Cisco Blog: January 2008 Archives

« December 2007 | Main | February 2008 »

January 30, 2008

Cisco Announces CCDE Certification

Well, it's now out there: The Cisco Certified Design Expert (CCDE) - the next "expert" level certificaiton equivalent to the CCIE. I've been reviewing many of the resources on this one...all I can say is has got to be intense! I'm really curious about the how the practical exam will be administered...are you interviewed? Drawing network diagrams?

Anyhow, here's all the information - let me know if you find any interesting facts about this:

Cisco CCDE Certification Page:
http://www.cisco.com/web/learning/le3/ccde/index.html

CCDE Written Exam Info:
http://www.cisco.com/web/learning/le3/ccde/ccde_exam_information.html

CCDE Book List: (Check this thing out!!! These books are huge!)
http://www.cisco.com/web/learning/le3/ccde/booklist.html

YouTube Video with Russ White on CCDE:
http://www.youtube.com/watch?v=7qOz-FSpC-k&feature=related

Posted by JC at 3:46 PM | Comments (3) | TrackBack

January 28, 2008

Recovering Type 7 Passwords Without Web-Tools

I'm stealing this guy from a reader tip on the January edition of the Cisco Tech Newsletter. Apparently, the "keychain" configuration of a Cisco router supports a decrypt command that allows you to recover (break) the Type 7 encrypted passwords:

Router (config) #key chain LIGHT
Router (config-keychain) #key 718
Router (config-keychain-key) #key-string 7 11192616193C233850012E3D2B2725711D
Router (config-keychain-key) #do show key chain LIGHT Key-chain decrypt:

key 1 -- text "decrypted_password"

accept lifetime (always valid) - (always valid) [valid now]
send lifetime (always valid) - (always valid) [valid now]

It probably takes more time to do something like this than just paste the encrypted password into this Java applet...but you'd feel much cooler doing it this way :).

Posted by JC at 12:58 PM | Comments (2) | TrackBack

January 18, 2008

Help! Remote Switch IP Changes...

I feel so shamed. I have completely neglected the CiscoBlog since the holidays and my first post of the new year is a plea for help. How pathetic! Forgive me. I plan on putting plenty of time into the blog, answering many of the questions that have come in over the last few weeks, and getting that forum running (I'm really close!). The check's in the mail

So here's what I need help with. This weekend, I'm doing a massive network migration for a government agency. They have about 60 switches that I will be moving over to a new IP addressing scheme (creating a separate management VLAN). So here's, in effect, what I'll be doing:

interface vlan 1
no ip address
interface vlan 200
ip address 10.20.x.x 255.255.0.0 (each switch gets its own IP address)
no shutdown

Seems simple, right? Well, these switches are spread over 15 buildings miles apart using fiber cabling. I'd like to be able to do this all remotely, many of the switches are using low-end images that only allow a single IP assignment at a time. So, if I'm telnetted in remotely and drop the VLAN 1 IP address, I'm dead.

I thought about setting up a TFTP server on my laptop, copy the running configs of the remote switches down, changing them, then copying them back to the startup config of the remote switch and rebooting...but that seems pretty painful.

Anyone have a great idea on a quick way to do this?

Posted by JC at 3:06 PM | Comments (17) | TrackBack

Cisco Blog

The world of all things Cisco