AOL still gets a lot money from...

…people using dialup connections. those poor people stay need them to take advantage of restricted Internet services provided by AOL. a year ago at that time, still around 2.6 million of US citizens were connecting to internet that way. …and you think that your 1Mbps upstream link is not enough? ;P

August 8, 2014 · Łukasz Bromirski

canvas fingerprinting... and unbound

some time ago I changed my BIND at home to Unbound, due to the change of the default DNS server in FreeBSD (yes, I do have my own DNS server at home, and it serves all local queries). actually, I have four right now ;) back in BIND times, i used a lot of scripts to add zones containing 127.0.0.1 for domains serving ads. after switching to Unbound - i forgot about it completely....

July 24, 2014 · Łukasz Bromirski

your social tab is empty...

June 14, 2014 · Łukasz Bromirski

"it's better not to know...

it’s better not to know, how thick the wall is. you may have too short run. anonymous

June 10, 2014 · Łukasz Bromirski

gimme more!

quite recently i described my own new workstation. it has dual Xeon processors, and today i decided to upgrade memory from 128GB to 256GB (yeah, i use to run a lot of VMs). so below you can see the outcome - 256GB RAM, 2 physical CPUs, 16 cores, 32 threads: great advantage of having such beast at your disposal is that you simply can run everything thrown at it. it’s quiet, it’s effective and it also doubles as great gaming station....

June 8, 2014 · Łukasz Bromirski

essentialism #2...

…gave me food for thought. i counted 18 books in different places around my house, that i was trying to read at the same time. today in the morning i decided it doesn’t make any sense, and it’s exactly the opposite approach i should take. so, books landed in stack, into nice queue. i’ll be reading two books at the same time from today onwards - starting with ’essentialism’ and Pratchetts ‘Raising Steam’....

June 7, 2014 · Łukasz Bromirski

essentialism...

…i’m reading right now an interesting book - Essentialism. it beatifully demonstrates how to decide where it is worth to invest your time and energy. and it gives you great framework for doing just that. another theory, you’ll say? well, 37signals, builders of the great web apps announced they’ll… drop all other projects and focus on only one - Basecamp. that’s how you put theory to practice. by the way - i highly recommend all of the 37signals books, they’re great source of proven advices how to build your own business and how to choose paths in life....

May 23, 2014 · Łukasz Bromirski

standards...

…or who needs them anyway today? there’s interesting article written down by one of Google employees, that perfectly describes how ineffective today standard bodies are, and how less and less influence they have on the market. cisco decided to spearhead new solutions without waiting for multi-year discussions, true to the ‘good description and working code’ motto. if we wouldn’t be doing that, there would be no PVLANs, FabricPath (TRILL) but also protocols like LDP or HSRP/VRRP/GLBP....

May 22, 2014 · Łukasz Bromirski

ASA 9.2(1)

…supports BGP and it’s already out. do you like BGP on your firewalls? i don’t. should we have the tool in hand, just in case? well, sometimes it’s handy. but going back again - do you like BGP on your firewalls? ;)

April 27, 2014 · Łukasz Bromirski

some weekend reading...

in 2002 it was calculated that to reach closest star (Proxima Centauri), multigenerational crew would need to start with at least 150 to 180 men and women. latest simulations show however, that to guarantee gen variance you’d need to take between 10000 and 40000 people onboard. it would be interesting to see how those plans will end up - we will stay on Earth until Sun burns out, we’ll kill each other or maybe we’ll start finally intergalactic travels?...

April 5, 2014 · Łukasz Bromirski

ipv6... once again in bad spotlight

all memory and CPU related features in IPv6 world is major challenge even for modern hardware. unfortunately this is emphasized with lack of best practices followed by developers writing code. i just noticed there’s Microsoft Windows problem with IPv6 RA. it seems that actual problem is not limited only to RA, but actually - to the whole networking stack when working with link-local addresses. under Microsoft Windows code is allocating memory pretty recklessly....

