[123285] in North American Network Operators' Group
RE: Cisco hardware question
daemon@ATHENA.MIT.EDU (Kaveh .)
Thu Mar 4 18:36:56 2010
From: "Kaveh ." <afx66@hotmail.com>
To: <bc-list@beztech.net>, <nanog@nanog.org>
Date: Thu, 4 Mar 2010 15:36:22 -0800
In-Reply-To: <ED2A16DB-DC87-422B-9113-7FB3DF11A69D@beztech.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Ben=2C
=20
Here is the output of # dir command - It includes all the files on disk0:/
=20
ciscoasa# dir
Directory of disk0:/
134 -rwx 16275456 08:43:56 Jul 15 2009 asa821-k8.bin
135 -rwx 11348300 10:46:44 Jul 15 2009 asdm-621.bin
136 -rwx 20480 00:00:00 Jan 01 1980 FSCK0000.REC
3 drwx 4096 00:03:28 Jan 01 2003 log
10 drwx 4096 00:03:38 Jan 01 2003 crypto_archive
11 drwx 4096 00:04:00 Jan 01 2003 coredumpinfo
138 -rwx 61440 00:00:00 Jan 01 1980 FSCK0001.REC
139 -rwx 9526560 10:43:02 Jul 15 2009 csd_3.4.1108.pkg
140 drwx 4096 10:43:02 Jul 15 2009 sdesktop
141 -rwx 2397046 10:43:04 Jul 15 2009 anyconnect-wince-ARMv4I-2.3.=
0254-k9.pkg
142 -rwx 2648712 10:43:04 Jul 15 2009 anyconnect-win-2.3.0254-k9.p=
kg
143 -rwx 4217694 10:43:06 Jul 15 2009 anyconnect-macosx-i386-2.3.0=
254-k9.pkg
144 -rwx 4259411 10:43:10 Jul 15 2009 anyconnect-linux-2.3.0254-k9=
.pkg
145 -rwx 28672 00:00:00 Jan 01 1980 FSCK0002.REC
146 -rwx 4096 00:00:00 Jan 01 1980 FSCK0003.REC
255582208 bytes total (201719808 bytes free)
Thanks
=20
> Subject: Re: Cisco hardware question
> From: bc-list@beztech.net
> Date: Thu=2C 4 Mar 2010 18:23:57 -0500
> To: afx66@hotmail.com=3B nanog@nanog.org
>=20
>=20
> On Mar 4=2C 2010=2C at 6:16 PM=2C Kaveh . wrote:
>=20
> >=20
> > Thanks for the feedback. Let me clarify a few things regarding issues t=
hat this thread has addressed so far:
> >=20
> > A) Pre-existing configs: What Tim and Joe mentioned is apparently corre=
ct. I was on phone with a few Cisco tech-reps earlier today and they told m=
e that since version 8.2=2C they have been shipping ASAs with a default con=
figuration=2C which explains the existence of private IP addresses on the i=
nside interface=2C etc ... .
> >=20
> > B) What Cisco reps could NOT explain was the existence of a number of F=
SCK000#.REC files on these appliances. To be more specific each of ASAs in =
question contains 4 extra files: FSCK0000.REC=2C FSCK0001.REC=2C FSCK0002.R=
EC=2C FSCK0003.REC). I said 'extra' because I asked the Cisco reps on phone=
to provide me a complete list of files that should exist on a brand new AS=
A=2C and the 4 files above were not part of the list and I think even they =
got confused when I mentioned the existence of these files.
> >=20
> > I could not find much info on these files=2C but a simple Google search=
indicates that these files may be 'recovery files' of Disks operating unde=
r Unix/Linux/BSD/etc /... kernel=2C indicating a dying hard drive. That wou=
ld be enough to freak me out! Anyone can confirm this?
> >=20
> > C) SmarNet issue: I am a little confused on this. Since this purchase w=
as for NEW equipment=2C and the devices were shipped by Cisco (at least tha=
t is what I read on the box=3B a Cisco warehouse in TX)=2C then my understa=
nding is that the devices came with the first 12 months of Smarnet anyway. =
So I will be surprised if they decline the contract renewal after the first=
year. After all they sold us the appliances as if they were new. How can d=
ecline renewal if I can prove that I paid them for new?
