In the article describing a router-on-a-stick, I mentioned that I would use two routers that run HSRP for availability, so I figured that I would write up a short post on what it is and how it works. HSRP (Hot…
Router-on-a-Stick
Ever heard of a router-on-a-stick? Go ahead and laugh…everyone does. It’s a funny name for a very serious topic, though. A router-on-a-stick is a network configuration that uses a single router interface as a gateway for more than one network…
Common Cisco IOS Commands
Here’s a list of IOS commands that I use all the time that aren’t a part of the basics. I obviously use more than just these, and you do, too, but I hope there’s at least one eye-opener in there.…
Separation of Function
Separation of function is another important security concept that people often overlook. It can mean that a single person is only responsible for one part of a process. Or it can mean that one server only does one function. Or…
Port Knocking
A few months ago, a friend of mine told me about the concept of port knocking, where you send packets to a server on certain ports to authenticate access to the box. A daemon running on your server detects the…
Fallback IPtables
The hardest part of messing with firewall configs is knowing what is going to lock you out of the firewall itself. It doesn’t to me very often, but I’ve been doing firewalls for 10 years now. I was thinking about…