Pinpointing an Access Point in a Cisco WLC environment

Managing a large amount of Wireless Access Points (100+) in a campus environment can be a real hassle. Luckily, nowadays large scale Wirelesse deployments are backed by Semi-Intelligent Infrastructure like Wireless Controllers like the WLC5508 by Cisco.

Inventory of your access points is important in order to improve your response time in case of an outage or when serious RF issues occur. In a well deployed environment these types of incidents hardly matter due to redundancy but depending on your wireless coverage this may reduce performance for users when connecting to a different access point.

Since network environments, like all infrastructure components in an IT environment are constantly growing to maintain scalability, documentation and inventory might be neglected making it hard to locate certain equiptment. Access points should always contain some sort of human-readable identifier with information on the location (building, floor, room etc.)

Lets say you have a Cisco AP with the AP Name AP45678321 and need to locate it. Here are some ways to track it down.

  • connected users are an indicator on the rough position of the access point. If Bob and Alice are connected to the specific AP and you know where they are located in a building, you should be able to determine a rough estimate on the Switch the AP is connected to
  •  If you roughly know which switch to check on, use CDP (if enabled) to find the Port it is attached to

 show cdp neighbors

  • You can also use the human discovery process to locate a specific AP by placing it into debug mode and flashing the LED

On the WLC, enter

debug ap enable AP45678321

to enable debug and flash the LED using

debug ap command “led flash seconds(use a value from 1-3600)” AP45678321


This should help you find a specific Access Point without going completely mad.

Android mobile client for Nagios

Nagroid is a mobile client that speaks to nagios via http/https licensed under GPLv2.

The client will let you configure category aware notification sounds for either Warning Alarms, Critical Alarms or Down/Unreachable alarms and allows you to filter handled problems.

This app goes along very well with ConnectBot (GPLv3) if  https/https access via SSH tunnel is required.

Pretty neat, but I guess the xmpp notifiaction is more practical to me when it comes to Nagios.

SMTP flaming…

I always expect to find weird SMTP status codes… After all i dont trust Exchange MTA anymore since the greylisting bug….

But it is always amusing to find something like this (used by qmail)

25 - - 354+go+ahead+punk,+make+my+day  with reference to

This was actually caused by bad formatting  with a non RFC 821 compliant SMTP client…

If you keep in mind that this error code message may appear in NDR to a user – which may potenially be a customer – this method is not really  suited to handle noncompliance.

Ubuntu 8.04 LTS Server: In depth Mail Gateway Guide

Ok this is not new but probably one of the best Linux tutorials i have ever seen. The Guide consists of 104 Pages from the server install up to the working thing featuring many screenshots. Here is a list of features this server covers:

  •  Postfix w/Bayesian Filtering and Anti-Backscatter (Relay Recipients)
  • MailScanner (Spamassassin, ClamAV, Pyzor, Razor, DCC-Client)
  • MailWatch, SPF Checks, FuzzyOcr, PDF/XLS/Phishing Sanesecurity Signatures
  • Postfix-GLD (Greylisting Optional)
  • Logwatch Statistical Reporting (Optional)
  • Outgoing Disclaimer with alterMIME (Optional)
  • FireHOL (Iptables Firewall)
  • Apache, Mysql, Bind
  • Apache, Mysql, Bind,


2600 Magazine Best Of about to be released

HOPE is coming up and Emmanuel Goldstein is releasing the best of 2600

from Amazon:

In The Best of 2600, Emmanuel Goldstein collects some of the strongest, most interesting, and often controversial articles, chronicling milestone events and technology changes that have occurred during the last 24 years – all from the hacker perspective. Examples:

  • The creation of the infamous tone dialer “red box” that drove Radio Shack and the phone companies crazy. It was in the pages of 2600 that this simple conversion was first brought to light. By modifying an inexpensive Radio Shack touch tone dialer with a readily available crystal, free phone calls could easily be made from all of the nation’s payphones.
  • An historical chronology of events in the hacker world that led to the founding of the Electronic Frontier Foundation.
  • A close looks at the insecurity of modern locks through an article entitled “An Illusion of Security” that debunked the value of Simplex pushbutton locks, used on everything from schools to homes to FedEx boxes.
  • The stories of famed hackers Kevin Mitnick, Bernie S., and Phiber Optik as they unfolded. Through 2600, the world heard these controversial tales despite the efforts of authorities and the mass media.

Here are the Preorder Links:

Amazon Germany

This will truly be the almanac in American hacker culture…

The Chaos Computer Club has a similar compilation named Hackerbibel 1 & 2 (hacker Bible)

WP and permalink recovery

Just tried to play around with the permalink features of WordPress and immediately was kicked out with a 500… Since i have have never been in need of mod_rewrite i didnt realize that this feature was not available by my host provider (Strato)

So in case this should ever happen to you:

1. Remove the .htaccess file in your wp root

2. You will know regain access to your WP site, but all the links are still messed up

3. Login to the Administration panel and set the permalinks to default

4. Once you update the permalink setting, you will be kicked out again immediately

5. Leave the browser window with the error open and remove the newly generated .htacccess file again

6. Now reload the error page and you should be back to your default permalinks