Uncategorized

DDoS attacks :: Article

Came across this article on security-protocols.com in which the author discusses DDoS (Distributed Denial of Service). I was particularly interested since we have been experiencing such attacks on our network recently. Unlike DoS (Denial of Service) attacks where the source of attack can be easily identified and blocked, it is very difficult to identify the source of DDoS attacks. The only way we can stop the attack is by blocking all traffic to the destination of the attack. And this is exactly what the attacking party wants. I don’t see a solution to this in the near future. A good point that the author mentions is that all routers should have ingress and egress filtering configured properly. This in effect allows only authorized networks to originate and terminate at a router, thereby minimizing the ability of an attacker to use a spoofed IP address.

Swimming Lessons – Day III

It has been a busy week. I didn’t get a chance to practise swimming at all. I was hoping that it would rain, so that the lessons get cancelled :). It was a bright sunny day as usual 🙂 and I had to go to the lessons. Didn’t learn anything new, but managed to drink up half the pool. There was a scary moment, when I thought that I was going to drown. Seth, the instructor says, “Vinay, whenever you feel that you are going to drown, just breath deeply and point your chin towards the sky. You will float”. Good advice, but frankly, when one is drowning there is no time to think clearly. You thrash around like a wild thing. Breath deeply and keep your chin up is the last thing you think about :). As if though my prayers were answered, it started thundering after the first 15 minutes of the class. We were all asked to come out of the pool to avoid being hit by lightening (more like avoiding potential law suites 🙂 ). Apparently we are not supposed to go into the pool for 15 minutes after we hear thunders. And the class only lasts for 45 minutes. So the instructor asked us to go home. Man, was I happy or what :). This reminded me of days in school, when the school would be closed for bad weather.

Note to self: Must buy kickboard and practise.

A bit of satellite technology

As mentioned here, I work in the satellite industry. I am pretty new to it and everyday is a learning experience. Today, I sat down with our in house satellite guru and found out how one calculates the bandwidth occupied by a carrier from the from the data rate on a satellite link. The formula is

BWAL = (Sr*1.4)

Where
BWAL = Bandwidth allocated for the satellite link in Khz.
Sr = Symbolrate of the link in Ksym/s (Kilo Symbols per second).

Sr in turn is calculated using the following formula

Sr = Dr*(1/MI)*(1/FEC)*(1/RS)

Where
Dr = Datarate in Kbps.
MI = Modulation Index (The values of MI for the different modulations are BPSK=1 | QPSK = 2 | 8PSK = 3 | 16PSK=4 | 16QAM = 4).
FEC = Forward Error Correction.
RS = Reed Solomon value. This can vary depending on what values are being used. Reed Solomon is an external codec as compared to Turbo which is a stand alone codec. If RS is not being used in the link, then a value of 1 is used.

Pretty confusing eh :). As if though this is not enough, there is another value called Information rate (Ir). And the formula for that is

Ir = Dr(1/RS)

Think that is enough satellite technology for one day :).

Link Speed – Maximum speed per session

I work at a teleport and most of our business is related to providing Internet service to ISPs in South Asia. One of the most frequent complaints that our help desk gets is “My link is slow, you guys are not providing us the complete speed”. Usually it is a case of the customer not understanding the finesse of TCP/IP. I came across this article by Adam Grow III. He uses the following formula to calculate the maximum possible speed per session on a link.

Throughput = 8*(TCPS/PropDelay)

Where
Throughput is measured in Kilobits per seconds (Kbps)
TCPS = Size of the TCP/IP stack in byte (Windows default is 8192)
PropDelay = propogation delay in seconds

Using the above formula, for a geostationary satellite (where the propogation delay is ~540ms), the throughput is ~120Kbps. So even if the client has a 1Mb link and he just has one session, he can only use a fraction of the link. Only multiple sessions can saturate the link.

Not saying No, means Yes!!

I subscribed to the Honolulu Advertiser back in August for 9 weeks. At the end of the 9 weeks I kept getting notifications to renew the subscription, but since I didn’t want the paper any more, I kept ignoring the notices. And as any normal person would think, if you have not asked someone to renew your subscription or paid for it, they should just stop delivering the paper right.. WRONG!! They delivered the paper for a couple more weeks and then call me today saying “Sir, you are overdue on your payment”. I was really mad, but then the poor lady who called is not responsible for that, so I was cool and paid the bill. So people beware…You should say “NO” :), or be ready to fork out the cash.

