Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About Bill CARTER
Bill CARTER
Contributor
Old router. CCIE 5022 R/S
Biography from communities:
Been working on Cisco equipment since 1995. CCIE 5022.
I would like to have a Cisco AGS Router to put on display at my house.
Visit my blog at http://billyc5022.blogspot.com
Expertise:
20 years networking experience. Routing and Switching, Wireless, ASA, Nexus, UC, and Data Center. CCIE # 5022
Recent Badges
Stats
Member since
11-04-2001
217
Posts
66
Helpful
4
Solutions
Created by
Bill CARTER
in Security Documents
in Security Documents
05-04-2019
01:59 PM
05-04-2019
01:59 PM
Great post. Worked for me!!
... View more
Created by
Bill CARTER
in Security Analytics
in Security Analytics
02-21-2019
08:18 AM
02-21-2019
08:18 AM
Thank you!
I removed "root" and changed the log setting. I was able confirm the script successfully ran.
swm:~/scripts/log# crontab -l # m h dom mon dow command 10 16 * * * /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log 2>&1
swm:~/scripts/log# cat talos.log Fetching new IP data from Talos... Posting data to the SMC... Success. swm:~/scripts/log#
... View more
Created by
Bill CARTER
in Security Analytics
in Security Analytics
02-20-2019
08:21 AM
02-20-2019
08:21 AM
Alan Nix has created a great python script to import the Talos Blacklist into Stealthwatch. I have successfully run the script manually. I would like to run the script daily using cron. I used crontab, but I am not sure it actually runs.
Here is the output from crontab -l
# m h dom mon dow command 0 16 * * * root /usr/bin/python /root/scripts/TalosBlacklistImport.py > /root/scripts/log/talos.log
Nothing is getting entered into talos.log.
https://github.com/TheAlanNix/cisco-security-tools/tree/master/TalosBlacklistImport
... View more
Labels:
Created by
Bill CARTER
in Network Access Control
in Network Access Control
01-14-2019
02:18 PM
01-14-2019
02:18 PM
I am on 2.4 Patch 5.
I will try working with a separate profile.
... View more
Created by
Bill CARTER
in Network Access Control
in Network Access Control
01-14-2019
01:04 PM
01-14-2019
01:04 PM
Using the ISE Endpoint Analysis Tool, I can not get a profile to match. I am wondering if it is because the OUI contains ( and ).
I don't get a match when OUI EQUALS LG Electronics (Mobile Communications).
There is a match on "LG-Device" which uses "OUI Contains LG Electronics".
<CPMProfilerPolicies> <Policies> <Policy isEnabled="true" matchingIdentityGroup="false" minimumCertaintyMetric="10" version="2" name="LG" description=""> <PolicyRules> <PolicyRule certaintyFactor="40" name="LGRule5c3cd48f1f12b"/> <PolicyRule certaintyFactor="40" name="LGRule5c3cd48f1f132"/> </PolicyRules> </Policy> </Policies> <Rules> <Rule description="Mac_OUI_Equals_LG Electronics (Mobile Communications)" expression="LGRule5c3cd48f1f12bCheck5c3cd48f1f12e" name="LGRule5c3cd48f1f12b" ruleType="Regular"/> <Rule description="DHCP_dhcp-class-identifier_Equals_android-dhcp-9" expression="LGRule5c3cd48f1f132Check5c3cd48f1f133" name="LGRule5c3cd48f1f132" ruleType="Regular"/> </Rules> <Checks> <Check attributeName="OUI" attributeValue="LG Electronics (Mobile Communications)" description="Mac OUI Equals LG Electronics (Mobile Communications)" name="LGRule5c3cd48f1f12bCheck5c3cd48f1f12e" operator="Equals" type="Mac"/> <Check attributeName="dhcp-class-identifier" attributeValue="android-dhcp-9" description="DHCP dhcp-class-identifier Equals android-dhcp-9" name="LGRule5c3cd48f1f132Check5c3cd48f1f133" operator="Equals" type="DHCP"/> </Checks> <Actions/> <ScanActions/> </CPMProfilerPolicies>
... View more
- Tags:
- ise-endpoint-profile
Labels:
Created by
Bill CARTER
in Cisco Bug Discussions
in Cisco Bug Discussions
11-29-2018
09:34 AM
11-29-2018
09:34 AM
Could you provide the new certificate we can manually install? Using the fix for CSCvm81052 I now have AMP updates succeeding, however URL updates still fail. see https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvm81052/
... View more
Labels:
Created by
Bill CARTER
in Cisco Bug Discussions
in Cisco Bug Discussions
07-30-2018
01:25 PM
07-30-2018
01:25 PM
Will this be fixed in a future rule update or a Firepower patch? I am experiencing this issue with software 6.2.3.2-42 and rule update 2018-07-16-001-vrt.
