Archive

Category Archives for "Networking"

Ohio government websites defaced by pro-ISIS hackers

Hackers proclaiming to be pro-ISIS defaced 10 Ohio government websites on Sunday as well as the government websites for Howard County, Maryland, and Brookhaven, Long Island.“Hacked by Team System DZ,” the defacements read. “Anti: Govt all word.”The pro-ISIS message continued: You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries. I Love Islamic state. Ohio Department of Rehabilitation and Corrections via Ohio Treasurer Josh Mandel A screenshot of the defaced Ohio Department of Rehabilitation and Corrections website was posted on Facebook and Twitter by Ohio Treasurer Josh Mandel. He added, “OH Dept of Corrections website right now, this is what you see. Wake up freedom-loving Americans. Radical Islam infiltrating the heartland.”To read this article in full or to leave a comment, please click here

Ohio government websites defaced by pro-ISIS hackers

Hackers proclaiming to be pro-ISIS defaced 10 Ohio government websites on Sunday as well as the government websites for Howard County, Maryland, and Brookhaven, Long Island.“Hacked by Team System DZ,” the defacements read. “Anti: Govt all word.”The pro-ISIS message continued: You will be held accountable Trump, you and all your people for every drop of blood flowing in Muslim countries. I Love Islamic state. Ohio Department of Rehabilitation and Corrections via Ohio Treasurer Josh Mandel A screenshot of the defaced Ohio Department of Rehabilitation and Corrections website was posted on Facebook and Twitter by Ohio Treasurer Josh Mandel. He added, “OH Dept of Corrections website right now, this is what you see. Wake up freedom-loving Americans. Radical Islam infiltrating the heartland.”To read this article in full or to leave a comment, please click here

Tools that increase IT efficiency pave the way for digital transformations

Inflexible IT architectures can be a barrier to organizational change. As companies embark on digital transformations aimed at improving their business, the pressure is on IT to reduce complexity and increase the efficiency of enterprise systems and applications. Fave Raves is an annual feature from Network World that invites IT pros to share hands-on assessments of products they love. Several tools that enable organizations to simplify their infrastructure and automate key tasks ranked among the favorites in 2017 and recent years. Here’s what IT pros had to say, in their own words. For more enterprise favorites, check out the full Fave Raves collection.To read this article in full or to leave a comment, please click here

Tools that increase IT efficiency pave the way for digital transformations

Inflexible IT architectures can be a barrier to organizational change. As companies embark on digital transformations aimed at improving their business, the pressure is on IT to reduce complexity and increase the efficiency of enterprise systems and applications. Fave Raves is an annual feature from Network World that invites IT pros to share hands-on assessments of products they love. Several tools that enable organizations to simplify their infrastructure and automate key tasks ranked among the favorites in 2017 and recent years. Here’s what IT pros had to say, in their own words. For more enterprise favorites, check out the full Fave Raves collection.To read this article in full or to leave a comment, please click here

Cisco and Juniper Routers : OSPF point to multipoint configurations

Today I am going to discuss on the OSPF configuration part, As you already know about the OSPF protocol and the network types in OSPF.

OSPF is a link state routing protocol and i wrote some of the articles on OSPF earlier as well. Please go through that articles to understand more about OSPF protocol

OSPF Basics
OSPF States
OSPF vs RIP protocols
Routing Basics : Distance Vector vs Link State Routing Protocol

Above are some of the articles on OSPF will help you more in the interview preparation.

OSPF Point to Multipoint Networks
In the point-to-multipoint configurations, we need to emulate broadcast capability, it seeks to organise the PVCs into a collection of point-to-point networks. In the case of OSPF point to multipoint networks, the hello packets must still be replicated and transmitted individually to each neighbor, but the multipoint approach offers two distinct advantages: no DR/BDR is needed, and the emulated point-to-point links can occupy a common subnet.

Apart from all these today I am going to have sample configurations on OSPF point to multipoint networks.

