Thursday, June 2, 2016

Blacklist IP's









object-group network Custom_Block_List
 network-object host 23.250.11.220
 network-object host 209.10.104.55
 network-object host 119.81.240.10
 network-object host 118.192.3.3
 network-object host 89.248.171.137
 network-object 222.186.21.0 255.255.255.0
 network-object object 89.248.168.128
 network-object host 213.136.90.120
 network-object host 80.82.70.238
 network-object 162.252.172.0 255.255.255.0
 network-object object 188.138.9.51
 network-object host 91.219.238.193
 network-object host 61.216.2.15
 network-object 185.40.4.182 255.255.255.255
 network-object host 209.126.116.147
 network-object object 125.64.94.200
 network-object 123.59.59.0 255.255.255.0
 network-object host 93.174.93.94
 network-object host 80.82.65.61
 network-object host 125.64.94.200
 network-object host 80.82.78.38
 network-object 185.45.13.0 255.255.255.0
 network-object host 208.100.26.228
Posted by

Attacks and Scans

I see way to many of these lately so I am going to start posting the reoccurring ones for other engineers to reference by on attack type and if they just want to start blocking these IP's for there own firewalls/routers.

-Gary
Posted by

Monday, May 16, 2016

Sample Adtran NetVanta 3430 Config

corerouter#show run
Building configuration...
!
!
! ADTRAN, Inc. OS version R11.8.0
! Boot ROM version 17.06.01.00
! Platform: NetVanta 3430, part number 1202820G1
! Serial number ******
!
!
hostname "corerouter"
enable password encrypted 323ab2216eb4ffgghhb25bcc426298ddfggba2625f57
!
!
clock timezone -5-Eastern-Time
!
ip subnet-zero
ip classless
ip default-gateway 192.168.1.1
ip routing
ipv6 unicast-routing
!
!
domain-name "gnet.local"
domain-proxy
name-server 208.67.222.222 208.67.220.220
!
!
no auto-config
auto-config authname adtran encrypted password 383e4bc8685e2bf8b1350b96da4ae62fc205
!
event-history on
no logging forwarding
logging forwarding priority-level info
logging email on
logging email receiver-ip 192.168.0.1 auth-username usrname auth-password encrypted 43lkmfdmskm454
logging email address-list glangston@ksbankinc.com
logging email ip urlfilter top-websites address-list glangston@knrgnetworksinc.com
logging email sender glangston@nrgnetworksinc.com
!
service password-encryption
!
username "admin" password encrypted "4048f6b33g249c127e28ac48fdd3452203161619f745"
!
banner motd #


#
!
!
ip firewall
no ip firewall alg msn
no ip firewall alg mszone
no ip firewall alg h323
!
!
!
!
!
!
!
!
!
!
no dot11ap access-point-control
!
!
!
ip security monitor stats-filter web-stats-filter
  threat 201
!
ip security monitor
  stats-filter web-stats-filter
!
!
!
!
!
!
!
!
ip urlfilter Web_Http_Filter http
!
!
!
!
!
!
!
!
!
no ethernet cfm
!
interface eth 0/1
  ip address  10.207.177.97  255.255.255.248
  no shutdown
!
!
interface eth 0/2
  no ip address
  shutdown
!
!
!
!
interface t1 1/1
  clock source internal
  fdl att
  tdm-group 1 timeslots 1-24 speed 64
  no shutdown
!
!
interface fr 1 point-to-point
  frame-relay lmi-type ansi
  no shutdown
!
interface ppp 1
  ip address  12.124.191.18  255.255.255.252
  ip mtu 1500
  ip urlfilter Web_Http_Filter in
  ip urlfilter Web_Http_Filter out
  no shutdown
  cross-connect 1 t1 1/1 1 ppp 1
!
interface hdlc 1
  no ip address
  no shutdown
!
!
!
!
!
!
ip access-list standard wizard-ics
  remark Internet Connection Sharing
  permit any
!
!
ip access-list extended self
  remark Traffic to NetVanta
  permit ip any  any     log
!
ip access-list extended wizard-remote-access
  remark do not hand edit this ACL
  permit tcp any  any eq telnet   log
  permit icmp any  any  echo   log
  permit ip host 192.168.10.1  any     log
!
!
!
!
ip policy-class Private
  allow list self self
!
ip policy-class Public
  allow list wizard-remote-access self
!
!
!
ip route 0.0.0.0 0.0.0.0 12.114.121.217
!
no tftp server
no tftp server overwrite
http server
http secure-server
no snmp agent
no ip ftp server
ip ftp server default-filesystem flash
no ip scp server
no ip sntp server
!
!
!
line con 0
  login
  password encrypted 2821704d6ad1dde8ac0fdfdfdbe6a02f3aa429fcbe
!
line telnet 0 4
  login
  password encrypted 3e36e4defd8afdfd26bnb3c7edb47d0117a42bb7952
  no shutdown
line ssh 0 4
  login local-userlist
  no shutdown
!
sntp server time-b.nist.gov
!
!
!
!
end
corerouter#

Posted by

Bacon Wrapped Jalapeno Peppers

1 Container of Cream Cheese
1 Pack of Think Cut Bacon
6 Peppers
Onion Powder 
Garlic Powder 
Olive Oil
Salt and Black-pepper
Halve the JalapeƱos down the middle and de-core them. Leave a few seeds for heat. Put them Pour a little Olive Oil on them. Sprinkle Onion Powder, Garlic Powder and Salt & Pepper. 
Preheat the oven to 350. Put the peppers in a cooking shit and in the oven at 325 for 15 minutes. Pull them out and let them cool for a few minutes. Take you room temperature cream cheese and use a spoon to pack them. 

