Author Archives: Radovan Brezula
Author Archives: Radovan Brezula
I am more than happy to publish the new infographic " Crypto Energy Consumption Overtakes" with the help of my friends from btxchange.io. As we know, cryptocurrency mining is very popular nowadays but it comes with huge drawback in form of huge electricity consumption. The infographic finds out the most surprising numbers for crypto energy volumes. Enjoy reading.
We have recently covered installation of Openswitch OPS on Linux. Since the version 2.0, Openswitch OPS has transformed into to a completely new project, called Openswitch OPX Base. Similar to its predecessor, OpenSwitch OPX Base system also provides an abstraction of hardware devices of network switch platforms in a Linux OS environment. However, original Yocto OS has been replaced by an unmodified Linux kernel based on Debian Jessie distribution.
We can install OPX Base on a virtual machine, similar to installing OpenSwitch on hardware platforms. A virtual machine (VM) uses the same software binaries as those executed on S6000-ON devices. The main difference is that the low-level device drivers for the SAI and SDI libraries are replaced with the packages that support hardware simulation, and interact with the hardware simulation infrastructure.
A host machine running Openswitch OPX VM might be Windows, or Mac OS X with at least 8GB of RAM and 100GB available disk space, and Virtual Box installed. The virtual machine needs to have one network interface configured for the Management interface (eth0). The network adapter eth0 corresponds to the first adapter attached to the VM, e101-001-0 to the second adapter and so on, and e101-00N-1 to Continue reading
We have recently covered installation of Openswitch OPS on Linux. Since the version 2.0, Openswitch OPS has transformed into to a completely new project, called Openswitch OPX Base. Similar to its predecessor, OpenSwitch OPX Base system also provides an abstraction of hardware devices of network switch platforms in a Linux OS environment. However, original Yocto OS has been replaced by an unmodified Linux kernel based on Debian Jessie distribution.
We can install OPX Base on a virtual machine, similar to installing OpenSwitch on hardware platforms. A virtual machine (VM) uses the same software binaries as those executed on S6000-ON devices. The main difference is that the low-level device drivers for the SAI and SDI libraries are replaced with the packages that support hardware simulation, and interact with the hardware simulation infrastructure.
A host machine running Openswitch OPX VM might be Windows, or Mac OS X with at least 8GB of RAM and 100GB available disk space, and Virtual Box installed. The virtual machine needs to have one network interface configured for the Management interface (eth0). The network adapter eth0 corresponds to the first adapter attached to the VM, e101-001-0 to the second adapter and so on, and e101-00N-1 to Continue reading
OpenSwitch OPX Base is an innovative operating system for network systems. It uses an unmodified Linux kernel and standard distribution to take advantage of rich ecosystem, and also provide flexibility in customizing your system according to your network needs.
Note: Openswitch OPX images are customized with my after install script and they are ready for use in GNS3.
Openswitch OPX 2.3.2
https://drive.google.com/file/d/1Vdpjoz53R7Rx1HYi8KcEuRuNvQnMMn0f/view?usp=sharing
https://sourceforge.net/projects/gns-3/files/VirtualBox%20Appliances/OpenswitchOPX-2.3.2.zip
https://www.4shared.com/s/fQu2DUd9dca
OpenSwitch OPX Base is an innovative operating system for network systems. It uses an unmodified Linux kernel and standard distribution to take advantage of rich ecosystem, and also provide flexibility in customizing your system according to your network needs.
Note: Openswitch OPX images are customized with my after install script and they are ready for use in GNS3.
Openswitch OPX 2.3.2
https://drive.google.com/file/d/1Vdpjoz53R7Rx1HYi8KcEuRuNvQnMMn0f/view?usp=sharing
https://sourceforge.net/projects/gns-3/files/VirtualBox%20Appliances/OpenswitchOPX-2.3.2.zip
https://www.4shared.com/s/fQu2DUd9dca
I am more than happy to publish the new infographic "16 Blockchain Disruptions" with the help of my friends from bitfortune.net. As we know, blockchain enables decentralized transactions across a P2P network. The infographic lists 16 different industries that benefits from using the blockchain technology. Enjoy reading.
