Ads 468x60px

Featured Posts

16 de julio de 2018

A2 level in French language

Last summer, I wrote about French language A1 level passed because I started learning a new language, French language, at Official School of Languages and I passed the A1 level exam. These were my beginnings in French language, although I had already studied some of French at High School. As a result, my wishes for this year 2018 was keep studying French language and I’ve just successfully passed the A2 level in French. I feel happy to be able to pass to the next level, B1 level, because it means I'm improving my French language skills.

I got 9,5 in the listening skill which is very good. I mean, it's amazing! I think, I got it because I’ve done a lot of listening exercises. Almost five listening exercises a week since I started the course. They are online clicking on Besides, I’ve heard the France Info radio on live from time to time. While I’m working, while I'm taking a shower or while I’m in the gym, I can listen the radio in French language. All of this has been enough to have a good marks in the listening skill.

The speaking skill is the most difficult skill from my point of view because students have to speak about a topic for a few minutes but you don’t have a lot of time to think about it. Therefore, students have to improvise and devise what they want to say. I got 8 in the speaking skill which is also very good. I’ve been speaking alone in my house with Vaughan Bonjour! and I’ve been also speaking with schoolmates in French language which has allowed me to improve my speaking skill. In addition, I think the Video Selfie in French language, my talk about the mathematician, physicist and French philosopher Sophie Germain, and the talk about La région Île de France have helped me to get this good marks.

I think the reading skill is the easier skill because although you don’t understand the whole document, you can know what you are reading by the context. I really love reading. Therefore, I’ve read three books in French language in this course. I still read books for beginners which means I read books with basic vocabulary and easy grammatical sentences but I hope getting more and more vocabulary and complex grammatical sentences in the next years for reading more interesting books.

Finally, I have to admit that the writing skill is not easy. Although I usually write in this blog, writing is not easy even for me because you have to think about what you are going to write as well as you have to think about how you are going to organise the text. How many paragraph you are going to write, what verbal tense you are going to use for the story, the letter, mail or whatever. Many thing you have to think and decide before writing the first letter. However, I got 9 in writing skill which is also a very good mark.

To sum up, I’ve been studying for the whole course and I've finished with very good marks. Thanks for the teacher, thanks for the schoolmates and thanks for my supporters.

Regards my friends and keep studying!!

9 de julio de 2018

F5 ASM - Denial of Service (DoS) Mitigation

From time to time, I talk about techniques and methods of DoS attacks with workmates and customers, and when we speak about it, most of them always think about DDoS Attacks where a botnet flood the targeted server with excessive bandwidth consumption. However, we shouldn’t forget that an attacker can also make services unavailable with just requesting heavy URLs. Therefore, it’s not necessary to have lots of resources, neither a botnet, to make services unavailable because it can also be accomplish with a simple DoS Attack.

Mainly, there are three DoS attack categories: volumetric attacks, computational attacks and application attacks. Firstly, volumetric attacks, like UDP Flood Attacks or Amplification DDoS Attacks, which are the most known DoS attacks. Secondly, computational attacks, like SYN Flood Attacks, are less known than volumetric attacks where attackers want to exhaust resources such as firewall session tables. Finally, application attacks, like HTTP Flood Attacks, are easy to execute with DoS attack tools such as LOIC or slowloris. However, these last attacks are little known by companies and most of them even don’t know how to mitigate it nor which mitigation tools are on the market.

DoS Attacks Categories

When we are mitigating DoS attacks, it’s important to have a good classification between malicious traffic and legitimate traffic because the mitigation process could also block legitimate users when DoS mitigation tools are not well configured. In addition, DoS attacks are increasingly sophisticated and targeted which are delivered in SSL traffic as well against servers and applications. As a result, behavioural analytics, ultra-fast automated detection and comprehensive protection are required for a good mitigation strategy.

F5 BIG-IP WAF is also able to detect and block DoS attacks. We can watch in the next video how I configure a DoS profile to detect and block attacks based in TPS (Transactions Per Second). When the bot iMacros requests two transactions per second, the DoS profile blocks requests and the DoS attack is stopped. In addition, the video shows how to block DoS attacks with a CAPTCHA challenge to find out who is behind the web server whether a bot or a human being. Last but not least, DoS reporting are very important to know what’s going on and what happened in the services.

Regards my friends and don’t forget to protect your services.
Related Posts Plugin for WordPress, Blogger...

Entradas populares