NetBIOS
How does the internet work - We know what is networking
Sytek Inc developed NetBIOS in 1983 as an API (a specification proposed for using it as an interface to communicate by software parts) for software contact over IBM PC LAN networking technology. The Network Basic Input/Output System (NetBIOS) was at first introduced by IBM (a company, which is running IT consultation and computer technology business […]
Applescript – Rename PDF to Title from Metadata
Today I downloaded a the full set of Configuration and Command references for the HP 12500 Series Switch from HP.com. When I looked in my download finder they were all helpfully named "cXXXXXX.pdf". Interestingly enough the title in the metadata seemed to be correct, so I wrote an AppleScript to batch rename them.
Grabbing IETF RFCs and I-Ds in ebook format using rsync
IETF drafts get no love from my Tablet. I 've tried sending drafts to Instapaper for offline reading, I've tried using Readability but all of these fail to render correctly. Is it too much to ask to be able to read RFC's on the go?
Fortunately I found that the RFCs and I-D's are published to tools.ietf.org in both epub and mobi formats. To pull the full list of epub:
rsync -avz --include="*.epub" --exclude="*" rsync.tools.ietf.org::tools/ebook/ /destination
And for mobi:
rsync -avz --include="*.mobi" --exclude="*" rsync.tools.ietf.org::tools/ebook/ /destination
These are pretty hefty downloads so you might want to tailor these to your current needs by creating using a txt file full of include rules, lets call it filter.txt
Working Group RFC & Internet Drafts
Add lines like this to your filter.txt to download the latest RFCs and I-Ds for the WGs you are following:
*lisp*.mobi
*conex*.mobi
*nvo3*.mobi
*tsvwg*.mobi
Published RFCs
To download the mother load of RFCs add the following line:
rfc.mobi
Published RFCs by Area
To download RFCs by Area add the following:
area.rtg.mobi
area. Continue readingGrabbing IETF RFCs and I-Ds in ebook format using rsync
IETF drafts get no love from my Tablet. I 've tried sending drafts to Instapaper for offline reading, I've tried using Readability but all of these fail to render correctly. Is it too much to ask to be able to read RFC's on the go?
Grabbing IETF RFCs and I-Ds in ebook format using rsync
IETF drafts get no love from my Tablet. I 've tried sending drafts to Instapaper for offline reading, I've tried using Readability but all of these fail to render correctly. Is it too much to ask to be able to read RFC's on the go?
Cisco UCS B200 M3: “Invalid Adaptor IOcard”
I received two brand spanking new B200 M3 blade servers for a new project. These bad boys are packing 393GB of RAM and two Intel Xeon E5-2680 2.7GHz 8-core processors each. I wanted to get these installed as soon as possible, so I could make sure the firmware was up to current (they came with 2.0(3c), which is what I’m running) and apply service profiles to them. At the end of the initial deep hardware discovery, I received a strange error in UCSM - “Invalid Adaptor Iocard”:Cisco UCS B200 M3: “Invalid Adaptor IOcard”
I received two brand spanking new B200 M3 blade servers for a new project. These bad boys are packing 393GB of RAM and two Intel Xeon E5-2680 2.7GHz 8-core processors each. I wanted to get these installed as soon as possible, so I could make sure the firmware was up to current (they came with 2.0(3c), which is what I’m running) and apply service profiles to them. At the end of the initial deep hardware discovery, I received a strange error in UCSM - “Invalid Adaptor Iocard”:How to prevent or stop DoS attacks?
How does the internet work - We know what is networking
The response and prevention In order to defend against Denial of Service attacks the combination of attack detection use is typically involved in it, classification of traffic as well as response tools, and the target is to block traffic if identified as illegal and permit the legal traffic only after identifying it. Below is a […]
BGP Decision Process
Cisco’s BGP decision process basically decides which BGP route to take when comparing multiple prefixes to the same destination. It is a rather long process and somewhat tricky. Below, I created a quick reference to its steps.
Before I talk about each step I would like to discuss in what order are multiple prefixes compared. For example if you have three prefixes to 10.2.0.0/16 how do you compare all three at once? By default Cisco’s algorithm will compare the younger prefixes to the older and finally compare the oldest to the winner.
The rest of this post are my notes on the BGP decision process. Hopefully you’ll find it useful.
BGP Preconditions
For any path to be considered valid it has to meet these requirements.
- Next-hop IP address of that path is reachable.
- The local AS number is not part of the AS_PATH (basic loop prevention).
- If BGP synchronization is enabled, the candidate prefix is in the IGP routing table. If using OSPF, router-ID have to match for the OSPF and BGP process.
- The BGP prefix is not dampened.
- With inbound soft resets enabled, make sure that no BGP polices are filtering the candidate prefix.
