It

have you thought recently how oversubscribed are acronyms you’re using daily if you’re in IT? i just spent the whole day listening about VPC, but not vPC or VPC - but about Virtual Private Cloud in AWS services. not about virtual Private Channel or Virtual Path Connection and neither about Virtual Packet Core. and i have to admit, i liked it. i’ve spent whole day on a Mirek Burnejkos training dedicated to clouds. as Robert Ślaski was preaching on recent PLNOG - every respectable network engineer should have good idea how cloud works, and what are capabilities of different providers - like AWS or Azure. that’s the way todays IT and OT world looks like. the better you are about understanding specifics, the better you’ll be at positioning them in your real-life projects. and advice to users or customers. ...

during the last 30 years, processor speeds has increased from millions of cycles to billions - multiplied by multi-core and special mechanisms that increase the efficiency of working with ‘boring’ cores. Pentium 66 processor from 1993 contained 3.2 million transistors, which is anyway quite a value, considering they are packed into a space comparable to that of four dices - and contains one main unit. available today Xeon E5-2699v4 has 22 cores operating at nominal frequency 2.2GHz clock and 7.2 billion transistors. ‘imagine that’! ...

getting grip of reality after moving is not easy in some situations. when everything is still fresh, and on the other hand - so well known :) you know obviously that stopgaps tend to last for years after they were put “just for a moment”? my december cleaning started with true horror of moving my emails server from FreeBSD 9-STABLE (just EoLed) to 11-STABLE. traditional make buildworld; make kernel KERNCONF=server; mergemaster -FiU; make installworld; reboot didn’t work, but (WTF?!) the same sources were able to give me working build when i did make buildworld buildkernel; make installkernel and so on. for some reason, with the first sequence - cam.c dropped multiple warnings treated as error. and build failed. ...

OpenSSH 7 among other things discontinued older key exchange protocols for Diffie-Hellmans group 1 (diffie-hellman-group1-sha1). we already know that it can be compromised by executing attack known as Logjam. that’s all good and nice, until you try to connect to such device using newly upgraded SSH. if your device doesn’t support DH group 1 key exchange, you need to upgrade software. if you already have software capable of doing so, it needs to be configured on the box. ...

i was travelling recently to US and back, essentially sitting for a 10+ hours in planes each way. i decided to invest in myself, and bought myself a gadget - my friend praised it years ago. i’m talking about active noise cancelling headphones - Bose QC35. after 10 hours of listening to music and podcasts and NOT listening to engines, people, coughing, snoring and other traditional noises during transatlantic flight… i have to say, this is technology that really makes a difference. and battery was still at 60% full! ...

every two (or three, depending how desperate you are) years, in life of every CCIE and CCDE there is this looming deadline called ‘recertification’. panic is usually short lived and ends with ‘push’ - succesful recertification. in variable styles and techniques, but successful nonetheless. i had opportunity recently to execute this dance. and wise words people say, that if you loose daily connection with networking gear and technologies, you very quickly loose and forget expert level skills. ...

interesting blog article how to create truly free way of publishing without fear of censorship. it seems that the last reddit problem restarted discussion about free speech and crypto non-repudiation of published content. in the context of rising pressure from US to build backdoors in every equipment, maybe this is some kind of solution? if you think about it… no, actually you no longer need to do so. it was already thought out. there are people believing that bitcoin (protocol, not digital currency) will be basis of all internet communication soon enough. ...

weekend at countryside kind of suprised me… :) so, Cisco 887VAGW+7-E-K9, a little configuration and here we are. ! chat-script gsm "" "AT!SCACT=1,1" TIMEOUT 15 "OK" ! interface Cellular0 ip address negotiated ip nat outside ip virtual-reassembly in encapsulation slip load-interval 30 dialer in-band dialer idle-timeout 300 dialer string gsm dialer-group 1 async mode interactive ! ip nat translation timeout 60 ip route 0.0.0.0 0.0.0.0 Cellular0 ! dialer-list 1 protocol ip permit ! line 3 exec-timeout 0 0 script dialer gsm modem InOut you’d need to configure profile however. as i didn’t have SIM card and i had poor experience with Orange in Poland, i decided to try challenger - Plus. they had a small sales office in nearby city. ...

it’s interesting to take a look. and then a second look - as a lot of well known networks and hosts appear on those maps: SenderBase malware SenderBase spam and for general SenderBase reports, biggest threat intelligence network go here: SenderBase