This post is for my self-learning and I’ll be updating it with all the handy docs/blogs I come across over the internet.
Linux Directory Structure
How to Use Fdisk to Manage Partitions on Linux
sudo lsblk - Check file system
sudo vmblank_mode=0 vmware - to start vmware as root and for some reason I have to set the vmblank
A quick post on (CentOS) Linux commands for FireAMP Connector
FireAMP connector install
[root@localhost Downloads]# yum install fireamplinux_connector.rpm
FireAMP connector install location
[root@localhost bin]# pwd
Disclaimer: These are my rough cut notes for CCIE Security studies! Not a detailed explanation of DMVPN.
Three components that make up DMVPN:
1. Mulitpoint GRE (mGRE)
- Tunnel interface having multiple tunnel destinations unlike a point-to-point GRE tunnel that has a single tunnel destination.
2. Next-Hop Resolution Protocol (NHRP)
- Each router in an NHRP topology acts as either a NHC or a NHS.
- mGRE uses NHRP for mapping logical/tunnel IP address to physical/real IP addresses.
- NHC registers its physical-to-tunnel mapped IP address to the NHS and the NHS acts as a database agent which stores all registered mappings and replying to NHC queries.
- If a NHS does not have a requested entry in its database, it can forward packet to another NHS to see if it has the requested association.
3. Cisco Express Forwarding (CEF)
- Cisco Express Forwarding (CEF) is a packet-switching technique which provides the ability to switch packets through a device in a very quick efficient way while also keeping the load on the router’s processor low.
- CEF is made up of two different main components: the Forwarding Information Base (FIB) and the CEF Adjacency Table.
If you understand the inspection points in Check Point and can use FW Monitor to get the required logs/captures then you can read further on how how to analyze those logs.
So to start off with, lets see what the different fields are in the above picture of a sample log from the console;