Ads 468x60px

25 November 2019

F5 BIG-IP APM - OAuth with Facebook



These days I’m working a lot with F5 BIG-IP APM. In fact, I’ve been configuring the SAML and the OAuth protocols. I wrote about F5 BIG-IP APM – SAML last month and I’ve been recording a new video about OAuth Federation with F5 this week. OAuth is increasingly used by companies such as Google or Facebook and it’s useful to share information about their accounts with third party applications or websites. For instance, we can watch in the next video how we can authenticate in a website with a Facebook account. In addition, we send HTTP headers with the username and the provider to the website for the Single Sign-On (SSO) process.


Best regards my friends. Have a nice day!

18 November 2019

Tips for a Multihoming BGP network



I’ve written about Same BGP Autonomous System Number in two Datacenters recently because I wanted to connect two datacenters through Internet with the same AS Number. However, I have a new task for these days. I have to add more than one ISP to the datacenter. Therefore, I will have to configure BGP properly for several ISPs, which is an interesting and amazing task. It’s also an advanced routing task because a configuration mistake can shut down Internet to customers. I really love networking.

Connecting to Two or more ISPs

Firstly, it’s important to know how Internet routers view our networks. There are lots of websites on the net which are useful to know how other routers can send packets to our networks. There are even routers where we can access freely with read-only access to run commands, which are also useful to see how Internet routes learn our networks. For instance, there are lots of free access routers in the www.routeviews.org website where we can choose a router, access with the Telnet application and finally run commands.

Route Views Project
 
Once we have accessed to a router, we can run commands. It’s important to know what commands we have to execute as well as we have to understand the output. The show ip bgp command is the best one to know how other routers view our networks. For instance, we can run show ip bgp + network IP address to know how many paths there are from one router to our network. We’ll see all paths and the best path, which is the active path. This command is useful to see the BGP topology database.

BGP Topology Database
 
The BGP topology database or BGP forwarding database is a table where all paths are store. This database is updated by the BGP process and we can search how routers can send packets to every network in this database as well as we’ll know attributes such as metric, local preference, weight, etc. It’s important to highlight BGP topology database is different to the routing table because the routing table only has the best path instead of all path as the BGP topology database does.

Routing Table
 
There is an interesting website I’m used to visiting. The Réseaux IP Européens Network Coordination Centre has lots of resources about IPv4 addresses, IPv6 addresses and autonomous system numbers. For instance, we can see easily from the www.ripe.net website how different routers from Internet see our network. Therefore, it’s easy to see from this website if our network is advertised through several ISPs.

RIPE NCC
 
Finally, if you work as a network engineer, you’ll have to understand dynamic routing protocols such as BGP properly. If you are going to advertise your own routes to Internet, you’ll have to know how the BGP protocol works. If you are not sure what you are doing, the best option is to contact with professional services.

Best regards my friends. Keep learning! Drop a line with the first thing you are thinking!

11 November 2019

Así se domina el Mundo



I like reading. I don’t have much time for reading but I like reading at least 10 minutes a day. I’ve needed more than two months for reading the last book, but I’ve finished it. Great!! Así se domina el mundo by Pedro Baños has been the last book I've read. Pedro is a Spanish military and Colonel of the Spanish Army who is specialized in geostrategy, defense, security, terrorism and intelligence. Actually, I didn’t know anything about this man till I’ve read this book. If you like these topics, you can also watch “La mesa del coronel (Cuatro)” where Pedro works as a presenter.

This is a book mainly about geopolitics and geostrategy. These are two concepts I didn’t know very well. Geopolitics is the study of the effects of Earth’s geography (human and physical) on politics and international relations. However, geostrategy, which is a subfield of geopolitics, is a type of foreign policy guided principally by geographical factors as they inform, constrain, or affect political and military planning. Therefore, geopolitics and geostrategy are very important because the world is defined by these two concepts.

