|Here you will find a compilation of my networking experiences, completed projects with example configurations and best practices, works in progress, and a wide variety of tidbits of information about networking hardware and products. Among topics covered will be high availability, filtering, encryption, multi-homing, intrusion detection, sniffing, caching, layer 2 thru 5 switching, load balancing, VoIP, hardware/software bugs and caveats etc. At the bottom are a variety of links to other good resources for further information on these topics.|
Net Neutrality – Voice your support to Congress against the Internet providers who’d prefer to arbitrarily alter or limit your access to content on the Internet to legally extort those content providers and fatten their bottom lines.
Projects & Designs
- Keep watching for new projects and designs I have completed, plus notes on issues encountered and resolved… Names and IP addresses will be altered to protect the innocent.
- My Home Network Overview
- My CCIE Lab Rack Overview
- Secured SBC ADSL service with Cisco 2621XM and WIC-1ADSL module
- Secured Dynamic Internet ISDN Dialup with a Cisco 2610 and a WIC-1BRI
- Call Manager Express config with Cisco 7960G phones using a VIC-2FXO-M1 to manage outbound POTS service, a VIC-2FXS to provide access to old analog phones, and SIP based VoIP service for long distance
- Secured Cisco Aironet AP-1220B Wireless Access Point
- Comments, reviews, white papers, and nuggets of info on various specialty networking products I have worked closely with over the last few years…
- Cisco CSS 11500 Content Services Switch, ACE 4710
- Cisco GSS Global Site Selector
- Cisco Cache Engine ACNS
- Blue Coat SG9000, SG8100, SG810, AV2400, AV810, Director, Web Reporter
- LogLogic – centralized syslog management
Configuration Tips & Links
Network Security & Risk Management
- NSA Security Configuration Guides
- NSA Network Security – 60 Minute Guide to a Secure Network 820KB 5/15/2006
- NSA Router Security – Executive Summary Ver. 1.1 161KB 2/10/2003
- NSA Router Security – Configuration Guide Ver. 1.1c 3.04MB 12/15/2005
- Best Practices – Securing a Choke Router
- Cisco ISP Essentials [Published by Cisco Press April 2002]
- Content Filtering and Port 80 Security with Blue Coat’s Content Policy Language – Coming Soon!
- Free Personal Desktop Web Filtering – BlueCoat K9 Web Protection
Known Security Exploits
- Nothing current
Linux/Unix Software and Configuration
- Ubuntu Linux
- Gentoo Linux
- Sendmail – How to setup SMTP AUTH
- Apache mod_security – Locking down your Apache webserver
- Fail2Ban – Locking down exposed services
Webserver and PHP Applications
- WordPress – Easy to use and well developed Blog application
- PhpGedView – Excellent Genealogy management and collaboration system
- fuzzymonkey Photo Gallery – Great little photo gallery app
- PHProxy – Just in case you need a method to get around a proxy content filter
- MRTG – Multi router Traffic Grapher
- RRD Tool – Round Robin Database to ease statistic reporting and storage
- Just For Fun (JFF) Network Management Portal – Excellent portal application written to manage large quantites of MRTG monitors and provide a dashboard interface
- SmokePing – Latency measurement tool using RRD
- What’s Up Gold – well rounded ping and keepalive monitoring system
- How Spammers harvest your email address – things to do or avoid doing to prevent your email address from receiving all that annoying junk mail.
- liamtog – a nice tool to add to your website to clog those spambot email harvesters.
- SpamAssassin – a powerful Spam filter with a Bayesian module as well as a tie into Vipul’s Razor built to run on Unix/Linux with Procmail or with various milter add-on’s for Sendmail. I recently replaced Spambouncer with this configuration and it has been much more successful and accurate. I get 2 or 3 Spams a day that actually make it into my inbox now and no false positives, where I used to get 15 to 20 a day with Spambouncer as well as frequent false positives.
- Snert’s milter-spamc – a great way to tie SpamAssassin into Sendmail for sitewide configuration
- Snert’s milter-sender – another milter add-on for Sendmail to check the validity of email sender’s
- Spambouncer.org – a powerful set of Procmail recipes for filtering incoming email on a Unix system. Based on 5 years of personal experience, this has been an effective filter. The accuracy of this tool to avoid false positives and negatives increased dramatically with the release of version 1.7 and now 1.8 with the use of the Procmail scoring feature.
- Norton Personal Firewall – aside from securing your PC out of the box from unwanted hacker probes, it has built in privacy management features to protect your confidential information from being accidentally leaked through your web browser or email.
- Ad Aware – find and remove those annoying and uninvited spyware programs from your computer.
General Computers & Technology
- ARIN – American Registry for Internet Numbers
- Merit – Birthplace of a lot of Internet Technologies and Processes
- NANOG – North American Network Operators Group
- NANOG Mailing List Archives
- The Daily CIDR Report
- National Laboratory for Applied Network Research
- LBNL Network Research Group
- University of New Hampshire Interoperability Lab Consortium Homepage
- Network Startup Resource Center
- The Navas Group – Everything you every wanted or needed to know about modems, Cable modems, and DSL.
- The Routing Arbiter
- RADB – The Routing Arbiter’s Database of Internet Routes
- Sonet 101 (technical paper)
- The Internet Engineering Task Force (IETF) Home Page
- Gigabit Ethernet Alliance
- The ADSL Forum
- The Frame Relay Forum
- Dan Kegel’s ISDN Page
- The ATM Forum
- The CIDR FAQ
- IP Next Generation (IPng) or (IPv6)
- BGP4 Case Studies/Tutorial
- ISI Internet Exchange Point page
- Digex.net’s NAP Looking Glass
- Exodus.net’s Route Server
- LATA Map of the USA – with Directory listing by state with list of approved CLEC’s
- Worldcom Digital Library – Covers all kinds of Technologies
Network Security Resources
- CERT Home Page
- Team CYMRU – Network, application, and Unix security documentation and configuration best practices
- Neohapsis Port List – list of known ports with identified Trojans or malware associated
- CGI Security – great resource for application security related information
- BlueCoat Systems – web application content security, caching, and acceleration
- Air Tight Networks – wireless perimeter security
- SOURCEfire – IDS probes from the original creators of Snort
- Internet Security Systems Home Page
- CheckPoint Systems – the de facto enterprise firewall vendor
- Security Dynamics Home Page
- Network Associates
- Norton Antivirus – find and remove existing viruses and protect your machine from being infected in the future
- Digital Migrations – Ultimate resource for Checkpoint-FW1 on Nokia IPSO platform
- Network Flight Recorder (NFR)
- PHRACK Magazine Home Page
- RISKS Digest
- Computer underground Digest (CuD) Home Page
- COAST Home Page (Purdue)
- Internet Firewalls FAQ
- PGP Keyserver
- PGP Encryption Site located at MIT
Tech Industry News and Resources
- Net Neutrality – voice your support to Congress against the providers who’d prefer to kill the Internet as we know it to fatten their bottom lines
- DSL Reports – excellent forum for any DSL related information and troubleshooting support.
- Light Reading – anything and everything on the telecommuncations industry, fiber optics market, and equipment manufacturers and new product reviews and tests.
- Information Technology Professional Resource Center
- Slashdot – news for nerds.
- Tom’s Hardware Guide – a ton of advice and thousands of computer product reviews and head to head comparisons.
- PriceWatch.com – find the best price on wholesale computer components.