Decapsulation ERSPAN Traffic With Open Source Tools

Cisco Encapsulated Remote SPAN (ERSPAN) feature allows to monitor traffic on one or more ports and send the monitored traffic to one or more destination ports.  Traffic is encapsulated into GRE tunnel and routed via network to ERSPAN destination. Any device that supports ERSPAN can be used as ERSPAN destination. It might be another Cisco device or Linux with installed software that can decapsulate GRE traffic.

The goal of this article is to show methods and tools for decapsulation of  ERSPAN traffic. For this purpose I have built simple lab that consists of a Cisco CSR 1000v router and two Linux boxes. Core Linux represents a network host and generates network traffic (ICMP) that is going to be monitored. It is connected to the port GigabitEthernet1 of the Cisco router. The router is configured to monitor traffic on the port Gi1 and it sends traffic encapsulated in GRE tunneling protocol to IP address 10.230.10.1. It is the IP address of the ERSPAN destination configured on Linux  Security Union. Security Onion is a unique Linux distro for intrusion detection, network security monitoring, and log management based on Ubuntu however any other Linux distro can be used.

Picture1_Toplogy

Picture 1 - ERSPAN Lab Topology

Below is an example of ERSPAN Continue reading

50 000 Page views of orhanergun.net between March-May 2015

This blog received 50 000 page views between 1 of March and 1 th of May.I shared you couple more metrics from the site stats in addition to Pageviews. Since at the same time two classes I teach ( Pre-CCDE and CCDE ) in addition to my other jobs, I couldn’t update the blog since… Read More »

The post 50 000 Page views of orhanergun.net between March-May 2015 appeared first on Network Design and Architecture.

LIFTTT gives IFTTT location-awesomeness

In my last article I mentioned If This Then That, a service I covered over a year ago. If you’ve used IFTTT you can skip to the next paragraph … IFTTT is a service that connects other services together allowing you to define triggers (“If This”) and actions (“Then That”) so you can do things that would otherwise require a lot of programming and, most likely as a consequence, a lot of swearing.To read this article in full or to leave a comment, please click here

Misfit Shine: The best fitness tracker

Want to track your health? You need to get the right gear to do this and a product I’ve been testing, the Misfit Shine, offers an outstanding combination of pricing, functionality, and ease-of-use.With the explosion of digital health monitoring products, the “quantified self” movement has moved away from its bio-hacker roots into the mainstream and Apple’s recent release of Health with iOS 8 underlined this change. And this brings up to the three issues that have, to date, limited who can use the tech:To read this article in full or to leave a comment, please click here

Dave Goldberg, entrepreneur and husband of Facebook’s Sandberg, dies

Dave Goldberg, SurveyMonkey’s CEO and husband of Facebook COO Sheryl Sandberg, died Friday night. He was 47 years old.Goldberg, a well known Silicon Valley entrepreneur, passed away suddenly and unexpectedly, his brother Robert said in a Facebook post.“In this time of sorrow, we mourn his passing and remember what an amazing husband, father, brother, son and friend he was,” Robert Goldberg wrote.In a statement released Saturday, SurveyMonkey said Goldberg’s “genius, courage and leadership were overshadowed only by his compassion, friendship and heart.”To read this article in full or to leave a comment, please click here

Dave Goldberg, entrepreneur and husband of Facebook’s Sandberg, dies

Dave Goldberg, SurveyMonkey’s CEO and husband of Facebook COO Sheryl Sandberg, died Friday night. He was 47 years old.Goldberg, a well known Silicon Valley entrepreneur, passed away suddenly and unexpectedly, his brother Robert said in a Facebook post.RELATED: Notable deaths in 2014 from Tech, Science, Inventions“In this time of sorrow, we mourn his passing and remember what an amazing husband, father, brother, son and friend he was,” Robert Goldberg wrote.In a statement released Saturday, SurveyMonkey said Goldberg’s “genius, courage and leadership were overshadowed only by his compassion, friendship and heart.”To read this article in full or to leave a comment, please click here

Are You an ACKer?

There are lots of differences in the way that individuals communicate and interact. One difference I often notice is whether a given individual does or does not respond. Using myself as an example, I will typically respond to a text message or email even if no question is posed. Often I will either Thank the sender or provide some unnecessary comment.

My wife on the other hand almost never responds to an information only message. If nothing is being requested, don’t expect a response. I find that lots of people exhibit this behavior and there’s nothing wrong with it. The lack of a response doesn’t necessarily mean the information isn’t appreciated. It is important to realize that just because you do something a certain way, don’t expect others to do the same.

I’d love to hear from you, so share your thoughts by commenting below.

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.

No related content found.

The post Are You an ACKer? appeared first on PacketU.

