]]> http://security.blogoverflow.com/2011/08/base-rulesets-in-iptables/#comment-819 Fri, 02 Mar 2012 11:13:11 +0000 http://security.blogoverflow.com/?p=90#comment-819 Curse your eyes, I shloud have written that myself. Well done, bravo. Should be some kind of a class based on this for network admin n00bs.I have also learned over the years to never assume it isn’t the network. Usually it isn’t. But this could be the time you’ve got the odd interface throwing away packets or a sup engine acting up. Going all Nick Burns never helps, agreed. I’ve made great strides by working closely with the admins, hearing out their symptoms, and brainstorming WITH them about what the potential causes are. If I demonstrate that I’m open to the root cause being a network issue, and I’m transparent about what I’m doing to troubleshoot, they tend to be more open with me about what they are considering and checking.It doesn’t hurt to have a little server background. That way, when the apache guys are talking about the new mod they loaded last night or maybe how they got a little more restrictive with the ciphers they’ll talk to a client with (whatever), you can tune in and bounce around how that issue might be related the problem being experienced. Credibility and openness is so very key, though. If they know they can trust you to own up when it’s your (a network) problem and not just CYA, the process goes a whole lot better. And then the next time it’s even better than that.

]]> http://security.blogoverflow.com/2011/08/base-rulesets-in-iptables/#comment-687 Tue, 14 Feb 2012 23:15:16 +0000 http://security.blogoverflow.com/?p=90#comment-687 That script alone dropped router CPU usage by 56% ipv6 scripts would help a lot.

]]>