Search This Blog

Sunday, December 31, 2006

Saturday, December 30, 2006

XSAN vs Fibrejet

Digistor: "Xsan vs Fibrejet

Commandsoft have released a quite detailed pdf showing the differences, as they see them, between XSAN and Fibrejet. It's worth a read as it goes into reasonable detail about SAN's in general.

It's a rather large file (4MB) and can be downloaded

Creative Cow - View Posts - Apple Xsan

Creative Cow - View Posts - Apple Xsan

Xsanity - Sanity for Apple's Xsan.

Xsanity - Sanity for Apple's Xsan.

Xsan: Information from

Xsan: Information from

ADIC StorNext File System: Information from

ADIC StorNext File System: Information from

Apple XSAN is licensed from ADIC StorNext.
Carrier Grade Linux - Wikipedia, the free encyclopedia

Monday, December 25, 2006

ECI Telecom

Carrier-grade optical (C/DWDM) and broadband access platforms.

Sunday, December 24, 2006

Outlook, Appointments and Time Zones
LinuxElectrons - linux with a hardware slant
SQL Server Reference Guide > SQL Server 2005 - Service Broker: "If you think about how you go through your day, you'll find that you don't always stand in a line (or a queue, for my non-American readers) for everything you do. You get into your car; stop at a gas (petrol) station, which has been open all morning. That station has serviced many cars, without knowing who would come in first or last. You then drive to a coffee shop to buy a latte, again open since morning and again servicing many customers in multiple orders. You may decide not to stop at the coffee shop, or choose another. You choose one road over another to get to work, park in different parking spaces each day, and so on. Each of the 'objects' you're interacting with in your world on a day-to-day basis provides you a service, and you often have multiple choices of providers of those services.

You can set up your infrastructure to work the same way. Rather than having a single server process a purchase order for your company, you could break up the 'services' in that process and have multiple servers process the request. Your client application can ask the system which server provides a needed service and route the request to a server based on location, load, speed or security. This arrangement is called a 'Service-Oriented Architecture' or SOA, and while it takes a lot of planning and forethought to set up, it's very powerful."

Saturday, December 23, 2006

Friday, December 15, 2006

Monday, December 11, 2006

Network Performance Daily: Vista's "Next Generation" TCP/IP Stack and the Enterprise

Network Performance Daily: Vista's "Next Generation" TCP/IP Stack and the Enterprise
Fundamentals of DS3
Scott Weeks Re: M23 vs M13 DS3 Muxing Thu 12/7

> M23 is definitely different than M13. The 1 and 3 refer to T1 and T3.
> In M23, it refers to T2 and T3! I don't know if anyone ever deployed
> T2 in North America but it still exists in some places.

"M13 multiplexing is done in two steps. First, four T1 lines are bit multiplexed together to form a DS2 line using M12 multiplexing. These seven DS2 lines are then bit multiplexed together to form the DS3/T3 using M23 multiplexing."

A great resource for DS-3 info is what used to be TTL's "Fundamentals of DS3". You can find it here:

I also have others. Some are TTC's and some are Acterna's:

"Eat sushi frequently". - Avi
[email protected] is the human contact address.
[email protected] is the list posting address.
See below URL for subscribe/unsubscribe and list options:
Eric J Merkel Re: M23 vs M13 DS3 Muxing Thu 12/7

Actually, the M23 framing works just fine. We found the problem to be in the channel mappings on our switch. Apparently, our switch programmer started at interface 1 when he should have started at 0. The Cisco T1 controller interface starts at 1 and the switch at 0 so the SS7 signaling was mapping channels to the wrong interface. Basically interface 1 went to 2, and 2 to 3 and so on and there the COT tests would not pass. DOH!!!

