Notes on setting up Raspberry Pi 3 as WiFi hotspot

I want to sniff the packets for IoT devices. There are a number of ways of doing this, but one straightforward mechanism is configuring a "Raspberry Pi 3 B" as a WiFi hotspot, then running tcpdump on it to record all the packets that pass through it. Google gives lots of results on how to do this, but they all demand that you have the precise hardware, WiFi hardware, and software that the authors do, so that's a pain.


I got it working using the instructions here. There are a few additional notes, which is why I'm writing this blogpost, so I remember them.
https://www.raspberrypi.org/documentation/configuration/wireless/access-point.md

I'm using the RPi-3-B and not the RPi-3-B+, and the latest version of Raspbian at the time of this writing, "Raspbian Stretch Lite 2018-3-13".

Some things didn't work as described. The first is that it couldn't find the package "hostapd". That solution was to run "apt-get update" a second time.

The second problem was error message about the NAT not working when trying to set the masquerade rule. That's because the 'upgrade' updates the kernel, making the running system out-of-date with the files on the disk. The solution to that is make Continue reading

My letter urging Georgia governor to veto anti-hacking bill

February 16, 2018

Office of the Governor
206 Washington Street
111 State Capitol
Atlanta, Georgia 30334


Re: SB 315

Dear Governor Deal:

I am writing to urge you to veto SB315, the "Unauthorized Computer Access" bill.

The cybersecurity community, of which Georgia is a leader, is nearly unanimous that SB315 will make cybersecurity worse. You've undoubtedly heard from many of us opposing this bill. It does not help in prosecuting foreign hackers who target Georgian computers, such as our elections systems. Instead, it prevents those who notice security flaws from pointing them out, thereby getting them fixed. This law violates the well-known Kirchhoff's Principle, that instead of secrecy and obscurity, that security is achieved through transparency and openness.

That the bill contains this flaw is no accident. The justification for this bill comes from an incident where a security researcher noticed a Georgia state election system had made voter information public. This remained unfixed, months after the vulnerability was first disclosed, leaving the data exposed. Those in charge decided that it was better to prosecute those responsible for discovering the flaw rather than punish those who failed to secure Georgia voter information, hence this law.

Too many security experts oppose Continue reading

Should I Take CCIE DC or ipSpace.net Data Center Online Course?

Got this question from a networking engineer who couldn’t decide whether to go for CCIE Data Center certification or attend my Building Next-Generation Data Center online course:

I am considering pursuing CCIE DC. I found your Next-Generation DC course very interesting. Now I am bit confused trying to decide whether to start with CCIE DC first and then do your course.

You might be in a similar position, so here’s what I told him.

Read more ...

Cleared JNCIS-Devops

Last week I went to write JNCIS-Devops exam, I was under an impression that I may not be able to clear it but good did happen!

First and Foremost

-> I had the official training for JAUTcourse – The course is extremetly helpful as it provides the precise material and also the structured lab environment for you to explore and study, nothing beats a class-room study and training environment

But, after appearing I can tell you that you dont really require the offiicial training (if that is the only thing stopping you to think about the exam), the exam will test you for your understanding of automation philosophy and also how Juniper Implements it.

Topics of Interest

– Juniper  pyez – understand how everything helps in Pyez

Dayone Books Helps – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/junos-pyez-cookbook/

– Juniper ansible – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/junos-pyez-cookbook/

-Book – Network Programmability and Automation

https://www.safaribooksonline.com/library/view/network-programmability-and/9781491931240/

— Jsnapy – https://www.juniper.net/uk/en/training/jnbooks/day-one/automation-series/using-jsnap-automate-network-verifications/

All you need to have are couple of VMX devices a Linux machine and you should be able to deploy all of the automation efforts discussed in above books.

You dont have to know the code in your head or how to write a Continue reading

ipSpace.net Subscription Now Available with PayPal

Every second blue moon someone asks me whether they could buy ipSpace.net subscription with PayPal. So far, the answer has been no.