1 Continue reading
DoS Methods – PDoS, Permanent DoS attacks
How does the internet work - We know what is networking
A PDoS or permanent denial-of-service, also referred to as phlashing, is a severe attack that completely damage a system as a result of which the system’s reinstallation of hardware or replacement is required. A PDoS attack exploits the flaws of security which further permits the administration present far away on the hardware of the victim […]
MPLS – Multiprotocol Label Switching
How does the internet work - We know what is networking
There is so much about MPLS and how MPLS works. Here I wrote some simple introductory lines about it but only from one perspective. The costumer side one. There is nothing here about BGP and all the things that need to be done and configured in order for MPLS to function in ISP cloud. As […]
DoS Methods – ICMP and SYN flood, Teardrop and Low-rate DoS attacks
How does the internet work - We know what is networking
ICMP flood Smurf attack is one specific form of a flooding DoS attack that occurs on the public Internet. It solely depends on incorrect configuration network equipments that permit packets that are supposed to be sent to all hosts of computer on a specific network not via any machine but only via network’s broadcast address. […]
DoS Methods – ICMP and SYN flood, Teardrop and Low-rate DoS attacks
FEX Architectures
Here is an old post I never finished. With the benefits of the Nexus 2000 and the FEX architecture (a earlier post), scalability, simplified management, flexibility, Cisco extended its use further into the servers all the way up to the virtual hosts.This allows much greater control and flexibility. After all network guys should look after […]
Few ways scripting can keep you sane
C’est la vie, it has been almost a year since I posted on the blog, a year full of change, but here I am kicking up again with this simple short post about how scripting could save you time and effort on daily basis. I know most of you might be using those free or [...] No related posts. Related posts brought to you by Yet Another Related Posts Plugin.New version of BGPmon.net
As many of you are aware, BGPmon.net has been offered as a free service since becoming publically available in 2008. From its inception the service has been funded largely by myself. Now, due to ever-increasing popularity, it has become unsustainable to run the service on personal funds and my available time. I have reached a branch in the road: BGPmon.net must either become financially self-supporting, reduce its scope or cease. Clearly the latter options would waste the project’s potential and accomplishments.
So I’m happy to announce that as of today BGPmon.net services will be available in two flavors: a free ‘entry level’ service and a full-featured premium commercial service.
With these changes, BGPmon.net will become more sustainable and provide better support, and allow us to continue improving services while adding new features.
What to expect
Our base services remain free, but with a limited feature set and up to 5 prefixes per account.
The premium commercial service allows you to monitor as many prefixes as needed and provides the full-feature set on a new powerful platform. The routing report, SOAP API and additional email address features are now part of the premium service. Pricing details can Continue reading
DDoS – Distributed Denial of Service attack
How does the internet work - We know what is networking
When a number of systems i.e. one or more than one web server floods the resources and bandwidth of a targeted system then a distributed denial of service attack (DDoS) takes place, Different types of methods are used by attackers in order to compromise the systems. It is the malware that can carry out the […]
TCP Small Queues
Linux 3.6 just shipped. As I’ve noted before, bloat occurs in multiple places in an OS stack (and applications!). If your OS TCP implementation fills transmit queues more than needed, full queues will cause the RTT to increase, etc. , causing TCP to misbehave. Net result: additional latency, with no increase in bandwidth performance. TCP small queues reduces the buffering without sacrificing performance, reducing latency.
To quote the Kernel Newbies page:
TCP small queues is another mechanism designed to fight bufferbloat. TCP Small Queues goal is to reduce number of TCP packets in xmit queues (qdisc & device queues), to reduce RTT and cwnd bias, part of the bufferbloat problem. Without reduction of nominal bandwidth, we have reduction of buffering per bulk sender : < 1ms on Gbit (instead of 50ms with TSO) and < 8ms on 100Mbit (instead of 132 ms).
Eric Dumazet (now at Google) is the author of TSQ. It is covered in more detail at LWN. Thanks to Eric for his great work!
The combination of TSQ, fq_codel and BQL (Byte Queue Limits) gets us much of the way to solving bufferbloat on Ethernet in Linux. Unfortunately, wireless remains a challenge (the drivers Continue reading
DoS and DDoS – Denial of Service attacks
How does the internet work - We know what is networking
DoS – Denial of Service attack The concept behind the design of DoS attack is interfering in the normal functions of a server, web site, or other resources of a network. The hackers and even the virus writers can use number of ways in order to get this job done. One of the most common […]
ASA Double Nat in 8.4+
Recently I was faced with an issue outside my normal expertise… those of you that know me realize I am anything but a security engineer. But in reality, you must always expand your horizons. One of the projects I’m working on involves migrating between two edge networks. Obviously, for a time there has to be traffic using both networks while you migrate services from one network to the other. This creates an issue from services that may be NAT’d from the inside of the network, where as the current (read: old) default route takes them out a different connection..
In order to solve this, you need to either change the default route, which may not be possible, or start NAT’ing the source address of your traffic. It took me a bit of time to get the details worked out, so I wanted to share what I found out.
Plain Jane Static NAT
Since 8.3, NAT has changed quite a bit. The most obvious change is the use of Object groups pretty much everywhere. In some ways, this simplifies the config. In others, not so much. Basic static NAT takes the form of a single object group that defines the Continue reading
My MacBook Air Docking Solution
I decomissioned my CustoMac to return it to its origins as a gaming rig. This was mainly due to the fact that trying to keep my MacBook and CustoMac in sync was turing out to be very labour intensive... This means I am using my Macbook Air as my main office PC but its limited I/O was proving to be a little bit of a problem!
I needed:
- 1 x DVI or HDMI to hook it up to my monitor
- 1 x 10/100 or 1000 Ethernet as Wireless is not fast enough (especially for Time Machine)
- 1 x Headphone and 1 x Mic ports to work with my existing headset
- 1 x USB for my Webcam
- 2 x spare USB for Memory sticks etc...
While the new range of Thunderbolt docks will be available later this year from the likes of Belkin and Matrox they will be priced in the £200-300GBP range (Expansys have the Belkin dock listed at £279). While it offers all the I/O I want over a high bandwidth connection I don't think I can justify spending over 1/4 the cost of the laptop itself on one... so I came up with a homebrew solution for under Continue reading