Two years ago we blogged about our love of BPF (BSD packet filter) bytecode.
CC BY 2.0 image by jim simonson
Then we published a set of utilities we are using to generate the BPF rules for our production iptables: the bpftools.
Today we are very happy to open source another component of the bpftools: our p0f BPF compiler!
p0f is a tool written by superhuman Michal Zalewski. The main purpose of p0f is to passively analyze and categorize arbitrary network traffic. You can feed p0f any packet and in return it will derive knowledge about the operating system that sent the packet.
One of the features that caught our attention was the concise yet explanatory signature format used to describe TCP SYN packets.
The p0f SYN signature is a simple string consisting of colon separated values. This string cleanly describes a SYN packet in a human-readable way. The format is pretty smart, skipping the varying TCP fields and keeping focus only on the essence of the SYN packet, extracting the interesting bits from it.
We are using this on daily basis to categorize the packets that we, at CloudFlare, see when we are a target Continue reading
Many companies rely on WiFi and 4G/LTE to connect their remote sites, EMA study finds.
Distil CEO mentions they are looking into another small acquisition.
Follow these basic steps to secure and streamline network device management.
I stumbled upon a great ACM article comparing challenges of distributed systems with well-known milestones of modern physics.
The modern networks are probably the ultimate distributed systems. Now take the ideas from that article and apply them to the Centralized Control Plane concept (the last time I checked the marketers were still promoting that academic marvel).
AT&T Unveils Network Functions on Demand in 76 Countries, Former Cisco Executives Form Startup, Google Joins CORD.