I have showed my readers many utilities, tricks and tips on how to accomplish various variations on this theme.
Here’s another helpful utility you should consider for your toolbox. Its portable, free and simple to use which got my interest right away.
Heres the link to Timer https://www.gammadyne.com/cmdline.htm#timer and a video with an example.
Enjoy
I was working with a long-time client on a fairly major upgrade for a remote site. We were replacing equipment, cabling, and some firmware upgrades.
I was invited to sit in on the planning meetings since I know the network and staff fairly well. During our first meeting, we documented all the equipment that will be 'touched', pros and cons, dependency analysis, and the typical backup plan if things should go south.
A few meetings later the team reviewed the actual action plan, roles and responsibilities, and timelines. It was in this meeting that I suggested that they make the changes in discrete 'phases' so we can better monitor if the change worked and back out more quickly if things should go wrong. the fact this place is fairly remote can complicate troubleshooting further.
I was met with a chorus of teasing and the title of "Grim Reaper" and "Negative Tony". I took it all in good fun since I know them so well but cautioned them that if they make all the changes at once and something goes wrong, it will take a lot longer to diagnose the issue. They were so confident, that they "got it", they even suggested I sit this one out. I gladly responded with "Great, I'll be at the cottage".
Fast forward to the change and they went with their wholesale change and I heard nothing during the change window and went with "no news is good news" ;) I turned off my phone and enjoyed my weekend.
Monday morning I had a ton of voicemails, texts, and emails asking me to call immediately. unfortunately, they ran into issues and have completely backed out but are still down. I immediately hopped in my car and went out to help. During my 2-hour drive, I asked all the typical questions and nothing jumped out at me. They blamed the firmware upgrade, new router, and anything they changed, but if it's all back why is it still down?
I started with my standard "Have you walked the site yet?", and they replied, "Of course we did and found nothing.". I replied, "So it won't take long to do it again with me, right?". Here's where the fun starts...
As we walked around, I immediately noticed there was no grounding for the new outdoor AP and they responded "We'll take care of that later", then I noticed that one of the enclosures was jam-packed with ethernet cables. after further investigation, I realized there were 5x12 foot cables when all we needed was 3 footers. They told me the installer forgot the short cables and will be back. Then I pointed out that the main backhaul enclosure had no power. That's when the finger-pointing started amongst themselves trying to figure out who, if anyone physically checked. I told them we can figure out who to blame later, let's fix the problem first.
I traced the power and main ethernet cable only to find that someone had nicked both cables in a door. This ironically was the first thing on their list for their change.
Believe me, I understand we want a change to be over with as quickly as possible and I totally understand that in the midst of troubleshooting a 'down' scenario, you have to believe what someone tells you. But you must get to a point where you have to start from scratch and validate/verify everything reported.
Check out the cables below.
In April 2023, NetAlly released CyberScope, the world’s first handheld cybersecurity analyzer. Still, for many such a description could be considered very broad. So, what exactly is a CyberScope and what does it do? More importantly, how can it help a network or security professional like yourself?
In a nutshell, CyberScope is a handheld cybersecurity analysis tool that offers comprehensive risk assessment, analysis and reporting for the site access layer. All in a single, powerful, and portable form factor. It supports endpoint and network discovery, wireless security scans, vulnerability assessments using Nmap, plus segmentation and provisioning validation.
As a ruggedized, purpose-built all-in-one tool, CyberScope is a network security solution that eliminates the use of fragile laptops and tablets. With multiple functions, it provides fast, actionable insights into your network, filling the critical visibility gaps that other cybersecurity tools frequently do not address.
As for what it does and how it can help, there is a lot. Here is some of its core functionality:
Network discovery is a critical cybersecurity best practice, providing valuable information about the network infrastructure, layout, devices, and services that are present. CyberScope’s Discovery combines scanning and active probing via five different network interfaces (wired and wireless) using multiple technologies (including CDP, LLDP, FDCP, SNMP, Nmap, and others) to find endpoints, network infrastructure elements, and potential attack surfaces.
Network segmentation and provisioning can be complicated and prone to error. CyberScope can verify proper segmentation of both wired and Wi-Fi networks at the point of access with clear pass/fail indication. CyberScope can also examine switch ports for proper provisioning, join a VLAN to ensure correct segmentation, and capture traffic on a specific VLAN for deeper analysis. Not only that, all discovered devices and even endpoint manufacturers can be classified as Authorized, Unauthorized, Neighbor or Unknown.
Path analysis is critical to understand how devices are interconnected. CyberScope provides complete port by port details of the network path – both wired and wireless – to any device. This is crucial when hunting down unknown or nefarious devices. Rogue hunting is made fast and easy on Wi-Fi with CyberScope’s external directional antenna.
Nmap can help identify potential vulnerabilities like open backdoors, malware or poorly configured firewalls and intrusion detection systems. However, the cryptic nature of Nmap’s command line interface and excessive textual output prevents many network professionals from using it to its fullest extent.
CyberScope’s intuitive user interface integrates with Nmap’s robust probing capabilities to help with efficiency and repeatability. Even seasoned Nmap users will appreciate the ease of use that CyberScope brings to vulnerability detection.
Also, the embedded Nmap analysis engine in the CyberScope automatically scans for vulnerabilities on all endpoint devices connected to the network. Nmap allows CyberScope to enhance the information gathered from each device with valuable vulnerability information by running built-in or custom scripts and automatically generating warning and error notifications. All this can help identify potential security weaknesses and prioritize remediation efforts to reduce risk.
Vulnerability reporting is easy using the Link-Live collaboration platform. With features that include vulnerability scan results visibility, discovery snapshots and comparisons, plus heat and topology maps, Link-Live makes it easier to collaborate and share with other team members. There is also a licensed, containerized version for on-prem use, available for those of you that don’t like the idea of storing network data in the cloud. Not only that, but Link-Live allows for secure sharing and even analyzer remote control by centralized experts, which fully enables collaboration across your team regardless of their location.
In conclusion, CyberScope is a rugged, hand-held instrument which allows you to identify wired and wireless network vulnerabilities in a single walkthrough. Plus, as a dedicated, purpose-built tool, CyberScope integrates all the hardware capabilities you need to complete any type of network survey or analysis. That includes:
10 gig fiber optic and copper (RJ45) Ethernet ports with high-power PoE support – functionality you won’t find on a laptop.
One Bluetooth/BLE and two Wi-Fi radios with up to 802.11ax and 6GHz band support.
USB ports that provide connectivity for accessories, like a spectrum analyzer, a headset for voice communications, label printers, and more.
Want to know more about NetAlly’s CyberScope? Then make sure to visit cyberscope.netally.com and check it out!
Another quick one for you:
Here's a helpful tip for creating Ethernet cables while freeing up a hand, using items you likely have around your home.
I am starting to run into more environments where ipv6 is showing up. I must admit most of the time, the client wasn’t aware the impact of having ipv6 enabled on hosts can have. Other times the client intentionally had ipv6 enabled and in use.
Either way, I get asked how to perform some of the most basic troubleshooting when a Windows host has both ipv4 and ipv6 on it. I must admit, that the first time I was asked about this a few years ago, it was stumped until I stopped, took a breath and read the ping and tracert help screen , lol. Accessing a webserver using a ipv6 address took a little bit more digging but well worth it since the same questions come up in my classes and troubleshooting engagements.
In this video I cover how to ping, tracert and http using ipv6 addresses and how to force the usage of ipv4 addresses when using a host name.
