cPanel WHM’s cpHulk system manages iptables blocks against IP addresses that fail to authenticate repeatedly. While the settings are fairly lenient and shouldn’t result in legitimate users being blacklisted, occasionally it can happen. The following command will reset the blocklist completely. While this is akin to using a shotgun when a scalpel is required, the blocks are time based and any malicious addresses would get quickly re-blocked.
There is a method to remove specific addresses, but I do not have the commands handy at present, and if I remember correctly it entails connecting to the mysql console, running a query to find the IP in the block table and issuing a drop query.
I took a look at Internet Traffic report while the storm was hitting the upper northeast, and the results weren’t surprising. North American packet loss went up ~5%, while the traffic index went down. Again, not surprising, but cool to see nonetheless.
fwknop stands for the “FireWall KNock OPerator”, and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter (fwknop supports iptables on Linux, ipfw on FreeBSD and Mac OS X, and PF on OpenBSD) and libpcap. SPA is essentially next generation port knocking (more on this below). The design decisions that guide the development of fwknop can be found in the blog post “Single Packet Authorization: The fwknop Approach”.
fwknop Hone: www.cipherdyne.org/fwknop/
SPA with fwknop: www.cipherdyne.org/fwknop/docs/SPA.html
Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes.
Mosh is a replacement for SSH. It’s more robust and responsive, especially over Wi-Fi, cellular, and long-distance links.
Mosh is free software, available for GNU/Linux, FreeBSD, and Mac OS X.
Brendan Gregg recently posted some interesting data about visualizing large data sets. Particularly, device utilization which is a key metric for performance analysis and capacity planning. In his post, he illustrates different ways to visualize device utilization across multiple devices, and how that utilization is changing over time. The study included over 5,000 virtual CPU nodes and over 600 physical nodes on a production cloud environment.
The Wi-Fi protected setup with which a large majority of new routers ship with enabled by default has a serious flaw opening it up to a brute force attack against the WPS pin. Additional flaws allow for a successful brute force attack in 11,000 attempts. This means the network key of a protected network can be retrieved within hours.
The best course of action right now is to disable WPS if possible. This is not a option on all routers, but the possibility may exist of re-flashing the router’s firmware to a different one such as Open-WRT, DD-WRT, Tomato, etc. to disable it.
CERT’s Release: www.kb.cert.org/vuls/id/723755
Vulnerability Technical Details: sviehb.files.wordpress.com/2011/12/viehb…
Reaver — Functional exploit: code.google.com/p/reaver-wps/
socket.io — socket.io/
node.js — nodejs.org/
v8 — code.google.com/p/v8/
“The cloud is all about redundancy and fault-tolerance. Since no single component can guarantee 100% uptime (and even the most expensive hardware eventually fails), we have to design a cloud architecture where individual components can fail without affecting the availability of the entire system. In effect, we have to be stronger than our weakest link. We can use techniques like graceful degradation on dependency failures, as well as node-, rack-, datacenter/availability-zone and even regionally-redundant deployments. But just designing a fault tolerant architecture is not enough. We have to constantly test our ability to actually survive these “once in a blue moon” failures.
Imagine getting a flat tire. Even if you have a spare tire in your trunk, do you know if it is inflated? Do you have the tools to change it? And, most importantly, do you remember how to do it right? One way to make sure you can deal with a flat tire on the freeway, in the rain, in the middle of the night is to poke a hole in your tire once a week in your driveway on a Sunday afternoon and go through the drill of replacing it. This is expensive and time-consuming in the real world, but can be (almost) free and automated in the cloud.
This was our philosophy when we built Chaos Monkey, a tool that randomly disables our production instances to make sure we can survive this common type of failure without any customer impact. The name comes from the idea of unleashing a wild monkey with a weapon in your data center (or cloud region) to randomly shoot down instances and chew through cables — all the while we continue serving our customers without interruption. By running Chaos Monkey in the middle of a business day, in a carefully monitored environment with engineers standing by to address any problems, we can still learn the lessons about the weaknesses of our system, and build automatic recovery mechanisms to deal with them. So next time an instance fails at 3 am on a Sunday, we won’t even notice.”
GNS3 is an excellent complementary tool to real labs for network engineers, administrators and people wanting to study for certifications such as Cisco CCNA, CCNP, CCIP and CCIE as well as Juniper JNCIA, JNCIS and JNCIE.
It can also be used to experiment features of Cisco IOS, Juniper JunOS or to check configurations that need to be deployed later on real routers.
A handy cheat sheet for identifying IPv6 CIDR and showing total hosts in network.
Special use ranges
Additionally, there is the IPv6 PDF cheat sheet with a lot more useful information here. Doc found on the excellent packetlife.com.
With a tool that makes it easy to create, share, and collaborate on a wide range of diagrams, Gliffy users can communicate more clearly, boost innovation, improve decisions, and work more effectively.
But why the name Gliffy?
It comes from the word glyph, a symbol or character that imparts information non-verbally. Gliffy is an online diagramming service that helps users communicate with a combination of shapes, text, and lines.
The best part? You can try it right away with zero registration or other annoyances.
I will be implementing Network Weathermap soon and was doing some research into what it will take to integrate into my Xymon installation
Network WeatherMap Website: www.network-weathermap.com/
Xymon Weathermap Plugin — staff.telkomsa.net/~bgmilne/xymon/devmon…
Xymon Devmon Plugin — en.wikibooks.org/wiki/System_Monitoring_…
Allows monitoring of SNMP enabled devices.
Tails relies on the Tor anonymity network to protect your privacy online: all outgoing connections to the Internet are forced to go through Tor.
Tails is a live system: a complete operating-system designed to be used from a CD or a USB stick independently of the computer’s original operating system. It is Free Software and based on Debian GNU/Linux.
Tails is configured with a special care to not use the computer’s hard-disks, even if there is some swap space on it. The only storage space used by Tails is the RAM memory, which is automatically erased when the computer shuts down. So you won’t leave any trace neither of the Tails system nor of what you did on the computer. That’s why we call it “amnesic”.
Juniper Clue seeks to provide a compendium of useful knowledge, from the field, about Juniper products. This site is neither affiliated with nor endorsed by Juniper Networks.
I have been researching datacenter management tools as of late that will allow us to track and manage our racks/ipspace/network connections etc.
- NetDot – netdot.uoregon.edu/trac/ – Netdot is an open source tool designed to help network administrators collect, organize and maintain network documentation.
- OpenNetAdmin – opennetadmin.com/ – OpenNetAdmin provides a database managed inventory of your IP network. Each host can be tracked via a centralized AJAX enabled web interface that can help reduce tracking errors. A full CLI interface is available as well to use for scripting and bulk work. We hope to provide a useful Network Management application for managing your IP subnets and hosts. Stop using spreadsheets to manage your network! Start doing proper IP address management!
- Rack Monkey – flux.org.uk/projects/rackmonkey/ – RackMonkey is a web-based tool for managing racks of equipment such as web servers, video encoders, routers and storage devices. Using a simple interface you can keep track of what’s where, which OS it runs, when it was purchased, who it belongs and what it’s used for. No more searching for spreadsheets or scribbled notes when you need to find a server: RackMonkey can quickly find any device and draw a rack diagram of its location. RackMonkey is free and open source (licensed under the GPL).