I bought Open Source Network Administration by Kretchmar to answer this question. I was looking for open source tools to be used in a service provider environment and was unpleasantly surprised at what was revealed in this book. However, since it seems you're looking for enterprise-ish stuff, I highly recommend this.
You'll find many of the tools within to be quite useful during both day-to-day operations and troubleshooting as well as long term planning on your network. The author does a fairly decent job of walking you through a basic installation of each tool.
I just think it's funny that VeriSign's "chief scientist" said we should use "reverse firewalls"... I'll foil his plans by installing a reverse router with dual reverse Ethernet switches between my hosts and my cable modem. And I'll connect it all using my reverse CAT6 cables. This way, by the time a packet arrives at the reverse firewall it will already have been reversed...in which case...uhhh...it will be re-reversed and forwarded normally. Yup.
All of the tools discussed so far focus on capturing traffic from a LAN. I agree that a combination of tcpdump/snoop/windump for data collection and Ethereal for analyzation is an excellent and free combination for troubleshooting most Ethernet issues.
However, I often struggle with traffic collection on non-Ethernet networks. I'm interested to know how large service providers capture transit traffic from core routers that may have a combination of layer 2 technologies - SONET, ATM, Ethernet, etc.
We have toyed with Netflow for trending but haven't found a great solution for capturing realtime traffic. Fortunately our Juniper routers allow filters to be applied to core interfaces that can send tcpdumpesque output from the IP headers to a syslog. Collecting the same from a Cisco router isn't so simple.
In my opinion, collecting traffic from the edge of the network is only half the battle - let's hear about tools for traffic collection on PTP core links.
Ion is perhaps the most intuitive window manager out there. A well trained ion user can literally use it without every touching a mouse and be complete happy. And we all know that mice are the evil invention that prevents productivity.
I hope my manager never reads this or he might take away my PowerBook.
</offtopic>
Believe it or not, there are jobs here.
on
Exporting Myself?
·
· Score: 1, Interesting
Before I found my current employer I toyed with the idea of seeking a tech job overseas, preferably somewhere in Europe. In my head this seemed like a good idea because I could start my life over, fixing the parts I didn't like. I had a phone interview with a consulting firm in Ireland but the very notion of being in a country on a work visa scared me away.
Shortly thereafter (in 2000 mind you) I posted my resume on dice.com and phone calls started rolling in. I interviewed with four or five companies and picked the one for me.
Jobs are here, you just have to be patient enough to find them. I, for one, don't think it's worth the paperwork to relocate. But then, I'm lazy.
This is a shameful excuse for a security document. It may be applicable to small offices with a single router, etc. but to post it here as a be all, end all Cisco security document makes me shudder.
Step 1 to securing a Cisco device or any host for that matter is making sure you're running an OS with no blatant security vulnerabilities.
Slashdot Mirror
I bought Open Source Network Administration by Kretchmar to answer this question. I was looking for open source tools to be used in a service provider environment and was unpleasantly surprised at what was revealed in this book. However, since it seems you're looking for enterprise-ish stuff, I highly recommend this.
You'll find many of the tools within to be quite useful during both day-to-day operations and troubleshooting as well as long term planning on your network. The author does a fairly decent job of walking you through a basic installation of each tool.
Slashdot reviewed it here.
Here are most of the tools discussed in this book.
I just think it's funny that VeriSign's "chief scientist" said we should use "reverse firewalls" ... I'll foil his plans by installing a reverse router with dual reverse Ethernet switches between my hosts and my cable modem. And I'll connect it all using my reverse CAT6 cables. This way, by the time a packet arrives at the reverse firewall it will already have been reversed...in which case...uhhh...it will be re-reversed and forwarded normally. Yup.
I'm gonna go to reverse sleep now.
All of the tools discussed so far focus on capturing traffic from a LAN. I agree that a combination of tcpdump/snoop/windump for data collection and Ethereal for analyzation is an excellent and free combination for troubleshooting most Ethernet issues.
However, I often struggle with traffic collection on non-Ethernet networks. I'm interested to know how large service providers capture transit traffic from core routers that may have a combination of layer 2 technologies - SONET, ATM, Ethernet, etc.
We have toyed with Netflow for trending but haven't found a great solution for capturing realtime traffic. Fortunately our Juniper routers allow filters to be applied to core interfaces that can send tcpdumpesque output from the IP headers to a syslog. Collecting the same from a Cisco router isn't so simple.
In my opinion, collecting traffic from the edge of the network is only half the battle - let's hear about tools for traffic collection on PTP core links.
Ion is perhaps the most intuitive window manager out there. A well trained ion user can literally use it without every touching a mouse and be complete happy. And we all know that mice are the evil invention that prevents productivity.
I hope my manager never reads this or he might take away my PowerBook.
</offtopic>
Before I found my current employer I toyed with the idea of seeking a tech job overseas, preferably somewhere in Europe. In my head this seemed like a good idea because I could start my life over, fixing the parts I didn't like. I had a phone interview with a consulting firm in Ireland but the very notion of being in a country on a work visa scared me away.
Shortly thereafter (in 2000 mind you) I posted my resume on dice.com and phone calls started rolling in. I interviewed with four or five companies and picked the one for me.
Jobs are here, you just have to be patient enough to find them. I, for one, don't think it's worth the paperwork to relocate. But then, I'm lazy.
This is a shameful excuse for a security document. It may be applicable to small offices with a single router, etc. but to post it here as a be all, end all Cisco security document makes me shudder.
Step 1 to securing a Cisco device or any host for that matter is making sure you're running an OS with no blatant security vulnerabilities.
Okay, that's enough about that.