PP048: News Roundup – 5G Vulnerabilities Abound, CSRB Disbanded, Magic Packets Target Juniper Routers, and More
JJ and Drew catch you up on cybersecurity news including new research that uncovers a host of 5G/LTE vulnerabilities, the chain of breaches in a BeyondTrust attack that led to infiltration of the US Treasury Dept., and a lawsuit against LinkedIn alleging that data from paying customers was used to train AI models. Researchers unpack... Read more »HW045: A Comprehensive Guide to Wi-Fi Explorer Pro 3: Features, Insights, and More!
Wi-Fi Explorer Pro is a popular wireless scanner. On today’s show we dive into the tool with its creator, Adrian Granados. We also talk about the launch of the new book Wi-Fi Explorer Pro 3 – The Definitive User Guide, written by Granados and co-author Nigel Bowden. We delve into the history and features of... Read more »No hallucinations here: track the latest AI trends with expanded insights on Cloudflare Radar
During 2024’s Birthday Week, we launched an AI bot & crawler traffic graph on Cloudflare Radar that provides visibility into which bots and crawlers are the most aggressive and have the highest volume of requests, which crawl on a regular basis, and more. Today, we are launching a new dedicated “AI Insights” page on Cloudflare Radar that incorporates this graph and builds on it with additional metrics that you can use to understand AI-related trends from multiple perspectives. In addition to the traffic trends, the new section includes a view into the relative popularity of publicly available Generative AI services based on 1.1.1.1 DNS resolver traffic, the usage of robots.txt directives to restrict AI bot access to content, and open source model usage as seen by Cloudflare Workers AI.
Below, we’ll review each section of the new AI Insights page in more detail.
Tracking traffic trends for AI bots can help us better understand their activity over time. Initially launched in September 2024 on Radar’s Traffic page, the AI bot & crawler traffic graph has moved to the AI Insights page and provides visibility into traffic trends gathered globally over Continue reading
DNS Nameservers: Service Platforms and Resilience
The internet is held together by the Border Gateway Protocol (BGP). Its a flooding protocol whose intended outcome is to ensure that every BGP speaker has the same information base as every other BGP speaker. What happens when this flooding algorithm fails? What happens if the information in a BGP speaker falls out of sync?Arista cEOS Containers Run on Apple Silicon
A few days ago, someone mentioned Arista released a cEOS EFT image running on Arm. Of course, I had to test whether it would run on Apple Silicon.
TL&DR: YES 🎉 🎉
Here’s what you have to do to make the Arista cEOS container work with netlab running on an Ubuntu VM on Apple silicon:
NB512: US Objects to HPE-Juniper Wedding; Cheeky DeepSeek Freaks VCs
Take a Network Break! The US Justice Department blocks the HPE-Juniper merger with a surprise lawsuit, DeepSeek shakes up the AI world, and Broadcom rolls out quantum-safe Fibre Channel controllers. Sweden seizes a vessel suspected of tampering with a subsea cable, a code update could make Linux significantly more power-efficient, and the WLAN market gets... Read more »Preserving content provenance by integrating Content Credentials into Cloudflare Images
Today, we are thrilled to announce the integration of the Coalition for Content Provenance and Authenticity (C2PA) provenance standard into Cloudflare Images. Content creators and publishers can seamlessly preserve the entire provenance chain — from how an image was created and by whom, to every subsequent edit — across the Cloudflare network.
When you hear the word provenance, you might have flashbacks to your high school Art History class. In that context, it means that the artwork you see at the Met in New York really came from the artist in question and isn’t a fake. Its provenance is how that piece of physical art changed possession over time, from the original artist all the way to the museum.
Digital content provenance builds upon this concept. It helps you understand how a piece of digital media — images, videos, PDFs, and more — was created and subsequently edited. The provenance of a photo I posted on Instagram might look like this: I took the picture with my iPhone, performed an auto-magic edit using Apple Photos’ editing tools, uploaded it to Instagram, cropped it using Instagram’s editing tools, and then posted Continue reading
Palo Alto SSL Decryption and App-ID
If you work with Palo Alto firewalls, you might have heard of App-ID. They work well and let us create security policies based on 'applications' rather than TCP/UDP port numbers. For example, instead of allowing UDP/53, we can allow the application 'DNS'. In this blog post, we will look at how App-ID works with and without SSL Decryption. Let's get to it.
If you are new to App-ID and want to know how it works, feel free to check out my introductory post below.
Palo Alto App-ID - How Does It Work?
Instead of relying solely on port numbers, NGFWs like those from Palo Alto Networks encourage defining security policies based on the actual applications termed ‘App-ID’.
