Dora the explorer and technology, for some reason they go hand in hand, and to my surprise, I am not the only one who thinks so.
I just saw this post by Anthony Sequeira pop up, and in case you missed mine, check it out.
(I wonder if the creators of Dora had a secret agenda to not only make the show teach kids Spanish, but also for Techies to use as illustrations?)
Hmm, what do you think, is Dora the new face of Networking?
—
CJ
Have you ever wondered what the differences are between the ‘password’ and ‘secret’ commands? You’ve always heard that ‘secret’ is better, but you have never quite understood why. So what makes it so much better, and what are the differences?
Secret
Your mom always told you secrets don’t make friends, well in the case of password security – GOOD! The reason Cisco and good engineers are always recommending ‘secret’ over ‘password’, is because when you use a secret, it will put the clear text password through a one-way MD5 hash. Hashing is a pretty awesome concept, and believe me, it will make your mother proud! :)
Basically hashing means that you can’t derive the clear text from the output of the hashing algorithm. That is why it is a one-way algorithm, output cannot go back “in” for decryption. This, my friends, is the strength of hashes.
Now, with enough computing power and time you could try every possible combination of strings to put through the hash to figure out what the password is, because the output of “hello” is always going to the be the same. Fortunately, the feasibility of having enough computing power and time is small.
Password
Password, oh good old password command – when you use ‘password’ in conjunction with the service password-encryption command, it will encrypt your passwords within the config. At first blush, this would appear safe and trustworthy, until you realize just how pathetic the encryption really is.
You see, the encryption (type 7 encryption), is reversible, it is two-way. What that means is, you can take the encrypted password and derive the clear text by passing it through a decryption algorithm. Unlike using ‘secret’, which the cleartext can only be guessed – not derived, ‘password’ or type 7 encryption can very easily but cracked!
As matter a fact you can do this right within the IOS itself.
In the video below, I will show you how to decrypt a type 7 password right within the Cisco IOS. By using the built in neighbor router authentication functionality, key chains, you can quickly and easily decrypt a type 7 encrypted password. There are many tools out there to do it as well, but hey, why not know how to do it right within the IOS. Hopefully now, after you watch this video, you will stay away from ‘password’ and starting using ‘secret’!!!
Happy hacking :),
CJ
P.S. Watch the video at 720p and fullscreen for best viewing.
p { margin-bottom: 0.08in; }
Round 2…
I passed. Failure was hard, but I had to realize that the CCDA “didn’t own me”. Failing my first attempt has only set me back 4 days, and I am finally able to move on. It was an exhausting exam to study for, one that I am glad is over. I have some regrets and some things I would change if I had to do it over again, but in the end I won.
It’s the final countdown…
I had only four days to fill in my “knowledge” gaps. Four days to rediscover material within all the information I had poured over for months. This was not easy, motivation was low, and there was no way I could gain momentum. I tried desperately to remember the questions that stumbled me, to remember anything I could think of that I needed to know. Four days did not seem like enough.
It took me a day to realize that reviewing the material was pointless, I had to look for the answers to the questions I struggled with on the exam. It helped with my motivation to search for answers as opposed to just reviewing the material. If I was not able to recall questions from the exam, it would have been “impossible” to search through the material with fresh eyes.
It’s here…
Monday came and the weather was warm and believe it or not the sun was shining (if you don’t live in Rochester, NY than you have no idea the gravity of this statement). I was feeling confident, and encouraged by all the support of my family and friends. Everyone was behind me, rooting me on.
Once I arrived at the testing center, signed in, and sat down, I took a deep breath. I read each question twice, and double checked each answer. I treated every question like it was the very first one. I was not going to lose my positive attitude.
Finally the end came and I waited…and waited…and waited for the results. What took minutes felt like hours. Then it displayed, “Pass”. Monday’s sunshine was the warmest it had ever felt in Rochester. :)
Getting back up…
SO you ask, when and if I fail, how do I get back up? Two things I learned: one, you must let it go, and two, press on. Pretty simple right? Try to remember the questions you KNOW you stumbled on, and look for those answers and understand the technology. Another suggestion, don’t study more than you have to, especially if you only have a few days. It was tempting to go deep into the technologies, but I knew that it would only cloud up my head with things that I didn’t need to worry about until after the exam. So get up, study what you need to and ONLY what you need to.