If you want to know about geopolitics and geostrategy, you’ll have to study history. The world is like it is today thanks to history. For instance, Crimea was in Ottoman Empire, which recognised the independence of Crimea, but was then conquered by the Russian Empire. During Soviet Union, Crimea was autonomous in the Ukrainian Republic but the Russian Federation wants Crimea goes back to Russia. Today, Crimean people is divided between Russians, Ukrainians, Crimean Tatars, Belarusians, Armenians and others. To sum up, it’s a mess. What’s more, there are lots of mess like this around the world.

We can read in this book some immutable geopolitical principles. These principles are very important to understand why the world and countries make decisions. For example, States are like living being which move mainly by the economy. We can see the trade war between China and US. Both countries are fighting to dominate the world. However, history and allies are also two immutable principles very important in geopolitics.

We can also read some interesting geostrategies in this book. Intimidation is one of the strategies most used by States. We can see how most countries show off military equipment. Russia, North Korea, China, US or even Spain show tanks, fighter aircraft and bombs to intimidate adversaries. However, there are many strategies such as the breaking point or support the division. I’m sure some of them will be well known for you.

In addition, we can read some errors made in geopolitic. Idiosyncrasy is something to take into account in geopolitics because each country and each town is different. There are lots of cultures which has to be taken into account. Religions are also important by lots of people. States can make errors in geopolitics which can be dangerous for the future of the country.

That’s all my friends. If you love geopolitics and geostrategic, you should read this book.

4 November 2019

Ariadnex – Deep Network Intelligence



I work at ARIADNEX since 2009. I’ve learnt a lot about networking and security in these 10 years. I’ve had the chance of configuring dynamic routing protocols such as BGP, OSPF or RIP. I’ve installed and configured lots of switches and routers. I’ve deployed security tools such as SIEM, Antivirus, IDS/IPS, firewalls, etc. I’ve analysed lots of security alerts to know what’s happened in the network. I’ve even been a teacher in IT courses on network, security, hacking and forensics. I’ve been able to do many tasks in these 10 years.

I’ve realised when there are issues with the network, such as slowness or traffic is not going through the best route, companies and IT engineers get crazy. When there are complex issues, we need a DEEP knowledge for a DEEP analysis. We’ll need networking and security tools where we can analyse lots of metrics such as sessions, flows, traffic, etc. We should even be able to download the packet to know what’s going on. What’s more, if we want to know what happened in the past, one day or two days ago, we should also be able to download these packets for a better analysis.

DEEP

Most applications use the NETWORK to send and receive data. Today, the network is very important in most businesses. Therefore, networking monitoring is a must in most companies because if there are issues, we’ll need to check how the network is performing. Companies need a healthy and clean network, where data is going through, because the network is the highway of data. If you are an IT engineer and you are worried about your data, network monitoring is your friend.

NETWORK
 
Sadly, there are lots of companies which don’t know what’s going in their networks. They can’t perform a deep analysis either. However, there are companies which do have network monitor or even they can perform a deep analysis but they don’t have the third important concept. INTELLIGENCE. Intelligence is required to know exactly what the monitoring tools is recording. Intelligence is required to know exactly what events and logs are recording. We can add intelligence to the monitoring tools with books, study and expertise.

INTELLIGENCE
 
There are many adversarial simulation tools which help us to know if the network and security monitoring tool is working well. FlightSIM is my favourite one because we can easily generate malicious traffic such as C&C traffic, DGA traffic, spambot traffic, etc. However, there are many others useful adversarial simulation tools such as Caldera, BT3 or DumpsterFire. It’s up to you which one you want to use to know if your monitoring tools detect malicious traffic.

Adversarial Simulation Tool
 
We can perform Deep Network Intelligence from Ariadnex but we can improve this intelligence with a Network Packet Broker (NPB). Gigamon is a NPB which can be used to resend a copy of the traffic to the monitoring tools. For instance, we can send a copy of the traffic to SSL Intercept appliances, IDS/IPS appliances, etc. Therefore, A-DNI along with a NPB will be the next generation monitoring tool at Ariadnex.

SSL Inspection with Gigamon
 
Regards my friends. What do you think?
Related Posts Plugin for WordPress, Blogger...

Entradas populares