• Home
  • Work
  • Blog
  • Security
  • Links
  • Archive for the ‘Networking’ Category

    RIPE-Atlas Anchor installation


    2016 - 02.28

    Ripe-Atlas project Anchor installation.

    Anchor is high capacity RIPE-Atlas probe for internet measurements.

    Anchor mainly consist of  Soekris Net6501-70 board (can find on kd85.com) and running Centos 6.x.

     

     

    Analyzing Spam – Visualization


    2016 - 02.28

    Beautiful image of visualization spam traffic on primary mailserver.

    Every blue path is spam detected and delivered to mailbox spam folder, every yellow path is rejected spam.

    spam-detected-rejected

    (more…)

    RIPE-Atlas Traceroute monitoring


    2016 - 02.27

    Last day I did some measurements using RIPE-Atlas project.

    I did traceroute to Livesport infrastructure using 1000 probes around the globe.

    Here is some nice visualization of ASN paths.

     

    livesport-universe

    How to handle thousands of reports from servers – Logstash, ElasticSearch, Kibana


    2015 - 06.05

    Many services and server audit utilities like logcheck, logwatch, cron daemon, aide, ZRM, etc. are sending emails to local user or root. Some of them, can be easily configured but some of them not.

    Best way in my case is to deal with emails directly, but how ?

    (more…)

    Protect your announced IP prefix on the Internet


    2012 - 11.03

    Many companies which provide various type of services which are depends on the internet have their own IP prefixes. They announces prefixes to the internet using BGP protocol and AS numbers.

    From the principle of BGP, it’s possible to break path to your servers if somebody announce same prefix as you. This is really big problem because your business is in risk. Communication is problematic and takes lot of time. Normaly, providers and peers should have configured some rules, filters and other types of security to prevent this.

    Using filters isn’t mandatory, so it can happen and it happened many times.

    Question is, what you should do to avoid this situation ?

    (more…)