Using InfluxDB + Grafana to Display Network Statistics

I loathe MRTG graphs. They were cool in 2000, but now they’re showing their age. We have much better visualisation tools available, and we don’t need to be so aggressive with aggregating old data. I’ve been working with InfluxDB + Grafana recently. Much cooler, much more flexible. Here’s a walk-through on setting up InfluxDB + Grafana, collecting network throughput data, and displaying it.

Background – InfluxDB + Grafana

There’s three parts to this:

  • Grafana: This is our main UI. Grafana is a “…graph and dashboard builder for visualizing time series metrics.” It makes it easy to create dashboards for displaying time-series data. It works with several different data sources such as Graphite, Elasticsearch, InfluxDB, and OpenTSDB.
  • InfluxDB: This is where we store the data that Grafana displays. InfluxDB is “…an open-source distributed time series database with no external dependencies.” It’s a relatively new project, and is not quite at 1.0 yet, but it shows a lot of promise. It can be used in place of Graphite. It is very flexible, and can store events as well as time series data.
  • Influxsnmp: We need to get data from the network into InfluxDB. There are a few options for Continue reading

Despite takedown, the Dridex botnet is running again

Spam emails containing the Dridex malware are being seen almost daily despite the arrest of one of its key operators in August.The finding confirms that while law enforcement can claim temporary victories in fighting cybercriminal networks, it's sometimes difficult to completely shut down their operations.The U.S. Department of Justice said on Oct. 13 it was seeking the extradition of a 30-year-old Moldovan man, Andrey Ghinkul. Prosecutors allege he used Dridex malware to steal US$10 million from U.S. companies and organizations.To read this article in full or to leave a comment, please click here

Setup GNS3 Automation Network in OSX

I have been working to learn how to use Python to automate interactions with network devices.  Due to what I have in my lab and the fact that we have GNS to model Cisco Networks I started with IOS.  In order to really test out the automation scripts I have been building, I felt it …

FCC to publish weekly list of robocallers and robotexters

Don’t you hate it when you receive a spammy text message or an unwanted robocall or telemarketing call? The FCC said it received over 215,000 complaints from consumers last year, which averages out to about 590 per day. Last week, in its newest efforts to bring down the hammer on spammers, the FCC started releasing robocall and telemarketing consumer complaint data which will be updated every week; the purpose of such name/blame/shame weekly lists is “to help developers build and improve ‘do-not-disturb’ technologies that allow consumers to block or filter unwanted calls and texts.”To read this article in full or to leave a comment, please click here

FCC to publish weekly name-shame-blame list of robocallers and robotexters

Don’t you hate it when you receive a spammy text message or an unwanted robocall or telemarketing call? The FCC said it received over 215,000 complaints from consumers last year, which averages out to about 590 per day. Last week, in its newest efforts to bring down the hammer on spammers, the FCC started releasing robocall and telemarketing consumer complaint data which will be updated every week; the purpose of such name/blame/shame weekly lists is “to help developers build and improve ‘do-not-disturb’ technologies that allow consumers to block or filter unwanted calls and texts.”To read this article in full or to leave a comment, please click here

Transport Protocols

One of the early refinements in the Internet protocol model was the splitting of the original Internet protocol from a single monolithic protocol specification into the Internet Protocol (IP) and a pair of transport protocols. The Internet Protocol layer is intended to be used by the internal switches within the network to forward the packet to its intended destination, while the Transport Protocol layer is intended to be used by the source and destination systems. In this article I’d like to look at what we’ve been doing since then with these transport protocols.

Someone just bought your smart home. Did they get your data, too?

It's move-in day, and you finally have the papers and the keys for your new home. But do you have the passwords?That's one of the questions homebuyers and renters should be asking themselves now that connected devices like locks, lights and thermostats are growing more common, according to the Online Trust Alliance. The industry group joined up with the U.S. National Association of Realtors to compile a checklist for anyone moving in or out of a connected home.Built-in Internet of Things gear can make a new residence like a gadget you'd buy from an electronics store, with the added complication that someone else configured and used it before you did. Access to connected-home devices can mean a view into intimate information about how someone lives, or how they lived before they moved out: Door locks and thermostats might record when you're home, lights note what rooms you spend your time in, and security cameras keep an eye on you.To read this article in full or to leave a comment, please click here

Dumb, dumber, and cybersecurity

The reason you got hacked is because you listen to dumbasses about cybersecurity, like Microsoft.