Here in this article I am going to take a topology of OSPF point to multipoint network and let you know the Continue reading

Even weak hackers can pull off a password reset MitM attack via account registration

At the IEEE Symposium on Security and Privacy 2017, researchers from the College of Management Academic Studies in Israel presented an interesting paper on bad password reset processes, “The Password Reset MitM Attack” (pdf). It explains how a weak attacker could take over accounts by exploiting vulnerabilities in password reset procedures.They dubbed the attack: password reset man-in-the-middle (PRMitM). The researchers said Google is “extremely vulnerable” to PRMitM, but Facebook, Yahoo, LinkedIn, Yandex and other sites and email services are also vulnerable as well as mobile apps like Whatsapp, Snapchat and Telegram.To read this article in full or to leave a comment, please click here

Even weak hackers can pull off a password reset MitM attack via account registration

At the IEEE Symposium on Security and Privacy 2017, researchers from the College of Management Academic Studies in Israel presented an interesting paper on bad password reset processes, “The Password Reset MitM Attack” (pdf). It explains how a weak attacker could take over accounts by exploiting vulnerabilities in password reset procedures.They dubbed the attack: password reset man-in-the-middle (PRMitM). The researchers said Google is “extremely vulnerable” to PRMitM, but Facebook, Yahoo, LinkedIn, Yandex and other sites and email services are also vulnerable as well as mobile apps like Whatsapp, Snapchat and Telegram.To read this article in full or to leave a comment, please click here

“Focusing on the Gift” (aka How Fish views Presenting)

CiscoLive starts today and so do my presentations.  If you have ever wondered what I’m thinking about right prior to a presentation…. I am imagining a small and beautifully wrapped gift that I want to give to each and every person in the audience. That is what I am doing.  I am “Focusing on the Gift”.

Have I always done that?  LOL.  Uh… no.  But fortunately I don’t think my 2006 Networkers presentation on EIGRP is available on video.   Otherwise I think I’d be truly embarrassed.  Why?  Because it was my first Networkers/CiscoLive presentation and I was beyond belief nervous.  Worried if I’d do okay… worried if you were enjoying the session… oh the list goes on and on as to everything I was thinking and worried about.

And then I realized something.  You know what? It really isn’t about me at all.  I am just a vehicle.  It is all about “The Gift”.  So in 2007 I went out and bought a tiny little Christmas tree sized ornament of a perfectly wrapped gift box.  Small enough that I could hide it up on the stage Continue reading

What is P4?

Recently I attended a workshop organised by the Open NFP organisation about Data Plane acceleration. The primary goal of the workshop was to get students and researchers (why was I there you may think) familiar with the P4 programming language.

P4 is a programming language created to simplify writing data planes for networking use cases.  Recently the P4-16 spec was released and could be considered a mature version of the language.

Now I’m not a hardcore developer. I know my way around in Python, GoLang and C#, but I never wrote anything more low level like C. P4 is created a little bit like GoLang, where I do not mean it as comparison, but as an architecture. P4 is designed so you only need to focus on the actual networking features that you want to make available on the hardware you are programming it for. Then when you compile it, it will generate runtime code for your hardware. Or as the creators explain it:

At one level, P4 is just a simple language for declaring how packets are to be processed. At another level, P4 turns network system design on its head.

There is no need to worry on low Continue reading

Cisco Catalyst 6500 Chassis VSS Configuration ( Switch1 and Switch2 )

Today I am going to talk about VSS and tell you guys how to configure the VSS in the live environment. I am going to explain VSS first and then we will come up with the VSS configuration for both the switches which will be participate in the VSS.

Although we have three switches who can be used as VSS, It can be 
  • Cisco catalyst 4500 Series Switches
  • Cisco Catalyst 6500 Series Switches
  • Cisco Catalyst 6800 Series Switches
In this article I am taking the example of Cisco 6500 Switches in the VSS. Lets talk about VSS first now followed by the configurations:


Cisco Catalyst 6500 Series Virtual Switching System (VSS) is a technique by which we are going to merge two physical Cisco Catalyst 6500 Series switches together into a single, logically managed entity. In the case of Cisco catalyst 6500 where you can manage two chassis as a single control plane  but you can have the dual data plane after enabling Cisco Virtual Switching System. 

Fig 1.1-Sample Topology Cisco VSS Physical and Logical View
It uses Cisco IOS Stateful Switchover (SSO) technology, as well as Non-Stop Forwarding (NSF) extensions to routing protocols, to provide a single, Continue reading

Docker image – Python for network engineers

Lately I’m looking more and more into Python, with respect to automation implementations useful for network engineers. In the learning process I’ve used different materials, like the excellent video trainings Python Programming for Network Engineers from David Bombal which are available free on Youtube.

This training in particular relies on a Ubuntu Docker image in order to support Python learning following interaction with Cisco devices in GNS3. Everything is great, just that the image doesn’t contain all necessary tools (like Paramiko, Netmiko, Ansible…). As you can guess, whenever you close / open the Project in GNS3, all the installed packages installed in the Ubuntu Docker image are gone.