I am more than happy to publish the new infographic "16 Blockchain Disruptions" with the help of my friends from bitfortune.net. As we know, blockchain enables decentralized transactions across a P2P network. The infographic lists 16 different industries that benefits from using the blockchain technology. Enjoy reading.
Chatbots – ingenious little bits of programming that have been making it possible for companies to automate the handling of queries, sales, and basic customer support. These bots are deployed through a number of different messaging platforms like Facebook Messenger, WhatsApp, etc.
And they have proven very popular. But, how secure is the tech? Lately, especially, there have been a lot of concerns raised. Say, for example, that I head out and use the Nordstrom app. I find the perfect pair of discounted sport shoes and want to buy them.
How safe am I entering my credit card details over the system? Or, more importantly, can chatbots be hacked?
Let's take a step back here for a second. Certainly, a chatbot is essentially just a program, and so, it makes sense that it could be hacked. But the danger is not likely to be any more than your local bank being hacked.
The same HTTPS protocols and metadata techniques used to provide security for the bank's site and messaging services can also secure the information transmitted via chatbots. The tech underlying the chatbot is similar, in fact, to your standard app, so it is not new.
The main difference here, Continue reading
Chatbots – ingenious little bits of programming that have been making it possible for companies to automate the handling of queries, sales, and basic customer support. These bots are deployed through a number of different messaging platforms like Facebook Messenger, WhatsApp, etc.
And they have proven very popular. But, how secure is the tech? Lately, especially, there have been a lot of concerns raised. Say, for example, that I head out and use the Nordstrom app. I find the perfect pair of discounted sport shoes and want to buy them.
How safe am I entering my credit card details over the system? Or, more importantly, can chatbots be hacked?
Let's take a step back here for a second. Certainly, a chatbot is essentially just a program, and so, it makes sense that it could be hacked. But the danger is not likely to be any more than your local bank being hacked.
The same HTTPS protocols and metadata techniques used to provide security for the bank's site and messaging services can also secure the information transmitted via chatbots. The tech underlying the chatbot is similar, in fact, to your standard app, so it is not new.
The main difference here, Continue reading
Recently, I have scanned nearby wireless networks with airodump. I have discovered five networks transmitting on channel 3. MAC addresses of access points (BSSIDs) transmitting on channel 3 differ only in last two hexa digits and a signal level (PWR) reported by my WiFi card is almost same for all BSSIDs.
$ sudo airodump-ng wlp3s0
Picture 1 - Wireless Networks of Caffe Geo Guru
The following three ESSIDs have caught my attention.
1) Heslo do siete caffe.geo.guru
2) zistis rozlustenim sifry
3) qnw fv qboer cvib
In fact, the ESSIDs represent a cryptography challenge created for customers of caffe.geo.guru. Once the challenge is successfully solved a customer gains a password for connection to the wireless network with ESSID caffe.geo.guru.
Note: The first two ESSID are written in Slovak. Their English version is below.
1) Password to network caffe.geo.guru
2) can be gained by decoding words
3) qnw fv qboer cvib
The third ESSID represents an encoded password. Obviously, letters are substituted in ciphertext which let us to the assumption that ROT cipher is used. Using ROT13 cipher on the encoded text 'qnw fv qboer cvib' gives us a required plain-text password Continue reading
Recently, I have scanned nearby wireless networks with airodump. I have discovered five networks transmitting on channel 3. MAC addresses of access points (BSSIDs) transmitting on channel 3 differ only in last two hexa digits and a signal level (PWR) reported by my WiFi card is almost same for all BSSIDs.
$ sudo airodump-ng wlp3s0
Picture 1 - Wireless Networks of Caffe Geo Guru
The following three ESSIDs have caught my attention.
1) Heslo do siete caffe.geo.guru
2) zistis rozlustenim sifry
3) qnw fv qboer cvib
In fact, the ESSIDs represent a cryptography challenge created for customers of caffe.geo.guru. Once the challenge is successfully solved a customer gains a password for connection to the wireless network with ESSID caffe.geo.guru.
