Slowloris and Nkiller2 vs. the Cisco CSS load balancer
Today I spent most of my time analyzing the Slowloris and Nkiller2 denial of service (DoS) tools together with my colleague Gert Kremer. Slowloris (name after the slow moving primates is a httpd DoS...
View ArticleHAR: networking overview by the NOC team
How did you get the network here in the middle of the field (10Gbps). By The NOC team Internet was provided by XS4ALL, BIT and OpenTransit. There were direct peering connections with Akamai, Google...
View ArticleBUG (and work around): Persistent routing issue on Win2k8 clusters
Another good (shoudl I say brilliant?) information from our collegue Elianne van der Kamp. Yesterday we discovered an issue with Windows 2008 clusters: manually added persistent routes disappear from...
View ArticleCA will not start… What do you mean, cannot download CRL…
As part of my work I was installing a Microsoft PKi infrastructure with two tiers. A root CA and an issuing CA. Since the root CA is in another domain then the issuing CA, it took some fiddling and...
View ArticleImpact of TCP offload and ‘Received Side Scaling’ on traffic handling
While doing a performance test on one of our customer environments we observed the impact of TCP offload and “Receive Side Scaling” (RSS) settings on the interface card on Windows web servers in...
View ArticleBlackHatEU : Hacking Cisco Enterprise WLANs
By Enno Rey & Daniel Mende erey@ernw.de dmende@ernw.de When implementing Cisco Wireless network infrastructure Enno and Daniel got the impression that, security wise, these systems smell. First...
View ArticleV6 World Congress 2012
I’m visiting the V6 World Congress 2012 together with collegue Erwin Blekkenhorst (a long time IPv6 adept and owner of ipv6.net as well as its corresponding Facebook web page). This IPv6 congress is...
View ArticleV6 World Congress 2012 – day 2
A marathon day Day 2 of the IPv6 conference was actually pretty good. It was a ‘marathon’ day of +10hrs of presentations and panel discussions. Unfortunately during the last ‘talking heads’ sessions...
View ArticleV6 World Congress 2012 – day 3+4
Day 3+4 of the V6 World 2012 Congress were also interesting. In many ways my conclusions of the first two conference days were reconfirmed but additionally I learned that; IPv4 is here to stay and it...
View ArticleIPv6 in Mission Critical Environments
The upcoming of IPv6 -the new internet communication protocol- is inevitable. On June 6th, 2012, IPv6 will permanently be enabled by many web sites like Facebook, Yahoo, Google and the likes. Schuberg...
View ArticleAllow STT (Stateless Transport Tunneling) through an Cisco ASA
In order to allow the STT tunnel (http://tools.ietf.org/html/draft-davie-stt-00) through a firewall you need to bypass the SYN/ACK security. STT uses a header that looks just like the TCP header to...
View ArticleSchuberg Philis cloud L2-L3 Use Case
How can you connect existing customers with a legacy infrastructure to a virtual infrastructure in a cloud or how can you extend these infrastructures with a virtual infrastructure? The answer is...
View Article