Lets play IP 'Whack a Mole'

Had such a weird problem the other day after the installation of a voice switch.

The voice switch was manually configured  with an ip address (x.x.x.2) and an old Cisco switch (model unknown) decides to grab the same ip from our dhcp server.

Here's the odd part,  I configured the DHCP scope to start at x.x.x.11.

Since I was working remotely, I disabled the upstream switch port that the cisco switch was connected to until the onsite guys could investigate.

The onsite tech told me that the cisco switch was in an area that wasn't accessible, I suggested he hang tight and I will reenable the upstream switch port connected to the Cisco switch.

I enabled the port and we waited for about 15 minutes to see if the issue comes back. I could see the devices on the cisco switch had ip addresses and data was definitely flowing. Oddly enough the switch had not requested an ip address from the DHCP server with I confirmed via the switch mac table, router mac table and DHCP server.

I told the tech "lets leave it alone for the weekend'. Monday morning I checked and the Cisco switch is still online, I can see its mac address, but no ip address.

The tech decided to 'take it out'  when he got access since it was a super old 10/100 switch, so unfortunately I could no longer do any more testing, but still a good exercise on identifying, locating and isolating a duplicate ip address scenario.

 

---

Stanford free AI course Deep Learning (CS230)

 

If you’re passionate about advancing your AI and machine learning skills, there’s no better time than now to dive into deep learning — and this free Stanford CS230 Deep Learning YouTube playlist is a goldmine of knowledge waiting to be explored. Hosted by Stanford University, this playlist curates a comprehensive set of lectures covering the essential concepts, techniques, and real-world applications of deep learning. It’s the kind of content that normally resides behind costly university enrollment — yet here it is, accessible with just a click. (YouTube)

What makes this playlist stand out is its structured approach to teaching one of the most sought-after skills in today’s tech landscape. From neural network fundamentals to advanced optimization strategies, the lecture videos break down complex topics into digestible, engaging lessons. Whether you’re a student preparing for a career in AI or a professional looking to level up your expertise, this Stanford course offers a roadmap that’s both deep in technical substance and geared toward real application. (YouTube)

Another great advantage of this playlist is its flexibility. You can watch it at your own pace, rewind to clarify tricky concepts, and re-watch key sections for better retention. Unlike traditional classroom settings, there’s no pressure, no deadlines, and no tuition — just you and some of the brightest minds in deep learning sharing cutting-edge insights. It’s a rare opportunity to learn directly from top educators without spending a dime. (YouTube)

In a world where AI and machine learning are rapidly reshaping industries, having reliable and expert-led training is essential. This playlist not only equips you with foundational knowledge but also inspires deeper curiosity and exploration into advanced topics like neural architectures and model optimization. Ready to elevate your skills and explore the frontier of AI? Start watching the Stanford CS230 Deep Learning playlist today and take a big step toward mastering one of the most transformative fields in tech. (YouTube)

---

Overview of Single-Mode and Multimode Fiber Optics

Troubleshooting skills don't just happen

 

I remember a while ago when I was presenting and told the group "if you do your job right, you will always find something to fix, tune or tweak" .

After an install, I always go online the next day or two and check logs, port stats, etc..  I would say I will find something odd that is worth investigating about 30% of the time.

Over the years, I have found a lot of 100Mb POE injectors connected to 1 Gb ethernet ports and 1 Gb devices, bad cabling, 100 Mb switches/hubs on 1 Gb devices, the list goes on...

In this specific example, a new computer with a 1 Gb Ethernet interface, with new patch and structured cabling connected into a switch 1 Gb Ethernet port came up as 10 MB, and then later, 100 Mb, along with a boatload of errors.

I reached out to the client to address the issue since it can only be a few things (in order of most to least probable):

- bad patch cable at the client's desk

- bad run to the patch panel

- bad patch panel cable 

- bad switch port

- bad computer ethernet port

The clients initial response is that they are 'too busy to look at it' , and since the computer seems to be working just fine and can get on the internet, there is no urgency to address it.

Now my job is to sell, convince and educate the client that this is worth fixing before they 'notice' and it becomes a last minute support issue. :)

---

from the net: The biggest cybersecurity and cyberattack stories of 2025

 

2025 was a big year for cybersecurity, with major cyberattacks, data breaches, threat groups reaching new notoriety levels, and, of course, zero-day vulnerabilities exploited in incidents.

Some stories, though, were more impactful or popular with our readers than others.

Below are fifteen of what BleepingComputer believes are the most impactful cybersecurity topics of 2025, with a summary of each. These stories are in no particular order.

https://www.bleepingcomputer.com/news/security/the-biggest-cybersecurity-and-cyberattack-stories-of-2025/

from the net: New Android Malware Lets Hackers Turn Google Play Apps Into Spyware

 

The security research team at iVerify Threat Intelligence have discovered a new Remote Access Trojan (RAT) that has been dubbed Cellik, and which is targeting Android users. 

It includes features typically seen on advanced spyware and delivers functionality that allows threat actors to spread their wares in a more stealthy fashion.

click on the image to read the article

---

The NETSCOUT DDoS Threat Intelligence Report (Issue 15: Digital Aftershocks) analyzes global distributed denial-of-service (DDoS) attack activity and trends, revealing that more than 8 million DDoS attacks were recorded worldwide in the first half of 2025, with peak attacks reaching 3.12 Tbps in bandwidth and 1.5 Gpps in throughput. It highlights how geopolitical events and coordinated campaigns by groups like NoName057(16) have driven spikes in attack volume, while botnet-driven and DDoS-as-a-service threats are increasing in sophistication, duration, and impact. The report also shows emerging threat actors expanding the threat landscape and emphasizes regional variations and the collateral damage DDoS attacks can inflict on service providers and critical infrastructure sectors.