Disaster Recovery on the move!

An interesting topic arose in the office today regarding disaster recovery and making them more mobile. Sun Microsystems are currently deploying disaster recovery mobility in the form of using shipping containers but the mobility of a shipping container is questionable. A lot of time and preparation would be needed to maneuver the shipping container onto a HGV and then deploy the HGV to a site. Here are some ideas that arose from a random office conversation.

DR in a Car

There is one company operating in the New Jersey/New York City area where they will copy your backed up data on to new servers and deliver these servers to your site, obviously as the name suggests, by car. But why not take this one step further and have the ability to have a mobile data centre operate literally out of the car? Ideally the car would need to be of the size of a Land Rover Discovery – big enough to install at least a 22U rack in the back – but the idea would be to have all you storage and servers already backed up and ready to be deployed. Couple this idea with Google’s and Volvo’s current development in self-driving cars and you will have a fully automated, mobile disaster recovery solution deployable to anywhere in your country, whenever you need it.

“DRone”

Marketing at its best with this one. Disaster Recovery using drone technology! Obviously enterprise scale storage would not be possible using a drone but an idea that was banded about would be to utilize a mesh of drones and interconnect them all using LTE connectivity. A couple of drones could be placed around an office offering a SSID to connect to the “DRone” network then off the back of these couple of drones, a meshed network would find their way back to another data centre where a back of all a company’s data will reside. The scale and cost of this would be quite high, but again Google are making head way in the metropolitan wide 802.11 networks.

Value added technology

SSIDs can be broadcast, as mentioned previously, to onboard a customer and secure their data further whether it is deployed in a car or via a drone, and a Captive Portal could be used to authenticate a user and a Citrix desktop could be used to access data on the company’s DR data centre.

Both ideas have a certain ring and marketing slant on DR – maybe I should head on over to the IPO and get it registered 😉

 

-M^

Advertisements

UK Spy Bill

The UK government have introduced a new “Spy Bill” which will keep tabs on all your communication on the Internet for the next year. All ISPs (Internet Service Providers) will be forced to comply and this idea behind this is to track a user’s browsing habits. I suppose the thinking behind the Bill would be to proactively monitoring extremism and terrorist activities earlier, potentially cracking down on paedophile rings and capturing users who access pirated material. The downside to this if you are a “law abiding netizen” would be that your browsing habits are being tracked for no reason whatsoever. It is believed that the information stored would be the root domain of the website you have visited (for example https://mastahcomputing.wordpress.com) but none of the child domains (such as https://mastahcomputing.wordpress.com/about for example). This does not make the spying any less worrying.

There are ways to obviously circumvent the unnecessary snooping of your browsing habits and potentially disrupt the data collection and I am here to share these with you.

CIRCUMVENTION

To circumvent the UK government Spy Bill, you can use a VPN (Virtual Private Network) which basically establishes a data tunnel from your computer to a router anywhere in the world and you will be browsing using an IP (Internet Protocol) address of the provider in that country. The UK government then cannot track your web browsing information because you would essentially be browsing the Internet from another location in the world.

The downside to this would be you are putting all your trust in data security and encryption on the provider of the VPN therefore it would be recommended to look for a paid VPN service rather than a free one and would abstain from checking online banking via the VPN tunnel. We will provide some reviews on the paid and free VPN services in a later blog post.

DISRUPTION

If there is an anarchist in you and you want to “protest-browse” you can always visit random websites that you would not typically, or ever, visit in order for the ISPs to get false browsing habits and in essence begin to collect more data than they initially planned to do so. If you were to browse to nine random website for every one normal website you visit, the ISPs will have to store ten times the amount of data than they would have done previously; and if everyone does this… (evil grin)

I will be putting together a small app that you can download to your PC that will browse to random, low bandwidth websites and intervals that will rack up your browsing footprints at the ISP and I will release this in a later blog post also.

