RawCode

The Cisco PIX is a totally different beast from the more common Cisco router. A lot of people forget the correct process for allowing traffic through a pix. Here is a quick break down.

1. Figure out which direction the traffic is going in relation to the security ratings of the interfaces. Higher(100) -> lower (0)? Nothing needs to be done. Lower(0) to higher(100)? You will need an ACL to permit the traffic.

2. Now that you know that you need an ACL, you need to decide what type of traffic it is. IP, TCP, UDP or ICMP? Any specific src or dst ports or addresses? Do you know what ICMP type you need?

3. Now are out using NAT? If your are trying to port forward, the ACL only allows the traffic into the PIX, but it still has no idea what to do with it. So you need to create a static statement, to map your src IPs or ports onto your dst IPs or ports.

And that is it. Just a quick how-to on permitting traffic on a PIX.

Filed by RawCode at 8:52 am under Cisco, Networking
Comments Off

Check it out at the Cisco 7200 Simulator Wiki.

Seems pretty darn cool since I hace yet to see anything like this for other Cisco devices. I will give it a good try in the next few days to see what it is all about.

Filed by RawCode at 8:04 am under Cisco, Networking
Comments Off

http://www.gammagammachi.org/

Do you think Middle eastern cultures fear women empowerment? In some countries, women are not even allow to have an education, and here we now have a sorority. This basically goes against the common cultural structure in most middle eastern countries, and I think most of them will dennouce it in someway. Using either religous or social reasoning to try and mute the issue.

Filed by RawCode at 6:03 am under Commentary
Comments Off

I was recently readin Ars, and came across a thread in the forums regarding amazon prime. Basically you pay $79 for a years worth of free shipping for you and four other people at the same address. There is some limitations, but they do not mention AK at all in the TOS. So now I am curious as to weather or not this would actually save me money in the long run.

According to Amazon I made nine different orders for a total of 23.97. Most of the orders had free Super saver shipping, which while free is not as good as two day. So I guess the question is, how patient are you? I never really cared how long it took to get here as long as it was in a reasonable fashion.

So I guess for me Amazon Prime is not a good choice. Maybe for a business?

Filed by RawCode at 3:31 am under Banter
Comments Off

I am a big fan of Habanero Tabasco sauce, except for the strong taste of vineager. But it is a little sweet and hot enough so I let it slide. I am always on the lookout for better hot sauces however. My latest test was Dave’s Gourmet Hurtin’ Habanero hot sauce.

I found it to be hotter than the Tabasco version, and a little less vineagar taste. I will post more about it once I have had more of the bottle. mmmmm!

Filed by RawCode at 3:15 am under Banter
Comments Off

Not mine of course, but I observed it on my way home. Fancy that it happened at the intersection just outside my house! So Pics time Yay! I apologize for the grainy quality, but it is dark here in Alaska @ 8AM, so I had to use a high ISO. Maybe if I had a tripod…

Basically a truck forgot there was an intersection and plowed into the back a Toyota, I think. Which then forced it into the read of a huge white van from the 80’s. The van was ok thankfully.

This is Ambulance, you can see the van clearly.

And Here it is leaving the scene, oh the action!

And now a good shot after the medics get out of the way. If there was anyone in the back, they would be asking the drivers how their spine tasted.

And then a closeup of the supposed toyota, I think.

Filed by RawCode at 11:07 am under Banter
1 Comment

Great little item I got off of the fora over at Arstechnica.

Filed by RawCode at 7:53 am under Banter
Comments Off

I read eJacqui’s review of the new iMac on her blog. And Apperently it is really darn fast. Her review makes me want one even more!

Damn her. I don’t have the money for this amount of geek lust!

Filed by RawCode at 7:48 am under Banter
Comments Off

If you know anything about linux, you know ssh is a necessity. It is the same for routers if you do not want everything you do passed in cleartext across the net. Problem is that alot of people use a cisco router as their firewall with NAT enabled. So when you try to ssh to your linux box from work (or elsewhere) via port 22, it will hit the router instead. So you have two options:

• Configure PAT so you move your ssh traffic to a different public port, say 2222, and it will redirect it to port 22 on the inside of your network.
• Configure a rotary group and move the router’s ssh port to a different port, say 2222.

This post will cover the latter.

It is a pretty simple config, but it takes awhile to find it on Cisco’s web site due to the amount of information they have on there. It is two lines total:

ip ssh port 2222 rotary 1

This line moves the ssh service to port 2222, and makes it part of rotary group 1. A rotary group allows you to define attributes, services and features of lines that reference the group. In this case, any line that is part of rotary group one will have ssh on port 2222.

line vty 0 4
rotary 1
This set of commands places vty lines 0 through 4 in rotary group 1. So these vtys will take on all the features you have configured for that group. In this case, ssh has been moved to port 2222 on vty lines 0 through 4.

And that is it.

Filed by RawCode at 5:55 am under Cisco, General IOS, Networking
5 Comments

I saw that WordPress 2.0 came out. so I thought an upgrade would be in order. Totally dead simple to upgrade too. Not really much in the way of external changes, but the management interface has been improved quite a bit. So far I am liking it alot.

I have not posted at all since my dad passed away. I guess I just liked his picture being on the site. I have done a lot of thinking about him and life in general. And it turns out that I appear to be more social. Calling friends more often, posting online more often, and just talking wiht coworkers more. I find it rather strange that the death of a person so close would cause such a reaction, but I can see how it would be expected.

I had a busy holiday season this year. My best friend Joe flew up before christmas, and I got a few good games to play on the PS2. Namely Dragon Quest 8, and Gauntlet: Seven Sorrows. I have also been playing Eve-Online rather often the the guys from Ars Caelestis.

Ars Caelestis has been growing by leaps and bounds. We have been aquiring new recruits constantly to help defend our little plot in space. We recently began a huge push out into PvP space where all the money is. Since this is a game where even n00bs can make a huge difference, we welcome anyone who is interested to partake in a free two week trial via the buddy system. We can supply you with cash and plenty of advice. We are part of the Huzzah Federation Alliance which is currently at war with Firmus Ixion; as reported here.

Filed by RawCode at 5:17 am under Banter
Comments Off