What’s on your network?

If you’d like to know what systems and devices are attached to your local network—whether out of security concerns or simple curiosity, Linux has some really great commands for providing answers. In this post, we’ll probe a small network and see how devices can be identified.nmap The first tool we’ll use is nmap, which stands for Network Mapper, an open source tool for exploring networks and doing some serious security auditing. It was designed to work quickly even on large networks and provide information using raw packets to identify hosts, services, and sometimes even operating systems.The simple scan shown below is detecting systems and devices on the local network. The “/24” portion of the target address indicates that all hosts in the 192.168.0.x IP address range are to be included.To read this article in full, please click here

What’s on your network?

If you’d like to know what systems and devices are attached to your local network—whether out of security concerns or simple curiosity, Linux has some really great commands for providing answers. In this post, we’ll probe a small network and see how devices can be identified.nmap The first tool we’ll use is nmap, which stands for Network Mapper, an open source tool for exploring networks and doing some serious security auditing. It was designed to work quickly even on large networks and provide information using raw packets to identify hosts, services, and sometimes even operating systems.The simple scan shown below is detecting systems and devices on the local network. The “/24” portion of the target address indicates that all hosts in the 192.168.0.x IP address range are to be included.To read this article in full, please click here

New Tech Skills In Two Hours

How long does it take to learn a new skill? It’s like…a really long time, right? You never have that much time to learn whatever it is. Most people who learn new skills are dedicated super humans who put in 25 hour days doing labs and reading books and taking courses and sniffing markers. Those folks sacrifice everything to stay ahead and command the respect of their peers. Right? Isn’t that how it’s supposed to work?

Don’t overthink it.

New skills come from one thing. Focus. That’s it. That’s the secret. Focus to learn a skill comes in blocks of a few undistracted hours at a time. Not dramatic sacrifice. Not bragging to social media about how you’re crushing it on your studies because you’ve given up your personal life.

Let the public drama queen masochists do what they feel they must to impress…whomever. They are not your role model. You don’t need to be them. You just need to find a few consecutive hours on your calendar. Block them off. Use them to focus on a single thing you want to learn. During the blocked off time, learn the thing. Do not do any of the other things that Continue reading

Slow Learning and Range

Jack of all trades, master of none.

This singular saying—a misquote of Benjamin Franklin (more on this in a moment)—is the defining statement of our time. An alternative form might be the fox knows many small things, but the hedgehog knows one big thing.

The rules for success in the modern marketplace, particularly in the technical world, are simple: start early, focus on a single thing, and practice hard.

But when I look around, I find these rules rarely define actual success. Consider my life. I started out with three different interests, starting jazz piano lessons when I was twelve, continuing music through high school, college, and for many years after. At the same time, I was learning electronics—just about everyone in my family is in electronic engineering (or computers, when those came along) in one way or another.

I worked as on airfield electronics for a few years in the US Air Force (one of the reasons I tend to be calm is I’ve faced death up close and personal multiple times, an experience that tends to center your mind), including RADAR, radio, and instrument landing systems. Besides these two, I was highly interested in art and illustration, getting Continue reading

BrandPost: Effective Zero Trust Requires a New Definition of Data Protection

Data is the ultimate asset of modern business and the foundation of digital transformation. It is the currency that funds innovation and growth. Data must be protected with the utmost rigor, but it must also flow effortlessly to where it can deliver the greatest benefits.In an era where the cloud rules infrastructure, traditional network security is no longer useful.  The current construct for data protection is outmoded and in urgent need of an update. The biggest fundamental shift in the world of digital transformation is that data is no longer on a CPU that the enterprise owns. Security teams must invest in the right technology to achieve more complete data protection, and we all need to ensure Zeron Trust principles are applied everywhere data needs protection.To read this article in full, please click here

Cisco SD-WAN – Part II: Manual vEdge Provision Process

Introduction

 

This chapter explains how we can provision vEdge devices manually. It starts by explaining how to build an initial system and tunnel interface configurations. Then it goes through the various certificate installation steps (CA root certificate, Certificate Signing Request (CSR), and granted certificate). After the initial configuration and certificate process section, this chapter shows how we can verify the Control Plane operation. Figure 2-1 illustrates our example topology. For simplicity, there are only two vEdge devices used in this chapter.


