Etherpunk

So, today I finally plugged in to the switch and did some work on it.
My initial goal was to get it in to a basic switch mode -- 10/100 auto-detect mode for all ports being on a single network.
First thing I had to do was reset the password. Easy enough, plenty of pages through Google to help through that one.
Next thing was to play around and get familiar with what it could do. I found that Wal-Mart owned it, at one point, and that Wal-Mart's network is forced to be 10mb half duplex. Interesting. In the process of trying to figure out how to change it to be full autodetect (for both speed and duplex mode) I found that forcing it to be a certain setting speeds up plugging in to the network a little bit, but from what I could tell it was not enough to really matter (or at least for my situation).

I then learned that every port has to be connected to a vlan, thusly if everything is on a single vlan -- it's just a regular switch. Google showed me how to do this easy enough, except it couldn't tell me how to do multiple ports at one time. At this point I decided that I should just re-flash it and start to build it from the ground up. So off I go to getting the firmware.

I found I already have an account on Cisco's website, however the user details isn't filled in enough to get the CNA software. It claims I'm missing some info -- but as I look at it, I *DO* have that filled in. Odd. Oh well, I can do it all via CLI anyways. So I get the firmware needed, reflash and weed-whack. I find out I got the wrong firmware, I need the one without the LRE (or IRE?). So I get the correct one and start it over and have ti launch the config util. I get it configured the way I want, I see what by default everything is set to auto and is on a single vlan -- rock on! So at this point it's just little things to fix.

And little things I do fix, such as the time, hostname, etc. My new goal is to have it do SPAN so I can have Snort monitor LAN activity for crap-ware. The end result of Snort will be to have it on 3 sides. Outside the firewall, on the WAN side. Inside the firewall, on the WAN side. And on the LAN itself. The reason for the first one is so I can compare to the second and see what it's blocking -- just 'cuz. No real reason.