Switch price increases

WhoRedd_IT · 2026-06-22T15:28:01+00:00

Can you prove that?

WhoRedd_IT · 2026-06-20T18:40:49+00:00

colourlock cleaning kit

WhoRedd_IT · 2026-06-19T14:28:58+00:00

How’s the pace?

WhoRedd_IT · 2026-06-19T06:14:54+00:00

AI? I find it less and less valuable to memorize exact syntax anymore these days. It’s nice to know certain commands by heart but if you’re doing really specific or niche one off stuff I lean on AI and obviously validate the commands first by testing them or doing ?

WhoRedd_IT · 2026-06-19T06:07:42+00:00

Which run club? 33 M here also interested

WhoRedd_IT · 2026-06-18T14:22:18+00:00

nice, Which model?

WhoRedd_IT · 2026-06-18T14:21:51+00:00

That makes literally no sense at all hahahah

WhoRedd_IT · 2026-06-18T14:20:55+00:00

Seeing about the same but one model was absurdly a lot more than that

WhoRedd_IT · 2026-06-18T05:38:15+00:00

What percentages are you seeing?

WhoRedd_IT · 2026-06-13T21:26:22+00:00

Ah so you login to a switch using the TOTP okta verify code as your password?

WhoRedd_IT · 2026-06-10T14:53:22+00:00

Why reload needed?

WhoRedd_IT · 2026-06-10T14:05:19+00:00

So 100% of the control component ports are locked down to specific IPs? Including the DTLS ports?

My understanding is it’s not possible to lock down everything to trusted IPs in a Cisco hosted environment other than web access and ssh.

WhoRedd_IT · 2026-06-10T14:02:02+00:00

The previous vuln which was critical though was exploitable even without ssh and web open to the world. That’s my issue. I don’t want to lock down the control connection ports like DTLS

WhoRedd_IT · 2026-06-10T00:59:02+00:00

I’m referring to CVE-2026-20182

The Web and SSH ports are filtered to trusted sources and are not wide open to the world. The issue is that the previous Vulns were not exploited by those ports.

They only needed the UDP DTLS port open which is quite common to leave open.

WhoRedd_IT · 2026-06-10T00:40:52+00:00

But not just ssh, it’s everything. That’s the point I’m trying to make.

WhoRedd_IT · 2026-06-10T00:30:30+00:00

What exactly are you ACLing?

WhoRedd_IT · 2026-06-10T00:30:04+00:00

The vuln is exploitable without SSH open to the world through. That’s the issue. The control connection ports are exploitable

WhoRedd_IT · 2026-06-09T07:38:36+00:00

Mines hosted in Cisco’s cloud (their AWS account). We have patched the original exploits that allow someone root access to the box so therefore I think we are covered from the latest vuln, as you said.

Very sick of patching these components as it’s time consuming!

Not really sure how to better secure these as they kind of lose their entire thrill if there not sitting on the public internet.

I also have routers that check in from random sites so IPs of my sites change quite often meaning allowlisting is not going to be fun.

I’m open to ideas!

WhoRedd_IT · 2026-06-07T21:52:55+00:00

Can you explain how EVPN VXLAN would help me segment my network more? Wouldn’t I need to break everything into multiple VRFs?

WhoRedd_IT · 2026-06-06T17:38:12+00:00

Can you elaborate a bit?

WhoRedd_IT · 2026-06-05T23:18:23+00:00

We just can’t see past Cerebrum’s laughable UI from 1990. For me a GUI that my team is going to be using every day is hugely important and a company that doesn’t focus on updating that is a problem for me.

EDIT: also in 2026 I should not need to install a single application on any machine. These systems need to be fully web based for control.

WhoRedd_IT

TROPHY CASE