DDoS Attakk! – TCP Syn Flood

Today i’ve tried to perform an attack simulation to my local wamp server on which it dies within a few secs from this attack alone. The attack is known as SYN attack, which exploits the nature of TCP (its reliability) to send an SYN-ACK (Acknowledgement) to the TCP requestor. The requestor (client) in this case, has to reply to the server by sending an acknowledgement (ACK) to establish a connection succesfully. What happen is that the server will wait for the ACK from the client for quite sometime, on which causes the network to be congested..

these so called “half-open connections” also bind CPU resources and in this case flooding the server with SYN messages will utilize all the available reserved connections and thus, no new connections (legitimate or not) can be made, resulting in denial of service.. luckily my system didn’t crash as i only tried for a few secs.. the left window is what was shown from the wamp server access log.. (see the spike on the upper right hand corner & CPU usage)

There’s no complete solution to this DDoS yet, but some found ways to mitigate the issue; increasing bandwidth, CPU resources, equipping IDS, IPS, network filtering, etc..

Read Full Post »

Spiceworks & Umit.. Hmm..

Spiceworks. is a web interface kind of a network management system which allows me to monitor everything on my network.. this free thing can check active directory including a range of IP addresses that determines devices’ status (on/off), it’ll detect its server role and put in nicely in a summary called “inventory summary”.. some of the ports that’s being used to detect and scan machines are: 135 (WMI, used to detect windows comps), 22 (SSH, detect unix like comps and some network devices), 16992 (Intel AMT SOAP/HTTP), 9100 (Jet direct – for printers), 5060 (SIP ip phones), 80 (HTTP, detect servers, vmware, NAS, switches, hubs, etc (provided the port is enabled)). 161 (SNMP – detect network devices as well), 5800 (VNC HTTP).

another free network scanner tool that’s popularised by contemporary movies are Nmap, it’s being featured in many movies such as bourne trilogy (idk i think it’s the 2nd movie), Matrix (1st), die hard 4.. etc… and on top of that, there’s this Umit which is basically a front end tool that add some functionalities such as its GUI, comparison tool, network mapping/topology, and some sort of a filtering tools (sort by services, hostnames, ipv4 etc..) not bad eh?

Read Full Post »

EICAR Virus -Test

testing my AVG free antivirus.. it’s working as intended.. the anti virus popped up instantly once i saved the eicar.com into my desktop.. not bad eh?

Read Full Post »

求知若飢，虛心若愚

The Whole Earth Catalog, It was created by a fellow named Stewart Brand in Menlo Park, and he brought it to life with his poetic touch. This was in the late 1960’s, before personal computers and desktop publishing, so it was all made with typewriters, scissors, and polaroid cameras. It was idealistic, and overflowing with neat tools and great notions. Stewart and his team put out several issues of The Whole Earth Catalog, and then when it had run its course, they put out a final issue. It was the mid-1970s. On the back cover of their final issue was a photograph of an early morning country road, the kind you might find yourself hitchhiking on if you were so adventurous. Beneath it were the words: “Stay Hungry. Stay Foolish.” It was their farewell message as they signed off.

Read Full Post »

EnterpriseDB & PostgreSQL Combo

Today i’ve installed another webserver listening at 8080 to test out the enterpriseDB & postgreSQL DB functionalities. installed a few apps, mediawiki & newly released phpbb3 (patience is a virtue edition). this is my first time usin postgreSQL as a DB, and what i can say compared to MySQL is … ermm.. not too much different i think.. it’s both RDBMS, both are opensource, and i think the center of the debate between these two open source databases revolves around three key issues: speed, data integrity, and popularity.

Speed

Many attest that MySQL is a much faster database than PostgreSQL, and hundreds of benchmarking websites and blogs further this notion. But as loads increase, PostgreSQL seems to win the race. PostgreSQL has made vast improvements in recent releases. MySQL still faster than PostgreSQL?

Data Integrity

Comparing the two on data integrity, we get PostgreSQL getting the overall nod. PostgreSQL has always maintained a strict adherence to the academic principles of “data integrity,” placing it above all else in importance. MySQL on the other hand, started off with a more open attitude on the matter, instead focusing on easy acceptance, increased flexibility, and a high level of forgiveness for the average user.

Popularity

MySQL is still the world’s most popular open source database, with over 50,000 downloads per day. Its accessible attitude fostered high popularity and rapid growth of the MySQL community, something its poor, nerdy brother was never able to compete with.