April 1, 2014 · Łukasz Bromirski

don't judge decision by results... what?

let me quote book i’m reading now: A quick hypothesis: say one million monkeys speculate on the stock market. They buy and sell stocks like crazy and, of course, completely at random. What happens? After one week, about half of the monkeys will have made a profit and the other half a loss. The ones that made a profit stay; the ones that made a loss you send home. In the second week, one half of the monkeys will still be riding high, while the other half will have made a loss and are sent home....

March 30, 2014 · Łukasz Bromirski

CCDE bootcamp

it will be unique opportunity in Poland and in this part of Europe. with group of my dear friends and design masters - Piotr Jabłoński, Sebastian Pasternacki and Piotr Matusiak i’ll be delivering bootcamp-type of training for CCDE. we’re starting on 5th of may - and you can find more details here.

February 28, 2014 · Łukasz Bromirski

because you can't just have one CPU...

…workstation requires two! ;) i had some time over Christmas to finally build myself following beast: Asus Z9PE-D8 WS (BIOS 5304, original 3304 had some interesting bugs Xeon E5 2660 (Sandy Bridge EP/EX) - 16 cores, 32 HT Corsair H80i for CPU cooling 64GB RAMu (8x 8GB DDR3 1600 ECC) OWC 480GB PCIe - has two 240GB blades in RAID0 Corsair Obsidian 900D 2x Seagate 4TB HDD [6x Samsung 2TB] LSI 9261-8i to drive those mechanical disks in RAID5 Creative SB ZX AMD Radeon 7970 connected to three Dell U2412 monitors Intel x520 NIC connected to Catalyst 2960S and to other workstation - Xeon 5670, 48GB RAMu, OWC 240GB as boot and two 2TB RAID0 disks as RAID0 for ESXi 5....

February 1, 2014 · Łukasz Bromirski

first new year resolution

don’t start your php upgrade at 2:40 in the morning. as you’ll stay awake until 5am :)

December 29, 2013 · Łukasz Bromirski

just bunch of posts to read...

Jennifer Lawrence phenomenon (i can’t quite get Hunger Games popularity, but i love Silver Linings Playbook. how you should do proper conference badges (oh yeah, we’re learning!), Department of Defense outsources to private company management of their own images and movies archive for 10 years, RSA accepted 10M$ of bribe from NSA to promote weaker encryption algorithm and last but not least - DARPA vision of autonomic SkyNet network from eightees....

December 23, 2013 · Łukasz Bromirski

it's time for GPU in SDN

it seems that GPUs can be reasonably well tasked to handle additional work that x86 CPUs simply can’t. i’m talking about network monitoring and NetFlow processing - good reading when travelling or before sleep.

December 22, 2013 · Łukasz Bromirski

it's still more profitable not to listen to your customers

Christmas are coming, and traditionally that means good time of the year to push people to buy things they don’t need. in Poland, companies generally don’t care what Customer wants. and don’t listed in the process of ignoring him/her. why are companies selling services choose not to listen? they don’t care? i was talking about this paradox during Cisco Connect, but in reality i was just repeating what everyone sane enough to think shouts left and right - we want customized offer, not something off the shelf....

December 15, 2013 · Łukasz Bromirski

vmware - again

you spend a lot of time preparing OVA to save time in future and enable cloning. then, during importing to remote ESXi you get following error message: Failed to deploy OVF package: The task was canceled by a user.. i didnt’ cancel anything! it’s frustrating, and it seems its a small problem on import format side, not on user side. OVA is simple ZIP file that can be unpacked, so you should do so....

November 10, 2013 · Łukasz Bromirski

there's nothing interesting in TV...

…so I decided to use youtube to find my favorite Monty Python series, Program will resume soon (quite specific Polish series - BTW, never published on DVD!). i was also able to find archive of our old polish IT magazines - Bajtek, Top Secret and Secret Service. my own archive, collected over years and protected from everyone fell prey one day to suprise ‘cleaning’ organized in the basement where it was stored....

November 3, 2013 · Łukasz Bromirski

truecrypt... and NSA?

i just got hold of interesting document. let me quote it: As remarked in this table the Windows version of TrueCrypt 7.0a deviates from the Linux version in that it fills the last 65024 bytes of the header with random values whereas the Linux version fills this with encrypted zero bytes. From the point of view of a security analysis the behavior of the Windows version is problematic. By an analysis of the decrypted header data it can’t be distinguished whether these are indeed random values or a second encryption of the master and XTS key with a back door password....

