Author Archives: Michael McNamara

About Michael McNamara

I'm a network architect, security professional, programmer and loving husband and father.

Episode 4 – Evolution of Broadband Internet

We returned to record our fourth episode on Sunday April 24, 2016.

Interesting News and Events

Roundtable Discussion – Evolution of Broadband Internet

  • 1972 Acoustic coupler modem
    • 1,200 bits by sending 600 symbols per second (600 baud) using phase shift keying
  • 1984 9600 modem (2400 baud) (V.32)
  • 1998 56k modem (8000/3429 baud) (V.90) digital modulation
  • 1988 Integrated Services for Digital Network (ISDN)
    • 64-kbit/s with 2 channels 128kbit/s
    • no market penetration in the US :   It Still Does Nothing
    • Primary Rate Interface (PRI), which is carried over an E1 (2048 kbit/s)
  • X.25 in the 1980s  universal and global packet-switched network
  • 1998 ADSL Asyncron digital subscriber line started at 8.0 Mbit/s1.0 Mbit/s
  • 2008 ADSL2+ITU G.992.5 Annex MADSL2+M 24.0 Mbit/s 3.3 Mbit/s
  • 2001 VDSL Very-high-bit-rate digital subscriber line 55 Mbit/s3Mbit/s
  • 2006 VDSL2 100 Mbit/s100 Mbit/s
  • 1997 DOCSIS Data Over Cable Service Interface Specification
  • 2013 DOCSIS 3.1   >> 10 Gbit/s downstream and 1 Gbit/s
  • FTTH fiber-to-the-home (Verizon FiOS, Google Fiber, etc)

What tools are you using?

Opengear console servers for building out-of-band management networks. Michael wrote about Opengear back in 2013 in a post titled, Opengear Console Servers – Never leave the office without one! One of the first things I did when I arrived at my new employer over 2+ years ago now was to deploy a number of Opengear appliances to make sure that we had out-of-band access to all the critical network infrastructure.

Cheers!

Notes: this week Mike accidentally had Audacity recording my Logitech webcam microphone and not my Blue Yeti and Dominik had his microphone volume turned up just a little too high.

Episode 3 – Simple Network Design

We returned to record our third episode on Sunday April 4, 2013.

Interesting News and Events

  • Gumtree serves world’s worst exploit kit to scores of Aussies – Malware expert Jerome Segura says Australia’s most popular classifieds site, Gumtree.com.au, was serving the world’s most capable exploit kit to some of its millions of monthly visitors.
  • SAMSAM: THE DOCTOR WILL SEE YOU, AFTER HE PAYS THE RANSOM – Cisco Talos is currently observing a widespread campaign leveraging the Samas/Samsam/MSIL.B/C ransomware variant. Unlike most ransomware, SamSam is not launched via user focused attack vectors, such as phishing campaigns and exploit kits. This particular family seems to be distributed via compromising servers and using them as a foothold to move laterally through the network to compromise additional machines which are then held for ransom. A particular focus appears to have been placed on the healthcare industry.Adversaries have been seen leveraging JexBoss, an open source tool for testing and exploiting JBoss application servers, to gain a foothold in the network. Once they have access to the network they proceed to encrypt multiple Windows systems using SamSam.
  • BIOS upgrades needed for fre…..ezing Cisco switches – Too-talkative PCIe bus can leave Nexus 5600 and Nexus 6001 just hanging around
  • Digital Attack Map – Digital Attack Map is a live data visualization of DDoS attacks around the globe, built through a collaboration between Google Ideas and Arbor Networks. The tool surfaces anonymous attack traffic data to let users explore historic trends and find reports of outages happening on a given day.
  • Norse CorpNorse Live Attack Map – Sources: Security Firm Norse Corp. Imploding

Roundtable Discussion

  • Cables
  • Wiring closet
  • HVAC / Environmentals and Cooling
  • Data Center / MDF / IDF
  • Uninerruptible Power Supply / Generators
  • Start with templates for small, medium and large size networks
  • Try to stick to your design and don´t do every site completely different
  • WAN connectivity >> what is available?
    • >> ISP >> DSL, cable Modem , 4G backup
    • >> Dark Fibre , Metro Ethernet
    • SDWAN ?
  • Core Layer
  • redundant Core ?
  • modular or fixed form factor
  • Uplink capacity
  • L2 and L3 redundancy
  • Access Layer
  • Switch selection process:
  • single switch vs. stack
  • Uplinks,
  • VoIP and PoE
  • Port requirements
  • -How to deal with insufficient passive cables
  • WLAN
  • Site survey
  • AP deployment
  • 2.4Ghz or 5Ghz design and preferences
  • RollOut Planing
  • Project management
  • patching all the needed end user connections
  • Full patch deployment vs. patch only when required

What tools are you using?

If you need to perform a wireless packet trace across multiple 2.4Ghz or 5Ghz 802.11 channels you can leverage multiple AirPcap wireless adapters from Riverbed using WireShark to capture all the channels concurrently. The AirPcap multi channel aggregator helps mux all the 802.11 channels into a single WireShark capture saving you a lot of time and effort.

Cheers!

Episode 2 – We are back for more

We returned to record on second episode on Sunday March 20, 2016.

