Category Archives: Podcast

Episode 3 – Simple Network Design

We returned to record our third episode on Sunday April 4, 2013.

Interesting News and Events

  • Gumtree serves world’s worst exploit kit to scores of Aussies – Malware expert Jerome Segura says Australia’s most popular classifieds site, Gumtree.com.au, was serving the world’s most capable exploit kit to some of its millions of monthly visitors.
  • SAMSAM: THE DOCTOR WILL SEE YOU, AFTER HE PAYS THE RANSOM – Cisco Talos is currently observing a widespread campaign leveraging the Samas/Samsam/MSIL.B/C ransomware variant. Unlike most ransomware, SamSam is not launched via user focused attack vectors, such as phishing campaigns and exploit kits. This particular family seems to be distributed via compromising servers and using them as a foothold to move laterally through the network to compromise additional machines which are then held for ransom. A particular focus appears to have been placed on the healthcare industry.Adversaries have been seen leveraging JexBoss, an open source tool for testing and exploiting JBoss application servers, to gain a foothold in the network. Once they have access to the network they proceed to encrypt multiple Windows systems using SamSam.
  • BIOS upgrades needed for fre…..ezing Cisco switches – Too-talkative PCIe bus can leave Nexus 5600 and Nexus 6001 just hanging around
  • Digital Attack Map – Digital Attack Map is a live data visualization of DDoS attacks around the globe, built through a collaboration between Google Ideas and Arbor Networks. The tool surfaces anonymous attack traffic data to let users explore historic trends and find reports of outages happening on a given day.
  • Norse CorpNorse Live Attack Map – Sources: Security Firm Norse Corp. Imploding

Roundtable Discussion

  • Cables
  • Wiring closet
  • HVAC / Environmentals and Cooling
  • Data Center / MDF / IDF
  • Uninerruptible Power Supply / Generators
  • Start with templates for small, medium and large size networks
  • Try to stick to your design and don´t do every site completely different
  • WAN connectivity >> what is available?
    • >> ISP >> DSL, cable Modem , 4G backup
    • >> Dark Fibre , Metro Ethernet
    • SDWAN ?
  • Core Layer
  • redundant Core ?
  • modular or fixed form factor
  • Uplink capacity
  • L2 and L3 redundancy
  • Access Layer
  • Switch selection process:
  • single switch vs. stack
  • Uplinks,
  • VoIP and PoE
  • Port requirements
  • -How to deal with insufficient passive cables
  • WLAN
  • Site survey
  • AP deployment
  • 2.4Ghz or 5Ghz design and preferences
  • RollOut Planing
  • Project management
  • patching all the needed end user connections
  • Full patch deployment vs. patch only when required

What tools are you using?

If you need to perform a wireless packet trace across multiple 2.4Ghz or 5Ghz 802.11 channels you can leverage multiple AirPcap wireless adapters from Riverbed using WireShark to capture all the channels concurrently. The AirPcap multi channel aggregator helps mux all the 802.11 channels into a single WireShark capture saving you a lot of time and effort.

Cheers!

Episode 2 – We are back for more

We returned to record on second episode on Sunday March 20, 2016.

Interesting News and Events

  • Dominik came across an interesting story on ZDNet by Larry Seltzer title, “Is paying for antivirus a waste of money?” Larry is essentially proposing that since Microsoft’s Anti-Virus/Anti-Malware solution for Windows 10 is a big improvement over previous versions (credit AVTest), then perhaps you don’t need a commercial solution. In the closing paragraph he makes this statement:

It’s like a motorcycle helmet. Lots of people don’t wear them and never have a problem. Some people wear them and still get in fatal accidents. But it can make a big difference. If a real threat comes my way and the anti-malware stops it then it has definitely paid for itself.

  • Dominik also came across a post from BigThink by Frank Jacobs entitled, “Tokelau, the World’s Online Superpower“. In surprising fashion the country/territory with the largest number of unique domain names isn’t any of the current super powers. Instead it’s a small New Zealand territory with a population of approximately 1,400 people. Yet the .tk domain has more than 31,311,498 registered domains.
  • Several of new vulnerabilities were recently found in Palo Alto firewalls by Felix Wilhelm @ Troopers Conference in Heidelberg Germany.

  • Pwn2Own which was held last week at the CanSecWest security conference awarded some $460,000 to multiple teams for vulnerabilities discovered in Windows, Apple OS X, Adobe Flash, Apple Safari, Microsoft Edge and Google’s Chrome.

Roundtable Discussion

Dominik recently posted an article entitled, “FastDeployment vs Planing” discussing the pitfalls that can befall people that don’t take the time to properly plan and think out all the associated challenges and issues of making a change to a production system. Sometimes this isn’t necessarily the engineer’s fault, it’s the responsibility of the management team to provide the time and resources for that engineer to be successful in his or her’s endeavors.

We also briefly touched on automation, and I recalled a post from Lindsay Hill titled, “Help! My Boss is Scared of Automation!!!“.  I would highly recommend you check out Lindsay’s post.

What tools are you using?

USB to Serial Adapters – Dominik has done one better using Airconsole by get console. Dominik posted his own thoughts about Airconsole back in January 2015. In short the Airconsole allows Bluetooth or WiFi connectivity to the serial port of your choice with good support and battery life.

I’ve run into all sorts of problems with Prolific chip based adapters, where the laptop would either blue screen or the serial port would just stop working until the laptop is physically restarted. I just recently purchased a number of FTDI chip based adapters and so far they seem to work much better in Windows 8 and Windows 10 – time will tell.

Cheers!

Episode 1 – We’re here!

This episode was recorded on Sunday March 13, 2016 with Dominik and Mike.

Chit Chat

Infamous war stories

  • Dominik – A new cleaning company is brought in to thoroughly clean the office and they decide that it will be easier for them if they disconnect all the cables under the desk and then just reconnect them all again when they are done. The following morning the staff find the network down and eventually stumble upon the fact that the cleaning company has moved some of the cables which results in a large number of network loops requiring an all day effort to clean up and resolve.
  • Mike – The original Doom game (I mistakenly referred to it as Quake in the podcast) used IPX broadcast packets to communicate between clients. I was working in the computer lab back in the mid to late 1990’s as a student assistant. These were the days or WordPerfect for DOS. Students start telling me that nothing was working, they can’t launch any applications from the Novell NetWare server and they can’t print. Eventually I find two students at the back of the lab playing the very early version of Doom. The frames were essentially flooding the entire network preventing pretty much everything from working.
    http://kotaku.com/memories-of-doom-by-john-romero-john-carmack-1480437464

Interesting News and Events

How to Improve Yourself?

The Internet is a wealth of knowledge and experiences just waiting to be tapped. You should leverage that resource to help expand your understanding and depth of knowledge by doing some simple research. This is especially important when working with resellers and/or vendors that are looking to sell you the latest gadget. They will rarely tell you the shortcomings of their product or solution, instead you need to pull it out of them and decide if those issues are relevant to your moving forward with the product or solution.

Specific resources such as Tech Field Day and Packet Pushers are great places to start.

What tools are you using?

I’ve been recently struggling some with 802.11b/g (2.4Ghz band) RF interference issues. I did some research (see I’m following our own advice) and found WiSpy from MetaGeek. I have some reading and learning to-do first but it looks like a really useful promising tool.

Cheers!