Last year I decided to move my study more into focusing on security to give myself more exposure to this important area. I wasn’t expecting the rabbit hole that it’s sent me down. Studying for the eCPPT(Certified Professional Penetration Tester) has opened up a hole new community and it’s been a brilliant year of learning, but more than I was expecting. I took the v2 exam, which is due to be retired at the end of December. Unlike the new v3 exam which is a 24hr exam, but doesn’t require a report to be created. The v2 exam was a 1-week long lab exam with a 1-week report write up phase.

In part one I gave an overview of the more fundamental features of find. Here, I’ll go over how we can incorporate regular expressions.

Regular expressions are one of those skills that you’ll end up using throughout of your career, from using in a bash script, BGP route manipulation or filtering, or a simple grep.

One of the features that makes find awesome is its ability to incorporate regular expressions, to create granular search patterns.

When using Linux you’ll come to use a certain group of tools daily. In your tool bag you’ll no doubt have a worn grep, a shiny sed, a beat up awk, and a collection of other well used tools. One of my personal favourites is find.

Find allows us to pinpoint a specific file by name, or by a certain characteristic. We can link these search options together to work with very granular patterns to match against.

Though Linux is usually thought of as a server OS. It has huge amount of other implementations from embedded systems, the world of IOT, the mobile phone sector, and we’re all still waiting for the year of the Linux Desktop(sure it’ll be this year). But a function that is often over looked is the available routing protocol suite that eanbles linux to function as a router.

The routing protocol suite started off as a project called Zebra, which after becoming discontinued morphed into Quagga Routing Software. We’ll be using FRRouting, which is a project that has been forked from Qugga, and is under active development.

Generic Routing Encapsulation(GRE) tunnels are a technology that was developed by Cisco but, is now an open standard through RFC 2784. GRE tunnels can provide use with a lot of versatility when needing to move different protocols between networks. Though we have now moved into an era that is predominantly TCP/IP, when GRE was developed it was at a time of multiple network technologies, IPX, Appletalk, Token Ring, etc, flourished. GRE provided the ability to encapsulate these technologies and let them traverse an Internet Protocol network.

In my previous post I worked through how to use EEM when we had the constraint, of having to keep the Backup circuit interface shutdown when not in use. Without this constraint we can implement redundancy with just Administrative Distance.

Administratvie Distance

This is a metric that is used by vendors to rate the reliability of a route. Vendors do use different metrics. I’ll be using Cisco devices in this example. The lower the AD(Administrative Distance) value the more reliable a route is deemed.

The Embedded Event Manager is a brilliant tool that can be found in the Cisco IOS. Before the development of IOS-EX, devices were limited to TCL and EEM to implement scripting locally on the device. Though we now get python available to us, TCL and EEM are still very useful.

I’m just going to roll through a simple example of using EEM. We have a Primary and a Backup Circuit in our environment, but prefer to keep the interface of the Backup circuit shutdown when the Primary is active. So if we lose our Primary Connection, the interface connected to the Backup circuit needs to be brought up. This can be scripted with EEM, we’ll also put recovery in there. So when the Primary circuit comes back we shut down our interface to the Backup circuit.

Whilst recently recertifying for my LFCS the networking section had been further expanded and now included static routes. I thought this was fantastic. Though I know a lot of people use linux, I doubt many get down into the plumbing, and work with the networking on their machines. This is just going to be a little walk through of setting up a static route.

Static routes can come in handy for connecting environments with multiple networks. By using static routes, we can direct our traffic, and make sure the more efficient paths are being used.

I passed my Linux Foundation Certified Systems Administrator Exam a few weeks back. This was a recertification. Since I last took the exam the syllabus has been overhauled. Where previously you would choose between CentOS and Ubuntu, they have now gone for a vendor neutral approach.

I was hoping for the release of the new LFCE, but I fear that this is never coming. I did message the team a year ago and was told it was in development, but haven’t seen any update. This will be a future decider for whether to stay with the Linux Foundation or move over to the Red Hat certification track. As there isn’t any advancement, only lateral movement through the Kubernetes certifications.

I passed my Cisco ENCOR exam just over a month ago. I took it on the last day of V1.0. Thought I’d give an overview of the resources I used and how I found things. Obviously the Exam has now changed, so other resources maybe required.

Resources

Core Books

I would read every morning as soon as I woke. This way I guaranteed that I covered something everyday regardless of what got in the way.