Skip to main content

Posts

Showing posts from August, 2010

Changing the hostname on CSS11500

First time I configured one of these it took me a while to figure out how to change the hostname. Its easy once you know the answer but it is not found in configuration mode. From enable mode you simply type the command prompt and then a name e.g.  CSS11500# prompt my-css-01 Simple huh!
Post a Comment
Read more

Upgrade Supervisor Memory in the ME6524

The ME6524 ships with 256MB of Switch Processor Memory and 512MB of Route processor memory.  These can both be upgraded to 1Gig.  The part numbers for the ME6524 upgrades are... MEM-XCEF720-256M - Default memory on the Cisco ME 6524 switch processor MEM-XCEF720-512M - 512-MB memory upgrade option for the switch processor MEM-XCEF720-1GB - 1-GB memory upgrade option for the switch processor MEM-MSFC2-512MB - Default memory on the Cisco ME 6524 router processor MEM-MSFC3-1GB - 1-GB memory upgrade option for the router processor MEM-C6K-CPTFL512M - Default external 512-MB compact flash memory I will now detail how to perform and upgrade to the Switch Processor memory.  This is needed in order to support the higher IOS feature sets.  The route processor upgrade allows for larger routing tables. First of all you will need to remove all rack mount kits and undo all the screws until the top can slide backwards. Now the motherboard is exposed you will notice two raised daughter bo
Post a Comment
Read more

Quick Test for Cisco IPS functionality

If you ever need to test a Cisco IPS is inspecting and blocking traffic after you have installed it here is a quick test you can perform. Ideally you will have a web server behind the IPS you can test against else otherwise just setup on up quickly (google HFS for an awesome little tool). Initially you should try reaching the URL of the webserver normally.  If you have set everything up correctly then you should have no issues. Now in order to test the IPS blocking an attack simply append the following to the end of the URL "/../../windows/system32/cmd.exe". The URL should now look like http://www.testurl.com/windows/system32/cmd.exe You should now find that your request fails.  A quick look in the IPS event log will show that this fired the WWW WindowsNT cmd.exe rule.  It believes someone is attempting a buffer overflow error to obtain the command prompt and blocks it. This is a nice simple test to ensure that the IPS is inspecting and blocking traffic.
Post a Comment
Read more