I can’t tell you how many times I’m working with a client and I grab a piece of equipment that no one knows the ip address of. I have written articles in the past showing you how to figure out the ip address of the device when it’s some sort of network equipment.
The other day I ran into the same scenario with a client who purchased a Profitap IOTA. Not to get into salesman mode but the IOTA is an inline packet capture analysis tool. If you want more information go to https://www.profitap.com/iota-1g.
They didn’t want to reset the unit but didn’t know if had a static ip or dhcp enabled, so I showed them how to figure it out by capturing some packets. The key point in this exercise is to ensure you are connected to the device management port, or the port
read the full article at
...
https://www.youtube.com/watch?v=dE1LewwURWE
Wireshark IO Graph Issue and Work Around
If you don’t use Wireshark on a regular basis, you might not notice when things change. I used the work change to explain those scenarios when things don’t work as they did in previous versions.
I checked the release notes and did not see anything that mentions this issue, or maybe there is a new way to do it and I haven’t figured it out as of yet.
read the rest at lovemytool.com when its posted
...
https://www.youtube.com/watch?v=4yEb3rczFhA
Aircheck SSID AP Troubleshooting
it is quite common to have several physical access points support the same SSID. Every vendor has their own way of handling handoffs and in most cases, it works pretty good. But what do you do when you suspect one access point is causing an issue?
I don’t care which operating system you are using, it is very difficult to select one physical access point to connect to. I should know, I tried for hours with android and several windows applications with no luck.
In this video, a client had an issue where clients would complain that they intermittently couldn’t get internet access. That’s when remembered my previous point. How can I troubleshoot this. In the past, I would physically power off access points to test this theory, but today I had my NetAlly AirCheck G2 and thought I would give it a try.
Fortunately it was pretty straightforward. I configured my wireless security settings and manually connected to the access points. In the video below you will see that it only took a few minutes to determine that one of the access points was not passing DHCP. It would have taken me about an hour to physically or virtually trace the connections alone.
After some more investigative work, I determined that the access point was new access point on a VLAN that did not have any dhcp configured. We simply changed the VLAN configuration and, boom, internet.
Of course I took an extra 10 minutes to confirm that all the access points forwarded DHCP packets, not just the one we worked on.
...
https://www.youtube.com/watch?v=dqB6ezvaOjs
tons of info at www.thetechfirm.com
I was working with a project team installing over 100 switches across 3 towers which is daunting enough. To top it off, it was active construction site, which means power is not reliable and in some cases, no elevators were available.
Me and another contractor’s responsibility was to get as many switches racked and configured within my 3 week period there. The contractor, I was working with was not interested in installing the equipment at all and I appreciated his honesty. I talked him into doing one rack together so he can at least what is involved.
Since I was, um, more seasoned ;) I volunteered to rack the remaining switches and he can configure them. Trust me, I got the short end of that stick big time. Racking the switches involved physically retrieving the equipment from the storage room in the basement, transporting it to the relevant floors, unboxing, installing, labelling, discarding the empty boxes and wrapping the equipment with bags to protect against dust. If we had power, the other consultant configured the equipment. If we didn’t have power, we noted it and moved on.
The next day the project manager asked me if I would be able to manage since the other consultant would not be in that day. I asked what exactly he was talking about. He thought the two of us were racking the switches on all the floors. I chuckled and explained that one person can do it. The project manager was shocked and said that he spoke to a few network analysts and all of them said it was a two person job. He then asked if I mind showing him exactly how it did it.
Unfortunately I’m not up on the new fancy terms to properly title this methodology. Some people call it a lifehack, a hack, but I prefer a tip or trick. What I couldn’t show you in the video is that it doesn’t matter if you need to install one or 5 switches, it the same process. The only difference is with more than one switch, start with the bottom one and use the existing switch as a shelf to support the new switch and work your way up.
...
https://www.youtube.com/watch?v=Jm_DRMYlUhI
In the wake of current security issues, I thought it would be a good exercise to review my social media security and application settings.
To be honest, I have only heard of such an exercise but never actually done it.
Yahoo:
I started with Yahoo since it was in the recent news. I was surprised how simple it was. I simply clicked on my account avatar and selected the only option, “Account Info”.
Once there, I clicked on “Recent activity” and reviewed what devices accessed my account and from where. A quick glance at the recent activity revealed nothing suspicious confirming that all is well.
I moved on to review the various apps or sites that I have used my yahoo login to access. I honestly don’t remember authorizing Google and can’t figure out why I authorized it back in 2012, so I removed it.
I give Yahoo credit for their reports that report ‘last used’ and location which I used to validate the application or site in question. Since I travel quite a bit, that little tidbit was extremely helpful.
Be careful with what you play with. A good example was when I disabled the “Allow apps that use less secure sign in” option and my Outlook suddenly failed when trying to retrieve emails from my Yahoo email. Oops..
.. Read the rest of the article for free at Lovemytool.com
...
https://www.youtube.com/watch?v=6rJpJ6MiLC4
Observing Windows 11 during a XMAS scan
I encourage people to spend a few minutes and learn how devices respond to certain scenarios. This is one of the tasks my regular clients ask me to perform.
One of those examples would be to download Nmap and run the scan on a device within your network.
The benefits of this example are countless; You get to practice and develop nmap skills, you get more practice with Wireshark and protocol analysis, and lastly you get to learn the real behavior of various devices on the wire, not by reading a theoretical white paper.
In this video I take a windows 11 device and run a nmap/Xmas scan against it, change one simple variable, disable the windows firewall and repeat. This exercise was inspired from a conversation I had one in one my onsite training sessions where people were debating if a windows 11 device would respond to a Xmas scan. As the discussion progressed, people were throwing in variables such as what if the firewall was enabled?
I interrupted and simply suggested to the group “Why not find out instead of theorizing?”. So we started our captures, randomly scanned a windows 11 host, and reviewed the results.
In the following video I cover the basics of what we did and encourage you to do the same. Feel free to try all sorts of devices you might have available to you within your network such as printers, phones, cameras, routers, switches and anything else you can think of.
...
https://www.youtube.com/watch?v=S5AAo8QpGhk