So if you have ever inadvertently locked yourself out of your Extreme switch I am going to give you a quick guide on getting back in. Actually this is really not a quick process at all.

***DISCLAIMER***
THIS PROCEDURE WILL ERASE THE ALL CONFIGURATION DATA ON YOUR SWITCH.

This is not a big problem if you make regular backups, also this procedure does not completley wipe the entire switch, so any configs stored in the flash memory are still there.

 You will need the following items to complete this procedure:

• Serial Cable
• TFTP Server - SolarWinds TFTP Server  is FREE
• Config files
• Ethernet cable

1. Connect your laptop or computer via Serial cable to the Console port of the switch. 
2. Reboot the switch
3. Watch the console and enter the bootrom by holding the spacebar down.
4. At the prompt type: “config none” and hit enter.
5. Type “reboot” followed by enter.
6. Let the switch boot normally. Once the switch is booted you can login using the default login information.

At this point you are now able to login to the switch but there is no configuration on it so there are two options for proceeding from here. A. copy a backed up config already on the switch and use it. B. upload a backed up config from a file on your laptop and use it.

Tags: Extreme Networks, Networking, passwords, security, tutorial

So unfortunately I have been so busy it has been hard to post lately, however I am working to reprioritize so I will be able to post more often. The problem of the week up for discussion today is the DNS problems I have been experiencing today. A bit of background will help make this whole situation a little easier to understand. So my domain name had two listed name servers, one at my hosting company and the other living on my dedicated server at the hosting company. This was working okay, or so it seemed but it just really bothered me when my domain name didn’t pass the tests at DNSStuff.com . I have complete control over the DNS records living on my dedicated server. I can even create records for my public IP addresses that come into the building, which are different than my IP addresses at my hosting provider. The problem lies in the fact that I could only modify DNS records at my host for IP addresses that are owned by the hosting the company. The other problem here was that I had no way to control which name server was the primary, which serial number is correct, or which name server is authoritative.So what is the solution to this problem you ask? Well for starters I brought up another Linux box hosted locally in my own data center. After this I installed Bind 9 and configured it to host the master records for my domain and my reverse IP zones. To set this up I followed the steps over at HowToForge.com. This tutorial is very good and goes into just the right amount of detail to get everything up and running once Bind is installed. Once all the setup was finished on my primary server I setup the secondary server, this is my dedicated server at my hosting company. The secondary server is running the Plesk Control Panel, so I went in and switched the DNS settings for the domain in Plesk to be secondary. This worked initially but the file quit receiving zone updates from the master. So what I ended up doing was modifying the named.conf of the secondary server following the instructions at the aforementioned tutorial. I made the zone file have a new name in the named.conf such as “bak.domain.com”. Once this was finished and I restarted the Bind service the zone was updated successfully from the master. So granted this is a fairly simple task it is one that has been really bothering me for a while and now I am able to pass all the tests except one at dnsstuff.com. (Btw, the failing test is Single Point of Failure, I get a warning, but word on the forums is that this test is broken) 

Tags: dns, Networking, security, tutorial

So I got an email a few days ago that I had recieved a MySpace message from a friend. So I go out and login to my account and what do you know, it is a message from my “friend”. Only it wasn’t posted by my friend it was posted by someone who hacked his account and was posting porn crap through his account. Now you may be wondering how I know it was spam. My friend happens to be a missionary in a foreign country, I highly doubt, in fact I know that he would not post that. So this brings me to the main topic of the day, password security or as the case may be insecurity.

I will outline some basic principles for password security below, most of these are common sense. I will also elaborat on some good ideas for network level password security. So whether you are setting up a new password for work or personal following these guidlines can not hurt anything.

Secure Password Guidelines:

Things to NOT Do:

• Do not use any part of your username in your password.
• Do not use part of your first or last name in an unaltered form (i.e. last name Smith, use $m!th instead).
• Do not reuse the same password within 12 months period.
• Do not share your password with anyone.
• Do not write your password down anywhere.
• Do not use “password” for your password.

Things you SHOULD Do:

• Use mixed case (TeSt1235)
• Use Alphanumeric passwords ( t1e2s3t4)
• Change your password often (every 60 - 90 days)
• Use a password that is at least 8 characters long
• Use special characters in your password (!@#$%&*)

Tags: passwords, security, tutorial