FINAL THOUGHTS

The Spy Bill will inevitably worry some people, and it will not worry others, but it IS mass surveillance of a nation and if you are an aforementioned law-abiding netizen (and even if you’re not!) you should be given the opportunity to protect yourself and keep your browsing history private.
-M^

GNS3 and ASA

Recently, I have encountered the need to acquaint myself with the Security world of Cisco and due to an insufficient amount of funds to buy myself a couple of ASAs, I am using simulated ASAs using GNS3. If you have never used GNS3 before, it is an absolutely must-need for any networking student or professional. You can download it here www.gns3.com/.

So, to begin with, you will need to obtain the initrd and kernel files for the ASA ISO (which can be found using your Google skills). When booted, you are more likely than not, going to encounter a nice little issue whereby if you assign an IP address to an interface and issue a “no shut” command, the IP address fails to register when you enter the “show int ip brief” command.

Now, this might be where I show my inexperience with ASAs, and it actually took me a very long time looking on forums for the answer, but the answer was indeed very simple. If you enter the interface configuration mode and enter “nameif xxxx” the interface will auto-magically come online!

I will add screenshots later to clarify this but I hope this helps you out!

 

-M^

Convert Epoch time to UTC in Excel

I have found myself today needing to convert the ugly Epoch time that Unix loves to use in to UTC to make date/time origination of calls within Call Detail Records more human readable and I stumbled across a nice little formula that will allow you to convert this in to UTC.

Below is the formula:

=(((J2-(6*3600))/86400)+25569)

If you substitute J2 with the number you want to convert and then change the format of the cell to a date/time format, you will get the UTC date/time.

Pretty handy!

 

 

-M^

CCNA – finally!

So, this week I retook my CCNA exam and passed with flying colours. I narrowly missed out on passing the old 640-802 curriculum on the final day I could take it by 1% due to a mis-configured ACL sim. Monday this week, I retook the shiny 200-120 CCNA exam and passed with 93.1% even with that pesky ACL sim in there to really throw me off. Needless to say, I was absolutely ecstatic to finally be on the Cisco Certified ladder.

I am now in the process of getting my CCNA Voice which is a requirement for my job and I have started to build a little Voice lab at home. The lab consists of a Cisco 2800 Router with IPVoice 12.3 IOS loaded and a Cisco 3500XL Switch with inline power. Running off the switch I have two Cisco 7921 IP phones and a bog standard ATA phone. The idea is to firstly fully configure CME and then do various practical configurations such as Hunt Pilots and Call Pickup Groups.

I shall detail my progress here 🙂

-M^

Macquarium photos

Well, here are some photos of the G3 iMac. Unfortunately, it boots up quite nicely, even with 32MB of RAM, 233MHz processor, 4GB hard drive and potentially AppleTalk instead of IP, it makes it harder to just rip all the components out and size up a potential bowl to fit in to the chassis – but let’s get on with it!

20131223-201914.jpg

20131223-201923.jpg

20131223-201930.jpg

-M^

Christmas project: Macquarium

For the longest time, I have been wanting to undertake a computer related project. You can see some of my ideas in previous posts. This weekend however, my need for a project took a much needed kick up the rear-end when I stumbled up on a second hand Apple iMac G3. What made this find even better was the fact it was collection only in Liverpool and this weekend I was up in Warrington visiting my girlfriend. Normally I wouldn’t do this but with me having a nice little Christmas bonus from work and being 10 miles away from the address of the seller, I thought “Why the hell not?” Well, I sit here now as a proud owner of a G3 iMac in amazingly good nick for a grand total of £4.99!

Photos to come later… If it boots I will be really impressed!

-M^

Zerofill in MySQL databases

I have had this problem for a long time and there are barely, if at all any, resources on the Internet that can aid in resolving this issue. I came across “Zerofilling” when creating my backend MySQL database for brute force attacks. To make it a lot easier to query the primary keys in my database, I felt it necessary to populate the field with nine digits off the bat. Rather than having to wait until there are 99,999,999 entries in my database before the primary key finally utilised all nine digits assigned to the primary key, the zerofill option will fill the a zero in every place the number currently in the primary key doesn’t physically take up. So, instead of having 1, 2, 3…. 56, 57…. 1098, 1099 as your primary keys, you will now have 000001, 000002, 000003…. 000056, 000057…. 001098, 001099. Which in my opinion looks a lot better and allows querying to be tailored to search for six digits, rather than 1 to 6 digits.

mysqlSyntaxError

The problems with zerofilling fields occurs when initially creating the table. I have encountered numerous posts on the Internet where users are constantly stuck with Syntax errors in their MySQL code with no clue as to why it is happening as you can see above.

