Monday, June 18, 2007

Cisco ASA v8.0 and AnyConnect VPN Client Released!

To all those loyal Cisco VPN customers, some exciting news. Cisco has announced the release of ASA 8.0 and the long-awaited AnyConnect VPN Client. Release notes for ASA 8.0 can be found here, while release notes for AnyConnect can be found here. Lots of reading to keep everyone busy. Very exciting news for those admins waiting to support Vista VPN connections. Hopefully I'll get some time in the coming weeks to get this loaded into the lab and play around with it. Expect to see ASA and AnyConnect updates to be available for notification via CMPC very soon!

-Mike

Friday, June 15, 2007

Some of My Favorite Links

I know my blog may seem like the best resource for everything networking, but I have to share the love (hmm... if blogger only had a button for showing sarcasm). There are some terrific resources available out there and I wanted to take a post to dedicate to linking to some fellow bloggers and project from around the Internet.

Blogs:
- Cisco MARS Blog - A terrific blog operated by Chris from the UK. Chris shares a wealth of knowledge about his MARS experiences in his excellent and detailed posts.
- Network Response - Another terrific blog by Chris. This one is more focused on security offerings from Cisco other than MARS.
- Cisco Blog - A general Cisco blog from JC. Offers some very well written posts about some advanced Cisco networking topics. Gave me the inspiration to start this blog.

Projects (free network sh*t!!):
- Cacti - An amazing open-source project aimed at providing an easy-to-use web interface for graphing a variety of SNMP statisticis. Highly customizable and a very extensive plugin offering available via their forums. I'll soon integrate this into CMPC to provide notification when updates are available.
- IPPlan - Another amazing open-source project. This one aims to provide an architecture to manage IP address tracking and provisioning. If you have any more than 5 subnets... download this and love it. I'll soon integrate this into CMPC to provide notification when updates are available.
- Nessus - Software provides one of the most extensive network threat scanners I have ever dealt with. This used to be very hard to use and configure... but the Windows version is ridiculously easy to configure. I'll soon integrate this into CMPC to provide notification when updates are available.

-Mike

Thursday, June 14, 2007

CS-MARS Package Checker (CMPC) v1.0.0.0 Released

I'm pleased to announce the first release of CMPC v1.0.0.0. You may download the distribution from the following location:

http://www.mediafire.com/?c2wwmbmbzxh

Enjoy and leave feedback!

-Mike

Wednesday, June 13, 2007

CS-MARS Package Checker (CMPC) v1.0.0.0 Upcoming Release

As promised... CS-MARS Package Checker (CMPC) will be released within the next 24 hours. I'm finalizing some code clean-up and the first release should be ready very soon. As a preview, here's the readme that will be included with the release (doesn't paste well into Blogger... sorry for formatting):

CS-MARS Package Checker (CMPC) v1.0.0.0 readme.txt
Updated June 11, 2007 by Mike

Send all feedback/comments/problems to ****** or let me know on my
blog at http://cs-mars.blogspot.com

WHAT IS CS-MARS PACKAGE CHECKER?
================================

CS-MARS Package Checker (more easily written as CMPC) is a tool to help the

growing user community of the Cisco MARS appliance keep it's rules up-to-date.

It's very basic by design, but wildly useful. It quite simply parses the
required information from an XML configuration file, uses the CCO credentials
to log into cisco.com to check for updated packages, and e-mails the results
to a specified e-mail.

CMPC is current developed as a command line executable. This was easier to port
nearly directly from the first implementation written in PERL under Linux.
Feedback is appreciated on the design, but it is already planned to migrate to
a standard executable.

INSTALLATION
============

The installation of CMPC is rather basic:
- Extract to program archive cmpc.zip. This archive should contain:
- cmpc.exe
- config.xml
- readme.txt

- You may place these files wherever you see fit. The only requirement is that
the cmpc.exe and config.xml are within the same directory. The easiest
location may be something such as C:\CMPC\

CONFIGURING CMPC TO RUN
=======================

Configuration of CMPC for runtime is handled through the included config.xml
configuration file. Open the file in your favorite text editor and fill in all
fields like so:




someuser@company.com
Securepassword123
smtp.company.com
myemail@company.com


Please keep in mind that all fields are required. Certain validity checks are
run while CMPC processing, but a majority of issues running this program are
sourced from an incorrect config.xml. Support is always available on my blog
or by e-mailing me at
******.

REMOVAL
=======
Simply remove the directory in which you installed CMPC.


PROBLEMS USING CMPC
===================

CMPC has been developed to catch most exceptions and give informative errors
when issues occur. That being said, errors do occur that I may not catch. If
you are running the cmpc.exe executable from Windows XP, the error output may be hard to catch as the dialog will close after erroring. To solve this, open up
the Windows XP command prompt and run the cmpc.exe executable from there. This should allow you to see the error output. If you receive a cryptic error
message, let me know and I'll debug the code on my side.


CMPC HISTORY
============

Apr 27, 2005 v1.0.0.0

- Initial release.

Saturday, June 02, 2007

CS-MARS Package Checker: Keeping your MARS appliance up to date

I just thought I'd put a quick blurb about an upcoming release that will be showing up on this blog soon. I'm in the process of finalizing a program I originally wrote for myself that helps me keep my MARS appliance (and some other Cisco products) up to date. The concept behind the program is for it to, on a defined basis, automatically check CCO for the latest device packages and e-mail them to you.

CS-MARS, like most security devices, is only as useful as the known threats built into the device. Anyone who operates an IPS/IDS device knows how critical it is to keep such a device up-to-date. CS-MARS is no different. Cisco provides no avenue for automated update checking, so rather than remembering to check CCO every once and a while for package, this program does it all for me, and soon for you.

It's very basic in operation. It was originally written in Perl and ran under Linux, but has since been ported to C# for usability. It's an executable, an XML configuration file, and scheduling is done through Windows (scheduled taks). Simply configure the XML file with your CCO credentials, SMTP server, and the From/To mail account. After then, you can execute the program at your leisure or schedule it through Windows.

Though this may sounds simple, it's a wildly useful tool. It's so useful, I've begun re-writing it to allow checking of other packages. It now e-mails me daily with the latest packages for CS-MARS, Unified Wireless, ASA/PIX images, and WAAS updates. Don't expect the first release to have the feature of checking for updates for other products, but it is a planned add-on for later releases. Input about other products you'd like to see have similar notifications is welcomed. Just add a comment to this post!

I'm bringing up the topic of this app now because I don't want my blog to simply be me throwing up information onto the Internet (though if I drink Jack Daniels... well.. different topic). I want input from anyone that has anything to say. I'm wrapping up development now in my free time, but I'd like to hear input about whether this would be useful or not. Drop a comment or two and expect to see the release in the coming weeks.