Interesting News and Events

  • Dominik came across an interesting story on ZDNet by Larry Seltzer title, “Is paying for antivirus a waste of money?” Larry is essentially proposing that since Microsoft’s Anti-Virus/Anti-Malware solution for Windows 10 is a big improvement over previous versions (credit AVTest), then perhaps you don’t need a commercial solution. In the closing paragraph he makes this statement:

It’s like a motorcycle helmet. Lots of people don’t wear them and never have a problem. Some people wear them and still get in fatal accidents. But it can make a big difference. If a real threat comes my way and the anti-malware stops it then it has definitely paid for itself.

  • Dominik also came across a post from BigThink by Frank Jacobs entitled, “Tokelau, the World’s Online Superpower“. In surprising fashion the country/territory with the largest number of unique domain names isn’t any of the current super powers. Instead it’s a small New Zealand territory with a population of approximately 1,400 people. Yet the .tk domain has more than 31,311,498 registered domains.
  • Several of new vulnerabilities were recently found in Palo Alto firewalls by Felix Wilhelm @ Troopers Conference in Heidelberg Germany.

  • Pwn2Own which was held last week at the CanSecWest security conference awarded some $460,000 to multiple teams for vulnerabilities discovered in Windows, Apple OS X, Adobe Flash, Apple Safari, Microsoft Edge and Google’s Chrome.

Roundtable Discussion

Dominik recently posted an article entitled, “FastDeployment vs Planing” discussing the pitfalls that can befall people that don’t take the time to properly plan and think out all the associated challenges and issues of making a change to a production system. Sometimes this isn’t necessarily the engineer’s fault, it’s the responsibility of the management team to provide the time and resources for that engineer to be successful in his or her’s endeavors.

We also briefly touched on automation, and I recalled a post from Lindsay Hill titled, “Help! My Boss is Scared of Automation!!!“.  I would highly recommend you check out Lindsay’s post.

What tools are you using?

USB to Serial Adapters – Dominik has done one better using Airconsole by get console. Dominik posted his own thoughts about Airconsole back in January 2015. In short the Airconsole allows Bluetooth or WiFi connectivity to the serial port of your choice with good support and battery life.

I’ve run into all sorts of problems with Prolific chip based adapters, where the laptop would either blue screen or the serial port would just stop working until the laptop is physically restarted. I just recently purchased a number of FTDI chip based adapters and so far they seem to work much better in Windows 8 and Windows 10 – time will tell.

Cheers!

Episode 1 – We’re here!

This episode was recorded on Sunday March 13, 2016 with Dominik and Mike.

Chit Chat

Infamous war stories

  • Dominik – A new cleaning company is brought in to thoroughly clean the office and they decide that it will be easier for them if they disconnect all the cables under the desk and then just reconnect them all again when they are done. The following morning the staff find the network down and eventually stumble upon the fact that the cleaning company has moved some of the cables which results in a large number of network loops requiring an all day effort to clean up and resolve.
  • Mike – The original Doom game (I mistakenly referred to it as Quake in the podcast) used IPX broadcast packets to communicate between clients. I was working in the computer lab back in the mid to late 1990’s as a student assistant. These were the days or WordPerfect for DOS. Students start telling me that nothing was working, they can’t launch any applications from the Novell NetWare server and they can’t print. Eventually I find two students at the back of the lab playing the very early version of Doom. The frames were essentially flooding the entire network preventing pretty much everything from working.
    http://kotaku.com/memories-of-doom-by-john-romero-john-carmack-1480437464

Interesting News and Events

How to Improve Yourself?

The Internet is a wealth of knowledge and experiences just waiting to be tapped. You should leverage that resource to help expand your understanding and depth of knowledge by doing some simple research. This is especially important when working with resellers and/or vendors that are looking to sell you the latest gadget. They will rarely tell you the shortcomings of their product or solution, instead you need to pull it out of them and decide if those issues are relevant to your moving forward with the product or solution.

Specific resources such as Tech Field Day and Packet Pushers are great places to start.

What tools are you using?

I’ve been recently struggling some with 802.11b/g (2.4Ghz band) RF interference issues. I did some research (see I’m following our own advice) and found WiSpy from MetaGeek. I have some reading and learning to-do first but it looks like a really useful promising tool.

Cheers!

It’s yet another podcast – Relaunch 2016

It’s been awhile since anything has been done with this site…  almost 4 years later there’s some movement afoot.

While recently at Networking Field Day 11 in Santa Clara, CA, Dominik and myself had a frank conversation about potentially trying to jump start this project. We really focused on answering the hot button question, “would we have enough time to make this small adventure successful.” Ultimately it was decided that we’d at least have a go at it and then re-evaluate after six months to see if we were happy with the results or just too overworked to continue.

There are a lot of great technology podcasts on the Internet these days. We’re going to try and cut out a very small niche around general information technology, networking and security. Our target audience will remain the everday system administrator, network engineer or technology manager. We’re going to-do our best to keep a bi-weekly schedule with episodes around 30 minutes in length.

If you have ideas, suggestions, comments or would like to hear yourself on the Internet please feel free to leave a comment below or drop us a line podcast@networkbroadcaststorm.com.

Cheers!
– Mike