Figure 2-1: SD-WAN Topology.


Continue reading

In-band Network Telemetry (INT)

The recent addition of in-band streaming telemetry (INT) measurements to the sFlow industry standard simplifies deployment by addressing the operational challenges of in-band monitoring.

The diagram shows the basic elements of In-band Network Telemetry (INT) in which the ingress switch is programmed to insert a header containing measurements to packets entering the network. Each switch in the path is programmed to append additional measurements to the packet header. The egress switch is programmed to remove the header so that the packet can be delivered to its destination. The egress switch is responsible for processing the measurements or sending them on to analytics software.

There are currently two competing specifications for in-band telemetry:

  1. In-band Network Telemetry (INT) Dataplane Specification
  2. Data Fields for In-situ OAM

Common telemetry attributes from both standards include:

  1. node id
  2. ingress port
  3. egress port
  4. transit delay (egress timestamp - ingress timestamp)
  5. queue depth

Visibility into network forwarding performance is very useful, however, there are practical issues that should be considered with the in-band telemetry approach for collecting the measurements:

  1. Transporting measurement headers is complex with different encapsulations for each transport protocol:  Geneve, VxLAN, GRE, UDP, TCP etc.
  2. Addition of headers increases the size of packets and risks causing Continue reading

The Week in Internet News: U.K. to Roll Out Gigabit Broadband

"In the news" text on yellow background

Blazing speeds: The U.K. government has announced the areas that will first get gigabit broadband service as part of an ambitious plan to roll out super high-speed Internet service to 85 percent of the nation by 2025, the BBC reports. First on the list are homes and businesses in Cambridgeshire, Cornwall, Cumbria, Dorset, Durham, Essex, Northumberland, South Tyneside, and Tees Valley.

Protect the DNS: The U.S. National Security Agency and the Cybersecurity and Infrastructure Security Agency are pushing for a new security service, called Protective DNS, for the Internet’s Domain Name System, Nextgov says. Protective DNS “is different from earlier security-related changes to DNS in that it is envisioned as a security service – not a protocol – that analyzes DNS queries and takes action to mitigate threats, leveraging the existing DNS protocol and architecture,” says a guide from the NSA and CISA. The goal is to foil more than 90 percent of all malware attacks.

Tracking all the phones: Apple is warning that Chinese app makers are creating workarounds for the company’s upcoming limits on ad tracking on its iPhones, the South China Morning Post writes. An upcoming software update from Apple requires users to give permission Continue reading

Magic WAN & Magic Firewall: secure network connectivity as a service

Magic WAN & Magic Firewall: secure network connectivity as a service
Magic WAN & Magic Firewall: secure network connectivity as a service

Back in October 2020, we introduced Cloudflare One, our vision for the future of corporate networking and security. Since then, we’ve been laser-focused on delivering more pieces of this platform, and today we’re excited to announce two of its most foundational aspects: Magic WAN and Magic Firewall. Magic WAN provides secure, performant connectivity and routing for your entire corporate network, reducing cost and operational complexity. Magic Firewall integrates smoothly with Magic WAN, enabling you to enforce network firewall policies at the edge, across traffic from any entity within your network.

Traditional network architecture doesn’t solve today’s problems

Enterprise networks have historically adopted one of a few models, which were designed to enable secure information flow between offices and data centers, with access to the Internet locked down and managed at office perimeters. As applications moved to the cloud and employees moved out of offices, these designs stopped working, and band-aid solutions like VPN boxes don’t solve the core problems with enterprise network architecture.