> >=20
> > D) Reseller: Yes=2C I appreciate the input. I will stick with a bigger =
name like CDW=2C next time=2C but again it appears to me that the devices w=
ere shipped from a Cisco warehouse in Texas=2C and not from the reseller's =
location.=20
> >=20
> >=20
> >=20
> > I would greatly appreciate any input=2C especially on B)
> >=20
> >=20
> >=20
> > Thank you
> >=20
> >=20
> >=20
> > Best regards
> >=20
> >=20
> >=20
> >> Subject: RE: Cisco hardware question
> >> Date: Thu=2C 4 Mar 2010 14:27:04 -0800
> >> From: MAdcock@hisna.com
> >> To: ken.gilmour@gmail.com
> >> CC: nanog@nanog.org
> >>=20
> >> According to previous conversations with my Cisco rep the answer is no=
- Cisco won't support it. I'm blind copying him on this and will pass on h=
is response.
> >>=20
> >> Thanks=2C
> >> Matt
> >>=20
> >> ________________________________
> >>=20
> >> From: Ken Gilmour [mailto:ken.gilmour@gmail.com]
> >> Sent: Thu 3/4/2010 4:17 PM
> >> To: Adcock=2C Matt [HISNA]
> >> Cc: nanog@nanog.org
> >> Subject: Re: Cisco hardware question
> >>=20
> >>=20
> >> So if one were to purchase equipment=2C which is explicitly sold as "R=
efurbished" from=2C say www.impulsetech.us and they were to offer Smartnet =
on it=2C there is no guarantee that even if you paid for it=2C that Cisco w=
ould fulfil their support contract?
> >>=20
> >> Regards=2C
> >>=20
> >> Ken
> >>=20
> >>=20
> >> On 4 March 2010 15:22=2C Adcock=2C Matt [HISNA] <MAdcock@hisna.com> wr=
ote:
> >>=20
> >>=20
> >>=20
> >> Don't deploy the equipment=2C demand a refund=2C and report the resell=
er to Cisco. I agree completely with Brian - find a good Cisco partner and =
stick with them. Also=2C you can't legally buy used Cisco equipment and use=
the operating system. You can buy the equipment but the OS is absolutely n=
on-transferrable. If you try to get SMARTNet on it red flags will go up and=
Cisco won't support it.
> >>=20
> >> Thanks=2C
> >> Matt
> >>=20
> >>=20
> >>=20
> >> Matt Adcock=2C Manager
> >> 334-481-6629 (w) / 334-312-5393 (m) / MAdcock@hisna.com
> >> 700 Hyundai Blvd. / Montgomery=2C AL 36105
> >>=20
> >> P
> >> The average office worker uses 10=2C000 sheets of paper =3D 1.2 trees=
=2C per year
> >> By not printing this email=2C you've saved paper=2C ink and millions o=
f trees
> >>=20
> >>=20
> >>=20
> >> From: Brian Feeny [mailto:bfeeny@mac.com]
> >> Sent: Thu 3/4/2010 3:05 PM
> >> To: Kaveh .
> >> Cc: nanog@nanog.org
> >> Subject: Re: Cisco hardware question
> >>=20
> >>=20
> >>=20
> >>=20
> >>=20
> >> If you are getting Cisco hardware with configs on it or crashfiles=2C =
etc. Then no it is NOT new equipment. Who are you buying from? Are they a G=
old partner on Cisco's partner locator? If not=2C then I have seen some see=
dy things=2C and of course i have seen seedy things with Gold partners too=
=2C I am just pointing out that the ability to compete and make margin get =
more and more difficult the lower the partner is on the totem pole and so d=
esperation can drive certain behavior.
