Writing a Custom IPAM Application

Four years ago, I lamented the lackluster selection of IPAM applications available for service providers. Unfortunately, it seems not much has changed lately. I was back to exploring IPAM offerings again recently, this time with the needs of a cloud hosting provider in mind. I demoed a few tools, but none of them seemed to fit the bill (or they did, but were laughably overpriced).

So, I decided to write my own. In my rantings a few years back, I had considered this option:

Could I create a custom IPAM solution with everything we need? Sure! The problem is that I'm a network engineer, not a programmer (a natural division of labor which, it seems, is mostly to blame for the lack of robust IPAM solutions available). Even if I had the time to undertake such a project, I have little interest in providing long-term maintenance of it.

My opinion has not changed, but I've come to realize that if I want a tool that fits my requirements, I will need to build it. And after surprisingly little time, I'm happy to report that I have now have a kick-ass IPAM tool that does exactly what I want it to.

Continue reading

Writing a Custom IPAM Application

Four years ago, I lamented the lackluster selection of IPAM applications available for service providers. Unfortunately, it seems not much has changed lately. I was back to exploring IPAM offerings again recently, this time with the needs of a cloud hosting provider in mind. I demoed a few tools, but none of them seemed to fit the bill (or they did, but were laughably overpriced).

So, I decided to write my own. In my rantings a few years back, I had considered this option:

Could I create a custom IPAM solution with everything we need? Sure! The problem is that I'm a network engineer, not a programmer (a natural division of labor which, it seems, is mostly to blame for the lack of robust IPAM solutions available). Even if I had the time to undertake such a project, I have little interest in providing long-term maintenance of it.

My opinion has not changed, but I've come to realize that if I want a tool that fits my requirements, I will need to build it. And after surprisingly little time, I'm happy to report that I have now have a kick-ass IPAM tool that does exactly what I want it to.

Continue reading

MacKeeper customers can file a claim to get their money back

Customers of the oft-criticized security and performance program MacKeeper have until Nov. 30 to file a claim for reimbursement, the result of a proposed class-action suit settlement.Those who bought MacKeeper before July 8 are eligible, according to the settlement website where claims can be filed.The class action suit accused MacKeeper’s original developer, ZeoBIT, of deceptively advertising the program and making false claims about what it could fix. It was filed in May 2014 in the U.S. District Court for the Western District of Pennsylvania.To read this article in full or to leave a comment, please click here

$32 RollJam Device can break into most cars and garage doors

When car manufacturers hear Samy Kamkar’s name, they likely cringe as Kamkar has been on a car-cracking spree. About a week after he unveiled OwnStar, Kamkar was at Def Con 23 presenting “Drive It Like You Hacked It: New Attacks and Tools to Wirelessly Steal Cars.”At the end of July, Kamkar revealed his $100 OwnStar device that could “locate, unlock and remote start any vehicle with OnStar RemoteLink after intercepting communications between the RemoteLink mobile app and OnStar servers.” GM quickly patched the OnStar app.To read this article in full or to leave a comment, please click here

Internal LTE/3G modems can be hacked to help malware survive OS reinstalls

With their own dedicated processor and operating system, LTE/3G modems built into new business laptops and tablets could be a valuable target for hackers by providing a stealthy way to maintain persistent access to an infected device.In a presentation Saturday at the DEF CON security conference in Las Vegas, researchers Mickey Shkatov and Jesse Michael from Intel’s security group demonstrated how a malware program installed on a computer could rewrite the firmware of a popular Huawei LTE modem module that’s included in many devices.The module runs a Linux-based OS, more specifically a modification of Android, that is completely independent from the computer’s main operating system. It’s connected to the computer through an internal USB interface, which means that it could be instructed to emulate a keyboard, mouse, CD-ROM drive, network card, or other USB device. Those would appear connected to the primary OS.To read this article in full or to leave a comment, please click here

Many to Many Multicast – PIM BiDir

Introduction

This post will describe PIM Bidir, why it is needed and the design considerations for using PIM BiDir. This post is focused on technology overview and design and will not contain any actual configurations.

Multicast Applications

Multicast is a technology that is mainly used for one-to-many and many-to-many applications. The following are examples of applications that use or can benefit from using multicast.

One-to-many

One-to-many applications have a single sender and multiple receivers. These are examples of applications in the one-to-many model.

Scheduled audio/video: IP-TV, radio, lectures

Push media: News headlines, weather updates, sports scores

File distributing and caching: Web site content or any file-based updates sent to distributed end-user or replicating/caching sites

Announcements: Network time, multicast session schedules

Monitoring: Stock prices, security system or other real-time monitoring applications

Many-to-many

Many-to-many applications have many senders and many receivers. One-to-many applications are unidirectional and many-to-many applications are bidirectional.

Multimedia conferencing: Audio/video and whiteboard is the classic conference application

Synchronized resources: Shared distributed databases of any type

Distance learning: One-to-many lecture but with “upstream” capability where receivers can question the lecturer

Multi-player games: Many multi-player games are distributed simulations and also have chat group capabilities.

Overview of PIM

PIM has Continue reading

TruView Live Application Monitoring

Fluke Networks recently released TruView Live, a subscription-based service for monitoring internal & external applications. Tests can run from Fluke-managed cloud locations, your own systems, or from dedicated hardware appliances. I’ve been testing it out, and I like it so far.

Disclaimer: I have no relationship with Fluke Networks, other than lusting after their measuring equipment as a young EE student. I could never afford it though. They’ve briefed me on this new solution, and been available to answer my questions, but I’m not paid in any way.

Provisioning

Overall setup is pretty straightforward. Choose what you want to monitor, and how you want to monitor it – from AWS locations, from your own server, or from a dedicated hardware device.