... View more
Labels:
04-12-2018
06:27 AM
I set rule updates for daily during non-business hours. I have never had a problem.
... View more
Created by
Bill CARTER
in Endpoint Security
in Endpoint Security
06-07-2017
07:46 AM
06-07-2017
07:46 AM
I believe I am getting a false positive for ChromeSetup.exe. I downloaded the Chrome beta installer direct from Google.
SHA-256 a1fa0737b15a05ac5073985839af253f3470c162730f89f604eb3dc008066c05
Virus Total analysis
https://www.virustotal.com/en/file/a1fa0737b15a05ac5073985839af253f3470c162730f89f604eb3dc008066c05/analysis/1496843791/
... View more
Labels:
Created by
Bill CARTER
in Network Access Control
in Network Access Control
05-09-2017
10:41 AM
05-09-2017
10:41 AM
Do the Nexus 9000s running in NX-OS mode support Trustsec?
... View more
- Tags:
- nexus_9000
- trustsec
Labels:
02-13-2017
01:21 PM
When will 7.0(3)I4(6) be released? I believe I am hitting this bug.
this bug is for Nexus 9000. MAC addresses are aging out of the MAC table and not being relearned for a few minutes. When this happens there is an ARP entry.
... View more
- Tags:
- #N9k NEXUS
Labels:
07-27-2016
11:23 AM
I had this issue also. There are a couple of settings in the HTTP preprocessor.
Firepower 6.0
Go to Policies -> Access Control -> Network Analysis Policy (Top right of browers window).
Edit existing policy, or create new policy.
Policy information -> Settings -> HTTP Configuration
Under Targets click + to add a server and enter the IP address, CIDR, or comma-seperated list. Click OK.
Then check boxes "Detect HTTP Proxy Servers", "Allow HTTP Proxy use", and "Extract Original Client IP Address".
For mine I have "XFF Header Priority" with #1 "X-Forward-For"
Hope this helps.
-Bill
... View more
07-07-2016
04:43 AM
Route the local LAN to LAN traffic at the switch instead of the router.
... View more
Created by
Bill CARTER
in Network Security
in Network Security
06-01-2016
06:33 AM
06-01-2016
06:33 AM
I can't find the readme or release notes for 9.5(2.10) interim release. asa952-10-smp-k8.bin . Traditionally there is a document listing the fixes in the interim release.
... View more
- Tags:
- asa
Labels:
02-21-2019
Thank you! I removed "root" and changed the log setting. I was able
confirm the script successfully ...
02-20-2019
Alan Nix has created a great python script to import the Talos Blacklist
into Stealthwatch. I have s...
01-14-2019
Using the ISE Endpoint Analysis Tool, I can not get a profile to match.
I am wondering if it is beca...
11-29-2018
Spoiler (Highlight to read)Could you provide the new certificate we can
manually install? Using the ...
07-30-2018
Will this be fixed in a future rule update or a Firepower patch? I am
experiencing this issue with s...
06-07-2017
I believe I am getting a false positive for ChromeSetup.exe. I
downloaded the Chrome beta installer ...
Created by
Bill CARTER
in Network Access Control
05-09-2017
05-09-2017
Do the Nexus 9000s running in NX-OS mode support Trustsec?
Created by
Bill CARTER
in Switching
02-13-2017
02-13-2017
When will 7.0(3)I4(6) be released? I believe I am hitting this bug. this
bug is for Nexus 9000. MAC ...
07-27-2016
I had this issue also. There are a couple of settings in the HTTP
preprocessor. Firepower 6.0 Go to ...
06-01-2016
I can't find the readme or release notes for 9.5(2.10) interim release.
asa952-10-smp-k8.bin. Tradit...
Public Statistics
| Date Registered | 11-04-2001 05:31 PM |
| Date Last Visited | 04-07-2020 11:54 AM |
| Total Messages Posted | 217 |
| Total Helpful Votes Received | 66 |
Helpful Votes Given To
| User | Helpful Count |
|---|---|
| 10 | |
| 5 | |
| 5 | |
| 5 | |
| 10 |
.jpg "VIP Advocate"){kind=icon}
Helpful Votes From
| User | Helpful Count |
|---|---|
| 5 | |
| 5 | |
| 1 | |
| 1 | |
| 1 |