Next completely wrap the pepper with the bacon. "Try not to leave many gaps". Put in the over for 30-45 minutes on 325.
Posted by

Saturday, May 14, 2016

Example Cisco Config with Frame Relay and Multilink /w OSPF 2900 Series

Current configuration : 4278 bytes
!
! Last configuration change at 16:10:58 PCTime Wed Jul 29 2015 by admin
!
version 15.0
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
!
hostname corerouter
!
boot-start-marker
boot-end-marker
!
card type t1 0 0
logging buffered 51200
logging console critical
!
no aaa new-model
clock timezone PCTime -5
clock summer-time PCTime date Apr 6 2003 2:00 Oct 26 2003 2:00
no network-clock-participate wic 0
!
no ipv6 cef
ip source-route
ip cef
!
!
!
!
ip domain name nrgnetworksinc.com
ip name-server 208.67.222.222
ip name-server 208.67.220.220
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-1461846340
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1461846340
revocation-check none
rsakeypair TP-self-signed-1461846340
!
!
crypto pki certificate chain TP-self-signed-1461846340
certificate self-signed 01
  30820255 308201BE A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 31343631 38343633 3430301E 170D3135 30373239 31363437
  31365A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 34363138
  34363334 3030819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  81009D2C 744A0648 AA54BB97 6134641C A1E81A8B 2DA3396A DCDEFD18 7C545D01
  D3665567 154FB817 31944A23 B55269D9 937ABC7D 0DECED70 D96872AD 9E756748
  B5AF0E48 8CF41793 04BB0F36 CFF148BF 4CE43D4D F8D247F3 F1F92176 19EA8554
  024F0CE6 CE2AFBCB 769F6598 E7D96E85 0E319C1A 2BF38076 CC2DB60C DCAD750D
  C4290203 010001A3 7D307B30 0F060355 1D130101 FF040530 030101FF 30280603
  551D1104 21301F82 1D636F72 65726F75 7465722E 6E72676E 6574776F 726B7369
  6E632E63 6F6D301F 0603551D 23041830 168014DA 9E0014B8 174B471C 16F84537
  1F0F3EFF D863D230 1D060355 1D0E0416 0414DA9E 0014B817 4B471C16 F845371F
  0F3EFFD8 63D2300D 06092A86 4886F70D 01010405 00038181 00163DFD 31F6A4CA
  E2999A3F 21F9DED1 91A3CD1A 429ADB5E 94EB871C C576CF75 C50879CD F675766F
  1971BE01 DBFCBAFB 308B6428 F18C2BEE 78006571 AACB80FA BE174B09 B6857915
  937FBEDA E3AE8DB6 6A4660EF E8149667 3E4DE67B 78607371 35426E9A 9712C055
  38CEEC1F 9F438D51 B08E63CD DBA02A83 C9FF1117 764AE3C2 50
        quit
license udi pid CISCO2911/K9 sn FTX****
!
!
username admin privilege 15 secret 5 (password)
!
!
controller T1 0/0/0
cablelength short 110
channel-group 1 timeslots 1-24
!
controller T1 0/0/1
cablelength short 110
channel-group 1 timeslots 1-24
!
ip tcp synwait-time 10
!
!
!
!
interface Loopback1
no ip address
!
interface Multilink1
description Wan
ip address negotiated
ip flow ingress
ppp multilink
ppp multilink group 1
!
interface GigabitEthernet0/0
description ATT
ip address 12.120.136.97 255.255.255.248
ip flow ingress
duplex auto
speed auto
!
interface GigabitEthernet0/1
description CenturyLink
ip address 184.7.17.120 255.255.255.0
ip flow ingress
duplex auto
speed auto
!
interface GigabitEthernet0/2
no ip address
ip flow ingress
shutdown
duplex auto
speed auto
!
interface Serial0/0/0:1
ip address 12.124.171.218 255.255.255.252
ip flow ingress
encapsulation ppp
ppp multilink
ppp multilink group 1
!
interface Serial0/0/1:1
ip address 187.7.23.34 255.255.255.252
ip flow ingress
encapsulation ppp
ppp multilink
ppp multilink group 1
!
router ospf 100
log-adjacency-changes
redistribute connected subnets
network 192.168.138.0 0.0.0.63 area 192
network 172.21.99.116 0.0.0.3 area 192
!
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
ip route 0.0.0.0 0.0.0.0 12.124.171.217
ip route 0.0.0.0 0.0.0.0 184.7.23.33
!
logging trap debugging
!
!
!
control-plane
!
!
line con 0
exec-timeout 120 0
login local
line aux 0
line vty 0 4
exec-timeout 60 0
privilege level 15
login local
transport input telnet ssh
line vty 5 15
exec-timeout 60 0
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
end
Posted by

My Eastern Carolina Pork Sauce Reciepe

2 cups apple cider vinegar
2 tablespoons dark brown sugar
1 tablespoon ketchup
1 tablespoon Texas Pete's
1 teaspoon red pepper flakes
1 teaspoon ground black pepper
1 teaspoon kosher salt
1/2 Stick of Butter
1/2 Cup of Pork or Chicken Stock

Bring to Boil and Let it cool to room temp to serve.


Refrigerant it after first use.
Posted by
Subscribe to: Posts (Atom)