Cisco hardware question

Kaveh . afx66 at hotmail.com
Thu Mar 4 23:36:22 UTC 2010


Ben,

 

Here is the output of # dir command - It includes all the files on disk0:/

 

ciscoasa# dir

Directory of disk0:/

134    -rwx  16275456    08:43:56 Jul 15 2009  asa821-k8.bin
135    -rwx  11348300    10:46:44 Jul 15 2009  asdm-621.bin
136    -rwx  20480       00:00:00 Jan 01 1980  FSCK0000.REC
3      drwx  4096        00:03:28 Jan 01 2003  log
10     drwx  4096        00:03:38 Jan 01 2003  crypto_archive
11     drwx  4096        00:04:00 Jan 01 2003  coredumpinfo
138    -rwx  61440       00:00:00 Jan 01 1980  FSCK0001.REC
139    -rwx  9526560     10:43:02 Jul 15 2009  csd_3.4.1108.pkg
140    drwx  4096        10:43:02 Jul 15 2009  sdesktop
141    -rwx  2397046     10:43:04 Jul 15 2009  anyconnect-wince-ARMv4I-2.3.0254-k9.pkg
142    -rwx  2648712     10:43:04 Jul 15 2009  anyconnect-win-2.3.0254-k9.pkg
143    -rwx  4217694     10:43:06 Jul 15 2009  anyconnect-macosx-i386-2.3.0254-k9.pkg
144    -rwx  4259411     10:43:10 Jul 15 2009  anyconnect-linux-2.3.0254-k9.pkg
145    -rwx  28672       00:00:00 Jan 01 1980  FSCK0002.REC
146    -rwx  4096        00:00:00 Jan 01 1980  FSCK0003.REC

255582208 bytes total (201719808 bytes free)


