You can enable detailed port statistics via the command-line interface (CLI) on switches in the Netgear M4200/M4300 family. I will explain how to set up a time range and port group, and apply them to a port or range of ports to gather throughput data. This post will make up for some shortcomings in Netgear’s […]
Enable Port Statistics on a Netgear M4200/M4300 Switch Read More »
ESET Security Management Center (ESMC) is the replacement for the ESET Remote Administrator (ERA) Server. You can install ESMC as a “virtual appliance” which will run on hosts such as VMWare or Linux/KVM/QEMU. Under the hood, this appliance is a CentOS 7 server running the Apache Tomcat web server. ESMC is implemented as a Java
Use an SSL/TLS Certificate with ESET Security Management Center Appliance Read More »
Google Cloud Operations, formerly known as Stackdriver Logging and Monitoring, can be very confusing to set up. It’s easy to monitor something simple, but more complex cases quickly get confusing. One of the more flexible but confusing types of alert policies in Stackdriver Monitoring is a Logs-Based Metrics policy, which gives you the ability to
Alert Policies for Log Metrics on Google Stackdriver Monitoring Read More »
This is a minimal PHP script that’s useful for verifying connectivity and permissions to read data from a Google Bigtable instance. Unlike some of the sparse examples in Google’s PHP SDK, this script will work for any table, and you don’t need to know anything about the structure of the table. This script tests the
Testing Access to Google Bigtable Read More »
Salt is a great choice for a configuration management system. I have found that it scales well, both in terms of number of nodes, and complexity of configurations. However, I have found one aspect of Salt that remains under-developed: Salt doesn’t have great support for custom groupings of minions. Minion groups (which could also be
Dynamic node groups with Salt Read More »
If you operate a Netgear switch in an environment that is subject to compliance requirements such as PCI or HIPAA, you are probably doing vulnerability scans, and the HTTP management interface of your switches will generate medium vulnerabilities (at least from Nessus): SSL Self-Signed Certificate SSL Certificate Cannot Be Trusted SSL Certificate Expiry It IS
How to use SSL/TLS certificates on a Netgear M4200/4300 switch Read More »
curl, or an application that uses libcurl, may have a problem with an SSL certificate that works fine when using a web browser to access the same URL. Typical error output from curl looks like this: $ curl -v https://my-subdomain.mysecuresite.com Trying xxx.xxx.xxx.xxx:443… TCP_NODELAY set Connected to my-subdomain.mysecuresite.com (xxx.xxx.xxx.xxx) port 443 (#0) ALPN, offering h2 ALPN,
curl or libcurl: SSL certificate problem: unable to get local issuer certificate Read More »
Ubiquiti publishes detailed data sheets for all of their products, but it’s hard to find all the information you need in one place for comparison purposes. That’s the purpose of this article. First Generation Access Points It can be confusing to distinguish between the generations of UniFi access points; you have to look at the
2020 Ubiquiti Wireless Access Point (WAP) Roundup Read More »
Most business-class switches and routers support monitoring via SNMP. The main barrier to implementing SNMP monitoring is that so many parameters can be monitored, and it can be very hard to isolate the most important parameters. This example shows how to monitor the status of a specific port. Note that the term “port” includes link
Monitoring a switch or router port via SNMP Read More »
openssl is the standard open-source, command-line tool for manipulating SSL/TLS certificates on Linux, MacOS, and other UNIX-like systems. I recently ran into an interesting problem using openssl to convert a private key obtained from GoDaddy. Someone else used GoDaddy’s “wizard” interface to generate a certificate signing request (CSR) and private key, and saved the files
openssl unable to read/load/import SSL private key from GoDaddy Read More »