Suresh Vina
As always, if you find this post helpful, press the ‘clap’ button on the left. It means a lot to me and helps me know you enjoy this type of content.
App-ID Recap
When you have an NGFW like Palo Alto, you don't want to rely on port numbers for your security policies. Instead of allowing TCP/3389, TCP/389, or UDP/514, you want to use RDP, LDAP, or Syslog. Using specific port numbers, like TCP/3389, Continue reading
Paperless-ngx Self-Hosted Document Manager
At the moment, most of my documents are stored in Google Drive and locally on my machine. Whenever I need something, I go to Google Drive, search for it, and download it. While this works well, with all the concerns around privacy and data usage, I’d prefer to keep my documents locally rather than relying on cloud providers.
Recently, I came across a great self-hosted document manager called 'Paperless-NGX'. It not only helps with organising documents but also includes OCR functionality, allowing me to search within the documents themselves.
In this blog post, we'll go through how to set it up in a local environment and also cover how to put it behind the Caddy reverse proxy.
Running Unifi Network Application in Docker
Users are now advised to switch to the linuxserver/unifi-network-application image, which is actively maintained and provides the latest version of the UniFi Network Application.
Suresh Vina
Paperless-NGX Installation with Docker
Paperless-NGX is a self-hosted document management system that helps organize and search documents easily. It comes with built-in OCR, allowing you to search within scanned documents and PDFs. One of the easiest ways to install Paperless-NGX is using Docker.
I went through the official documentation to Continue reading
Links in Virtual Labs
There are three major ways to connect network devices in the physical world:
- Point-to-point links between devices (usually using some variant of Ethernet)
- Multi-access layer-1 networks running some IEEE 802.x encapsulation on top of that (GPON, WiFi, Ethernet hubs)
- Multi-access switched layer-2 network (dumb switches, hopefully running some STP variant)
Implementing these connections in virtual labs is a bit harder than one might think, as all virtualization solutions assume you plan to run virtual servers connected to Ethernet segments.
IPsec VPN Cisco and StrongSwan
In a previous tutorial, we configured an IPsec tunnel between a Cisco 1812 router and […]
The post IPsec VPN Cisco and StrongSwan first appeared on Brezular's Blog.
Setting up Proxmox Backup Server
If you follow my blog, you may know that I recently migrated to Proxmox as my hypervisor, and I absolutely love it. My Proxmox server runs on a custom-built PC with an i9-10900K, 128GB RAM, and 3 x 1TB SSDs. I’m not using anything fancy, just a good number of VMs spread across two of the SSDs.
In this post, we’ll go through the process of setting up Proxmox Backup Server and backing up all the VMs from my Proxmox server to this backup server.
As always, if you find this post helpful, press the ‘clap’ button on the left. It means a lot to me and helps me know you enjoy this type of content.
Running EVE-NG in Proxmox
In this blog post, we’ll go through the steps to install EVE-NG in Proxmox. Most of the VM’s settings can be left at their default values, but there are a couple of changes I had to make.
Suresh Vina
Why Proxmox Backup Server?
I’ve been running Proxmox for a few months without any backups. I did create some snapshots inside Proxmox in case I messed up a VM, so I could roll back if needed. Continue reading
From Python to Go 013. Handling Errors And Exceptions.
Hello my friend,
One of the important aspects of writing any application is to ensure that it can operate, as long it is safe, when “something” went wrong during its execution. This “something” can really be anything: it can be wrong user input, it could be temporary unreachable network device or service or API endpoint, it could be missing file or incorrect path. In certain circumstance, for example when we talk about API gateways and web servers, it becomes even more critical. In today’s blog post we’ll see how to handle errors/exceptions in Python and Go (Golang).
How Automation Is Important?
I recently worked on a big project, which involves a lot of moving parts. To make these parts moving smoothly, I needed to analyze and compare data across multiple systems before making a decision. The amount of data is huge, thousands of line of data in every system and it is very easy to make mistake, which will impact users. How can I be sure I don’t miss anything? Scripting and automating! I’ve developed a tool, which requests via APIs data from multiple sources, analyses it based on my criteria and collates final report.