Global Pulse

Global Pulses run on Fluke-managed AWS instances. You just pick the Global Locations you want to run from, and assign tests as needed.

Go to Administration -> Pulses -> Deploy Global Pulse. Select the locations you want, and click Deploy.

Global Pulses

Virtual Pulse

A Virtual Pulse is an application running on Windows (7/8/2008/2012) or Linux systems (RHEL 7.0, Ubuntu 14.04). This does not need to be a dedicated device – e.g. You might need Continue reading

Hackers hit UK phone retailer, possibly compromising data of up to 2.4M customers

Cyberthieves broke into the IT systems of Carphone Warehouse, a large cell phone retailer in the U.K., and may have stolen personal and bank data of up to 2.4 million customers and the credit card details of up to 90,000 customers.Specifically, the division that was attacked operates the OneStopPhoneShop.com, e2save.com and Mobiles.co.uk websites, and provides services to iD Mobile, TalkTalk Mobile, Talk Mobile and some customers of Carphone Warehouse, the company said Saturday in an emailed statement.The attack, which the company described as “sophisticated,” was discovered Wednesday afternoon, and likely happened at some point in the two weeks prior to the discovery. Carphone Warehouse has secured the breached systems, put in place additional safety measures and hired a security company to determine what data was compromised. It is also notifying customers that could be affected.To read this article in full or to leave a comment, please click here

Hackers show off long-distance Wi-Fi radio proxy at DEF CON

A talk about a radio-based privacy device dubbed ProxyHam that promised to allow hackers to connect to Wi-Fi networks from as far as 2.5 miles away was abruptly pulled from the DEF CON schedule by its creator a few weeks ago.The incident, which some speculated was the result of pressure from the FBI or the NSA, outraged the security community. But as hackers are not the type to give up easily, they quickly came up with a replacement that in many respects is better than the original.Called HamSammich, the new device is the creation of security researchers Robert Graham and David Maynor and can proxy data over the 900 Mhz radio band from 20 miles away at up to 56kbps—the top speed of a dial-up modem from the late 1990s. It was presented at the DEF CON hacking conference on Friday.To read this article in full or to leave a comment, please click here

golang – some constructs part 1

Since starting to play with golang I’ve run into a couple of interesting items I thought worth writing about.  For those of you that are seasoned developers, I assure you, this wont be interesting.  But for us that are getting started this might be worth reading. 

Pointers
Nothing super exciting here if you’ve used them in other languages but it’s worth talking about since it can be confusing.  Pointers are really just a way for us to gain access to the ‘real’ variable when you aren’t in the function that defines it.  Put another way, when you call a function that takes a variable, you are only giving that function a copy of the variable, not the real variable.  Pointers  allow us to reference the actual location in memory where the value is stored rather than the value itself.  Examples always make this more clear.  Take for instance this example of code…

package main

import "fmt"

func main() {
        //Define myname and set it to 'jonlangemak'
        myname := "jonlangemak"
        //Rename without using pointers
        rename(myname)
        fmt.Println(myname)
        //Rename using pointers
        pointerrename(&myname)
        fmt.Println(myname)
}

//Function without pointers
func rename(myname string) {
        myname =  Continue reading

Address Transfers in APNIC

In 2010 the Asia Pacific Regional Address Policy community adopted a policy that permitted address holders in the region to transfer address registration records, enabling an aftermarket in IPv4 addresses to operate with the support of the APNIC registry function. While APNIC was still able to allocate addresses to meet demands there was very little in the way of activity in this market, but once APNIC was down to its last /8 of addresses in April 2011 the level of transfer activity has picked up. In this article I’d like to take a more detailed look at APNIC’s transfer log and see what it can tell us about the level of activity in the address market in the Asia Pacific region.

Microsoft will let shareholders nominate board members

Microsoft added a provision to its bylaws Friday that allowed shareholders with a significant stake in the company to directly nominate up to two candidates to its board of directors.With the change, Microsoft will allow consortiums of up to 20 shareholders, who have owned a combined 3 percent stake in Microsoft for the past three years, to put forward nominations for up to 2 candidates or 20 percent of the board, whichever is larger. Functionally, that means a very small number of people and institutional investors have the power to nominate board members through the process.To read this article in full or to leave a comment, please click here

IRS warns yet again on scam artist trickery

The IRS this week said some 4,000 victims have lost over $20 million to scammers and the rip-offs continue at a startling pace.+More on Network World: FBI and IRS warn of pervasive, maddening business, consumer scams+ The IRS noted what it called a number of new variations on old schemes: Scammers alter what appears on your telephone caller ID to make it seem like they are with the IRS or another agency such as the Department of Motor Vehicles. They use fake names, titles and badge numbers. They use online resources to get your name, address and other details about your life to make the call sound official. They even go as far as copying official IRS letterhead for use in email or regular mail. Brazen scammers will even provide their victims with directions to the nearest bank or business where the victim can obtain a means of payment such as a debit card. And in another new variation of these scams, con artists may then provide an actual IRS address where the victim can mail a receipt for the payment – all in an attempt to make the scheme look official. Scammers try to scare people Continue reading

Black Hat 2015: Spectacular floor distractions

May Black Hat be with youAs if hacked cars and massive Android vulnerabilities weren’t enough to keep the attention of security experts attending Black Hat 2015 in Las Vegas, the vendors at this increasingly vendor-driven show were wheeling out shiny distractions ranging from food and drink to celebrity lookalikes to custom art and free giveaways. Here’s a look at some of what helped keep Black Hat entertained. (See all the stories from Black Hat.)To read this article in full or to leave a comment, please click here

1 3,315 3,316 3,317 3,318 3,319 3,791