On the connectivity side, full mesh MPLS (multiprotocol label switching) networks are expensive and time consuming to deploy, challenging to maintain, exponentially hard to scale, and often have major gaps in visibility. Other architectures require backhauling Continue reading

Announcing Network On-ramp Partners for Cloudflare One

Announcing Network On-ramp Partners for Cloudflare One

Today, we’re excited to announce our newest Network On-ramp Partnerships for Cloudflare One. Cloudflare One is designed to help customers achieve a secure and optimized global network. We know the promise of replacing MPLS links with a global, secure, performant and observable network is going to transform the corporate network. To realize this vision, we’re launching partnerships so customers can connect to Cloudflare’s global network from their existing trusted WAN & SD-WAN appliances and privately interconnect via the data centers they are co-located in.

Announcing Network On-ramp Partners for Cloudflare One

Today, we are launching our WAN and SD-WAN partnerships with VMware, Aruba and Infovista. We are also adding Digital Realty, CoreSite, EdgeConneX, 365 Data Centers, BBIX, Teraco and Netrality Data Centers to our existing Network Interconnect partners Equinix ECX, Megaport, PacketFabric, PCCW ConsoleConnect and Zayo. Cloudflare’s Network On-ramp partnerships now span 15 leading connectivity providers in 70 unique locations, making it easy for our customers to get their traffic onto Cloudflare in a secure and performant way, wherever they are.

Announcing Network On-ramp Partners for Cloudflare One

Connect to Cloudflare using your existing WAN or SD-WAN Provider

With Magic WAN, customers can securely connect data centers, offices, devices and cloud properties to Cloudflare’s network and configure routing policies Continue reading

There’s No Recipe for Success

TL&DR: There cannot be a simple and easy recipe for success, or everyone else would be using it.

My recent chat with David Bombal about networking careers’ future resulted in tons of comments, including a few complaints effectively saying I was pontificating instead of giving out easy-to-follow recipes. Here’s one of the more polite ones:

No tangible solutions given, no path provided, no actionable advice detailed.

I totally understand the resentment. Like a lot of other people, I spent way too much time looking for recipes for success. It was tough to admit there are none for a simple reason: if there was a recipe for easy success, everyone would be using it, and then we’d have to redefine success. Nobody would admit that being average is a success, or as Jeroen van Bemmel said in his LinkedIn comment:

Success requires differentiation, which cannot be achieved by copying others. As Steve Jobs put it: “Be hungry, stay foolish”

Read more …

There’s No Recipe for Success

TL&DR: There cannot be a simple and easy recipe for success, or everyone else would be using it.

My recent chat with David Bombal about networking careers' future resulted in tons of comments, including a few complaints effectively saying I was pontificating instead of giving out easy-to-follow recipes. Here’s one of the more polite ones:

No tangible solutions given, no path provided, no actionable advice detailed.

I totally understand the resentment. Like a lot of other people, I spent way too much time looking for recipes for success. It was tough to admit there are none for a simple reason: if there was a recipe for easy success, everyone would be using it, and then we’d have to redefine success. Nobody would admit that being average is a success, or as Jeroen van Bemmel said in his LinkedIn comment:

Success requires differentiation, which cannot be achieved by copying others. As Steve Jobs put it: “Be hungry, stay foolish”

Read more …

Measuring propagation using FT8

One obvious thing that you can do after putting up an amateur radio antenna is to operate a bit on FT8, to see how the propagation goes. Just transmit on all bands and see how for you get.

E.g. this map on pskreporter.info with 10W on my EFHW:

10W EFHW propagation

You can also use the [reverse beacon network][rev] with morse code:

Reverse beacon network for M0THC

But that’s just a few samples. What about more statistical data? And propagation over time? I don’t have access to the raw data from pskreporter.info, and even if I did I can’t just set up an automatic beacon tx round the clock every day without requesting a Notice of Variation.

I may do that some day, but it’s a project for another time.

For this post what I want to know is if my antenna setup is better for 20m or 40m. Subjectively it seems like more is trickling in on 40m. And when they say that 40m is better “at night”, what time exactly do they mean?

For passive listening my data will, of course, be heavily skewed by when people are awake and active. But that means it’s skewed towards representing “if I call CQ, how Continue reading

1 711 712 713 714 715 3,785