Thanks
 
> Subject: Re: Cisco hardware question
> From: bc-list at beztech.net
> Date: Thu, 4 Mar 2010 18:23:57 -0500
> To: afx66 at hotmail.com; nanog at nanog.org
> 
> 
> On Mar 4, 2010, at 6:16 PM, Kaveh . wrote:
> 
> > 
> > Thanks for the feedback. Let me clarify a few things regarding issues that this thread has addressed so far:
> > 
> > A) Pre-existing configs: What Tim and Joe mentioned is apparently correct. I was on phone with a few Cisco tech-reps earlier today and they told me that since version 8.2, they have been shipping ASAs with a default configuration, which explains the existence of private IP addresses on the inside interface, etc ... .
> > 
> > B) What Cisco reps could NOT explain was the existence of a number of FSCK000#.REC files on these appliances. To be more specific each of ASAs in question contains 4 extra files: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, FSCK0003.REC). I said 'extra' because I asked the Cisco reps on phone to provide me a complete list of files that should exist on a brand new ASA, and the 4 files above were not part of the list and I think even they got confused when I mentioned the existence of these files.
> > 
> > I could not find much info on these files, but a simple Google search indicates that these files may be 'recovery files' of Disks operating under Unix/Linux/BSD/etc /... kernel, indicating a dying hard drive. That would be enough to freak me out! Anyone can confirm this?
> > 
> > C) SmarNet issue: I am a little confused on this. Since this purchase was for NEW equipment, and the devices were shipped by Cisco (at least that is what I read on the box; a Cisco warehouse in TX), then my understanding is that the devices came with the first 12 months of Smarnet anyway. So I will be surprised if they decline the contract renewal after the first year. After all they sold us the appliances as if they were new. How can decline renewal if I can prove that I paid them for new?
> > 
> > D) Reseller: Yes, I appreciate the input. I will stick with a bigger name like CDW, next time, but again it appears to me that the devices were shipped from a Cisco warehouse in Texas, and not from the reseller's location. 
> > 
> > 
> > 
> > I would greatly appreciate any input, especially on B)
> > 
> > 
> > 
> > Thank you
> > 
> > 
> > 
> > Best regards
> > 
> > 
> > 
> >> Subject: RE: Cisco hardware question
> >> Date: Thu, 4 Mar 2010 14:27:04 -0800
> >> From: MAdcock at hisna.com
> >> To: ken.gilmour at gmail.com
> >> CC: nanog at nanog.org
> >> 
> >> According to previous conversations with my Cisco rep the answer is no - Cisco won't support it. I'm blind copying him on this and will pass on his response.
> >> 
> >> Thanks,
> >> Matt
> >> 
> >> ________________________________
> >> 
> >> From: Ken Gilmour [mailto:ken.gilmour at gmail.com]
> >> Sent: Thu 3/4/2010 4:17 PM
> >> To: Adcock, Matt [HISNA]
> >> Cc: nanog at nanog.org
> >> Subject: Re: Cisco hardware question
> >> 
> >> 
> >> So if one were to purchase equipment, which is explicitly sold as "Refurbished" from, say www.impulsetech.us and they were to offer Smartnet on it, there is no guarantee that even if you paid for it, that Cisco would fulfil their support contract?
> >> 
> >> Regards,
> >> 
> >> Ken
> >> 
> >> 
> >> On 4 March 2010 15:22, Adcock, Matt [HISNA] <MAdcock at hisna.com> wrote:
> >> 
> >> 
> >> 
> >> Don't deploy the equipment, demand a refund, and report the reseller to Cisco. I agree completely with Brian - find a good Cisco partner and stick with them. Also, you can't legally buy used Cisco equipment and use the operating system. You can buy the equipment but the OS is absolutely non-transferrable. If you try to get SMARTNet on it red flags will go up and Cisco won't support it.
> >> 
> >> Thanks,
> >> Matt
> >> 
> >> 
> >> 
> >> Matt Adcock, Manager
> >> 334-481-6629 (w) / 334-312-5393 (m) / MAdcock at hisna.com
> >> 700 Hyundai Blvd. / Montgomery, AL 36105
> >> 
> >> P
> >> The average office worker uses 10,000 sheets of paper = 1.2 trees, per year
> >> By not printing this email, you've saved paper, ink and millions of trees
> >> 
> >> 
> >> 
> >> From: Brian Feeny [mailto:bfeeny at mac.com]
> >> Sent: Thu 3/4/2010 3:05 PM
> >> To: Kaveh .
> >> Cc: nanog at nanog.org
> >> Subject: Re: Cisco hardware question
> >> 
> >> 
> >> 
> >> 
> >> 
> >> If you are getting Cisco hardware with configs on it or crashfiles, etc. Then no it is NOT new equipment. Who are you buying from? Are they a Gold partner on Cisco's partner locator? If not, then I have seen some seedy things, and of course i have seen seedy things with Gold partners too, I am just pointing out that the ability to compete and make margin get more and more difficult the lower the partner is on the totem pole and so desperation can drive certain behavior.
> >> 
> >> In general from a cisco Gold partner you can expect as good as 35-40% or so on new equipment for a discount for regular deals. Special pricing for special projects you may be able to get a bit better, and maybe 1% or so better for general products from CDW or a big box company like them. If you are paying 50-60% off list for just individual items you order, then its likely not new and there is likely something shady going on, as no partner is going to get you some special discount pricing on a single 3845 for example.
> >> 
> >> All of your good gold partners are going to charge around the same give or take a few percent on material. So find someone you can trust and just build a relationship. If your paying new prices for used gear then yes you are getting ripped off.
> >> 
> >> I would be glad to recommend to you a reputable gold partner if you email me off list.
> >> 
> >> 
> >> Brian
> >> 
> >> 
> >> On Mar 4, 2010, at 3:48 PM, Kaveh . wrote:
> >> 
> >>> 
> >>> Hello,
> >>> 
> >>> I apologize if this is an unusual topic but I would like to know what this expert community thinks about this issue:
> >>> 
> >>> We have noticed that a number of Cisco appliances we have recently purchased and paid (AS NEW), are being shipped as if they have been already used/refurbished. In other words, several times we have seen brand new Cisco hardware, out of the box, that has pre-existing configuration (Interfaces with Private IP addresses, static routes, etc ...) and in some cases even non-system files, like 'crashdump.txt' or additional IOS images. Most importantly our latest purchase; 2 'new' ASAs, contain a series of files named: FSCK0000.REC, FSCK0001.REC, FSCK0002.REC, etc ... . Based on some research it seems like that these files are 'recovery files' signaling bad/failing hard disks in these appliances.
> >>> Anyone on thhis group has seen this before and if yes, are we supposed to blindly trust the vendor saying the hardware is new, safe and secure?
> >>> 
> >>> The only way I can explain this is that the hardware has been refurbished or previously configured for reasons unknown to me. I think if customers pays for new hardware, they should get new hardware, even if refurbished hardware may be covered by Smartnet.
> >>> 
> >>> Any thoughts or recommendations anyone? The last thing we want to do is to deploy faulty (or non secure) security appliances in production. :)
> >>> 
> >>> Thank you
> >>> 
> >>> Best regards
> >>> 
> >>> 
> >> 
> >> 
> >> The information in this email and any attachments are for the sole use of the intended recipient and may contain privileged and confidential information. If you are not the intended recipient, any use, disclosure, copying or distribution of this message or attachment is strictly prohibited. We have taken precautions to minimize the risk of transmitting software viruses, but we advise you to carry out your own virus checks on any attachment to this message. We cannot accept liability for any loss or damage caused by software viruses. If you believe that you have received this email in error, please contact the sender immediately and delete the email and all of its attachments
> >> 
> >> 
> >>> Hotmail: Free, trusted and rich email service.
> >>> http://clk.atdmt.com/GBL/go/201469228/direct/01/
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> >> 
> > 
> > _________________________________________________________________
> > Hotmail: Powerful Free email with security by Microsoft.
> > http://clk.atdmt.com/GBL/go/201469230/direct/01/
> 
> Kaveh:
> 
> I can confirm with absolute certainty that fcsk is a Unix utility for determining if a hard disk is failing and optionally attempting a recovery. I have never heard of such output files, though. How big are they? If they are tiny, they could just be status reports or a save of the program's output. If they are large, they may represent backups of the flash memory.
> 
> Ben
 		 	   		  
_________________________________________________________________
Hotmail: Free, trusted and rich email service.
http://clk.atdmt.com/GBL/go/201469228/direct/01/


More information about the NANOG mailing list