TCP Dump and Cisco

March 18, 2015

Log onto the L3 switch.

Here is the commands on the C6 that provide monitoring (sniffing) of a vlan to a specific port. The destination port is the port thats connected to eth2 on COSNIFFER01.

monitor session 1 source vlan ##
monitor session 1 destination interface Gi8/2 (interface)

Change the first line to whatever vlan you are wanting to capture.

After that, jump back onto cosniffer and run the following command…

tcpdump -i eth2 -nn -s0 -w filename.pcap ‘host 192.168.52.XX’

Change whats in red. Name your file and make your host what specify device or IP you are wanting to capture in the traffic. You can also do multiple devices or IP’s like so….
‘host x.x.x.x and host x.x.x.x’

Hit enter on the command. Let it run for a certain amount of time.

CTRL-C to end the command.

User WinSCP to copy the .pcap file you just made to your PC and open it up with Wireshark to examine the traffic.

Good Luck!

ARRIS TM502G with Comcast Xfinity

March 17, 2015

My grandmother has TV and Voice service with Comcast. They were charging her $10 a month for a modem rental. Found this model on eBay for $18 as a refurb. It works great with Comcast in Indiana. All you have to do is swap out your rental modem with your new modem, turn it on, and hook up a computer/laptop to the network port on the back of the ARRIS. Open a web browser and you’ll and try to get out to the Internet, you’ll get redirected to a Comcast Activation page. Its 3 or 4 easy steps, takes about 5 minutes. Just follow the instructions. You won’t need to call Comcast at all. Test your services after its activated.

Debian Wheezy install HP Elitebook 8440p

March 9, 2015

I had FreeBSD installed on this (previous post) but decided to turn this laptop into a GNS3 lab. Per GNS3’s website they prefer you use Ubuntu. I don’t care for Ubuntu so I installed Debian. Mint would be my second choice.

Everything works for the most part. Below is to do list…

1) – WIFI – Intel Centrino Advanced-N 6200…

Add a “non-free” component to /etc/apt/sources.list, for example:

# Debian 7 “Wheezy”
deb wheezy main contrib non-free

save & exit

# apt-get update && apt-get install firmware-iwlwifi


# modprobe -r iwlwifi ; modprobe iwlwifi

2) WIFI – Blinking alert light on laptop

# echo “echo \”options iwlwifi led_mode=1\” >> /etc/modprobe.d/iwlwifi.conf” | sudo bash

3) screensaver – I had to install xscreensaver.

4) disabled suspend in Advanced settings for laptop lid

5) uninstall Gnash flash and installed Adobe flash. The other flash sucks.

Thats about it! All is good in da hood.

FreeBSD 10.1 on HP EliteBook 8440p

March 2, 2015

I did a simple setup for FreeBSD on this laptop. I’ve not gotten around to playing with ACPI events such as battery and lid closing. This laptop is purely for BSD Certification testing and playing around with the other BSD’s.

What I can tell you is that everything worked straight from the install with a few addition/tweaks.

Install – You’ll need the UEFI boot images. Even if UEFI is disabled in the bios, it still will not work. Also set the hard drive settings to IDE instead of AHCI.
Wifi – Intel N600 chipset. Just follow the Wireless document in the handbook. Fully supported.
Xorg – NVIDIA drivers. You’ll need to install NVIDIA-drivers-340 and NVIDID-xconfig.

Thats all I have so far because thats all I really need on it for the time being.

OpenBSD 5.6 and VirtualBox

March 2, 2015

So apparently OpenBSD on Virtualbox needs VT enabled in the BIOS or you can’t install it. If you keep getting an error or you can’t press “I” during setup to initial the install, this is why. Go into your BIOS and enable Virtual Technology.

PF Sense & Netgate APU board

December 22, 2014

This guy has a good tutorial…  click here


Download the latest embedded image from PF Sense.  You’ll want the 64bit option.

You’ll need to write the image to your SD card.  Depends on your OS.

Windows – download WriteDiskImage

Mac – $ sudo gzcat pfsense-XXX.img.gz | dd of=/dev/disk[n] bs=16k        (unmount the disk, unmountDisk /dev/diskN)

The default serial speed on the board is 115200 but you can set you terminal to 9600.  You’ll see gibberish.  Set your terminal you are using.

FreeBSD – cu -l /dev/cuau0 -s 9600 -t     ( to exit type:   ~. )

Linux – use minicom

Plug in your serial cable and power cable.  Lets do this.

When you see a message about ‘Booting [/boot/kernel/kernel]’ press CTRL-C until it drops to an ‘OK’ prompt.

Type:  set

Type:  boot

Assign your interfaces.  I suggest you do auto config.

Log in to the webgui and go to Diagnostics menu –> edit file.

Click the browse button.  Click on the /boot folder.   Click the /default folder.  Click the loader.conf.   Click load at the type.

Add this line:”10000″

Save it.

Now go System –>  Advanced.    Down near the bottom.  Change your console speed to 115200.  Click save down at the bottom.



iPhone 6 picture issue in message

September 20, 2014

First day I got my iPhone 6, everything went well with the activation.  Started using it and realized that anyone that iMessaged me with a picture, I couldn’t see it.  I would get a square box with “Downloading” but it would never download.  And if you reboot your phone, then the square box just has a question mark “?” in it.

What was odd was on my Mac Book, in Messages, I could see the pictures, just not on my phone.