No doubt MySQL is the epitome of open source database servers and sets an ambitious schedule for designing its high price-performance databases up to enterprise standards. It scores high in runtime performance, availability of third party applications and tools that can attract most frontline developers. MySQL is ahead of PostgreSQL in most respects except certain features like transaction support. However, the advent of version PostgreSQL 8.x shows that it’s going though a process of continuous improvement. In terms of support for external packages it’s now competing with both the commercial offerings and the other open source products. MySQL is working on adding transaction support and including features like sub selects, Postgres is making progress in the performance and stability

here’s a comprehensive comparison between both.

http://www.wikivs.com/wiki/MySQL_vs_PostgreSQL

Read Full Post »

OWA – Client Access Authentication Bug?

 

At first i intend to open up my forwarding port for both port 443 (SSL) & 80 (HTTP), however, after i tried accessing the direct IP to my exchange OWA, it popped up an authentication error which prohibits me to access to its default OWA site, it doesn’t even show the form based logon (error 403 – Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied), so i go to the client access to see further on the config. it appears that the setting was fine, and i tried many options and it showed up the login page, however after i put in username and password, the apps prompted an error:

Outlook Web App didn’t initialize. If the problem continues, please contact your helpdesk. Copy error details to clipboard Show details Request Url: https://192.168.100.201:443/owa/auth/error.aspx User host address: 192.168.100.201 OWA version: 14.0.639.2.

after i examine further the error message in eventvwr, i do realise that something wrong in the IIS web.config file. it showed up that the web.config (C:\Program Files\Microsoft\Exchange Server\V14\ClientAccess\owa\web.config) on line 29 indicates that the auth logon mode is still on “Forms” instead of “Windows” so the resolution was quite simple, just replace the entire:

authentication mode=”Windows”
and change it to
authentication mode=”Forms”

Now i can use any PC browser to point directly to my PC’s IP address and i’ll be able to check my mail online. in this case it’s: https://58.182.229.54/owa/

Read Full Post »

OWA, Powershell & EMC

 

This weekend’s focus is on Ms Exchange training vids.. administering exchange 2010 so far has been a pleasant one.. there’s so much for everyone basically, for GUI lovers; EMC, for CLI lovers; PowerShell. if i’m full time doing exchange prolly i’ll start being manual, clicking here and there, searching for clues and whatnots. 久而久之, i’ll get used to it and start to create a script in powershell to automate some redundant and repetitive tasks such as creating a list of new users, defining their roles, changing parameters in each fields, querying datas and reports, etc..

hmm…

Read Full Post »

無法偵測到新裝的內存?

昨天一回到家我就直接把新的內風扇給裝了. 主要目的是要把裡面的熱空氣抽出往外流, 然後用了PRIME95 軟件測試溫度結果不到五分鐘, 處理器溫度升到將近攝氏100度, 太恐怖了.. 裝跟沒裝沒什麼兩樣.. 我上網搜索發現大家都怎裝的, 我自己感覺有點不對襟, 便試一下把風扇給倒裝了 (氣流從外往內). ㄟ.. 用同樣的軟件來試, 十分鐘過了, 溫度於攝氏75度左右不再上升啦..我好開心.. 就把螺絲關緊..

另外,我也附加了4G 內存. 原本是4G, 所以總共 8G. 注意事項如下:

1. 一定要裝 64Bit 系統, 確保內存正確安裝＿.
2. 裝完了過後進BIOS, 確認 memory remap 功能設為 enable.
3. run>msconfig>boot tab>advanced options: 確認 max memory 勾選框沒有打勾.

這樣就應該能把新附加的內存檢測出來.

Read Full Post »

Ascension

今天剛好放假所以特地跟我大學同學約中午午餐時間相聚，接下來就陪我朋友去森林廣場買東西。好久沒去哪裡咯，待會兒就看一下RAM多少價錢了。我想把主機剩下的兩個空格放滿不剩。最近我跑2xWin2K8也有點兒慢些。偶也想到要買內風扇不知能否找到合理價格，因為我記得這種配備通常較少人去強，導致少部分商家隨意開價。

這幾天工作方面沒啥忙，大事已過，今年重要測試任務已完全搞一個段落，所以用上了班時間溫故而知新。真有興趣。哦對！我兩禮拜過後會加入個工作新環境呢，又從零開始，我當然有點怕怕，有點擔心不適我欲。唉！現在難講，等我做滿一個月回頭判斷吧! : )

Sent from my BlackBerry Wireless Handheld

Powered by Exsolusi InfoTech®

Read Full Post »

Kernel Panic @ Mac OS X & Exsolusi on iPad

Read Full Post »