Since we’re talking automation, I got bored to install the necessary tools everytime I wanted to start a new project or I had to close GNS3 for some reason. I’ve tried to find a Docker image that suits my needs, but I couldn’t (please point me to one if you know it).

So, I’ve build a Docker image, based on Ubuntu 16.04, which contains the necessary tools to start learning Python programming oriented for network engineers:

  • Openssl
  • Net-tools (ifconfig..)
  • IPutils (ping, arping, traceroute…)
  • IProute
  • IPerf
  • TCPDump
  • NMAP
  • Python 2. Continue reading

VPLS basic configurations in MPLS environment: Cisco Routers

Today I am going to tell you about the basic configurations of VPLS on the Cisco routers. Let's take an scenario where i can say that there is a MPLS network where we have PE1, PE2 and PE3 connected at the edges of the MPLS network and beyond that there are customer edge routers.

Let me explain little bit how Layer 2 split horizon enabled in the VPLS scenario. So on the edge of the MPLS PE routers VLAN packets received from the customer network can be forwarded to one or more local interfaces and or emulated VCs in the VPLS domain. To avoid broadcasted packets looping around in the network, no packet received from an emulated VC can be forwarded to any emulated VC of the VPLS domain on a PE router. That is, the Layer 2 split horizon should always be enabled as the default in a full-mesh network. 

Below is the topology showing the VPLS connectivity across the three Service Provider Edge routers that i mentioned above. We have three PE routers and named as PE1, PE2 and PE3 routers. Below the topology we have the configurations on all these PE routers step by step. All Continue reading

Cisco Catalyst 9400 Switches – A new Launch

As in my earlier article i talked about the new launch of the Cisco catalyst 9300 and explain the features of that catalyst switch. Now I am going to talk about the other 2 series which Cisco launches. Cisco understand the requirement of the market and also competing with the other vendors for Next generation networks like SDN where open APIs can be used to stitch third party applications.

Cisco come up with the solution for the campus where they are going to deploy the fabric network on the top of traditional IP network. I will come up with another article where I can explain the architecture of the SD-Access network for the campus network designed by Cisco Systems.

With the launch of Cisco 9300, 9400 and 9500 cisco is running ahead in the field of enterprise network architecture. For Cisco catalyst 9300 please check the below mentioned link

Cisco Catalyst 9300 Switches for Campus

Now let me talk about the other two series of switches launched by Cisco Systems for campus or enterprise network named Cisco catalyst 9400 and 9500 switches.

Cisco Catalyst 9400 Switch:
With the help of Cisco catalyst 9400 switch you will achieve Advanced persistent security threats, Continue reading

Converge your network with priority flow control (PFC)

Back in April, we talked about a feature called Explicit Congestion Notification (ECN). We discussed how ECN is an end-to-end method used to converge networks and save money. Priority flow control (PFC) is a different way to accomplish the same goal. Since PFC supports lossless or near lossless Ethernet, you can run applications, like RDMA, over Converged Ethernet (RoCE or RoCEv2) over your current data center infrastructure. Since RoCE runs directly over Ethernet, a different method than ECN must be used to control congestion. In this post, we’ll concentrate on the Layer 2 solution for RoCE — PFC, and how it can help you optimize your network.

What is priority flow control?

Certain data center applications can tolerate only little or no loss. However, traditional Ethernet is connectionless and allows traffic loss; it relies on the upper layer protocols to re-send or provide flow control when necessary. To allow flow control for Ethernet frames, 802.3X was developed to provide flow control on the Ethernet layer. 802.3X defines a standard to send an Ethernet PAUSE frame upstream when congestion is experienced, telling the sender to “stop sending” for a few moments. The PAUSE frame stops traffic BEFORE the buffer Continue reading

Worth Reading: The root of a robust Internet

On 26 December 2006, a magnitude-7.0 earthquake struck off the southwest coast of Taiwan. This was the Hengchun earthquake, and the quake and its aftershocks resulted in six of the seven submarine cables serving Hong Kong being cut, severely disrupting Internet services on the Special Administrative Region. PCCW, the largest Internet operator in Hong Kong, reported a reduction of 50% in data capacity, neighbouring Taiwan had a 100% outage to Hong Kong and South-East Asia, while China’s two main operators reported over 90% outages. —APNIC

The post Worth Reading: The root of a robust Internet appeared first on rule 11 reader.

1 1,699 1,700 1,701 1,702 1,703 3,426