Rotate logs with Syslog

Here is the configuration file for logrotate:

root@host:/etc/logrotate.d# cat /etc/logrotate.d/rsyslog
/var/log/syslog
{
        rotate 7
        daily
        missingok
        notifempty
        delaycompress
        compress
        postrotate
                reload rsyslog >/dev/null 2>&1 || true
        endscript
}
 
/var/log/*.log
{
        rotate 7
        daily
        missingok
        notifempty
        compress
        postrotate
                reload rsyslog >/dev/null 2>&1 || true
        endscript
}
/var/log/mail.info
/var/log/mail.warn
/var/log/mail.err
/var/log/mail.log
/var/log/daemon.log
/var/log/kern.log
/var/log/auth.log
/var/log/user.log
/var/log/lpr.log
/var/log/cron.log
/var/log/debug
/var/log/messages
{
        rotate 4
        weekly
        missingok
        notifempty
        compress
        delaycompress
        sharedscripts
        postrotate
                reload rsyslog >/dev/null 2>&1 || true
        endscript
}

CCIE notes – Security part 2

Layer 3 Security

 

Recommendation
1. Enable secure Telnet access to a router and use SSH
2. Enable SNMP security, adding SNMPv3 support
3. Turn off unnecessary services on the router platform
4. Turn on logging to provide on audit trail
5. Enable protocol authentication
6. Enable CEF

 

General Layer3 Security Considerations

1. Smurf Attacks

– a large number of ICMP Echo Requires with same typical IP address in the packet
– the destination address is a subnet broadcast address, also known as a direct broadcast address

Solutions
(more…)

CCIE notes – Security part 1

Router & Switch Device Security

– to encrypt passwords with the following command #service password-encryption
– “#no service password-encryption” – does not automatically decrypt the password. It waits until a new password is added.
– #enable secret – encrypts the password as md5
– #enable password – type 7 password
#username password <pass> – encrypts the password as MD5

 

AAA – Authentication, Authorization and Accounting

Radius vs Tacacs

RADIUS TACACS
Scope of Encryption: Packet Payload or just Password  Password Only  Entire Payload
 Layer 4 Protocol  UDP  TCP
 Well Known ports  1812/1645  49/49
 Standard or Cisco Propriety  Standard  Cisco

(more…)

CCIE notes – MPLS

Below are some notes from my CCIE written. Hope you enjoy them

 

MPLS IP Forwarding: Data Plane

– MPLS routers inject (push) or remove (pop) or forwards packets based on labels
– MPLS relies on the CEF while expanding the logic and data structures as well

 

LSR (Label Switch Router)

– any router that has awareness of MPLS Labels
FIB – used for incoming unlabled packets
LFIB – used for incoming labeled packets

MPLS header and Label
– header of 4 bytes, located before the IP header

MPLS header

(more…)

Linux File System

 

Linux core offers support for a large number of file systems. User interface provided is the same no matter the type of file system back. Generally different file names and directories are simple to be used efficiently in command line such as  bin/, var/, usr/, lib. Mac Os uses more clear names
such as /library/, /Applications/, /Users/. Most of Linux distributions offers compatible interface with Filesystem Hierarchy Standard 3. FHS defines the main directories names and the content of it in a Linux distribution such as :

___________________________________________________________________________

Directory                                                     Description

___________________________________________________________________________

/ bin /                           binary commands associated with significant executable

————————————————————————————————————————

/ dev /                          dev / null , dev / hda , dev / random  devices

————————————————————————————————————————-

/ etc /                           configurations files

————————————————————————————————————————-

/home/                         home users directories

————————————————————————————————————————-

/ lib /                            libraries

————————————————————————————————————————–

/ mnt /                          temporary system files

————————————————————————————————————————–

/ proc /                         file system procfs

—————————————————————————————————————

/ root /                          users home ( root )

—————————————————————————————————————

/ sbin /                         executable commands that requires privileged user rights

—————————————————————————————————————-

/ usr /                           secondary hierarchy : contains binaries and libraries

—————————————————————————————————————-

/ var /                           variable files (logs, queues, temporary)

(more…)

Page 1 of 3123