I just finished upgrading my Jasjar to the latest 'cooked' version of WM6 -- specifically the CE Rom: (2.12.08 WWE) which has a new core version 5.2.1938.

What's changed from version 2.12.06 - 2.12.08 WWE
**************************************************************************************************

• Added Transcriber support
• Added A2DP/ WiFi Connections.
• Corrected Phone/Screen resume issue.
• Corrected messaging button issue.
• Corrected Camera buffer issue.
• Improved System performance.
• Improved power management.
• Improved phone application response times.
• Improved system response time and stability.

***************************

Flashed up ok with no errors or bad messages! So its back to re-installing my favorite applications.

JasJar (HTC Universal) Hardware:

CPU: Intel(R) PXA270
Speed: 520 Mhz
RAM size: 64 MB
Flash size: 128 MB
Flash chip type: M-Systems
Data bus: 32 bits
Storage size: 9.93 MB
LCD: 480 x 640 TFT
Colors: 65536

Device Information: ( November 2007)

ROM Version: 2.12.06 WWE
ROM Date: 11/10/07
Radio Version: 1.15.00
Protocol Version: 45.51.P8
Ext ROM Version: UNLOCKED

Well it has been a while since I entered anything in here. Been occupied with setting up an Intrusion Detection System, (IDS). So far its been more of an 'Idiot Detection System' as most of the 'attacks' logged tend to be from mis-configured hosts out there!

Heres something that made my day on the xkcd website. 8-)

To set up netflow on a Cisco router (in our case a Cisco 3750 with IOS 12.2) we need to tell it where to send the netflow data to. In the example below the destination (172.17.1.1) should have a netflow listener or capture running on udp port 9696.

• Router#enable
• Router#configure terminal
• Router(config)#ip flow-export
  
• Router(config-if)#version 5
• Router(config)#ip flow-export destination 172.17.1.1 9696

Next we have to set up each interface for which we want the netflow data from. In the case where the interface is not part of a defined VLAN

• Router(config)#interface GigabitEthernet1/0/1
• Router(config-if)#ip route-cache flow
• Router(config-if)#ip flow ingress

In the case of VLANs and trunking the set up is slightly different (just to confuse myself I put in all the gory details). First we define the interface/port that we are interested in.

• Router(config-if)#interface GigabitEthernet1/0/2
• Router(config-if)# description a VLANed interface
• Router(config-if)# switchport access vlan 2
• Router(config-if)# switchport trunk encapsulation dot1q
• Router(config-if)# switchport trunk native vlan 2
• Router(config-if)# switchport mode trunk
• Router(config-if)# speed 1000
• Router(config-if)# duplex full

Then we define the VLAN interface

• Router(config-if)#interface Vlan2
• Router(config-if)# description a VLAN for our interface
• Router(config-if)# ip address 172.17.1.2 255.255.255.0
• Router(config-if)# ip flow ingress
• Router(config-if)# ip route-cache flow
  

Exit from the configure mode and then do:

• Router(config-if)#show ip flow export

You should get something like:

Flow export v5 is enabled for main cache
Exporting flows to 172.17.1.1 (6969)
Exporting using source IP address 172.17.1..249
Version 5 flow records
853478 flows exported in 66526 udp datagrams
0 flows failed due to lack of export packet
0 export packets were sent up to process level

Other useful commands are:

• Router(config-if)#show ip flow interface
• Router(config-if)#show ip cache flow

NMS Inventory - for quite a while I have been meaning to document an NMS (Network Management System) which is currently running at a clients site.

The base operating system is currently FreeBSD 6.1 with a whole lot of useful tools as well as SMS alerting system. The base install includes Apache 1.3 (good old reliable stuff!), MySQL 5.1, Perl and PHP.

In the following pages I will attempt to describe several of the packages which I find very useful, such as:
- cacti
- NeDi (Network Discovery tools)
- netflow tools

.....

Hard drive miniaturization technology wins physics Nobel

Albert Fert and Peter Gruenberg won the 2007 Nobel Prize for physics for discoveries allowing the miniaturization of hard disks in electronic devices.

I must admit I have never ever given a second thought about what format I used on my USB flash drive, that is until I spotted the following article at IronGeek website entitled: File Systems and thumb drives: Choosing between FAT16, FAT32 and NTFS to get a faster USB Flash Drive . Fascinating stuff (really!) and just something I had never thought to try out.

Here's a link to an interesting article I spotted on the ComputerWorld website entitled "Does testing still matter?"

It's expensive and time consuming for IT managers to conduct extensive product evaluations. But columnist Craig Mathias argues that tests are still essential, particularly when it comes to wireless networking.

Link to full article

Yes, testing, despite the costs still matters!

There are days when I wonder whatever became of common sense, in particular when it comes to the IT side of things.

Some time last week a client asked for a static route to be placed into the routing table of our DMZ for a new subnet they were building. I informed them that the route was now in place and that they should test it. Their System Administrator e-mailed me telling me that they couldn't ping one of my servers and they were sure that everything was configured correctly on their side. I requested that he check on weather or not their ISA server was correctly configured as this problem seemed to be related to routing within their network.

A few days went by and then the e-mail dialog began...... no everything was configured correctly on their side, no they still could not ping my servers. Again tried to explain that he must check on weather the ISA server was correctly configured, in the end I asked for copy of the ISA servers router table and configuration.