Note: The first two ESSID are written in Slovak. Their English version is below.
1) Password to network caffe.geo.guru
2) can be gained by decoding words
3) qnw fv qboer cvib
The third ESSID represents an encoded password. Obviously, letters are substituted in ciphertext which let us to the assumption that ROT cipher is used. Using ROT13 cipher on the encoded text 'qnw fv qboer cvib' gives us a required plain-text password Continue reading
I am pleased to publish an infographic called "Conquering The World - Chatbots Gone Wild". This infographic contains statistics that highlight the impact of Artificial Inteligence (AI) chatbots on business and other sectors. In online business they interact with customers and boost sales by saving time and cost. They become more and more useful as the customers are getting more comfortable with technology through voice commands. According to the graphic, the business trust in chatbots is going to grow as the 80% of businesses claimed they already used or plan to use chatbots by 2020.
I am glad to thank BestVPNs for kind permission to republish the original infographic on my blog.
Note: Click image to enlarge.
I am pleased to publish a link to infographic called "Conquering The World - Chatbots Gone Wild". This infographic contains statistics that highlight the impact of Artificial Inteligence (AI) chatbots on business and other sectors. In online business they interact with customers and boost sales by saving time and cost. They become more and more useful as the customers are getting more comfortable with technology through voice commands. According to the graphic, the business trust in chatbots is going to grow as the 80% of businesses claimed they already used or plan to use chatbots by 2020.
The link below is published with the kind permission of 16best.net.
This is the last article from the series of the articles discussing configuration of the enterprise network. The article explains the configuration of Demilitarized Zone (DMZ). Our DMZ consists of three devices - ASAv-DMZ-I, a multilayer switch vIOS-DMZ-I and Serv-DMZ-I. All the devices in DMZ are run by Qemu hypervisor. The ASAv_DMZ-I device is Cisco Adaptive Security Appliance Software version 9.6.1 and it has assigned 2048 MB RAM by GNS3. The device vIOS-DMZ-I is Cisco vIOS-L2 version 15.2 and it has assigned 512 MB RAM by GNS3. And finally, the device Serv-DMZ-I is Linux Ubuntu 16.04.3 LTS with 1024 MB RAM assigned by GNS3. The server Serv-DMZ-I provides DNS, NTP, Syslog services for devices in DMZ and a public web service for all hosts in the Internet.
Picture 1 - Demilitarized Zone - DMZ
All devices located in DMZ have their IP addresses assigned from the subnet 195.1.1.128/25. The subnet 195.1.1.128/27 is further divided with /30 mask, creating 8 subnets suitable for point-to-point link configuration . Servers located in DMZ are assigned to different VLANs. Currently, there is only server Serv-DMZ-I deployed in DMZ and configured with the IP addresses Continue reading
This is the last article from the series of the articles discussing configuration of the enterprise network. The article explains the configuration of Demilitarized Zone (DMZ). Our DMZ consists of three devices - ASAv-DMZ-I, a multilayer switch vIOS-DMZ-I and Serv-DMZ-I. All the devices in DMZ are run by Qemu hypervisor. The ASAv_DMZ-I device is Cisco Adaptive Security Appliance Software version 9.6.1 and it has assigned 2048 MB RAM by GNS3. The device vIOS-DMZ-I is Cisco vIOS-L2 version 15.2 and it has assigned 512 MB RAM by GNS3. And finally, the device Serv-DMZ-I is Linux Ubuntu 16.04.3 LTS with 1024 MB RAM assigned by GNS3. The server Serv-DMZ-I provides DNS, NTP, Syslog services for devices in DMZ and a public web service for all hosts in the Internet.
Picture 1 - Demilitarized Zone - DMZ
All devices located in DMZ have their IP addresses assigned from the subnet 195.1.1.128/25. The subnet 195.1.1.128/27 is further divided with /30 mask, creating 8 subnets suitable for point-to-point link configuration . Servers located in DMZ are assigned to different VLANs. Currently, there is only server Serv-DMZ-I deployed in DMZ and configured with the IP addresses Continue reading
I am pleased to publish an infographic called "77 Facts About Cyber Crimes One Should Know In 2018." The infographic includes the top 10 biggest data breaches of the 21st century, top cyber crimes, stats of cyber attacks, fun facts and a ton more interesting info.