After talking to several telco people, apparently even though their framing says M13 it is actually converting four DS1's into a DS2, then mapping the 7 DS2's up to the DS3 level. I guess both ADTRAN and Alcatel group them this way with the M13 option so it isn't truly doing a straight DS1 to DS3 conversion. So the M23 & M13 framing are somewhat synonymous on this equipment though that is technically they should call it M23 not M13.

FWIW, we also tried C-bit and had the same problems which took us down the path of trying to figure out why the channels weren't syncing. Just the lovely part of SS7 where signalling takes place out of band.

Thanks for everyone's suggestions.


----- Original Message -----
From: "Adam Rothschild"
Sent: Thursday, December 07, 2006 2:34 PM
Subject: Re: M23 vs M13 DS3 Muxing

> On 2006-12-07-12:32:03, Jawaid Bazyar
> wrote:
>> M23 is definitely different than M13. The 1 and 3 refer to T1 and
>> T3. In M23, it refers to T2 and T3! I don't know if anyone ever
>> deployed T2 in North America but it still exists in some places.
> [...]
> M23 (as opposed to c-bit parity) is most definitely a valid means of
> delivering T1 tails off a carrier's CT3 facilities. Whether or not
> you want it depends on your particular carrier's configuration.
> For example, on a Level(3) (formerly LGN) circuit 'round here:
> [email protected]> show interfaces t1-5/3/0:0
> Physical interface: t1-5/3/0:0, Enabled, Physical link is Up
> [...]
> Link-level type: Cisco-HDLC, MTU: 1504, Clocking: Internal, Speed: T1,
> Loopback: None, FCS: 16, Mode: M23,
> Framing: ESF ^^^^^^^^^
> Definitely worth a try if c-bit isn't working.
> HTH,
> -a
> _______________________________________________
> "Eat sushi frequently". - Avi
> [email protected] is the human contact address.
> [email protected] is the list posting address.
> See below URL for subscribe/unsubscribe and list options:

"Eat sushi frequently". - Avi
[email protected] is the human contact address.
[email protected] is the list posting address.
See below URL for subscribe/unsubscribe and list options:

Friday, December 01, 2006

Monday, November 27, 2006

Processor Editorial Article - How’s & Why’s Of Data Center Tiers

Processor Editorial Article - How’s & Why’s Of Data Center Tiers
OpenSource : Tech Tips
Firefox Tweak Guide - TechSpot
SiLK: "SiLK, the System for Internet-Level Knowledge, is a collection of traffic analysis tools developed by the CERT Network Situational Awareness Team (CERT/NetSA) to facilitate security analysis of large networks. The SiLK tool suite supports the efficient collection, storage and analysis of network flow data, enabling network security analysts to rapidly query large historical traffic data sets. SiLK is ideally suited for analyzing traffic on the backbone or border of a large, distributed enterprise or mid-sized ISP.


Tuesday, November 21, 2006

Monday, November 13, 2006

Friday, November 10, 2006

CWDM and stuff.

Friday, November 03, 2006

SSLBridge, AJAX-Enabled Samba Browser

SSLBridge, a web-based client to browse Samba networks over the Internet, has been released under the GPL. The work has been sponsored by the company Epiware. With a smooth Ajax-enabled interface, SSLBridge makes it easy to access files from a web browser, over a Samba-driven network.

The tool's website has a nice demo, which showcases drag-n-drop, downloads, browsing and more. See the site for download.

Alternatives to M$ Exchange?

How about Postpath?

Related articles:
  • Can open source messaging servers replace Exchange?
  • Article about Postpath
  • Another article "Exchange, but without its problems (like Microsoft :-)? Try PostPath"
  • And another - PostPath intros plug-compatible Exchange Server
    Linux-based PostPath looks like Exchange
  • Messaging vendors tout Exchange alternatives, Gordano, PostPath design products that look just like the Microsoft software.