How to fix the CFAA

Someone on Twitter asked for a blogpost on how I'd fix the CFAA, the anti-hacking law. So here is my proposal.

The major problem with the law is that the term "authorized" isn't clearly defined. You non-technical people think the meaning is obvious, because you can pick up a dictionary and simply point to a definition. However, in the computer world, things are a bit more complicated.

It's like a sign on a store window saying "No shirt, no shoes, no service" -- but you walk in anyway with neither. You know your presence is unwanted, but are you actually trespassing? Is your presence not "authorized"? Or, should we demand a higher standard, such as when the store owner asks you to leave (and you refuse) that you now are trespassing/unauthorized?

What happens on the Internet is that websites routinely make public data they actually don't want people to access. Is accessing such data unauthorized? We saw that a couple days ago, where Twitter accidentally published their quarterly results an hour early on their website. An automated script discovered this and republished Twitters results to a wider audience, ironically using Twitter to do so. This caused $5-billion to drop off Continue reading

ACLU: NSA phone dragnet should be killed not amended

The U.S. Congress should kill the section of the Patriot Act that has allowed the National Security Agency to collect millions of phone records from the nation’s residents, instead of trying to amend it, a civil liberties advocate said Friday.Section 215 of the Patriot Act, which allows the NSA to collect phone records, business records and any other “tangible things” related to an anti-terrorism investigation, expires in June, and lawmakers should let it die, said Neema Singh Guliani, legislative counsel for the American Civil Liberties Union.The House of Representatives Judiciary Committee on Thursday voted to approve a bill to amend that section of the anti-terrorism law. The USA Freedom Act would end the NSA’s bulk collection of U.S. phone records by narrowing the scope of the agency’s searches, backers of the bill said.To read this article in full or to leave a comment, please click here

ACLU: NSA phone dragnet should be killed not amended

The U.S. Congress should kill the section of the Patriot Act that has allowed the National Security Agency to collect millions of phone records from the nation’s residents, instead of trying to amend it, a civil liberties advocate said Friday.Section 215 of the Patriot Act, which allows the NSA to collect phone records, business records and any other “tangible things” related to an anti-terrorism investigation, expires in June, and lawmakers should let it die, said Neema Singh Guliani, legislative counsel for the American Civil Liberties Union.The House of Representatives Judiciary Committee on Thursday voted to approve a bill to amend that section of the anti-terrorism law. The USA Freedom Act would end the NSA’s bulk collection of U.S. phone records by narrowing the scope of the agency’s searches, backers of the bill said.To read this article in full or to leave a comment, please click here

Telecom trade groups, ISPs ask for delay of net neutrality rules

Five telecom trade groups and two broadband providers have asked the U.S. Federal Communications Commission to put a hold on net neutrality rules it recently approved.Seeking a partial stay of the FCC’s rules are trade groups USTelecom, CTIA, the National Cable and Telecommunications Association, the American Cable Association and the Wireless Internet Service Providers Association as well as ISPs AT&T and CenturyLink. The groups asked the FCC Friday to put a hold on its decision to reclassify broadband as a regulated, common-carrier service, but the requests do not affect the commission’s rules that prohibit blocking, throttling and paid prioritization.To read this article in full or to leave a comment, please click here

#Fail to the chief: When tech trips up presidential candidates

Politics and technology: An uneasy relationshipImage by Happyme22/WikipediaThomas Jefferson was an inventor and Herbert Hoover was an engineer, but other presidents, candidates, and politicians have had a more, shall we say, fraught relationship with technology. Ronald Reagan, for instance, joked into a live microphone about "outlawing Russia forever" at the height of the Cold War in 1984. But with technology becoming an ever more important part of our daily lives, so too will some of the inevitable slew of political gaffes we'll encounter over the next 18 months of campaigning come in tech form. And we here at ITworld promise to keep track of them all! Here's a bunch to get you started; we'll update as more arise, and feel free to let us know if you read about one you think should be included.To read this article in full or to leave a comment, please click here

Companies must teach employees how to swim in new oceans of data

Take a quick tour through the C-suite of any major corporation today, and there’s a good chance you’ll see some titles that weren’t there a few years ago: chief data officer, chief data scientist, chief analytics officer, to name just a few.Data is the element they all share in common, and it’s affecting more than just the executive ranks.In the business world’s headlong rush to collect as much data about as many things as possible as quickly as it can, a question has been left for later: How do you turn those massive volumes into practical value? Turns out, “later” is now, and there’s a crushing shortage of specialized data scientists. Few companies, meanwhile, even have a plan for bolstering their data talent.To read this article in full or to leave a comment, please click here

1 3,509 3,510 3,511 3,512 3,513 3,842