The Move to HTTPS…There is Good and Bad

 

Adding one little letter should be easy!!

Adding one little letter should be easy!!

There is a large push for all websites to move to HTTPS, instead of the traditional HTTP. Although there is just one letter difference, it’s a big move…ultimately affecting 10’s of thousands of websites, including the one you are reading now.

Why the big push? Security!!  (Hence the letter “S” in HTTPS.) Is this really necessary? Do readers care if my static website blogs are sent in plain text? Should I have to worry about fixing a BUNCH of links in my website? Ugh…and it begs the question…is it even worth trying to fix?

I could write a large blog on the pros and cons of HTTPS, but I don’t have the time or energy, and I doubt it would be that good. However, Ars Technica already did…today in fact. I would encourage you to read HTTPS is not a magic bullet for Web security, by Scott Gilbertson! He did a great job of detailing out the reasons for the move to HTTPS, as well as reasons not too….it will make you think.

As for me…I have a feeling I will be moving to HTTPS one of these days. Probably sooner rather than later.

And…let’s be kind to one another.

Internet Performance Monitoring that Makes Sense

Do you ever wonder how the Internet is performing? Latency, packet loss, etc??? I do…mainly because I’m a curious type of guy. I’ve looked for different monitoring sites on the Internet, but most seem to be crude, simplistic, or just plain dumb! However, I did find this site that actually has valuable information in a simple presentation…

http://www.internethealthreport.com/

Internet Health Report

Internet Health Report

The “Focus” settings don’t really do much, but do play with the “Metric” and “Period” settings…there is some very interesting data you can get doing this. And when you hover above a cell, a small pop-up shows additional information. This site is hosted by “Keynote by Dynatrace”…I’m not familiar with them, but they provide solutions in the programming area concerning mobile application testing…very cool!!

Enjoy!

“Auth Fail” Error Message on Cisco Phones

We use a lot of Cisco 7941 phones at my work, and as you might know, they were end-of-life by Cisco back in 2009, and no longer had hardware RMA support as of January 2015. (For you curious types, here is the EOL announcement for the 7941 phones, TAC login not needed.) Since then, we have been using a third party company for hardware replacement…and for the most part it has worked out well. Occasionally though, we will get an old replacement 7941 phone that boots up with an “Auth Fail” error message.

What this means is the phone is running a  firmware version that is too old to upgrade to the existing version that our Call Manager is pushing out. The fix is simple…you need to upgrade the phone to an intermediate firmware version, then upgrade it to the current version. First step is to figure out what older version of firmware to use…for me it’s “SCCP41.8-5-2S”.

Next, go to Call Manager and find the phone in question…scroll down the page and you will see something like this…

Blank phone load field

Blank phone load field

Next, copy the intermediate firmware name into the field…

Phone load field with firmware name

Phone load field with intermediate firmware version

Then click “Save” and reset the phone. When the phone comes back up, it will then proceed to properly upgrade the firmware to the intermediate version. Once that is complete, go back to Call Manager and clear the Phone Load field…click “Save” and reset the phone again.

Now when the phone boots up, it will successfully upgrade to the current firmware version.

ComputerWorld Salary Survey 2016

I participate every year in completing the salary survey for ComputerWorld…it doesn’t take long to fill out, and I like knowing that I help contribute to the data that makes up their annual salary report. It is always a good read, with helpful information on average salaries for various IT positions, along with trends in the IT marketplace, and what IT careers are hot (and what are not). I’m not looking for another job, but I like knowing where I stand in terms of salary and benefits, and what my fellow IT workers are seeing. Gaining and maintaining knowledge about your career is always a good thing!!

ComputerWorld Salary Survey 2016

If you are not signed up for ComputerWorld’s newsletters and monthly digital magazine, I would encourage you to do so here.

Verizon 2016 Data Breach Investigations Report is Available

Verizon 2016 Data Breach Investigations Report

Verizon 2016 DBIR

Verizon has released their 2016 Data Breach Investigations Report. (You can download it without registering…note the “Download Only” link.) It’s a big read (and getting bigger every year), but there is a lot of good data in there if you take the time to dig through it. And once again, the level of growth and sophistication of nation-state and organized crime players is incredible…and scary.

Why didn’t I become a farmer?? I should have been a farmer…out in the middle of Kansas somewhere…

Happy Mothers Day to my Mom

My mother and me!

My mother and me!

My mother passed away, back in 2007, due to the awful effects of Alzheimer’s (such a horrible disease!). I still miss her (along with my Dad)…it’s amazing how strong the parental ties are, even after these many years. My Mom was a “southern belle” (born and raised in Georgia), but lived during the feminist era (which caused many interesting “discussions” with my Dad, I’m sure). Yet she always tried her best in raising my brother and I…she loved us, was firm with us, taught us right from wrong, and always wanted the best for us. She gave a lot of herself to us…and I will be forever grateful.