  • It is impressive that it claims to integrate with AD, speaks native Exchange protocol, works with Exchange-dependent apps such as BES, lower costs, better scalability, cool AJAX web client, and leverages all the cool Linux and Open Source benefits, but ...
  • How about future M$ VoIP and unified messaging integration? Also presence functionalities? Not to forget Cisco CallManager integration?
  • Thursday, November 02, 2006

    Geolocation services.

    Thursday, October 26, 2006

    Thursday, October 19, 2006

    Monday, October 16, 2006

    Sunday, October 15, 2006

    Thursday, October 12, 2006


    Wednesday, October 11, 2006

    Thursday, September 28, 2006

    Information Technology Infrastructure Library - Wikipedia, the free encyclopedia: "Information Technology Infrastructure Library"

    Sunday, September 24, 2006

    Tuesday, September 19, 2006

    Monday, September 18, 2006

    Saturday, September 09, 2006

    Monday, August 14, 2006

    Welcome to your Network Nightmare!!!

    Network simulation.
    Home | iDirect Technologies

    Satellite equipment optimized for IP.
    The Prefix WhoIs Project - Greetings

    Sunday, July 30, 2006

    ClickZ Stats

    Monday, July 17, 2006


    IP telephony recording solution - SmartWORKS IPX
    Qmail FAQ -
    CCNP Recertification » GoDaddy Virtual Private Servers

    Sunday, July 16, 2006


    Thursday, July 13, 2006

    Use DHCP Class to deny Internet access to unauthorized machines
    Use DHCP Class to deny Internet access to unauthorized machines

    Microsoft DHCP Team Blogs.

    Microsoft DHCP Team Blogs.
    Dhcp Explorer allows discover DHCP servers on local subnet or LAN

    Network Diagnostics Tools Feature Overview for Windows XP

    Network Diagnostics Tools Feature Overview for Windows XP

    Windows XP Service Pack 2 Support Tools

    Windows XP Service Pack 2 Support Tools

    Download details: Windows XP SP2 Support Tools for Advanced Users

    Download details: Windows XP SP2 Support Tools for Advanced Users

    Microsoft Windows XP Expert Zone Community

    Microsoft Windows XP Expert Zone Community
    A.J.Anto's WebLog : DHCP Documentation
    Web Proxy Autodiscovery Protocol - Wikipedia, the free encyclopedia

    Understanding PC2700 (DDR333) and PC3200 (DDR400) Memory > Understanding PC2700 (DDR333) and PC3200 (DDR400) Memory

    Understanding PC2700 (DDR333) and PC3200 (DDR400) Memory > Understanding PC2700 (DDR333) and PC3200 (DDR400) Memory
    Quick HOWTO : Ch14 : Linux Firewalls Using iptables - Linux Home Networking
    T-Swat Consulting Ltd.
    Quick HOWTO : Ch14 : Linux Firewalls Using iptables - Linux Home Networking

    Tuesday, June 27, 2006

    Wednesday, June 07, 2006

    Index of /mtg-0606/pdf: Anna Claiborne's DDoS presentation in anna-claiborne.pdf

    From Matthew Petach's NANOG posting ...

    Information collection on DDoS attacks,
    Anna Claiborne, Prolexic Technologies.
    [slides are at:

    DDoS mitigation service.
    personal experience mitigating over 150 DDoS attacks.

    Popular topic, but nobody talks about how you can defend yourself or take legal action; only thing you can do is collect information.

    0.1% of DDoS attacks end in an arrest, that's out of the reported number to the US Secret Service, and that's out of the ones that fall into their jurisdiction.

    These are real losses:
    A major US corp lost over $2mil in a 20 hour outage An offshore gambling comp. lost estimated $4m in 3 days Online payment processor lost $400,000 in 72 hours online retailer lost $20K/day over 3 weeks.

    These are directly reported losses; doesn't include lost PR, etc.

    Canadian retailer spend 50K on hardware mitigation, they got kicked out of 3 datacenters due to the DDoS attacks, spent 20K on IT and security consultants, and another $6K on a different mitigation that also failed.

