OpenSSH 7

OpenSSH 7 among other things discontinued older key exchange protocols for Diffie-Hellmans group 1 (diffie-hellman-group1-sha1). we already know that it can be compromised by executing attack known as Logjam. that’s all good and nice, until you try to connect to such device using newly upgraded SSH. if your device doesn’t support DH group 1 key exchange, you need to upgrade software. if you already have software capable of doing so, it needs to be configured on the box....

October 3, 2016 · Łukasz Bromirski

positive influence of technology

i was travelling recently to US and back, essentially sitting for a 10+ hours in planes each way. i decided to invest in myself, and bought myself a gadget - my friend praised it years ago. i’m talking about active noise cancelling headphones - Bose QC35. after 10 hours of listening to music and podcasts and NOT listening to engines, people, coughing, snoring and other traditional noises during transatlantic flight… i have to say, this is technology that really makes a difference....

September 21, 2016 · Łukasz Bromirski

world is changing

…and that’s good thing. with only two weeks to seventeed edition of PLNOGa we have bunch of interesting news. conference, that we started by discussing BGP, MPLS-TE and RSVP and role of 10GE interfaces (we’re in Europe and that was 2009!), today focuses on deploying SDN, and influence of IoT to service provider networks. we’re also discussing public cloud, hybrid cloud, software defined data centers (SDDC) and consequences of proliferation of overlay networks....

September 17, 2016 · Łukasz Bromirski

data is toxic

it’s hard to disagree with Bruce’s article. would blockchain-based solution be the best approach here for accounting? accounted access to data, accounted transactions … something must change. we can’t deal properly with data.

March 15, 2016 · Łukasz Bromirski

unkempt thoughts

how bad our current patent system needs to be broken, to allow building companies just to do business on patent trolling? we see more articles about it but capitalsm doesn’t care. even when law enters the game, there’s often nothing that can be done having SDN in mind, and developers influence on how todays internet works, i’m thinking what we’ll be doing in couple of years (and how pitfully unprepared are companies today to defend any sensitive data - financial, biological - in “web 17....

December 19, 2015 · Łukasz Bromirski

it's unbelievable how governments...

…resent encryption. in particular those that were caught red handed doing mass surveillance of its own and foreign citizens. it’s worth to read this article to understand how PR (written by Camerons speech author) is trying to turn everyone using security and encryption to those helping terrorist. it’s enough today to name somebody ’terrorist’ and suddenly every option is on the table. interrogation, wiretapping, dropping bombs or simply investigating without any specific reason is fair call....

December 5, 2015 · Łukasz Bromirski

why are we so... confident?

while observing how people tend to behave in so called “serious situations” and “serious environment” I began to create different theories. as i’m lacking background in psychology i was not proficient in doing that, but then I stumbled upon this article. in particular, this quote caught my eye: For poor performers to recognize their ineptitude would require them to possess the very expertise they lack. indeed, that’s the case! and it’s worth remembering as well, that:...

October 13, 2015 · Łukasz Bromirski

doing recert

every two (or three, depending how desperate you are) years, in life of every CCIE and CCDE there is this looming deadline called ‘recertification’. panic is usually short lived and ends with ‘push’ - succesful recertification. in variable styles and techniques, but successful nonetheless. i had opportunity recently to execute this dance. and wise words people say, that if you loose daily connection with networking gear and technologies, you very quickly loose and forget expert level skills....

October 3, 2015 · Łukasz Bromirski

private key

August 14, 2015 · Łukasz Bromirski

"audiophile"...

…discussions were already covered on my blog. arstechnica just published A/B/X test of Ethernet cables capable of suspiciously “enriching” sound and as you can imagine… there’s no difference in those priced at 340$ vs those priced at 2.5$. it’s good laughing experience to compare this review and the one provided by this fraud, that’s trying to say over his fake so called ’test’. please read comments as well - there’s interesting one, where one of the commenters mentions that 0=0 and 1=1 in digital processing, while the author (again, fraud) still claims there’s a big difference....

July 31, 2015 · Łukasz Bromirski

Life is unfair...

