Cisco Device Info now open source

Cisco Device Info, my popular SNMP application for getting information from Cisco network devices has now been released as free software. It is now free to use at home, and in commercial environments. Further to that change I have licensed the software under the LGPL 2.1, allowing developers to contribute to the code and make changes of their own.

The sourcecode has been hosted at Github and is available from its public repository.

Cisco ASA NAT problems with TCP Port 2000

I came across a somewhat unusual issue earlier this week whilst trying to setup a NAT entry to forward HTTP traffic over port 2000. The firewalls being used were a pair of Cisco ASA 5505s. The relevant configuration was pretty straightforward:

object-group service AllowedPorts
 service-object tcp eq 2000 
access-list outside-in extended permit object-group AllowedPorts any host 1.1.1.1

When trying to pass HTTP traffic to 1.1.1.1 over port 2000, the TCP connection would establish and eventually a TCP RST would be received. But no data would actually be transferred. Running the service on a port other than 2000 worked fine.
Continue reading Cisco ASA NAT problems with TCP Port 2000

Investigating the Be/O2 block of The Pirate Bay

The news in the UK recently has been flooded with the news that major UK ISPs have been forced to sink The Pirate Bay. The ISP that I use, Be There have now implemented their block.

Visitors trying to access TPB are greeted with a page informing them that access to the website has been blocked. To begin with this block only effected HTTP traffic but before long, HTTPs was also blocked. I’ve been interested in how this has been implemented, so began investigating. Firstly I took a look at the HTTP communication between a normal client and The Pirate Bay:

$ HOST="thepiratebay.se";echo -ne "HEAD / HTTP/1.1\nHost: $HOST\n\n\n"|ncat $HOST 80
HTTP/1.1 200 OK
X-Powered-By: PHP/5.4.3
Set-Cookie: PHPSESSID=70e899d0720d92eae47ad4347813ef0d; path=/; domain=.thepiratebay.se
Set-Cookie: language=en_EN; expires=Sat, 08-Jun-2013 08:59:18 GMT; path=/; domain=.thepiratebay.se
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Last-Modified: Fri, 08 Jun 2012 08:59:18 GMT
Cache-Control: no-store, no-cache, must-revalidate
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 08 Jun 2012 08:59:18 GMT
Server: lighttpd

Continue reading Investigating the Be/O2 block of The Pirate Bay