Issue:  Cant view pictures sent to you thru iMessages from other iPhone users

Solution:  If you are using another Mac device with iMessages, you have to disable them all (sign out).  Then on your iPhone, go to Settings > Messages.  Turn Message “off”.   Wait 5 seconds, turn back “on” and below under Send & Receive, remove any other emails or numbers for Messaging other than your primary number.  So you should just have one under that section.
Now you should be able to get pictures.  If so, now you can re-enable Messages on all your other devices.

CentOS 6.5 as a gateway

August 25, 2014

Here is my setup.   I have a Cisco lab in my garage.  I have a PC in my garage.  The PC connects to my WiFi via a 7811 Edimax USB adaptor.  I want my PC to act as a Gateway so I can access the Internet on my Cisco lab.    (btw, I live on the second floor of an apartment and my garage is located below at an angle.)

I know what you are thinking…”Why dont you get a WRT wireless router and make a bridge?”  Been there done that plus I dont need to go out and spend $30 or $50…I have everything I need, plus its fun to geek.  So lets get to it.

<—-Internet—->wlan0 —PC—eth0—switch—lab or another PC


wlan0 – Internet (
eth0 – LAN  (

First thing… turn off Network Manager
# service NetworkManager stop

Download a DHCP server (unless you want to use static IP’s)
yum -y install dhcp

Let’s edit our wpa_supplicant files
nano /etc/sysconfig/wpa_supplicant
add your interface name:

INTERFACES=”-iwlan0″     <–make sure to put the “-i” in front.

nano /etc/wpa_supplicant/wpa_supplicant.conf  (this will depend on your WiFi router setup, below is mine)

ssid=”WIFI-NAME”       <—- change yours to your SSID
psk=”WIFI KEY”             <—change yours to your key

Now open lets edit the wlan0 config file a bit (below is mine)
nano /etc/sysconfig/network-scripts/ifcfg-wlan0

ESSID=”NETWORK-NAME”   <—- change yours to your SSID

Now lets give eth0 an IP address for that subnet
nano /etc/sysconfig/network-scripts/ifcfg-eth0

IPADDR=    <— change yours to whatever
GATEWAY=   <—-change yours to your WLAN0 or ETH device
DNS1=   <—- change yours to your DNS server preference

Next lets add a line into IPTABLES to setup NAT’ing…
# iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE    <—- change wlan0 to whatever interface will do the NAT’ing outside.

Lets make sure wpa_supplicant is set to start up
# chkconfig wpa_supplicant on
# chkconfig network on
# chkconfig NetworkManager off

# service wpa_supplicant start
# service network restart

So now you should be set.  Plug in a device with a static IP on a switch in your new LAN.  Ping google or some shit.

Want DHCP server running on the inside interface (eth0)?  Easy…

Edit this dhcp file
# nano /etc/sysconfig/dhcpd

DHCPDARGS=eth0  <—– specify your inside interface

#nano /etc/dhcp/dhcpd.conf
Add the following lines:

option domain-name “”;                             <—- change to your liking
option domain-name-servers,;   <—- change to your liking

default-lease-time 600;
max-lease-time 7200;


subnet netmask {                   <— change to your local network setup
option routers;

Save that shit.
Now lets start DHCP server up like a boss!

# chkconfig dhcpd on
# service dhcpd start

Lets test this….plug in a PC to your new LAN switch on the inside (eth0 in this case).
run this command
#tail -f /var/log/messages

You should see DHCP request come in.  If you do, you do man.  If not, you did something wrong fool.

Use the command “iwlist wlan0 scan” to find wireless access points around you and see their encryption type.
You have issues, check the logs…/var/log/messages
You can set it up to do DHCP relay using the file /etc/sysconfig/dhcrelay file.  Then just start the dhcrelay service.  But you need a DHCP server somewhere in your network.

FreeBSD 10 – sFTP setup

May 21, 2014


First off, sFTP doesnt actually use FTP protocol or associate with it.  It’s pretty much like SCP but with other features.  It uses port 22 as well.  The one unique thing about it is that the user or group you specify in the sshd_config for sFTP will not be able to log in with SSH.  That user will only be able to sFTP into the server.

Pretty simple to setup.

ee /etc/ssh/sshd_config

scroll down to the bottom and put this in…

Match User sftpuser                (specify “group” instead of user if you wanted)
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp


Thats it.

# service sshd restart.

Create your user.

Root must be the owner of the home directory.  It should be by default.

Create another directory inside the new users home for them to access.

mkdir /home/sftpuser/files

chown root:sftpuser /home/sftpuser

chown sftpuser:sftpuser /home/sftpuser/files


You are done!  Have fun!

FreeBSD 10 ssh key authenication

May 21, 2014


# ssh-keygen -t rsa  (uses default 2048, want higher?  use -b 4096)

Enter a passphrase.

cat >> .ssh/authorized_keys

ee /etc/ssh/sshd_config  

Comment out (#) the line ChallengeResponseAuthenication and change it to "no" (without the quotes)

service sshd restart

Copy the id_rsa (private key) to your laptop/desktop or whatever computers you use.   drop it into the .ssh directory of your system directory.  Have Windows?  point to it in Putty.  I believe most distro's will read the id_rsa as a default key file so you may need to change its name if you SSH to other servers.  for example...I have a server named I would ssh user@web01 -i web01.priv  <--- is my private key.  


Get every new post delivered to your Inbox.