From Linux Update: Frank Hoffman shows you how nftables simplifies the process of creating and maintaining firewall rules https://www.linux-magazine.com/Issues/2023/270/nftables #firewall #nftables #iptables #FOSS #filter #packets #Linux #netfilter #OpenSource

Calling all card collectors.
Did you know there is an annual fair and gathering on Saturday 22nd and Sunday 23rd of April at Alive, Lynnsport & Leisure Park, Greenpark Avenue, Kings Lynn, Norfolk PE30 2NB ?
More details at : https://csgb.co.uk/events/convention/2023
It is a two day event but the Sunday is free admission to everyone. So why not come along ?

#TradeCard #TradingCard #GumCard #CigaretteCard #Vintage #Advertising #Packets #Tins #TobaccoCard #Collectables #KingsLynn #Norfolk #Card #CardFair #Fair

Ok, went down a slight rabbit hole... You can use #nftables to log #packets to the nflog facility. #tcpdump or #tshark can read from the nflog queue and report info on the packets. Nftables can sample the packets randomly using numgen random mod 1000 < 50 I can sample 5% of packets (or whatever) if the output is easily readable by #Julialang I can turn the network visibility issue into a data analysis issue. What's the best way to read the output? tshark json?

I just spent a number of hours troubleshooting a weird issue with my brand new Ubiquiti Aggregation switch. I haven’t figured out exactly what is going on yet, but the problem is weird enough I wanted to toss it out and see what the Fediverse thinks.

I have two 10gbe hosts. FreeBSD Samba server and Linux client. Both plugged directly into the Aggregation switch (via SFP+ RJ45 adaptors).

Client can mount share, but ls fails. Any I/O on the volume hangs for tens of seconds before failing.

Prior to installing the USW-Aggregation, these same two hosts were connected together via a MikroTik 10gbps switch, and everything was working fine. (You may ask why I decided to replace a perfectly good MikroTik switch with an Ubiquiti product, and honestly now I am wondering the same thing.)

After lots and lots of experiments, it becomes clear that simply routing the traffic over the Aggregation switch is enough to cause the connection to fail.

Diving into the tcpdump on the client side, I find the client sending the same TCP packet over and over, retransmitting with an apparent exponential backoff until it times out and fails with an error.

On the server side, tcpdump shows the packet being received and the reply being sent instantaneously. However, the reply never makes it to the client.

The USW-Aggregation, in its default configuration, is completely swallowing this packet.

I dig around in the settings and turn on Jumbo frames and Flow Control. The problem magically goes away!

Fediverse, what is going on here?

#networking #ethernet #ubiquiti #unifi #tcpdump #packets #troubleshooting #help

Packets https://tryhackme.com/room/packetsframes #tryhackme #networking #ports #packets #frames #handshake #tcpip #tcp #static labs #beginner #module #static sites #labs #UDP #packetsframes via @realtryhackme

Ever wondered how big ICMP errors can get? Well.. I got an answer for you in today's Packet Tuesday! https://youtube.com/watch?v=z9jk8Bbf4_o… #packetlife #pcaps #icmp #inpcapswetrust #packets #sec503

Could someone make sure that the #TCP #packets make it home while I’m #sleeping? The #UDP packets should be fine, they will eventually find they’re way home. 😴💤

Packets https://tryhackme.com/room/packetsframes #tryhackme #networking #ports #packets #frames #handshake #tcpip #tcp #static labs #beginner #module #static sites #labs #UDP #packetsframes via @realtryhackme

Packets https://tryhackme.com/room/packetsframes #tryhackme #networking #ports #packets #frames #handshake #tcpip #tcp #static labs #beginner #module #static sites #labs #UDP #packetsframes via @RealTryHackMe

Episode 3 of Packet Tuesday is live. This week, it is all about the TCP Urgent flag. Trying to keep them a bit shorter in the future to not spent half an hour on one bit ;-) https://packettuesday.com

I hope everybody is enjoying these as much as I do. Thinking about moving on to some SSL stuff next, but also trying to keep them a bit shorter. Let me know if these work for you, or what I can improve. If I spent half an hour on a TCP flag… who knows how long the SSL Client Hello episode will get :)

And please let me know if I am making mistakes. I am not perfect and actually learn new things as I put these together. Well, I can always claim that I add intentional mistakes to increase “engagement.” :)

#packets #packettuesday #tcp #sec503

https://jmau111.github.io/2022/11/23/wireshark-beginners/ #security #ssl #network #wireshark #packets

@sans_isc @jullrich If it's too hard going a week without Johannes, watch this puny(code) little video he made. https://youtu.be/4TIAE-S4cDA

#Packets #PunyCode #UDP #DNS #Encoding

I finally got the first episode of "Packet Tuesday" published. Packet analysis in depth. Feedback, and packet donations, are welcome. https://packettuesday.com [of course: subscribe on YouTube] #packets #sec503 #wireshark #tcpdump

Packet Tuesday: Network Traffic Analysis for the Whole Family #packets #sec503 #network #ids #tcpdump https://i5c.us/d29252

Our world is connected.

We see evidence of that from seeing social media updates from people around the world or news broadcasts that cover events happening from anywhere. But have you considered the physical infrastructure of the internet? Of course there are datacenters, giant buildings with loud computers buzzing away. But those buildings need to be connected to each other, to your modem at home, to mobile cell towers that are sprinkled all over the place, and "to the internet". But what does that mean? Contrary to popular belief, satellites are NOT how most information travels the world. Indeed, we have physical cables all over... but instead of carrying electrical signals those cables carry light generated by lasers.

These cables not only exist alongside roads and hung on power lines. They're also running along the bottom of the world's oceans. The image below is an inventory of each of these underwater internet cables. What I find interesting is how many there are! It seems like a lot. But then when I think more about it I am also amazed at how few there are. If you pay attention you will see news articles describing occasional sabotage of these cables, here's one recently published by Wired: https://www.wired.com/story/submarine-internet-cables-egypt/. This is actually very important to the future and security of the global internet.

#internet #fiberoptic #infrastructure #submarinecable #lasers #packets

You can see a vector version of the map here: https://sudorandom.dev/assets/images/works/submarine-cable-map/geo-mercator.svg
or from my portfolio website: https://sudorandom.dev/portfolio/submarine-cable-map/

The data for generating this map is based on: https://www.submarinecablemap.com/

Cisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers - Multiple flaws in system software that causes errors in packet handling could allow an attacker to... https://threatpost.com/cisco-warns-of-active-exploitation-of-flaw-in-carrier-grade-routers/158887/ #criticalinfrastructure #carrier-graderouters #vulnerabilities #vulnerability #ciscosystems #websecurity #security #exploit #hackers #packets #zeroday #memory