During one of the coffee talks (well, I do that a lot), one of the things that came up was the difficulty in getting a DSL connection even though I’m asking for this facility in so called ‘Silicon Valley of India’. My colleague goes => ‘Get used to it dude, we’re in India’, nothing new, heard a lot.
So if we were to think, what is one single thing that should be improvised by each stake-holder in country’s improvement. Is there one thing as such ? or just it is just a lot of things, I’m sure I can think of comments going; “Removal of Corrupt Politicians” is going to be the predominant one for sure.
Well I was thinking, how about ‘Customer Service’ ? I’m sure whether you’re buying a 54 inch flat screen Television or a Lamborgini or a kilo gram of Onion => Customer Service is one thing that is hard to find. I had bribed Police to get my stolen stuff back, why? Because I was nor interested neither had the time to run around to face all the hassles. So as long as it is a one-time issue, people are ready to ignore (me included). So I believe in everything that is come out to an end-user, the customer service part has to be improved, which in turn I guess would improve the whole stature of the nation? Just a thought. I’m neither a politician or a professional in these matters. Reason? I need to work to feed myself and others.
After a while I decided to browse to see if there is any article of interest and ended up in IP Journal (Cisco’s). In this edition there is a fairly neat and to-the-point explanation of IP Spoofing. For some one who is just coming to security, which is the case of a lot of guys I know; this would be a good read.
Especially the section as to what are the methods (not very effective), we can take to identify IP Spoofing. In most cases asymmetric routing can happen if we want to put in some methods to identify this by IP trace back which then would falsely identify a legitimate traffic as spoof!
A good read overall [ Here ]
A handy tool for the admins handling Juniper firewalls; The tool basically parses the session information and gives you the information on ‘top talker’, ‘top destination’, ‘top source/destination’ ports etc. To access this, you need to have a Juniper CSC account login.
URL to access Juniper Firewall Session Analyzer [Here]
For those who do not have a Juniper login, there is another tool available (not by Juniper) which is a standalone program (NSSA) and can be downloaded from [Here]
Screenshot of NSSA :
There was an interesting post in EE recently about policy based routing. So the network goes this way;
Lan connected to an Cisco router which has 2 ISP connections. The main one is terminated on serial0/0 and another aDSL link at serial0/1. The internal lan is connected to Fe0/1
There are other complexities of VPN and stuff, lets leave that aside. So basic requirement as to route all the traffic through serial0/0 => means the default route on the router would be pointing to serial0/0 and the user wanted all the internet web browsing traffic to go over the aDSL link and save link space on the main link. Something like this is always good to have and actually we can have this done based on policy based routing and include even fault-tolerance by having the aDSL link as backup link in case the main link goes down.
1: default route & default route with higher metric, so it gets inserted to routing table
2: in case the first one goes down.
3:
4: ip route 0.0.0.0 0.0.0.0 serial0/0
5: ip route 0.0.0.0 0.0.0.0 serial0/1 10
6:
7: The above helps in backup-route.
8:
9: The following route-map decides if the traffic is web browsing and if so then sends
10: packet out through aDSL link, otherwise traffic goes through the main link.
11:
12: route-map webtraffic permit 10
13: match ip address 200
14: set ip next-hop <aDSL Interface remote side ip>
15:
16: access-list 200 permit tcp <Internal Network> <Wildcard Mask> any eq 80
17: access-list 200 permit tcp <Internal Network> <Wildcard Mask> any eq 443
18:
19: It is assigned to the interface, so that it can be evaluated at the entry level in
20: local lan which is connected to Fe0/1
21: int Fe0/1
22: ip policy route-map webtraffic
Technorati Tags:
routing,
pbr
I’m sure there are tons of tools out there which decrypts / unlocks MS Word or MS Excel files protected by passwords. So there is a new site called www.decryptum.com, who will decrypt the files and give it to you [ Well for a price ]. Browse the page for a demo
It is amazing! and I’m sure they’re not decrypting the password but recovering the file somehow since I tried it with 2 strong passwords but it did break ‘em in like seconds!
RFC 1149 – Avian Carrier for IP Protocol;
The IP datagram is printed, on a small scroll of paper, in
hexadecimal, with each octet separated by whitestuff and blackstuff.
The scroll of paper is wrapped around one leg of the avian carrier.
A band of duct tape is used to secure the datagram’s edges. The
bandwidth is limited to the leg length. The MTU is variable, and
paradoxically, generally increases with increased carrier age. A
typical MTU is 256 milligrams. Some datagram padding may be needed.
Upon receipt, the duct tape is removed and the paper copy of the
datagram is optically scanned into a electronically transmittable
form.
Somebody cranky? Well, this is an RFC, RFC humour