IE Bug – Pretty Scary

During my daily visit to Richard Bejtlich’ blog, I came information about this flaw in IE which can be exploited to make people believe that they are viewing/visting one site (URL) when in fact they are located on another website. To quote from the “Zap The Dingbat” (who actually discovered the bug)


Vulnerability
There is a flaw in the way that Internet Explorer displays URLs in the address bar.
By opening a specially crafted URL an attacker can open a page that appears to be from a different domain from the current location.Exploit
By opening a window using the http://user@domain nomenclature an attacker can hide the real location of the page by including a non printing character (%01) before the “@”.
Internet Explorer doesn’t display the rest of the URL making the page appear to be at a different domain.


For example, if you click on this button, you will see the URL http://www.microsoft.com in the address bar if you are using IE. But the full address of the URL is http://www.microsoft.com%[email protected]/security/ex01/vun2.htm.

Pretty scary eh.. Just imagine how much this can be abused. People can be tricked into entering their credit card information, usernames/passwords etc.. by mimicking valid sites. And as if though this is not bad enough, Micro$oft hasn’t even released a patch for this yet. So for now, either you type in all addresses manually in the address bar or use trusted saved bookmarks. I would recommend scrapping IE and to start using Mozilla Firebird as your default browser. It is fast, small, adheres to standards and is FREE [as in beer].

Swimming – Lessons

Day 1 – [1/10/2004]
Instructor – Tiger
. Check out our capabilities by asking us swim for a short distance (half lap). I managed to churn up the whole pool with my thrashing :).
. Grab kickboard with hands and learn to kick legs properly.
. Grab floating handlebars with hands and learn to kick legs properly and use one hand at a time to thrust forward.

Thank God, we were not asked to put our head under water 🙂

Day 2 – [1/17/2004]
Instructor – Seth
. Grab kickboard and swim (kick) all the way till the end of the pool !!! (freaked me out)
. Grab kickboard and swim (kick and push with one hand alternatively) all the way till the end of the pool.
. Throw away kickboard, put your head under the water and swim half a lap. (Drank half the pool during this exercise. I tell you, chlorinated water makes you pretty nauseous)
. Swim (kick, push with hands, head under water – AKA real swimming) the whole length of the pool.
. Backstroke – This was real hard for me. I could not relax enough to believe that you could float in the water on your back.
. Scissor Kick – Grab kickboard, put it under your head and grab it with your arm as if though you are holding a violin. Lay on your side in water and kick your legs as in a scissor action. Again, was pretty difficult for me to lay on my side. Kept slipping onto stomach or back.

It was a pretty intense second class. I thought that the instructor was pushing us too far, too soon. Have to work on my kick. I am bending my knees, keeping my fingers apart and thrashing wildly. The key is to move your whole leg. Will keep practising in the pool at home.

6 miles = 9.656064 kilometers

30 days to go for the Great Aloha Run and I am 2.15 miles short of the goal. I am planning on increasing 0.25 miles every day, that will take me to 8.15 miles in ~9 days. I should confess that I take a couple of breaks (walking instead of running) in the middle. I guess, if I roughly calculated my running distance, it would come up to ~5.8 miles. I believe running is all about self control. I realized that if I could persuade my mind, I can actually run longer. But the mind is such a devil :). It constantly keeps nagging “You are out of breath, your legs cannot carry you further, you’r pushing the limit, you are going to collapse”. If you can tell it to shut the hell up, you are golden :).

Zaurus – More Pictures

More from the previous post. I collected some more pictures from the Zaurus migration. Didn’t want to post all of them to conserve bandwidth. For the interested, here are the links

http://www.kudithipudi.org/pics/1_14_2004/applications.png
http://www.kudithipudi.org/pics/1_14_2004/internet.png
http://www.kudithipudi.org/pics/1_14_2004/multimedia.png
http://www.kudithipudi.org/pics/1_14_2004/pim.png
http://www.kudithipudi.org/pics/1_14_2004/settings.png