I noticed something odd when looking back at the table I created for my dissertation and where the unsigned zerofill was located when I “described” the table.

describeTable

As you can see, the unsigned zerofill is associated with the data type that is assigned to that particular tuple. By rearranging the previous MySQL statement when I was getting the syntax error, I can now create the table without any errors by using the following statement:

create table Mastah (P_ID int(6) unsigned zerofill primary key auto_increment not null);

This conclusion or workaround, as far as I know, as not been detailed on any forums but you now have the solution to the problem =)

-M^

Hindsight is a bitch!

Well, as you may have read in my previous posts, I have finished my university degree. I came out with a 2:1 in Computer Networks and Security which is exactly what I was expecting. What I did not expect was the low grade I got in my final year dissertation project. Obviously, I only have myself to blame, but the choice in my final year topic, Brute Force Attacks on IVR Systems, was mainly picked because my university decided to merge the Computer Networks and the Computer Security degrees together. My argument was that if I was to have “BSc in Computer Networks and Security” on my resumé, I should at least have some experience in security, especially as we had only done one module prior to the final year and one security module during the final year. Just two modules out of 23 modules a very small percentage. Therefore, I decided to base my dissertation on something security orientated. Big mistake! After talking to a lot of my work colleagues, 95% of which went through university, I feel that my focus should have remained on the Networking side of my module, especially as my sandwich year placement was mainly server administration. Due to me doing a server admin role for my placement year and focusing all my efforts on a security dissertation, I am two years out of shape with Cisco networking and a little behind in obtaining my CCNA qualification.

If it was up to me now, I wish I had done something networking related for my dissertation – such as investigating how TCL scripts can aid in voice gateway processing, building a functional router using a Raspberry Pi, converting IPv4 addresses into IPv6, the list could go on really.

One positive thing that came out of my dissertation was my initial foray into Cisco IP Telephony by watching some of the CBT Nugget videos for CCNA Voice which led me onto deciding I should base my dissertation on VoIP. If it wasn’t for this, it is almost certain that I would not have got my current role as a Network Engineer for the company I am currently employed by.

My advice, for any student, is to focus on what you feel is right and not be pushed by your university. I made that mistake, and I feel like I have slightly let me progression down as a Network professional.

 

-M^

Tickling Cisco CME and Voice Gateways

A little while ago, a customer asked if it was possible for a company’s name to appear on the display of their telephones so that they knew who was calling before they answered the phone. For those that do not really know much about telephony, this might sound extremely easy to do – just save the number and then enter the contact’s name. If only it was that simple.

If you have a company with over 3,000 employees, the chances are that these employees will have direct dial numbers which will show up rather than the company’s phone number. Additionally, each phone will need to have every potential phone number for a company saved in its own directory. The permutations of this set up become astronomical when you think that a medium sized company will typically have 3,000 employees. If each of these employees of Company A have a DDI, and Company B also has roughly 3,000 employees, that means that 9,000,000 entries need to be entered on the phones!

One way in which this can be achieved is through the use of TCL scripts, also know as Tickle scripts. The Tickle script runs directly on the Cisco IOS of a router – in this case it will be the voice gateway. The script will run a look up on a .txt or .csv file which will list a company’s name and an associated phone number. Once a call is presented to the voice gateway, the Tickle script will take a hold of the ANI, run a look up on the .txt/.csv file and then send the company’s name directly to the phone.

Obviously, there are downsides to having this script running – especially in a very busy environment. The performance of the router will be considerably affected. This is one thing I mentioned to the customer. Another downside is that the scripts can be extremely flaky, even more so in a very busy environment when there could be hundreds of calls going through the voice gateway every hour.

In the end the customer decided against the script being implemented but my interest in TCL scripts has been piqued, especially as the modifications of what can be displayed on the phones could potentially be limitless – it is also interesting to find out a more efficient way of doing the above without compromising on the routing performance.

Watch this space for developments!

-M^