No take backs!
Regrets…if I had to do it all over again, I would have taken the CCNP first. It is “recommended” to have SWITCH level knowledge and it would have made the exam a lot easier had I achieved my CCNP first. If you are still on the fence, do yourself a favor and go for the CCNP before the CCDA. Two reasons:
You will be certified at the Professional level
You will have a good understanding to (most of) the topics on the CCDA.
This is the end…
It feels good to be done. It was an awful exam to study for, and I am glad that it’s over. So, whats next for me? I am going to finish up my CCNA-Security and write the exam next month. Then…finally to the CCNP.
So, for those of you with your CCDA, how did you like studying for it? What are you thoughts? What about those studying now, are you enjoying it?
Here is a snippet from a great post by Paul Stewart on exam strategy.
“When preparing for an exam, the very first thing I do is look at the exam blueprint. The Exam Blueprint is a list of topics that are covered by the exam. These are found by going to the Certification Center, choosing the certification track, selecting the relevant exam, and drilling down into the Exam Topics. When reading the exam topics, I like to pay particular attention to some keywords. For example, “Understand” or “Describe” is most likely an indication that an understanding of the topic, protocol or technology is necessary. If I see the keyword “Configure”, I know am expected to demonstrate the knowledge and commands that are relevant to configuring the technology. In this case, I would expect more difficult questions and possibly simlets. The other keyword that I often see is “Troubleshoot”. Troubleshooting skills require us to have an in-depth knowledge of theory and configuration. Therefore, by looking at the blueprint, I can often gauge the depth of knowledge required for a topic.”
As you might have known I took my CCDA v2.0 exam yesterday and failed. Before the exam my confidence was high, I had studied harder than I did for any other certification exam. I was nailing the practice tests and really understood the material in great depth. I came to the point where I felt like I just couldn’t possibly learn any more, in other words I had exhausted my materials and my brain. Well it turns out it wasn’t enough, I failed and it stung.
Ouch…it hurts…
It is true that pass or fail, it doesn’t change my abilities nor does it change who I am. While it is easy to tell all you on the Internets that it doesn’t matter, it is much harder to live it. I admit I am upset. My initial feelings were that all my skills have been invalidated, like somehow failing a test means I am a worthless tech. It is not true though, that it is the farthest thing from the truth. It simply means I have not acquired quite enough knowledge about design. It does not magically take away my digital ninja skills, and I will not let it hold me back.
I have thought about what this means, my failure, what I can learn from it. It is possible that in my quest to help others grow and mature, it is best that I know what it feels like to fail a test. It’s like when Jayne asks Simon ,”…how can you operate on someone when you ain’t never been shot?” Of course I am paraphrasing that but the point remains, I feel I can better teach and empathize with others who have felt the sting of failure. So yea, I am going to go with that. :)
Other than that, such is life. Without failure, I suppose life would be boring. If there was never the potential to fail it would make winning pretty lackluster.
Where to go from here…
So where do I go from here? Well as it turns out, I have been able to reschedule my exam for Monday, April 11. It was not looking good yesterday, I was constantly checking the pearsonvue website for open dates before the exam expires, but (literally) my prayers have been answered. It is time to reclaim victory and get my cert.
Now you know, if I fail TWICE, man I don’t know what I am going to do. :) I am feeling the pressure to study enough before Monday. I feel totally unprepared. I will go over some material from other exams, such as ROUTE and SWITCH exam to try to fill in the gaps. We will have to wait and see if four days is enough to fill in the gaps. It is all I have, my last shot before the test expires.
Get up!
At the end of the day this has been a great experience. I have tasted the sting of failure, I can better empathize with others, and I will now learn how to press on in the face of frustration. When this is all said and done, I will learn how to re-approach material I have believed is exhausted.
So, do you think anyone makes it to the CCIE without any failures? Is that the healthiest thing? What do you all do when you fail? How do you pick yourself back up and approach stale, exhausted material?
I have done all I can…now 24 hours away! Wish me luck :)
—
CJ
