Globalconfig.net

• How to make iPhone ringtones with iTunes for free | ITworld
  Ever wonder how to make ring tones for your Iphone? This tutorial walks you through it and saves you the 99 cents a track that Apple charges.
  (tags: iphone ringtones)

• Configuring IOS Zone-based Firewall with CCP
  Good Video on the Zone Based Firewall for those of you who may be working on CCSP or CCIE Security.
  (tags: Cisco IOS firewall zone-based-firewall)

I know many of you have heard the term before. It’s not uncommon for someone to get in over their head, and its especially easy in the networking world to do just that. I set a goal a little while back to achieve the CCIE R&S in 90 days. At the time it seemed like a reasonable goal with my background. Since then I have learned a great deal about my weaknesses and the amount of content that’s actually involved in the CCIE R&S. Well, I’m here to tell you that a CCNP is just the tip of the iceberg when it comes to being prepared for the CCIE R&S.

So, will I get it done? Can I actually get the R&S done in 90 days. Unlikely. I have much respect for those that have, but I have found that as I study the IPexpert material on the BLS there is much that I don’t know. I’m not saying that I can’t do it, I am just saying that 90 days may be a little unreasonable after all. There are of course multiple factors that play into this.

1. Getting a Lab date is tough right now since the lab is changing.
2. My schedule is hectic.
3. My family has to come first.
4. I have a lot to learn still.

So, I’m not going to give up, but I’m putting things into perspective.  I guess I’ll have to see how things go.  I haven’t even made it out of volume 1 of the workbooks yet, and that scares me!

It’s been a bit since I have posted but a lot has been going on. I’ve recently launched my CCNA Mentoring Program, I was a Customer Speaker at CiscoLive in San Francisco, and I’ve had a ton of family and friends at my house. While I had the opportunity to speak this year at CiscoLive one of the attendees requested a configuration that I mentioned when talking about the ASA. The idea was to mask the banner of a web server using the ASA. Referring to the figure below, here is how it works.

1. The User on the Desktop PC makes a telnet connection to port 80 of the web server.
2. The User enters GET/ HTTP/1.1
3. The Server Returns the Bad Request Error with the Server Banner in it Stating that it is an IIS Server
4. The ASA spoofs that banner making it appear to be an Apache/2.2 Server.

It’s actually acomplished by a very simple MPF configuration as seen below:

access-list HTTP permit tcp any any eq www

class-map HTTP
match access-l HTTP

policy-map type inspect HTTP_SPOOF
parameters
spoof-server "Apache/2/2/0 (Unix)
policy-map HTTP
class HTTP
inspect http HTTP_SPOOF

service-policy HTTP interface outside

Well that’s about it. Hope you find this useful!