Are ISP’s ethically required to take down bad hosts

An email was sent to the NANOG list on June 29th (http://seclists.org/nanog/2016/Jun/850)  listing IP’s ASN’s and domains that were allegedly serving up ransom ware and malware. Ransomware is becoming an ever growing issue. If an ISP knows that a host is hosting a bot Read more Are ISP’s ethically required to take down bad hosts

Installing CentOS LiveCD to a USB flash drive

I had a request from a client to set up Linux on a USB flash drive so that they can easily go from machine to machine and boot up the box fairly easily to run some benchmarks. It took some time to figure it out but once I did, I had it down to a science. The requirements were to have a portable Linux install on a USB falsh drive that would work on all hardware including MAC which I was told required EFI. The idea is that the client can take their desktop with them. No matter what computer we plug the USB flash drive into, we can easily boot the computer off of it. Any files that were saved to the desktop should be there on the next boot. It also needed to have a 32 and 64 bit version. By default I go with CentOS as it has never done me wrong. CentOS7 is only available in 64 bit. In order to keep things simple we used CentOS6 for both the 32 and 64 bit versions. I created the drives via a CentOS7 Desktop. I recommend using a 8GB or 16GB drive and NOT larger. I say this because if you want to take an image of the flash drive or write it back it will take that much longer. Below are the steps taken to set up the flash drives.

Read more Installing CentOS LiveCD to a USB flash drive

The importance of locking down your boxes

I was prompted to write this article because of a customers system that was being used as part of a DDOS attack. In this case a clients system was part of a DNS reflection attack (https://deepthought.isc.org/article/AA-00897/0/What-is-a-DNS-Amplification-Attack.html). The client had a cluster of servers setup with bind installed with the configuration which accepts and responds to all requests that it gets. The boxes were hosted on AWS. As soon as AWS contacted our client they came to us and it was fairly easy to show where their engineer messed up. Port 53 should have only allowed established traffic.

Read more The importance of locking down your boxes

How to install Linphone on CentOS7

After many frustrating days I finally figured out how to get the latest version of Linphone working on CentOS7. I have yet to find any simple how to so here it goes.

RHEL7 (which is what CentOS7 is based on) was taken from Fedora 19. Being that CentOS tries to be 100% upstream compatible any package for Fedora 19 should work on RHEL7 which means it should work on CentOS7.

Read more How to install Linphone on CentOS7

Why you wont hear jitter when listening to a call from a PCAP

An employee was noted that our monitoring system must be broken since it said there was jitter on the call yet if we extract the audio from the RTP packets the call sounds normal. I wrote up a small summary which I thought would help others so here it is.

 

If the packets are out of order when playing them back, since we have all of them (if there is no packet loss) then it will play it in the right order. If I send the word HELLO one letter at a time in 5 separate packets, so long as the letters are numbered you will be able to re-assemble them in the right order. For instance if you get the packets in this order:

Read more Why you wont hear jitter when listening to a call from a PCAP

The going green “excuse”

Two weeks ago I managed to spill coffee all over my laptop. The nice people at Dell sent me a refurbished computer (well it was under warranty so they had to).  They sent me a refurbished laptop which I can understand but the excuse was great. On a sticker on the back of the laptop it says that they are sending me a refurbished one to help the environment. Uh huh. Any excuse to save a buck. I prefer they be honest.

I was on Dell’s web site and they now have a new marketing pitch. You can buy a tree to offset the emitions that are created by you using your new electronic device. I wonder how they calculate it.

Do you think it’s right to proffit this way ? Do you think Dell is being honest or just looking for another way to make a quick dollar ?

/D

Dell going green

The fault game

<rant>
I sort of had it with the service providers. It seems that everyone here loves playing the blame game. If you call the cable company its the ISP’s issue. If you call the ISP then its the cable companies issue. A little while back a customer called up the phone company and stated that their internet was not working. The phone company said that it was an issue with their ISP. After speaking to the customer about which lights were lit up on the modem it turned out that the mode was not plugged in.  How dumb is the telco ? They are so fast to blame the ISP where the modem was unplugged.

Which service provider do you hate the most ?

/D

</rant>

P2P: If you are going to share be smart

I just came across an article on Foxnews.com. An employee for a defense contractor installed a P2P program on their computer that by default shared all of the contents of their computer on the internet. Many programs (such as Kazaa and Limewire) do this. People do not realize that by doing this they are sharing everything on their computer. In this case the blue prints for Marine 1 were found on a computer in Iran. Most likely some one on Iran typed in some very sensative words that came up with files on this eployees computer.  If you have any of these dreadful programs on your computer go to search and type in tax, taxes, bank, sensative and some other wonderful key words. You will be surprised at what people out there share. Again if you are running any P2P programs that share your contents with the web be very careful on what you let the system share.

Would you want the world seeing all your private data ?

/D