Interviewing for the “Ideal Candidate”: Looking for “Nerdvana”
I was going through a stock photo website the other day and came across a “formula” that was supposed to equal the “perfect job candidate”. I chuckled a little out loud. The person sitting next to me looked over at what was on my laptop screen. Paused. Then asked me what I look for when […]
Author information
The post Interviewing for the “Ideal Candidate”: Looking for “Nerdvana” appeared first on Packet Pushers Podcast and was written by Denise "Fish" Fishburne.
It’s 2015: “Supports IPv6″ should mean full support
It’s 2015. ARIN is finally out of IPv4 addresses, more than 20% of Google users in the US are using IPv6…and vendors are still doing a half-assed job with IPv6 support. I purchased a new TP-Link Wi-Fi router/modem recently, and it doesn’t fully support IPv6. It’s not good enough, and I will be returning it.
I purchased the Archer D5 “AC1200 Wireless Dual Band Gigabit ADSL2+ Modem Router.” The website blurb includes this:
IPv6 Supported. The next generation of Internet protocol, helping you to future-proof your network.
And the specifications page says: “IPv6 and IPv4 dual stack.”
I checked the documentation for how to configure IPv6. This FAQ walks through configuring IPv6 on several TP-Link devices. Note that it includes this line “…choose Connection type (Here we just set up PPPoE as an example, if you are not sure, please contact your IPv6 provider)”
In New Zealand, most ADSL services are delivered as PPPoA. The specifications page says this device supports PPPoA. My ISP provides native IPv6 via DHCPv6 PD. So everything should be good to go, right?
Not so much. The Archer D5 does indeed support PPPoA. It also supports IPv6 with DHCPv6 PD. But it Continue reading
[Ubuntu] New Repository for KVM & its Manager
As promised, I've just setup a Git repository on GitHub for all the very latest packages necessary for using KVM & its Manager onHow Hacking Team Helped Italian Special Operations Group with BGP Routing Hijack
As part of the Hacking Team fall out and all the details published on wikileaks, it became public knowledge that Hacking Team helped one of their customers Special Operations Group (ROS), regain access to Remote Access Tool (RAT) clients. ROS recommended using BGP hijacking and Hacking Team helped with the setup of new RAT CnC servers.
In this post we’ll take a closer look at the exact details of this incident and support the wikileaks findings with BGP data.
Raggruppamento Operativo Speciale and Hacking Team
The Raggruppamento Operativo Speciale or ROS is the Special Operations Group of the Italian National Military police. The group focuses on investigating organized crime and terrorism. Hacking Team sells its RAT software known as Remote Control System (RCS) to law enforcement and intelligence agencies, ROS included.
ROS infected and installed the RCS client on the machines of persons of interest (referred to in the emails as targets). These Remote Access Tools can provide ROS with all kinds of information and typically provide the tool’s operator with full access over a victim’s machine. The RCS clients normally need to check in with a server —for example a machine the clients can get their commands (orders) from— Continue reading
MikroTik and Ubiquity routers being Hijacked by Dyre Malware?
[adrotate banner=”4″]
Came across several interesting articles that claim there is a change in the way Dyre aka Upatre malware is spreading. Dyre seems to be getting a lot of press as it is used in browser hijacks to compromise online banking credentials and other sensitive private data. However, most recently – instead of infecting hosts, it appears to be compromising routers as well. Blogger krebsonsecurity.com writes:
Recently, researchers at the Fujitsu Security Operations Center in Warrington, UK began tracking Upatre being served from hundreds of compromised home routers — particularly routers powered by MikroTik and Ubiquiti’s AirOS.
As I first started researching this, I was wondering how they determined the router itself is compromised and not a host that sits on a NAT behind the router. Certainly different devices leave telltale signs visible in an IP packet capture that help point towards the true origin of a packet, so it’s possible that something was discovered in that way. It’s also possible the router isn’t being compromised via the Internet, but rather on the LAN side as it would be much easier for malware to scan the private subnet it sits on and attempt to use well known Continue reading
MikroTik and Ubiquity routers being Hijacked by Dyre Malware?
[adrotate banner=”4″]
Came across several interesting articles that claim there is a change in the way Dyre aka Upatre malware is spreading. Dyre seems to be getting a lot of press as it is used in browser hijacks to compromise online banking credentials and other sensitive private data. However, most recently – instead of infecting hosts, it appears to be compromising routers as well. Blogger krebsonsecurity.com writes:
Recently, researchers at the Fujitsu Security Operations Center in Warrington, UK began tracking Upatre being served from hundreds of compromised home routers — particularly routers powered by MikroTik and Ubiquiti’s AirOS.
As I first started researching this, I was wondering how they determined the router itself is compromised and not a host that sits on a NAT behind the router. Certainly different devices leave telltale signs visible in an IP packet capture that help point towards the true origin of a packet, so it’s possible that something was discovered in that way. It’s also possible the router isn’t being compromised via the Internet, but rather on the LAN side as it would be much easier for malware to scan the private subnet it sits on and attempt to use well known Continue reading
VMware NSX 101 – Components
Today I want to explain the basic components and the set-up of VMware NSX. In this case I’m referring to NSX for vSphere or NSX-V for short. I want to explain what components are involved, how you set them up for an initial deployment and what the requirements are.