> >>=20
> >> In general from a cisco Gold partner you can expect as good as 35-40% =
or so on new equipment for a discount for regular deals. Special pricing fo=
r special projects you may be able to get a bit better=2C and maybe 1% or s=
o better for general products from CDW or a big box company like them. If y=
ou are paying 50-60% off list for just individual items you order=2C then i=
ts likely not new and there is likely something shady going on=2C as no par=
tner is going to get you some special discount pricing on a single 3845 for=
example.
> >>=20
> >> All of your good gold partners are going to charge around the same giv=
e or take a few percent on material. So find someone you can trust and just=
build a relationship. If your paying new prices for used gear then yes you=
are getting ripped off.
> >>=20
> >> I would be glad to recommend to you a reputable gold partner if you em=
ail me off list.
> >>=20
> >>=20
> >> Brian
> >>=20
> >>=20
> >> On Mar 4=2C 2010=2C at 3:48 PM=2C Kaveh . wrote:
> >>=20
> >>>=20
> >>> Hello=2C
> >>>=20
> >>> I apologize if this is an unusual topic but I would like to know what=
this expert community thinks about this issue:
> >>>=20
> >>> We have noticed that a number of Cisco appliances we have recently pu=
rchased and paid (AS NEW)=2C are being shipped as if they have been already=
used/refurbished. In other words=2C several times we have seen brand new C=
isco hardware=2C out of the box=2C that has pre-existing configuration (Int=
erfaces with Private IP addresses=2C static routes=2C etc ...) and in some =
cases even non-system files=2C like 'crashdump.txt' or additional IOS image=
s. Most importantly our latest purchase=3B 2 'new' ASAs=2C contain a series=
of files named: FSCK0000.REC=2C FSCK0001.REC=2C FSCK0002.REC=2C etc ... . =
Based on some research it seems like that these files are 'recovery files' =
signaling bad/failing hard disks in these appliances.
> >>> Anyone on thhis group has seen this before and if yes=2C are we suppo=
sed to blindly trust the vendor saying the hardware is new=2C safe and secu=
re?
> >>>=20
> >>> The only way I can explain this is that the hardware has been refurbi=
shed or previously configured for reasons unknown to me. I think if custome=
rs pays for new hardware=2C they should get new hardware=2C even if refurbi=
shed hardware may be covered by Smartnet.
> >>>=20
> >>> Any thoughts or recommendations anyone? The last thing we want to do =
is to deploy faulty (or non secure) security appliances in production. :)
> >>>=20
> >>> Thank you
> >>>=20
> >>> Best regards
> >>>=20
> >>>=20
> >>=20
> >>=20
> >> The information in this email and any attachments are for the sole use=
of the intended recipient and may contain privileged and confidential info=
rmation. If you are not the intended recipient=2C any use=2C disclosure=2C =
copying or distribution of this message or attachment is strictly prohibite=
d. We have taken precautions to minimize the risk of transmitting software =
viruses=2C but we advise you to carry out your own virus checks on any atta=
chment to this message. We cannot accept liability for any loss or damage c=
aused by software viruses. If you believe that you have received this email=
in error=2C please contact the sender immediately and delete the email and=
all of its attachments
> >>=20
> >>=20
> >>> Hotmail: Free=2C trusted and rich email service.
> >>> http://clk.atdmt.com/GBL/go/201469228/direct/01/
> >>=20
> >>=20
> >>=20
> >>=20
> >>=20
> >>=20
> >>=20
> >>=20
> >>=20
> >>=20
> >>=20
> >=20
> > _________________________________________________________________
> > Hotmail: Powerful Free email with security by Microsoft.
> > http://clk.atdmt.com/GBL/go/201469230/direct/01/
>=20
> Kaveh:
>=20
> I can confirm with absolute certainty that fcsk is a Unix utility for det=
ermining if a hard disk is failing and optionally attempting a recovery. I =
have never heard of such output files=2C though. How big are they? If they =
are tiny=2C they could just be status reports or a save of the program's ou=
tput. If they are large=2C they may represent backups of the flash memory.
>=20
> Ben
=20
_________________________________________________________________
Hotmail: Free=2C trusted and rich email service.
http://clk.atdmt.com/GBL/go/201469228/direct/01/=