Couple of quick stories…

During my late elementary school years, I wanted to learn basketball (which was fine with my parents…they both played during their high school years). My Mom spent many hours with me in our backyard court, showing me how to dribble, pivot, and shoot the ball. She really enjoyed that!

Another thing my Mom could do was cook!! And like no one else, let me tell you! She was of the old school…no recipes, all from memory…and she almost never measured anything. Here is how she made biscuits:  she would grab the large Tupperware bowl of flour, press her fist into it to make a “bowl”, and then pour milk, a raw egg, and some other stuff, and then mixed it all up in the flour bowl! She would then grab the dough, flatten it out, then cut out the biscuits and cook them. Yum!!…they were great!!

Thank you Mom for your love and devotion. And Happy Mother’s Day!!

Cisco VIRL Network Simulation Features

If you haven’t checked out all the features available through VIRL, take a look at this features page located on the VIRL website…you can scroll down to the bottom, and under “All Features” click the “OPEN ALL” button.  As you can see VIRL is a feature rich environment. One note of interest is the expected release of an updated Nexus switch object later this year…looks like it might include a number of layer 2 features, perhaps even vPC!!

Cisco VIRL Features

Enjoy!!

Nexus Switches – Time to do Some Serious Learning!

I have yet to work with the Cisco Nexus line of switches…just never had the opportunity. I’ve worked a lot over the years with Cisco’s chassis class line of switches (5500’s and 6500’s), and a bunch of their stackable switches (3600’s and 3700’s). So, all of a sudden, I need to learn about Cisco’s 9000 line of Nexus switches…and fast. What to do??

Read…a lot. I spent a fair amount of time this weekend just reading up on a bunch of technical papers from Cisco. Here is a great starting point…scroll down to see a large variety of topics pertaining to the 9000 series…

Cisco Nexus 9000 Line of Switches

The next thing I did was setup a small two-tier Nexus network simulation within VIRL.  This is very cool…I am able to check out configurations, learn the NX-OS syntax, and just have some fun playing with the Nexus switches. Topology was straight forward, and I have BGP and OSPF in the mix…(AutoNetkit is your friend)…

Simple Nexus switch simulation running in Cisco VIRL

Simple Nexus switch simulation running in Cisco VIRL

Now, running a Nexus simulation within VIRL is not perfect…there are still some features that don’t work, such as vPC (Virtual Port-Channel), but it is a good start. And it is sure helping me out a lot.

Note:  There is a bug in the NX-OSv VIRL node that ends up creating all of the switch interfaces with the same MAC address (0000.0000.002f).  Obviously, nothing works if this is the case. The VIRL team is working on this, but there is a work-around…simply use AutoNetkit to create the switch configs, and each interface will have proper MAC addresses created. If you would rather do most of the configuration yourself, then still use AutoNetkit but choose the “Infrastructure Only” option…you will end up with a minimal starting configuration, but with working MAC addresses. AND…remember to click the “Build Initial Configurations” button before you start the simulation!!

Enjoy!!

Run the Race – Resurrection is a Fact (Charles Colson)

Came across this incredible quote…

“I know the resurrection is a fact, and Watergate proved it to me. How? Because 12 men testified they had seen Jesus raised from the dead, then they proclaimed that truth for 40 years, never once denying it. Every one was beaten, tortured, stoned and put in prison. They would not have endured that if it weren’t true. Watergate embroiled 12 of the most powerful men in the world-and they couldn’t keep a lie for three weeks. You’re telling me 12 apostles could keep a lie for 40 years? Absolutely impossible.”  (Charles W. Colson)

A powerful statement if there ever was one!! If you are not familiar with Charles Colson, he was one of several powerful men in President Nixon’s administration, and he was the only one to serve prison time for the Watergate scandal. During this time, he became a Christian and spent the rest of his life ministering to prison populations and their families. His work has touched hundreds of thousand lives.

And then there is little ole’ me. It is difficult to look at my life thus far, and try to measure it against Charles Colson. Come on Brad, get it in gear…

US-CERT Alert – Ransomware and Recent Variants (Read this!!)

The US-CERT and Homeland Security just released an alert concerning recent ransomware events targeting the medical industry, along with businesses in general…

US-CERT Alert – Ransomware and Recent Variants

This is important information which ALL network engineers should be aware of  and act upon! Please…do not delay!!

PS:  And no, this isn’t an April Fools joke…I sure wish it was!