Recently we started testing whether we could use Digital River to solve a few interesting challenges we had in the past, and as they offer PayPal as a payment option, it seemed to be a perfect fit for a low-volume trial.

The only product that you can buy with PayPal during the trial is the standard subscription – just select PayPal as the payment method during the checkout process.

Finally: the first three subscribers using PayPal will get extra 6 months of subscription.

Let’s stop talking about password strength

Picture from EFF -- CC-BY license
Near the top of most security recommendations is to use "strong passwords". We need to stop doing this.

Yes, weak passwords can be a problem. If a website gets hacked, weak passwords are easier to crack. It's not that this is wrong advice.

On the other hand, it's not particularly good advice, either. It's far down the list of important advice that people need to remember. "Weak passwords" are nowhere near the risk of "password reuse". When your Facebook or email account gets hacked, it's because you used the same password across many websites, not because you used a weak password.

Important websites, where the strength of your password matters, already take care of the problem. They use strong, salted hashes on the backend to protect the password. On the frontend, they force passwords to be a certain length and a certain complexity. Maybe the better advice is to not trust any website that doesn't enforce stronger passwords (minimum of 8 characters consisting of both letters and non-letters).

To some extent, this "strong password" advice has become obsolete. A decade ago, websites had poor protection (MD5 hashes) and no enforcement of complexity, so it Continue reading

Introducing the new Cumulus VP of Engineering

It’s a new era for Cumulus technology. We’re thrilled to announce the new Cumulus VP of Engineering – Partho Mishra. Partho joins Cumulus with 25 years of experience in product definition, engineering development and technology evangelization in data science/analytics, wireless and networking.

A truly experienced leader

Prior to joining Cumulus, Partho was running the RASA Network Analytics team at Aruba where he lead as CEO and then VP after RASA was acquired by Aruba in 2016. At RASA analytics, Partho’s team was in charge of developing a product that used ML/AI techniques to analyze data collected from network infrastructure to help Aruba customers with optimizing their wireless network and improving user experience.

Previously, he was Vice President and General Manager of Cisco’s Service Provider Access Business Unit with responsibility for Metro-Ethernet and Wireless Backhaul products including the ASR 901, ASR 903, ME 3400 and CPT 50 products.

Partho is no stranger to bringing startups to the next level. Prior to being acquired, RASA was a VC-funded startup with Khosla Ventures as the lead investor. Additionally, he was involved as part of the initial technology/founding teams in two Silicon Valley start-ups: Airgo Networks (acquired by Qualcomm) and Iospan Wireless (acquired by Continue reading

Worth Reading: The Death of Expertise

Bruno Wollman pointed me to an excellent article on the ignorance of expertise and confidence of the dumb. Here’s the TL&DR summary (but you should really read the whole thing):

  • The expert isn’t always right;
  • An expert is far more likely to be right than you are;
  • Experts come in many flavors – usually you need a combination of education and expertise;
  • In any discussion, you have a positive obligation to learn at least enough to make the conversation possible. University of Google doesn’t count;
  • While you’re entitled to have an opinion, having a strong opinion isn’t the same as knowing something.

Enjoy ;)

Embark on your Docker Containerization journey at DockerCon 2018

DockerCon is the premier container conference where the IT industry comes together to learn, belong, and collaborate on the different phases of the containerization journey. This year, we’re focusing on helping our 6,000+ attendees define their containerization journeys. Whether you’re a developer just getting started with Docker or an Enterprise systems architect ready to scale and innovate, at DockerCon we’ll help you map out and implement a containerization strategy for you, your team and your company.

DockerCon 2018

Throughout the four days, you’ll have the chance to design your own DockerCon journey – selecting from 7 different breakout session tracks, a collection of free hands-on labs and workshops, and our peer to peer networking Hallway Track.

This year at DockerCon we’re designing our conference around the containerization journey and providing opportunities for our attendees to create tailored learning and networking experiences for their particular needs.

