I entered the Blue Water Photo SoCal Shootout a couple of weeks ago. I dove with Blue Water Photo on their Cali rigs trips. I had a great time on the rigs and one of the shots that I took got an Honorable Mention. Feel really good about this since this was my underwater photo contest I had entered.
This was a fun one, I had some issues with getting my Brocade switches to continue doing Radius auth with my Cisco ACS so I switched to TACACS+ for them. Had a few issues, but was able to piece this configuration together and have it work correctly.
First setup your servers on the Brocade Side, I find it easiest to work on the command line and define everything that is needed.
aaaconfig –add (first ip) -conf tacacs+ -p 49 -s (secret) -t 5 -a pap
aaaconfig –add (second ip) -conf tacacs+ -p 49 -s (secret) -t 5 -a pap
aaaconfig –authspec tacacs+
The important thing to note here is to use PAP for authentication if you are doing this against Active Directory. AD will not support CHAP which is the default on the Brocade Switches.
Once that is setup you now have no access into your Brocade devices because they are doing TACACS+ authentication and you haven’t defined them on the ACS server yet. Lets take care of that part.
Log into ACS:
Navigate to Device Administration/Shell Profiles, Create a new one, I called mine BROCADE-TAC. Once created click on the “Custom Attributes” and put in the following:
This will ensure that when you log in, you will log in as an admin on the Switch.
Once this is done go to your Access Polices/Device Admin or whatever you have it called that does your Tacacs Rule authentication. Create a new line in there and then choose your Active Directory login/groups
Then under Shell Profile, choose the one that you created before. Now depending on your environment you may want to define a specific command set. In my case I am just using Permit All, but you can create different sets for different users depending on what you are trying to limit and who has access to your device. So if you had operators you could permit the show commands or some limited feature set for a junior admin. I only have a few people that log in and they all needed to be full admins, so this was the best choice for me. Mainly we wanted to make sure that we had auditing turned on and would know when someone was logged in making changes to the devices.
I recently had to troubleshoot a problem with a client going through Websense as a proxy and trying to gain access to a site. The site has at https://somesite.com:11001. Every time I would go to the site I would just get a “Page could not be displayed”. I then wen through and started troubleshooting from the Websense side and couldn’t see anything in the interface itself, so I went to the log server and then stopped the logging service and ran it from the commandline with just the client I was testing with. However this didn’t even show that there was a hit from the client. I then had to go to the next level and troubleshoot with a packet capture and Wireshark. Once I was able to capture the traffic I could see that Websense was returning an error that the browser wouldn’t display. The issue came down to using https on port 11001 which wasn’t allowed in the Content Gateway on the Websense appliance. Once I added that I was able to browse successfully to the site and have it show up in the log server.
So below I have summarized the steps for someone else needing to do this type of troubleshooting.
How to use the Websense testlogserver to troubleshoot problems and limit the information that is seen:
Just upgraded my dive computer and decided to go with a wrist mount computer. I am upgrading from a Suunto Cobra Air Integrated and going with something a little smaller that I can take with me when I travel and use when on vacation, without needing to bring my regulator and other gear.
Some of the reasons that I ended up with the Oci was the good reviews it got, the features and functionality it had, and the form factor. I also looked at the OC1, but couldn’t justify the extra price just to get the additional features that it had along with the metal shell. So when it came down to it the Oci met all of my needs.
I didn’t want to lose the option for Air Integration if I wanted to do it. The Oci does it wirelessly while I don’t have the transmitter for it now, I do have the option to buy it and turn it on eventually.
The Oci also comes with a digital compass, not sure how much use I am going to get out of that. I tend to wear my compass on my BCD up by my shoulder which is where I like it. I once used a wristmount compass and what I found was that I needed one more bend in my arm to make it truly useful so that it could be in front of me while swimming.
The interface is cleanand easy to use, the watch has 4 buttons, but one is a light. The other 3 are a combination of single click and click and hold for 2 seconds and it will take you into different menus. I was able to easily walk through the menus and configure the device with what I wanted. In most cases the defaults on the device were perfect for me and should accomplish what I need.
The watch is big, bigger than it looks like in the ads. It also includes an extension strap so that you can use it when wearing a 7mm wetsuit, but then the extension strap can be removed when either wearing it without a wetsuit or with a smaller wetsuit.
The watch comes with a USB cable, but you have to pay for the software for a mac to manage the computer. Kind of lame that it costs money to get the software, especially after you have paid so much for the computer.
Overall I am happy with the purchase, I am still testing it out in comparison to my Cobra, so I haven’t retired that yet and moved over to just an SPG gauge on my gear. I will probably give it a few more dives just to make sure that I trust it. This is my life we are talking about here.
I am a runner and really enjoy being out in the morning before anyone is up and able to get some miles in before work. I enjoy running while listening to music or books on tape. I was using the Jaybird Bluebuds X headset, but decided I wanted something that would stay in my ears a little better so I got the Beats Powerbeats2 Wireless.
I loved the design and I loved the fact that they had an over the ear clip that helped them stay in my ear and still allowed me to use the phone controls and talk on the phone while running.