    Basic Information Collection
    Get packet captures--either from machine being attacked, or a span port, or from upstream device, tcpdump -n -s0 -C (get full length of raw packet, limit pcap file to 5MB or smaller) take 3 or 4 over 15 minutes, to start, and then repeat every hour Determine the type of attack and duration (ex SYN flood lasting 6 hours) Obtain as complete a list as possible of source IP addresses Save bandwidth graphs, flow data, pps graphs, any and all visual material relating to the attack Save any contact with the attacker, email, chat conversation, phone calls, etc.
    Get loss figures from management--downtime, per hour losses, per day losses, section 18 of some law, have to substantiate losses over $5k before you can take legal action against someone.

    have a plan! DDoS is stressful
    Put all attack information in a central location God monitoring doesn't have to be expensive, a simple fiber card in a 1u box can be a mirror port for a large volume of traffic Don't have to have expensive hardware like arbor
    Limit to 100mb to prevent killing your capture box.
    Graphs and flow data can be retrieved from upstream

    Find the source
    Use list of source addresses, find a reputable hosting company, you may even see a friend's IP Approach the network with the infected machine, give them as much information as possible, it can take time finding someone willing to help Obtaining information is dependent on who you are dealing with, be as helpful as possible.
    Get information from the infected machine netstat, tcpdumps, who is logged in, web logs, access logs Get and save the source code responsible

    process can take hours to weeks--prolexic has huge contact list, and even for them can be really difficult And SAVE all your information to a central location!
    and back it up!

    Examine the source code
    scripts are best, you know exactly what's going on compiled code, run strings on it best case, you can get a name or identification for who wrote it, passwords, domain names, port usage worst case you can obtain information that doesn't make sense...yet (it may fit into a bigger context later)

    Locate controlling server
    Examine TCP connection table or source code to find the controlling server verify your information, scan or connect to the suspect machine contact abuse where the server is hosted, explain the situation have as much information possible to verify your conclusion and validate your identity Good luck, most abuse contacts are less than helpful Raises a good question: how to improve awareness and legitimate requests answered.
    (may be able to get FBI to provide warrants to seize machines that are being used to control attacks against you, but takes time and documentation)

    Hunting the attacker (not for the faint of heart!) Review all information gathered so far on the attack contact the attacker, establish a report save all information and/or conversations (important note, if conversations aren't on a public server, they can't be used) Piecing the information together to form a high level view of the exploit, attack, and attacker A long process, most attackers are highly motivated and skilled, you usuallly have to wait for them to slip up!

    local FBI field office department of cybercrime department of homeland security CERT Cymru--great guys, if they have to help you NHTCU--EU, cyber crime divisions in local offices Local US secret service--division of electronic crimes -- under development at the moment.
    how to identify/recognize different types of attacks
    may be able to put their attack database open to the
    public up there.

    A success story
    The tracking of x3m1st/eXe
    responsible for hundreds of extortion based DDoS attacks tracked for months eventually lead to his arrest.

    hid behind four levels of compromised servers.

    eXe and his group only talked on private IRC servers; made the mistake of connecting from his home domain, from a machine registered to his real name; that was his slip up, Ivan arrested in Russia.

    Tracking Pkeglhema/aaabaa
    targetted redhat linux boxes for his zombies they generally sat on higher bandwidth links.
    PHP/cross scripting vulnerability; insert the script without validity checking.
    Used cpanel holes, mySQL holes, he browsed zeroday, modified code in a few hours to use new holes,

    The result: synflood over 10G, knocked upstreams off, and got them null routed, bunch of outbound networks also null routed.

    some conversations recorded, he was paid by an employer, he'd done this before for other employers.

    He eventually got away.
    English as a second language, always from hacked university, attacking six other sites that also sold similar items as the client under protection.
    They'd had phone calls from competitors trying to push them out of business, and was during the busiest time of year for them.