And you can build such Continue reading
AI Metrics
The dashboard shown above is from a simulated network 1,000 switches, each with 48 ports access ports connected to a host. Activity occurs in a 256mS on / off cycle to emulate an AI learning run. The metrics include:
- Total Traffic Total traffic entering fabric
- Operations Total RoCEv2 operations broken out by type
- Core Link Traffic Histogram of load on fabric links
- Edge Link Traffic Histogram of load on access ports
- RDMA Operations Total RDMA operations
- RDMA Bytes Average RDMA operation size
- Credits Average number of credits in RoCEv2 acknowledgements
- Period Detected period of compute / exchange activity on fabric (in this case just over 0.5 seconds)
- Congestion Total ECN / CNP congestion messages
- Errors Total ingress / egress errors
- Discards Total ingress / egress discards
- Drop Reasons Packet drop reasons
Note: Clicking on peaks in the charts shows values at that time.
This article gives step-by-step instructions to run the AI Metrics application in a production environment and integrate Continue reading
Running Unifi Network Application in Docker
As of January 2024, the linuxserver/unifi-controller Docker image has been deprecated and is no longer receiving updates. This means it may no longer be secure or compatible with newer versions of UniFi devices. Users are now advised to switch to the linuxserver/unifi-network-application image, which is actively maintained and provides the latest version of the UniFi Network Application.
In this blog post, we will cover how to run the new image in Docker and how to migrate from the old image to the new one without losing your existing configuration.
As always, if you find this post helpful, press the ‘clap’ button on the left. It means a lot to me and helps me know you enjoy this type of content.
Overview
In my homelab, I have a USW Lite 8 PoE, U6-Pro, and U6 Mesh. I had been running the older linuxserver/unifi-controller Docker image since I first set them up. My controller was on version 8.0.34, if I remember correctly.
Recently, I moved to a new host, so I decided it was the right time to migrate to the new linuxserver/unifi-network-application image. While checking their GitHub page, I found this note.
You Continue reading
HN 766: Ensuring QoE for Agentic AI With Broadcom VeloRAIN (Sponsored)
On today’s show, we’re discussing the complexities of network design for AI computing at the edge. We’re not talking about AIOps, although that might come up in this conversation. Instead, we’re focusing on how to effectively cope with the network traffic patterns happening on your network as a result of AI computing workloads. Our subject... Read more »TNO014: Beneath the Cable Color – A Look at The Siemon Company’s High Speed Cable Assemblies (Sponsored)
Today we get an education on what a high speed cable assembly really is from guest Ryan Harris from today’s sponsor, The Siemon Company. Ryan shares the evolution of high-speed pluggable cable assemblies from 64kbps ISDN B channels to 800 gigabit connections, and describes how they work. We discuss the Siemon Company’s history and its... Read more »Hedge 257: Gaining Experience in IT
Every recruiter and hiring manager wants people with five years of experience, but you cannot get experience without being hired into a position. How can you break this conundrum? Daniel Dib joins Tom and Russ to talk about how folks just coming into IT, or even those with lots of experience who are trying to shift their focus, can gain experience.
netlab 1.9.4: Bug fixes, VRRPv3 on Junos
During the last three weeks, we were busy squashing bugs (device configuration fixes, other bug fixes). Some were recent; others were ancient pests uncovered by better integration tests. The end result: netlab release 1.9.4.
netlab release 1.9.4 passed hundreds of integration tests and should be a better choice than the previous 1.9 releases. To upgrade, execute pip3 install --upgrade networklab.
New to netlab? Start with the Getting Started document and the installation guide, or run it in a GitHub codespace.
Update: 2025-02-03
We still missed a few quirks :( Release 1.9.4-post1 addresses those (and, unfortunately, I’m pretty sure there will be more).
Replay pcap files using sflowtool
It can be very useful to capture sFlow telemetry from production networks so that it can be replayed later to perform off-line analysis, or to develop or evaluate sFlow collection tools.
sudo tcpdump -i any -s 0 -w sflow.pcap udp port 6343Run the command above on the system you are using to collect sFlow data (if you aren't yet collecting sFlow, see Agents for suggested configuration settings). Type Control-C to end the capture after 5 to 10 minutes. Copy the resulting sflow.pcap file to your laptop.
docker run --rm -it -v $PWD/sflow.pcap:/sflow.pcap sflow/sflowtool \ -r /sflow.pcap -P 1Either compile the latest version of sflowtool or, as shown above, use Docker to run the pre-built sflow/sflowtool image. The -P (Playback) option replays the trace in real-time and displays the contents of each sFlow message. Running sflowtool using Docker provides additional examples, including converting the sFlow messages into JSON format for processing by a Python script.
docker run --rm -it -v $PWD/sflow.pcap:/sflow.pcap sflow/sflowtool \ -r /sflow.pcap -f 192.168.4.198/6343 -P 1The -f (forwarding) option takes an IP address and UDP port number as arguments, in this Continue reading