Now, let me explain something here, I have nothing against Microsoft software or even their ISA server. However I do have problems when these are not properly configured! Microsoft have done a great job in coming out with software that just about anyone can configure. The MS ISA server is a good example, you can do all sorts of things with it. *BUT* the moment you want to get 'fancy' and try to configure it as a all singing and dancing firewall/router/proxy server you really need an administrator who has some experience! At the very least an understanding of basic routing.

Of course when making changes to a live production network, be sure you know what you are doing. Other wise strange and bad things can happen, as was the case here. Applications needing access to resources on the network will be disrupted and users will complain! And lo and behold I get an e-mail from the System Administrator telling me to stop doing what ever it was that I was doing that was disrupting their network!

To cut the sorry story short, there was a routing entry missing on their ISA server! Argh! And to top it all someone was playing around with the ISA server causing the network to become unstable.

Where have all the good administrators gone? How can anyone be an administrator on any network connected device and not understand how a network works?

Started off with installing the WUSB300N first on the Dell Inspiron 5150 (I disabled the internal wireless card).

Installing the software went smoothly, nice and easy to follow. But when it came to finding a wireless network, it just didn't happen! At first I used the Linksys Wireless Network Monitor to configure it, but it failed to find the local 802.11G wireless network. Switching over the Windows Wireless manager didn't make any difference! Going thru the documentation didn't help, but I found an updated driver at the Linksys Website.

Installing it as well as a new version of the Monitor software doesn't seem to have made any difference at all 8-(

I must be missing something here as the documentation does state "but can also connect to Wireless-G and -B networks". I knew I should have set up the Linksys WRT350N Wireless-N Gigabit Router with Storage Link first! Oh well...

Just got a box from Linksys 8-)

More goodies I picked up at Networkers,

• Linksys WUSB300N Wireless-N USB Network Adapter
• Linksys WRT350N Wireless-N Gigabit Router with Storage Link
• Linksys WPC300N Wireless-N Notebook Adapter

Common features are:

• High-speed Wireless-N (draft 802.11n) networking for your notebook computer
• MIMO technology uses multiple radios to create a robust signal that travels up to 4 times farther and reduces dead spots
• Up to 12 times faster than Wireless-G, but can also connect to Wireless-G and -B networks
• Advanced wireless security with up to 256-bit encryption

Well, got that installed without a glitch! Installed a 320Gb SATA disk into it, went thru the setup wizard and it just works!

The only gotcha so far is that the USB ports are at the rear of the unit, and not easily accessible.

Next I'll connect up the IOMega 350GB external USB drive to the NAS200. Don't expect any adverse to happen (just have to re-jig some of the cables around here!)

Just got a package with some stuff I bought when I was at Networkers last week. 2 Linksys NAS200 units! 8-)

These units hold up to 2 1Tb drives which can be configured as 2 separate drives or as 2 mirrored drives or 2 stripped drives. They also come with 2 USB ports in the back so that you can plug-in 2 USB 2.0 hard-drives or even a USB flash drive.

From the Linksys website:

• Ethernet connected network storage with two available SATA hard drive bays adds shared storage directly to your network
• Add even more storage with two USB 2.0 ports for hard drive or flash USB storage devices
• Securely share files locally or through the Internet (FTP, HTTP) with no dedicated PC needed
• Advanced backup software included
• Built-in media server for streaming to PC or UPnP AV digital media adapter

After having spent 4 days at the Cisco Networkers Conference in Brisbane is has been difficult getting readjusted to the weather!


This year, I attended the techtorial on "Security for Network Engineers". This 1 day session cover all aspects of keeping the network secure and the bad guys out. As well us giving us ideas on how to secure our networks we were given an insight into how they handle security within Cisco themselves.

The following days I attended many of the breakout sessions, covering many topics including server/router virtualization and SANS architecture.

I take my hat off to Cisco for organizing such a large event! Over 1500 delegates attended and an untold number of support crew as well the exhibitors.

I shall have to write up more on the stuff I learnt there soon... ;-)

Howdy and welcome to my technical/security blog!

This will be a dumping ground for all sorts of ideas and thoughts I may (or may not) have when it comes to network and computer security.

As you may already know, this is an ever expanding area. The Black Hats find the exploits, the White Hats try to fix them and the Grey Hats are schizophrenic!

And here's some food for thought ...................

"There are 3 hats in the world, Black hat = hacker, White hat = good guy and Red Hat = victim"

Just in case you need to know.....here is the password recovery procedure for the Cisco Catalyst 3550, 3560, and 3750 Series Layer 3 switches. Unlike the 2500 and 2600 series of routers, these have a 'mode' button on the front along with some cute status LEDs.

1. Attach a terminal or PC with terminal emulation software. Set up as speed 9600, 8 bits, no parity bits and 1 stop bit.
2. Remove the power cord from the router
3. While pressing down on the 'mode' button, power up the router. Keep the mode button pressed down until the SYST LED stays solid green. When you release the mode button the SYST LED will start flashing.
4. You will then see:

The system has been interrupted prior to initializing the flash file system to finish  loading the operating system software:  flash_init load_helper boot

5. At the prompt enter: load_helper
6. Then type ren flash:config.text config.old 
7. 

pressed down until the SYST LED stays solid green. When you release the mode button the SYST LED will start flashing.
4. You will then see: