Cisco Device Info, my popular SNMP application for getting information from Cisco network devices has now been released as free software. It is now free to use at home, and in commercial environments. Further to that change I have licensed the software under the LGPL 2.1, allowing developers to contribute to the code and make changes of their own.
The sourcecode has been hosted at Github and is available from its public repository.
I came across a somewhat unusual issue earlier this week whilst trying to setup a NAT entry to forward HTTP traffic over port 2000. The firewalls being used were a pair of Cisco ASA 5505s. The relevant configuration was pretty straightforward:
object-group service AllowedPorts
service-object tcp eq 2000
access-list outside-in extended permit object-group AllowedPorts any host 126.96.36.199
When trying to pass HTTP traffic to 188.8.131.52 over port 2000, the TCP connection would establish and eventually a TCP RST would be received. But no data would actually be transferred. Running the service on a port other than 2000 worked fine.
Continue reading Cisco ASA NAT problems with TCP Port 2000
The news in the UK recently has been flooded with the news that major UK ISPs have been forced to sink The Pirate Bay. The ISP that I use, Be There have now implemented their block.
Visitors trying to access TPB are greeted with a page informing them that access to the website has been blocked. To begin with this block only effected HTTP traffic but before long, HTTPs was also blocked. I’ve been interested in how this has been implemented, so began investigating. Firstly I took a look at the HTTP communication between a normal client and The Pirate Bay:
$ HOST="thepiratebay.se";echo -ne "HEAD / HTTP/1.1\nHost: $HOST\n\n\n"|ncat $HOST 80
HTTP/1.1 200 OK
Set-Cookie: PHPSESSID=70e899d0720d92eae47ad4347813ef0d; path=/; domain=.thepiratebay.se
Set-Cookie: language=en_EN; expires=Sat, 08-Jun-2013 08:59:18 GMT; path=/; domain=.thepiratebay.se
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 08 Jun 2012 08:59:18 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Date: Fri, 08 Jun 2012 08:59:18 GMT
Continue reading Investigating the Be/O2 block of The Pirate Bay