October 19, 2013 · Łukasz Bromirski

only easy day...

after reading ridiculous, made up story of british SAS, hiding under alias “Andy McNab”, trying to tell his version of Rambo&Commando-style fictious account of Iraq operation i couldn’t find story that was so exaggerated and made-up. in reality, his total ineffectual commanding style and bravado led to death one of his own team members, and injuries as well as captivity for rest of them. that was independently verified by Michael Asher and Peter Ratcliffe....

October 11, 2013 · Łukasz Bromirski

polish assembly hall and security

on the upcoming thursday, 10th of october at 7pm i’ll do a short talk with Maciej Broniarz from Warsaw University about security from not-so-typical point of view. please register and see you in Leon Koźmiński Academy hall.

October 6, 2013 · Łukasz Bromirski

and yet it's machines...

…are better at building TCP stacks than we are. i came across the track of an interesting project - RemyCC, providing greater efficiency and at the same time a better division and lower delays (on average). it is worth to look.

July 20, 2013 · Łukasz Bromirski

PRISM, NSA, wiretapping, catharsis and ultimately - dream utopia

for a moment, let’s assume those are rumblings of man worn out by pulling couple of all-nighters in one row. we have to assume that security intelligence services will want to listen to everything and everywhere. that includes NSA sniffing all traffic in major interconnection points at largest service providers. and, obviously - we don’t like it. why we can’t get back to original idea, that all point to point communication should be protected by IPsec (ALL COMMUNICATION)....

June 23, 2013 · Łukasz Bromirski

Aegis at UW

Maciej Broniarz invited us to take part in new security focused conference. Aegis (just like Aegis - American integrated naval weapons system) will take place on 2nd and 3rd July at University of Warsaw. i hope that most of you will decide to take part of it, as judging from agenda. together with Maciej we’d like to also have a panel on DDoS attacks, and then we’ll deliver session together - ‘security by duct tape’....

June 19, 2013 · Łukasz Bromirski

red eagles...

…a book by Steve Davies is a very interesting coverage of USA pilots testing Russian Soviet-era MiG 15s, 17s, 19s, 21s and 23s at Tonopah range. the same that was used to test Lockheed F-117 and launch to simulated sorties with F-4, F-14, F-15, F-16 and F-18s coming in from Nellis AFB as part of Top Gun training. there’s next book on the same topic waiting for me in stack. recently, i was digging through a lot of air combat material, mainly because of getting hold of Osprey Combat Aircraft series....

June 2, 2013 · Łukasz Bromirski

things tiger dreams are made of

you could meet me sometimes during late night hours on Call of Duty Modern Warfare 2 multiplayer servers. now, i decided to change environment a bit and return to love of my life - flight simulators. i dusted off CD with Microprose Falcon 4.0 and i’m downloading BMS patches while reading about Allied Force (CD is already on my way from one of the Amazon warehouses). i’m still using Saitek Fly 5 but if i’ll be able to find more time to fly - there are couple of better sticks out there....

April 30, 2013 · Łukasz Bromirski

when GUI export fails...

…you have to get back to good old CLI. i’m trying to export VM from very remote VMware vSphere 5.1 to OVA. unfortunately, packing 40GB is not apparently easy, as the whole process fails at different stages with error called by VMware simply timeout (yeah, kudos for brevity). so you have to enable SSH and then copy whole directory with SCP. for optimal transfer from remote location it make sense to use additional parameters: -C and -o CompressionLevel=9 to get locally fully functional and packed OVA: scp -C -o CompressionLevel=9 xyz@zdalne_IP:/vmfs/volumes/very-long-uuid-string/vm_name/\* ....

April 6, 2013 · Łukasz Bromirski

IP network security

next thursday, april 11th, i’ll be visiting Warsaw University on invitation from Maciej Broniarz to have a chat about security from service provider point of view. note it will be mechnism and best practice related talk, not vendor pitch. i’ll mention blackholing as well ;) i may have some gadgets and freebies to give away - so please prepare good questions and see you there!

April 3, 2013 · Łukasz Bromirski