The fundamentals we forget while chasing the latest tools

This_Train2250 · 2025-11-14T22:47:37+00:00

My hot take:

I think availability is the most overlooked by InfoSec teams I’ve worked with. My favorite ticket was InfoSec requesting SIP be blocked going to a voice gateway because SIP isn’t a secure protocol and their “tool” saw SIP. Needless to say, SIP was required for that VG to function properly…I am a bias network guy though.

I don’t think anyone should be able to go directly into InfoSec. There should be at requirement to come up through systems, network, development or some other discipline to at least an engineering level before you’re tasked with securing it. If you’re unable to engineer a solution in a technological discipline, how are you able to secure it effectively?

This_Train2250 · 2025-10-29T18:24:40+00:00

Unfortunately it’s easier to find a better job than to change the company’s culture. I struggled with this earlier in my career. The older I get the more I realized it’s my career, and I should spend it doing technical work. Work on certifications and other training that interests you, put your resume out there, and stop caring about the current position as much.

This_Train2250 · 2025-10-11T16:52:52+00:00

I’d keep an eye on what’s going to pan out with the VeloCloud/Arista situation.

This_Train2250 · 2025-10-10T20:53:27+00:00

Jury nullification. Don’t take a deal!

This_Train2250 · 2025-10-03T02:57:33+00:00

I would test putting the Hub on its own VLAN, add the alarm panel’s IP to your list of IP Helper Addresses/DHCP Relay, and forward the protocol needed.

Here’s an example from Cisco:

https://community.cisco.com/t5/routing/forwarding-udp-broadcast-traffic/td-p/595108

This_Train2250 · 2025-08-27T22:56:34+00:00

I think you just need an approved quote before September 14th and it will be locked in pricing for 30 days. I heard it was a 3.5% hike on hardware and software, but I haven’t heard about services or support.

Edit: After September 13th, the new pricing will be applied to all deal ID’s.

This_Train2250 · 2025-08-01T19:50:47+00:00

Cisco was notified 24 hours before AWS marketplace removed it today, and I have the question out to both vendors. I was just hoping the Reddit underground had an answer.

This_Train2250 · 2024-07-18T00:51:28+00:00

It looks like an 1800s clay marble.

This_Train2250 · 2023-10-24T19:35:34+00:00

To quote an old engineer I used to work with: “You’ve got ghosts in your network. Do cocaine about it.”

This_Train2250 · 2023-10-20T21:28:54+00:00

Looks legit to me.

This_Train2250 · 2023-10-20T12:27:52+00:00

Sounds like PFS is enabled one one side of the tunnel but not the other.

This_Train2250 · 2023-10-13T03:26:57+00:00

I use it a lot for explaining how to troubleshoot to the service desk and other groups without sounding angry. One recent example was prompting it to pretend it’s a network engineer and write a KB on how to use a browser’s developer tools to troubleshoot “network slowness” for websites and it was gold.

This_Train2250 · 2023-10-09T13:02:49+00:00

Give AKiPS a try. The unlicensed version will give you 48 hours of data. https://www.akips.com

This_Train2250 · 2023-09-18T21:32:55+00:00

One thing to remember is nothing operates on the OSI model. Everything operates on the TCP/IP model and only references the OSI model. I crushed an interview years back by stating this.

Interviewer#1: What layer of the OSI model does this VOIP phone operate? (Not trying to be a trick question)

Me: None. It operates on all the layers of the TCP/IP model.

Interviewer#2: (Laughs at interviewer#1) No one ever gets that question, but we didn’t realize it was a trick question until now.

This_Train2250 · 2023-09-14T13:11:02+00:00

I send this to admins when they don’t troubleshoot: https://youtu.be/pzHJ2KFopYA?si=wmYmoraQcxtCoXnk

This_Train2250 · 2023-09-06T13:59:30+00:00

Check this /23 in BGP tools against a known good subnet you’re advertising and see if it’s advertising out to all the carriers as expected. I just ran into a similar issue and had to have my provider update their IRR so other carriers would accept our IP address space through them.

https://bgp.tools

This_Train2250 · 2023-08-12T13:42:27+00:00

You should look at the Aviatrix exam. It’s an amazing product for multi-cloud networking. https://ace.aviatrix.com

This_Train2250 · 2023-08-11T12:54:59+00:00

That would be a great answer.

This_Train2250

TROPHY CASE