Versioning
At time of this writing the latest release is NSX 6.1.4. This version added support for vSphere 6, although you cannot use any vSphere 6 feature in this release, there is support for the platform itself only.
vSphere
The first step is of course deploy your ESXi vSphere cluster with ESXi 5.5 or 6.0 with vCenter 5.5 or 6.0. I recommend using the vCenter Server Appliance (VCSA) instead of the Windows version. You will also need a Windows VM where the vSphere Update Manager is installed, this is not available as virtual appliance, only as Windows application. I also highly recommend installing an Active Directory server to manage all of your passwords. You will be installing a large amount of machines with all different usernames and possibly passwords. I recommend picking a very long and difficult one, as all VMware appliances seem to require Continue reading
Orhan Ergun October 2015 CCDE Bootcamp
Due to the high level of demand for the July Online CCDE bootcamp and the increase of individuals pursuing the CCDE, I have just added my next online class for the November 19th CCDE Practical exam. The class will not only include an overview of the technology concepts needed to pass the exam but also… Read More »
The post Orhan Ergun October 2015 CCDE Bootcamp appeared first on Network Design and Architecture.
Static routes
OpenContrail allows the user to specify a static route with a next-hop of an instance interface. The route is advertised within the virtual-network that the interface is associated with. This script can be used to manipulate the static routes configured on an interface.
I wrote it in order to setup a cluster in which overlay networks are used hierarchically. The bare-metal nodes are running OpenStack using OpenContrail as the neutron plugin; a set of OpenStack VMs are running a second overlay network using OpenContrail which kubernetes as the compute scheduler.
In order to provide external access for the kubernetes cluster, one of the kubernetes node VMs was configured as an OpenContrail software gateway.
This is easily achievable by editing /etc/contrail/contrail-vrouter-agent.conf to include the following snippet:
# Name of the routing_instance for which the gateway is being configured routing_instance=default-domain:default-project:Public:Public # Gateway interface name interface=vgw # Virtual network ip blocks for which gateway service is required. Each IP # block is represented as ip/prefix. Multiple IP blocks are represented by # separating each with a space ip_blocks=10.1.4.0/24
The vow interface can then be created via the following sequence of shell commands:
ip link add vgw type vhost ip Continue reading
Citizens of Tech 010 – Vinyl Glacier Robot Earthquakes
On today’s show recorded July 8th, 2015, we cover news from Amazon, review a cheap IP surveillance camera, dive deep on retina displays and how your eyeballs work, and do not discover extraterrestrial life. Also, robots duel, and glaciers cause earthquakes. Among other things!
The post Citizens of Tech 010 – Vinyl Glacier Robot Earthquakes appeared first on Packet Pushers.
Citizens of Tech 010 – Vinyl Glacier Robot Earthquakes
On today’s show recorded July 8th, 2015, we cover news from Amazon, review a cheap IP surveillance camera, dive deep on retina displays and how your eyeballs work, and do not discover extraterrestrial life. Also, robots duel, and glaciers cause earthquakes. Among other things!
The post Citizens of Tech 010 – Vinyl Glacier Robot Earthquakes appeared first on Packet Pushers.
Citizens of Tech 010 – Vinyl Glacier Robot Earthquakes
On today’s show recorded July 8th, 2015, we cover news from Amazon, review a cheap IP surveillance camera, dive deep on retina displays and how your eyeballs work, and do not discover extraterrestrial life. Also, robots duel, and glaciers cause earthquakes. Among other things!
Author information
The post Citizens of Tech 010 – Vinyl Glacier Robot Earthquakes appeared first on Packet Pushers Podcast and was written by Ethan Banks.
Plexxi Pulse – Bimodal IT: The future of network disruption?
Gartner refers to bimodal IT as “having two modes of IT, each designed to develop and deliver information- and technology-intensive services in its own way.”
If this week’s top articles are any indication, it’s certainly a topic that is at forefront everyone’s minds. We’ve especially been enjoying Kurt Marko’s series for Forbes. For some, bimodal is just another buzzword, but for others, it presents an entirely new way of approaching IT. It disrupts legacy IT, offering groundbreaking tactics for testing and rolling-out new technologies. No other area of IT needs this more than the network. As we’ve frequently discussed, storage and compute have evolved rapidly over the last decade, but networking has remained unchanged – despite huge shifts in the way we manage and move information. The articles below are certainly a good start to a lengthy discussion. Enjoy!
Forbes: Bimodal IT Doesn’t Mean Bipolar Organizations: The Path to IT Transformation
By Kurt Marko
Never underestimate a buzzword’s power to frame the discussion. As I recently discussed, the term bimodal IT has captured the imagination and polemical energy of technology commentators and like many IT discussions in the age of 140-character commentary, it often degenerates into polarized, all-or-nothing Continue reading
SDxCentral Weekly News Roundup — July 10, 2015
OpenStack needs a new 'M'; cloud pricing wars continue; Aryaka takes the cloud to Africa; and vArmour meets Nutanix.