An illustrative example is this article on "10 steps to protect" yourself. The vast majority of cyber threats to a small business are phishing, password reuse, and OWASP threats like SQL injection. That article addressed none of these threats.


But it gets better.

At the bottom of that article is a link to this "Cyber Security IQ" quiz at Microsoft's small-business website. The first question asks about password sharing. I show their "right" answer here:


Their correct answer is "None of the above", meaning that it's not okay to share your passwords with anybody. But this is nonsense. For your work account, of course it's okay to share your password with your boss. In fact, it's often necessary.

There have been several court cases where IT administrators have been fired, where the companies later found that the fired employee is the only one with passwords to certain critical systems. The (former) administrators were prosecuted for refusing to give their former bosses the passwords.

If your boss demands your password to your corporate accounts, of course you must give them your password.


But it Continue reading

Ethics of killing Hitler

The NYTimes asks us: if we could go back in time and kill Hitler as a baby, would we do it? There's actually several questions here: emotional, moral, and ethical. Consider a rephrasing of the question to focus on the emotional question: could you kill a baby, even if you knew it would grow up and become Hitler?


But it's the ethical question that comes up the most often, and it has real-world use. It's pretty much the question Edward Snowden faced: should he break his oath and disclose the NSA's mass surveillance of Americans?

I point this out because my ethical response is "yes, and go to jail". The added "and go to jail" makes it a rare response -- lots of people are willing to kill Hitler if they don't suffer any repercussions.

For me, the hypothetical question is "If you went back in time and killed Hitler, would you go to jail for murder?". My answer is "yes". I'd still do my best to lessen the punishment. I'd hire the best lawyer to defend me. It's just that I would put judgement of my crime or heroism in the hands of others. I would pay Continue reading

MikroTik – CCR1072-1G-8S+ – PPPoE testing preview – 30,000 connections and queues.

 

[adrotate banner=”5″]

 

Why we chose PPPoE as the next test

First of all, thanks to everyone for all the positive feedback, comments and questions about the CCR1072-1G-8S+ testing we have been posting in the last few months.  Even MikroTik has taken an interest in this testing and we have gotten some great feedback from them as well.

We received more questions about the PPPoE capabilities of the CCR1072-1G-8S+  than any other type of request. Since we have already published the testing on BGP, throughput and EoIP, we have decided to tackle the PPPoE testing to understand where the limits of the CCR1072-1G-8S+ are. This is only a preview of the testing as we are working on different methods of testing and config, but this will at least give you a glimpse of what is possible.

30,000 PPPoE Connections !!!!

30k-pppoe

Overview of PPPoE connections and CPU load

30k-PPPoE-overview

PRTG Monitoring

We have started using PRTG in the StubArea51.net lab as it makes monitoring of resource load over time much easier when we are testing. Check it out as it is free up to 100 sensors and works very well with MikroTik

https://www.paessler.com/prtg/download

PRTG CPU Profile 

30k-PPPoE-CPU-total-prtg

 

PRTG PPPoE Continue reading

MikroTik – CCR1072-1G-8S+ – PPPoE testing preview – 30,000 connections and queues.

 

[adrotate banner=”5″]

 

Why we chose PPPoE as the next test

First of all, thanks to everyone for all the positive feedback, comments and questions about the CCR1072-1G-8S+ testing we have been posting in the last few months.  Even MikroTik has taken an interest in this testing and we have gotten some great feedback from them as well.

We received more questions about the PPPoE capabilities of the CCR1072-1G-8S+  than any other type of request. Since we have already published the testing on BGP, throughput and EoIP, we have decided to tackle the PPPoE testing to understand where the limits of the CCR1072-1G-8S+ are. This is only a preview of the testing as we are working on different methods of testing and config, but this will at least give you a glimpse of what is possible.

30,000 PPPoE Connections !!!!

30k-pppoe

Overview of PPPoE connections and CPU load

30k-PPPoE-overview

PRTG Monitoring

We have started using PRTG in the StubArea51.net lab as it makes monitoring of resource load over time much easier when we are testing. Check it out as it is free up to 100 sensors and works very well with MikroTik

https://www.paessler.com/prtg/download

PRTG CPU Profile 

30k-PPPoE-CPU-total-prtg

 

PRTG PPPoE Continue reading

1 3,220 3,221 3,222 3,223 3,224 3,787