    He was most professional attacker she's dealt with, he never slipped up, he'd been doing this for years.
    Logged in from China or Japan.

    She turned over info to FBI, let them pursue things further.

    Matters to address in community
    Better abuse contacts, specific to DDoS
    Centralized repository specifically for DDoS profiling Information gathering is extremely resource intensive, but worth it.
    Null routing IP space is not a good idea from either side DDDoS is everyone's problem.

    fix your open recursive DNS servers!!

    NHTCU--Mike Hughes, rolled into SOCA, serious organized crimes something--DDoS is way down on the list, they're more into big crimes. Watch for more developments in that space though.
    NHTCU was more approachable,

    Q: Bill Woodcock--could she talk more about public vs private IRC servers---what is the legal issue?
    A: private IRC server is any run that is not publically accessible, is only open to the group.
    Any machine that is hacked is a private IRC server, since it is not intended for public access.
    public--a machine run so that anyone can connect to it, and intended as such.
    You can assert the conversation, but it is hearsay; it can help in court, but it is itself not admissable as evidence.

    Q: Tony Kapella, 5nines--what does Prolexic suggest customers do to make sure their host hasn't been compromised to the point where netstat and other utilities are affected?
    A: Well, you have to trust the people you work with to be able to verify that the information they're seeing is accurate. But for boxes that neither side has access to, like colocation boxes, you could just be out of luck.

    Q: Gene Kim? what if the server is located outside the US?
    A: fine as long as it's publically accessible.
    Q: What about private messages?
    A: fine as long as it's a public IRC server

    Q: Louis Lee, equinix--suggest mirror switch port to address Tony's issue; capture unaffected traffic to a virgin machine when possible.

    Q: Rob seastrom, bluetrust--what is the incidence of encrypted communication, and multiple C&C hosts?
    A: This only works for easiest case scenario of non-spoofed attack with centralized C&C attack.
    Peer to peer, proxy servers, etc. you need to go to an expert.

    Q: Stuart Phillips, New Metra...he's cut off...raise it at the security BOF.

    Announcements--if you've not picked up your shirt, pick it up, JD Frazer, userfriendly did the image.

    A few short of goal of six for lightning talks; sign up, or we'll have Randy sing at you.

    PGP signing during this break too.

    Be back at 10 after.

    Monday, May 01, 2006


    Thursday, April 13, 2006 Welcome to the Asterisk-IM forum ...: "We're very excited to announce the first release of Asterisk-IM -- a server plugin the integrates the Asterisk phone system and Jive Messenger instant messaging. We've been using the module internally for almost a month and it's very powerful (and convenient) to have unified presence between the phone and IM. Several commercial instant messaging servers have announced a similar integration with commercial phone systems, but Asterisk-IM is the first fully Open Source stack to achieve the same feature set.
    Jive Software: Open-Source Projects

    Saturday, April 08, 2006

    Earthquakes, fire and lightning: Must be a NEBS test
    Earthquakes, fire and lightning: Must be a NEBS test
    Cisco search
    Jon’s Phone Tool
    Citrix Systems » Products » Citrix Application Gateway » Cisco Solutions
    Syn-Apps Home Page: "Syn-Apps developes custom IP telephony applications which empower users of both Cisco IP telephony solutions and legacy overhead paging systems with increased productivity."

    Saturday, April 01, 2006

    The trouble with trunking

    A bit dated, but the Cat 6k sure rocked!
    The trouble with trunking

    Friday, March 17, 2006

    Thursday, March 16, 2006

    My NetFlow Reporting System - Dynamic Networks
    EANTC: Home
    Lots of cool hard core test results. Especially for the Catalyst 6500 platform.

    Saturday, March 11, 2006

    ISO-Base™ Seismic Isolation Platform

    ISO-Base™ Seismic Isolation Platform

    Seismic Isolation Engineering, Inc.