We’ve identified four stages of the containerization journey that will be present at DockerCon 2018:

The event program is designed to be a “choose your own adventure,” allowing every attendee to find the content, people, trainings, and labs that are right for them. Maybe you’re new to the Docker platform and are looking for more information on Continue reading

The Battle Of The InfiniBands, Part Two

For decades, the IT market has been obsessed with the competition between suppliers of processors, but there are rivalries between the makers of networking chips and the full-blown switches that are based on them that are just as intense. Such a rivalry exists between the InfiniBand chips from Mellanox Technologies and the Omni-Path chips from Intel, which are based on technologies Intel got six years ago when it acquired the InfiniBand business from QLogic for $125 million.

At the time, we quipped that AMD needed to buy Mellanox, but instead AMD turned right around and shelled out $334 million to

The Battle Of The InfiniBands, Part Two was written by Timothy Prickett Morgan at The Next Platform.

Join NSX at RSA, Dell Technologies World, and Interop Conferences

 

Conference season is upon us, and the NSX team will be out in full effect. Join us at any of the following events to get a demo, ask us questions, and hear us wax poetic about all things security and network virtualization!

RSA Conference

April 16–20, 2018
Moscone Center
San Francisco, CA
Booth #4101, North Hall

NSX is delighted to attend everyone’s favorite security conference, RSA. This year’s theme is “Now Matters,” aptly named in time with the astounding number of threats to cybersecurity and data breaches we’ve collectively seen in the news this year. That said, don’t miss a great talk on how app architecture “now matters” when it comes to transforming security by Tomrn, Senior Vice President and General Manager, Security Products, VMware. His session will be on April 17 from 1:00pm–1:45pm. The team will also be doing demos at the VMware booth (#4101 in the North Hall) – so be sure to swing by and chat with us about our offerings. 

 

VMware Speaking Sessions at RSA Conference:

NSX Mindset Reception:

Join us for a NSX Mindset reception with VMware Continue reading

PQ 145: Greg And Ivan Have A Chat

In the ten or so years I ve been blogging, Ivan Pepelnjak has been constant figure in the tech industry. His prolific blogging and sharing of knowledge is one of the inspirations for my own entry into blogging. Over the years, we have usually agreed violently on most things and disagreed on others.

His ipSpace website has grown from a blog into a membership and more recently into a consulting service.

On today’s Priority Queue, Ivan and I talk about automation, intent, product quality and what can be done to improve it, the direction private clouds might take, and whatever else catches our fancy.

Sponsor: Paessler AG

Paessler AG is the maker of PRTG Network Monitor. PRTG monitors your whole IT infrastructure 24/7 and alerts you to problems before users even notice. Find out more about the monitoring software that helps system administrators work smarter, faster, better. Visit paessler.com today.

Show Links:

IPSpace.net

Blog.ipspace.net

Ivan Pepelnjak on Twitter

The post PQ 145: Greg And Ivan Have A Chat appeared first on Packet Pushers.

Link Propagation 114

Welcome to Link Propagation, a Packet Pushers newsletter. Link Propagation is included in your free membership. Each week we scour the InterWebs to find the most relevant practitioner blog posts, tech news, and product announcements. We drink from the fire hose so you can sip from a coffee cup. Blogs Getting started with Salt for […]

IDG Contributor Network: Identifying the top 6 IoT platform microservice categories for small and medium enterprise deployments

Last week, I received an email from Checkfluid, an Ontario, Canada-based enterprise that builds oil quality sensors and oil sampling valves for equipment condition monitoring and predictive maintenance. Like all executives who contact us with good Internet of Things (IoT) questions, Checkfluid’s President Mike Hall was asking my opinion of best-in-class IoT platforms to power his company's journey into IoT. “As we start the product development process, it is important to make the best IoT platform choice possible as this decision could be with us for a long time,” stated Hall. As we know, identifying a high quality, scalable, easy-to-use IoT platform makes a huge difference in an enterprise’s IoT deployment.To read this article in full, please click here

1 1,664 1,665 1,666 1,667 1,668 3,860