What I have decided that I don’t like is the fact that the bluetooth radio on them is really weak. If I have my phone on my right arm or in my spandex fanny peck depending on how I turn my head my music will cut in and out. It’s really distracting and kind of a pain. I have had the headphones replaced once already and while Apple support was great and immediately issued an RMA and sent me a replacement set of headphones I am still unhappy that the issue is still there. Not sure why there is such a weak radio in this headset as I didn’t have this issue with my Jaybirds.
That being said I still like how they stay in my ears better than the Jaybirds so to combat the problem I have had to move my arm holster to my left arm. This seems to have solved the issue and haven’t noticed the music cutting out once since I did this.
So overall impression is they have a good feel the controls work well, you just have to be wary of where the Bluetooth Source is and that it might cut out on you.
Went through this blog post:
http://wp-photographers.com/lightroom-publish-service-for-wordpress/
And wanted to test the publish process.
This past weekend I participated in the Rundisney “Rebel Challenge” this was a 10k and a half in the same weekend. I had done this last year during the Disneyland Half Marathon weekend. I wasn’t too worried about it until 2 weeks before I managed to hurt my foot and I was basically incapacitated and couldn’t walk. I wasn’t sure if I would be doing anything this past weekend because of the pain I was in. After 2 weeks of RICE I was able to run the races. The time wasn’t important, what was important to me was that I completed the races and got my bling. At the end of the day that is mostly why I run the races. However during the races something else interesting happened, I got a huge blister on the foot that wasn’t hurt. I didn’t think anything of it, until I started reading about when to replace your shoes. I had worn this same pair of shoes for two other Half Marathons and several 10Ks, when I looked at my Nike App I realized I was somewhere in the realm of 350 miles. Those were just the miles that had gotten recorded when the watch was actually working, so it’s possible I was closer to 400 or so miles in these shoes.
As part of my rehab I have been walking a couple of miles a day to get my feet back to the point I can run again, I have done several miles with my old shoes and then several with a new pair. The new pair has made a huge difference in not irritating my foot injury or the blister that I managed to get. So at this point I have a feeling that I should have replaced this pair of shoes sooner and not ignored the nagging pain and injuries I was experiencing before.
Lesson learned, listen to your body more and don’t discount when your feet hurt.
Quick video I put together from my iphone of two of their songs. Really a great set and great performers. This was done at the AT&T stadium in San Fran as part of Cisco Live’s Customer Appreciation Event.
I needed to reset the config of a bunch of Motorola APs and unfortunately the documentation isn’t readily available. Here is the easiest way when you can get access to the console.
You have now reset the config. Below is a capture of the process.
AP7131 Boot Firmware Version 4.0.3.0-010R, CPLD Revision 3.19
Copyright(c) Motorola Inc. 2006-2009. All rights reserved.
Press escape key to run boot firmware ….
boot> reset config
. done
. done
. done
. done
. done
. done
. done
. done
. done
. done
. done
. done
boot> reboot
I am trying to learn Python as I think it will be good for my day job. I bought a couple of books, but I am someone that learns by doing. I found some good scripts out on the internet that I wanted to modify and make use of. However I am also a mac user and so I wanted to be able to run these scripts on my Mac so that when I wanted I could run them from where ever I might be. I do on occasion travel to sites and do some extra curricular activities that might require this ability. So the mac has Python pre installed, it’s version 2.7.5, which seemed sufficient for my needs and what I wanted to do. The script I wanted to play with needed the paramiko module. I was able to download it and extract from here:
https://github.com/paramiko/paramiko
That was easy, however to install it said if I had setuptools would be best. So I found this site:
https://pypi.python.org/pypi/setuptools#unix-including-mac-os-x-curl
And was able to find a command to download and install setuptools.
***Make sure you are root, you will have a much better time of it.***
curl https://bitbucket.org/pypa/setuptools/raw/bootstrap/ez_setup.py -o – | python
So that installed correctly, however when I went into python and did an “import paramiko” I was told I needed a crypto module. I then went out and found this:
https://pypi.python.org/pypi/pycrypto
Downloaded it and of course I couldn’t use setuptools for it, it needed to be built and then installed. So that required me to get Xcode 5.1 for the cc compiler and load that on my machine. That was straight forward enough. So after the Xcode install I then ran:
python setup.py build
But I was getting this error:
error: command ‘cc’ failed with exit status 1
Turns out there is an issue with Python and Xcode 5.1. The fix for that is to run the following before doing the build and install:
export CFLAGS=-Qunused-arguments
export CPPFLAGS=-Qunused-arguments
Once that is done you can then go into the pcrypto folder and run:
python setup.py build
python setup.py install
Now you have everything you need to use paramiko to ssh into a cisco device from a mac and run some commands or do whatever it is you want.
I did find one other thing that is needed and that was as part of the connect string for paramiko, I needed to specify “allow_agent=False,look_for_keys=False” as part of the string. If I didn’t then I was getting password errors on the cisco switch I was testing with.
ssh.connect(‘x.x.x.x’, username=’name’, password=’password’, allow_agent=False,look_for_keys=False)
All in all it was a very educational day and I think some hours well spent. I am now going to take my scripts and look to put everything into variables and also specify some lists so I can run it against multiple machines.
Joseph Jenkins 