    Seismic Isolation Engineering, Inc.

    Taylor Devices, Inc. Homepage

    Taylor Devices, Inc. Homepage: "Products: Shock absorbers, fluid dampers, shock isolators, liquid springs, hydropneumatic springs, crane buffers, crane bumpers, earthquake protection technology, seismic dampers, seismic isolation components, load suspension systems, vibration isolators, vibration actuators, acoustic mountings, gun recoil absorbers, shock and vibration technology, shock and vibration system design, and active control systems.
    Markets: Industrial, steel mills, buildings, bridges, aerospace, defense, automotive.
    Uses: In general, all of our products are used to absorb, control, or mitigate the motion of masses. This motion may be transient, such as caused by earthquakes or explosions, or steady state, such as caused by vibration or controlled power excitation.

    Quake: Essay

    Quake: Essay: "Late Night Musings of an Earthquake Seismologist"


    cqc: "CounterQuake Corporation"

    Monday, March 06, 2006

    Friday, March 03, 2006

    CSS Load Balancing Using One Interface Configuration Example [Cisco CSS 11000 Series Content Services Switches] - Cisco Systems
    IQ NetSolutions, Inc.- Delivering Intelligent Computer Telephony: "Presence Aggregation and Call Control for the Enterprise

    iQ's suite of Windows-based applications increase employee productivity and improve customer service utilizing Presence and third-party Call Control.

    Our desktop applications monitor communication devices and IM services to provide employees with real-time presence and daily schedules of everyone within the organization regardless of where they are physically located.

    Manufacturers of SIP platforms can begin offering their customers a suite of robust applications designed for the desktop. We offer System Interface Modules for TAPI, TSAPI, CSTA, SIP and proprietary APIs.

    Cisco CallManager Solutions

    * CallManager Attendant Console
    * Operator Console Features
    * LCS Gateway for CallManager
    * Presence and Call Control Applications
    * Executive Suite Operator Console
    * Solutions for Financial Institutions
    * Plug-in for Outlook and Messenger
    * Enterprise Directory w/Deskbar search"
    Arc Solutions - Business Telephony Products - voice applications specialists: "Arc voice applications
    The Arc Suite for Cisco Call Manager

    Designed for Cisco™ Call Manager® IP telephony solutions, the Arc Suite comprises Arc Enterprise Console, integrated Call Reporting, Speech Attendant and Total Info corporate directory for web browsers or Cisco XML phone screens. Any or all can be integrated to facilitate the sharing of directory information.
    Interactive Intelligence - Powering the World of Business Interaction: "Download the Report

    Whats new in CIC v2.4 (132Kb PDF)

    Meircom IP CC Side-by-side comparison report (397Kb PDF)"
    call center customer service practices - Interactive Intelligence - VoIP - IVR

    Computer Room Fire Suppression Systems -- Fire Protection Systems, Fire Prevention Equipment, Fire Suppression Systems, Fire Control, Fire Extinguishe

    Computer Room Fire Suppression Systems -- Fire Protection Systems, Fire Prevention Equipment, Fire Suppression Systems, Fire Control, Fire Extinguishers: "Aero-K® generators represent a dramatic advancement in fire protection systems over Alternative, Halon, Carbon dioxide, Dry chemical, and Water systems. It is environmentally friendly, both non-toxic and non-corrosive (even in the presence of high humidity). It is the most cost effective fire suppression system available. It requires no expensive installation of pressure vessels, pipe work, or extensive manpower to install. Once installed, this automatic computer room fire suppression system is on guard 24 hours a day to protect your computer data and equipment.

    Sunday, February 26, 2006

    Friday, February 24, 2006

    Monday, February 20, 2006

    Sunday, February 19, 2006

    Friday, February 17, 2006

    Wednesday, February 15, 2006

    Sunday, February 12, 2006

    Thursday, February 09, 2006

    Thursday, January 26, 2006