so might try those out. Should then be able to use powerBI for visualisation.
#2
Routing and Switching / Re: ip
July 04, 2023, 07:19:55 AM
Have you considered dynamic DNS? Like no-ip ?
#3
Not enough information to help you. Do you mean internet links and need a firewall with NAT? or local LAN gig links?
#4
Forum Lobby / Splunk? or?
July 03, 2023, 07:02:29 AM
Looking for an open source component to collect telemetry from network devices + everywhere. Does it exist? Seems like I need separate systems for network and then OS-based and container based.

https://www.sdxcentral.com/articles/news/cisco-aims-for-full-stack-observability-with-opentelemetry/2023/05/

https://techblog.cisco.com/blog/getting-started-with-opentelemetry

https://www.cisco.com/c/en/us/solutions/collateral/enterprise/design-zone-security/telemetry-architecture-guide.html


Splunk does a free 14 day trial, might check it out but wanted something I could play with more long term.
#5
OP, you need to make a rule within the router at 192.168.1.3 to allow connection to 192.168.3.24:3389.

Network diagrams can really help here:

[Provider modem, 192.168.1.1] ---> [office router, 192.168.1.2]
  |
  |__\   [home router, 192.168.1.3]
       /


Things to remember. On home equipment like this they usually always allow traffic outbound. Outbound directions therefore are:
1. office router -> provider modem -> internet
and
2. home router -> provider modem -> internet.

Outbound routing is normally handled by the default route or default gateway!

Since you want to go from office router -> home router, you need to do a couple of things or rather there's a couple of ways to do this:

1. route from the office net to the home net, and configure a firewall rule on the home router to allow the traffic in to the computer
or
2. dont configure any routes but instead configure a PAT rule (and matching firewall rule) on the home net to translate inside:192.168.3.24:3389 to outside:192.168.1.3:3389 and then from the office computer, try to RDP to 192.168.1.3:3389


Option 1 uses routing so the PAT isnt required, just the firewall rule.

Option 2 uses PAT so the "outside" IP of your RDP server is the 192.168.1.3:3389 and all routers are on that network on the WAN side so will just ARP and send trafic to the mac address.
#6
AnyConnect is great because it allows end-users to download and install anyconnect updates even though they're not an administrator and have no privilege to install. But this process mechanism has been discovered with a number of flaws allowing the unpriv user to gain admin priv. There are probably more yet to be discovered.
#7
Forum Lobby / Re: Facebook Scammer Account
June 12, 2023, 10:25:13 PM
It's tough if you have an online presence where you welcome strangers.

I see scam accounts on facebook all of the time. But the reporting system is broken. You're not able to provide context for the report and so 99% of my reports get a response that it doesnt go against facebooks standards and they will not remove the account.

I signed up to telegram and I get contacted there almost daily. I just try to waste their time. But they have a system:
1. 1st contact uses a burner account (because they get reported and blocked)
2. 1st contact aims to get you interested and they inform you that their colleague will contact you next
3. 2nd contact does not use a burner account and aims to get you to sign up on their website for any number of hundreds of dollars payment per day


Unless you're actively reaching out to strangers then it's best to bin the message or even just plain block them which is what I usually do. "New message request" -> block! :)

I rarely accept friend requests on facebook, usually I have met them in person first. I'd rather have no friends and money in the bank ;) Some of these scammers are not just individuals with a laptop. They can be proficient and well-established scamming businesses that already have some of your secure info. You might give them something seemingly worthless by itself but it could be the remaining piece in their puzzle to execute some scam against you.
#8
Quote from: deanwebb on June 08, 2023, 12:32:16 PM
These are my people, loved that little documentary.

There are comments there for some very senior people involved back then. I enjoyed reading those :)
#9
I have made config changes to a few 515's, back when I was just beginning to work as a network engineer around 2007 - 2009. The config is a bit different compared to ASAs and I needed to ask for some help :)

I liked how the video explained the IETF didnt want to use NAT because it went against the philosophy of the internet being connected to everything with no single points of failure.
#10
Short documentary about how the PIX appliance saved the world by implementing NAT to save the day.

https://www.youtube.com/watch?v=GLrfqtf4txw
#11
Routing and Switching / Re: Device with static IP
June 06, 2023, 09:48:38 PM
Quote from: deanwebb on June 05, 2023, 05:10:08 PM
Another thought would be to change the router to use the 192.168.5.x range

OP sometimes you can configure a 2nd address on the same network to allow you to connect to the downstream device and change it's IP. Then remove the 2nd address once you're done.
#12
Strange problem!

Cisco uses ECC memory, which is in a large part why cisco routers used to be the most stable networking gear. ECC is error correction. Compared with normal user computers when a memory error occurs the system just crashes. I would be leaning more towards software bug relating to memory rather than hardware issue as a guess.

Our customer had a similar issue but eigrp kept breaking and hello packets getting lost. A reboot of the device seemed to have fixed this, too.

#13
Often, I find it helps just to logically step through the notions with the intent to create a post asking for help. But the fact that I've needed to think about it again from start to end to allow me to create the post often triggers me to find the solution as well.

Glad you got it sorted :)
#14
I'd like to see less scandals, more tradition. But as time goes on, I'm seeing the opposite of this.

As a kid, I / we used to live in King Henry 8th's old house in Beddington, Surrey (converted into apartments).

AFL is just a televised game of hot potato :)
If you watch Australian soccer (real football ;) ) then the local teams try to play soccer the same way. In both games, players just seem to boot the ball as hard as they can, towards the general direction of the goal and hope for the best.

AFL players can assault each other and continue playing which is a bit weird. We have a lot of weird things here :)
#15
Harry is under the thumb and vanished.

King Charles doesn't have a great following because of what happened with Diana and the affair with Camilla.

Today I just learned that they're going to crown the King but also crown "Queen Camilla". Historical rule states it's not possible for a King and Queen - only one reigning monarch is permitted. Camilla is not favourable also for the same reasons. I find it disrespectful to say the least. He is not doing himself any favours and is only making his role as King harder. His mum left a great example behind that I dont think he can live up to.

I was not even aware of the coronation because Australia have nothing for it. Back in the UK for events like this, there are nation-wide street parties, decorations and pubs with decorations of flags.

Sad times.