Life is unfair. And the unfairness is distributed unfairly.

July 17, 2015 · Łukasz Bromirski

blockchain everywhere...

interesting blog article how to create truly free way of publishing without fear of censorship. it seems that the last reddit problem restarted discussion about free speech and crypto non-repudiation of published content. in the context of rising pressure from US to build backdoors in every equipment, maybe this is some kind of solution? if you think about it… no, actually you no longer need to do so. it was already thought out....

July 16, 2015 · Łukasz Bromirski

agile...

…this is how you should build lean IT systems. in particular, I like this quote: And the new login system, which MPL launched in February 2015, is remarkable. It is faster and it is cheaper than the old one: The old system responded to requests somewhere between two and 10 long seconds; the new one takes 30 milliseconds, on average. The old login system cost $250 million to build and would have required another $70 million annually to stay online....

July 13, 2015 · Łukasz Bromirski

airlines...

…are of course one of the worst and evil habitats in this world. treating passengers like cattle during the entire process of boarding and exiting the plane (let’s not skip the “joyful” stage of buying a ticket, let alone attempting to modify it later) has become - generally - a new standard today. a few months ago I had the opportunity to fly back and forth in Poland on two different days - Monday and Wednesday....

July 9, 2015 · Łukasz Bromirski

The best revenge...

The best revenge is massive success. Frank Sinatra

June 28, 2015 · Łukasz Bromirski

internet

i’m ten pages into an ethernet-phy manual and i’m pretty sure the internet is impossible bike

May 31, 2015 · Łukasz Bromirski

this is how it should work

weekend at countryside kind of suprised me… :) so, Cisco 887VAGW+7-E-K9, a little configuration and here we are. ! chat-script gsm "" "AT!SCACT=1,1" TIMEOUT 15 "OK" ! interface Cellular0 ip address negotiated ip nat outside ip virtual-reassembly in encapsulation slip load-interval 30 dialer in-band dialer idle-timeout 300 dialer string gsm dialer-group 1 async mode interactive ! ip nat translation timeout 60 ip route 0.0.0.0 0.0.0.0 Cellular0 ! dialer-list 1 protocol ip permit !...

May 24, 2015 · Łukasz Bromirski

daily "top" for spam and malware

it’s interesting to take a look. and then a second look - as a lot of well known networks and hosts appear on those maps: SenderBase malware SenderBase spam and for general SenderBase reports, biggest threat intelligence network go here: SenderBase

May 13, 2015 · Łukasz Bromirski

directional ethernet patchcords for audiophiles

you stumble on audiophile-driven discussions, related to exploiting their customer base. I found today, completely at random, category 6 ethernet patchcord that… provides directional audio optimization support: DIRECTIONALITY All audio cables are directional. The correct direction is determined by listening to every batch of metal conductors used in every AudioQuest audio cable. Arrows are clearly marked on the connectors to ensure superior sound quality. For best results have the arrow pointing in the direction of the flow of music....

May 9, 2015 · Łukasz Bromirski

you're all virtual anyway

twitter and facebook admit, that at least 10 percent of the user base is likely bots. it’s “official” data, but that article shows, that this estimation may be way undersized. it seems that next dot-com bubble slowly grows and should burst soon. we’ve been discussing this for years now, but it seems the valuation of seemingly worthless, virtual companies producing software is growing year by year. 3 billion dollars for company that builds (poor, by the way) headphones - Apple buys Beats Electronics....

May 5, 2015 · Łukasz Bromirski

world is changing

failure that Tidal came to be and at the same time success to which Apple Watch is experiencing (the same that has trouble keeping it’s bettery up for ONE day) is troubling. on one side we have market, that is able to verify this poor and blatant run for money organized by multi-billionaires, obviously coupled with lack of any style and market research (which would show there are other, better, faster and with wider selection of artists and capabilities services available already), on the other hand - Apple Watch?...

April 25, 2015 · Łukasz Bromirski

you must never...