I am glad to thank BestVPNs for kind permission to republish the original article on my blog.
Note: Click image to enlarge.
I am pleased to publish an infographic called "77 Facts About Cyber Crimes One Should Know In 2018." The infographic includes the top 10 biggest data breaches of the 21st century, top cyber crimes, stats of cyber attacks, fun facts and a ton more interesting info.
I am glad to thank BestVPNs for kind permission to republish the original article on my blog.
Note: Click image to enlarge.
This is the sixth article from the series of the articles discussing the configuration of an entire enterprise network. The article explains the configuration of the edge router vIOS-EDGE-I and configuration of ISP routers. Now let's say few words about the router vIOS-EDGE-I. The router is Cisco IOSv Qemu appliance, version 15.6(2)T. It has assigned 512MB RAM by GNS3. The router connects all three parts of the company network to the Internet. These parts are the the campus network, data center and DMZ.
Picture 1 - Company Connection to the Internet via vIOS-EDGE-I
The company has assigned the prefix 195.1.1.0/24. Devices located in DMZ have assigned the prefix 195.1.1.128/25. The prefix 195.1.1.0/25 is assigned for devices hidden behind NAT. NAT is configured on vIOS-EDGE-I router, translating campus and data center subnets to the subnet 195.1.1.128/25. The router is connected to the upstream providers via their Ethernet ports Gi0/1 and Gi0/3. This is a single multi homed topology when a company is connected to two upstream providers with a single edge router. The entire prefix 195.1.1.0/24 is advertised to the both ISPs via BGP routing protocol. Continue reading
This is the sixth article from the series of the articles discussing the configuration of an entire enterprise network. The article explains the configuration of the edge router vIOS-EDGE-I and configuration of ISP routers. Now let's say few words about the router vIOS-EDGE-I. The router is Cisco IOSv Qemu appliance, version 15.6(2)T. It has assigned 512MB RAM by GNS3. The router connects all three parts of the company network to the Internet. These parts are the the campus network, data center and DMZ.
Picture 1 - Company Connection to the Internet via vIOS-EDGE-I
The company has assigned the prefix 195.1.1.0/24. Devices located in DMZ have assigned the prefix 195.1.1.128/25. The prefix 195.1.1.0/25 is assigned for devices hidden behind NAT. NAT is configured on vIOS-EDGE-I router, translating campus and data center subnets to the subnet 195.1.1.128/25. The router is connected to the upstream providers via their Ethernet ports Gi0/1 and Gi0/3. This is a single multi homed topology when a company is connected to two upstream providers with a single edge router. The entire prefix 195.1.1.0/24 is advertised to the both ISPs via BGP routing protocol. Continue reading
The article is the fifth of the series of the articles discussing the enterprise network configuration. The article focus on the Data Center (DC) configuration. DC consists of the two devices - Server1 and the switch vIOS-Ser-I. Of course, the DC network with a single switch and the server is far away from any known DC network design. Typically, modern horizontally scaled large-size Layer 3 DCs consist of thousands of servers connected to the Top of Rack (ToR) l3 switches and they follow leaf and spine design. The DC of this size can be hardly emulated on a single PC. For this reason I only share the configuration of the Cisco L3 switch that is located in our DC. The switch is running Cisco vIOS-L2, version 15.2 and it has assigned 768MB RAM by GNS3.
The switch vIOS-Ser-I connects Ubuntu Linux Server to DC network. The configuration of the services such as bonding, NTP, DHCP, Syslog-ng, DNS and RADIUS running on the server is explained in more details later.
Picture 1 - Data Center
Note: The configuration file of the device vIOS-Serv-I is attached here.
1. Switch vIOS-Ser-I Configuration
Rather than explaining every line of the configuration, we Continue reading