April 24, 2015 · Łukasz Bromirski

why i don't give a fuck

after stumbling upon Farnam Street blog, i found another one - that of Mark Manson. and i found it thanks to The Subtle Art of Not Giving a Fuck article. after reviewing this short list i realized how many of those advices i could give to myself seven years ago. it’s worth to read. and think.

April 18, 2015 · Łukasz Bromirski

use keys, not passwords

it’s subject old as world (password-protected world, that is). i had to do some of cleanup on my devices and i hit a problem with 4096 bit keys. so, just as a reference that may be helpful somewhere for someone - you import keys to Cisco IOS without any special problems: router#conf t Enter configuration commands, one per line. End with CNTL/Z. router(config)#ip ssh pubkey-chain router(conf-ssh-pubkey)#username TEST router(conf-ssh-pubkey-user)#key-string router(conf-ssh-pubkey-data)#AAAAB3NzaC1yc2EAAAADAQABAAACAQDCiLBaopUwsFb9YJNhGqVYqBajlrH S/zwD6/yR6N8VcRzrpqMMNCFXe1q5GMGM[...]ANWInd9GHBjTzbJWVwavxy1ooQewii8ErofZuv1l/SXSdXLzfL p0zMoZ0L+BNPS0j4XBS0N3t8Vl8oVixqIeG2BNTCNaDDt6hx2Q== lukasz@bromirski....

April 1, 2015 · Łukasz Bromirski

deploy SIDR

google again dropped out of the internet because of failure to filter prefixes. SIDR configuration on Cisco gear is really simple - for IOS-XE, IOS-XR. if you have Juniper it takes like half a second of searching. of course configuring is one thing, visiting RIPE and cerfifying your own resources is another thing. then it’s all done. every prefix signed, and every autonomous system checking for certification data is helping. every single one....

March 15, 2015 · Łukasz Bromirski

SHALL WE?

“Picture a tall, dark figure, surrounded by cornfields… NO, YOU CAN’T RIDE A CAT. WHO EVER HEARD OF THE DEATH OF RATS RIDING A CAT? THE DEATH OF RATS WOULD RIDE SOME KIND OF DOG. Picture more fields, a great horizon-spanning network of fields, rolling in gentle waves… DON’T ASK ME I DON’T KNOW. SOME KIND OF TERRIER, MAYBE. …fields of corn, alive, whispering in the breeze… RIGHT, AND THE DEATH OF FLEAS CAN RIDE IT TOO....

March 13, 2015 · Łukasz Bromirski

plnog #14

I was taking part of PLNOG for the last two days. i didn’t have opportunity to take part of the last edition and it’s a shame - we created this conference with Andrzej Targosz. a lot changed during last couple of years. but what was always key of the whole PLNOG - community - is only developing. i’m not about the direction, but the sole fact we have a lot of discussions about direction gives hope....

March 3, 2015 · Łukasz Bromirski

why science is so fantastic?

…because of that, for example. contrary to ‘beliefs’ and dogmas, that until being ridiculed are broadcasted widely, only the scientific method works. actually works. it allows us to continously attempt to verify by experiment our theories, build theorems and laws - and realistically predict and describe behavior of the universe around us. i highly recommend using it.

February 27, 2015 · Łukasz Bromirski

what i was reading - january 2015 edition

from everything read up to date and noted as worth reading: Think like a freak - great set of anecdotes coming strait from author real experiences. there’s a lot of examples that if you don’t know that something can’t be done - you’ll succeed and amaze people around you. so called “ground truths” are serious problem those days. in most of the cases because people have very shallow knowledge or lack it - so can be easily manipulated....

January 12, 2015 · Łukasz Bromirski

ietf and new ideas

while looking through recent IETF meeting notes i found interesting idea - splitting OSPF area zero without incurring outage. it’s very interesting idea for flawless, in-service migrations. on the other side, another OSPF concept that I was afraid somebody will bring up is… enabling FlowSpec capabilities. oh my… also, overlay networking effort is gaining grounds, with architectural choices as well as security. it’s interesting how much longer it will take....

January 8, 2015 · Łukasz Bromirski