#networking

that make life easier for you

Is this crucial stuff to know in the industry?

virtualization yes, VMware soley

yes

yes so don't lock in to just one

Xen, VMware, Microsoft, KVM QEMU

Those are all software right?

most notably Xen and VMware

yes

That can virtualize OS and systems?

XenServer and VMware ESXi

understand that virtualization is the future

Ok got it.

running 60 VMs across 3 hosts

e f f i c i e n t

as far as specifically knowing the big players, you can learn them all. Hyper V, VMware, AWS, etc

Much Virtualization

AWS is a PaaS

@rocky badge oops

proxmox is another one

I've heard of Amazon AWS, Amazon Web Services right?

Proxmox is a management for KVM QEMU

yes

nice to know

Is AWS any good, or do some people have issues with it?

blob uses it

if AWS wasn't good, why would a lot of companies use it

True.

https://aws.amazon.com/solutions/case-studies/

is Netflix still using it?

yes

front end and some backend is AWS

Much to learn heh

Same.

netflix video is a network of open connect appliances

I feel very overwhelmed rn.

lol

https://blob.linusdrop.tips/9c6bc12ee1.png

All I want is an A.S or A.D in something to do with computers, cyber security, or networking so I can get a job.

I can learn on the job I guess and get experience using these platforms that way.

@thick minnow I need to get experience on the job next, too.

I haven't used many of the other stuff yet

like the stuff blob uses

xd

you get the chance to use in jobs for sure

I've never had a real true full time job(Paid) yet. Except for that Summer Camp that I helped out for a local non-profit that know called Robotics and Beyond where I taught the basics of game development with Unity.

And I also helped the younger kids with their Lego Mindstorms NXT and EV3 stuff.

Alright that's enough of me yakking, I have to continue reading my Java EBook and continue preparing for my midterm exam.

Cya later guys and gals.

Okay, same issue now again.

Wi-Fi DNS resolving doesnt work

thrue ethernet works without a hickup

But wifi - no

Remember with any Wireless AP there is almost always a wired network behind it.

Check the configuration of your AP.

Fixed it (y)

@thick minnow You did Lego Mindstorms?

me tooooooooooooooooooooooooo

I did as well. Probably my first introduction to programming though I usually tell people that my experience with Java was my first programming because visual programming is not "real" progamming

the same organization that does the FIRST tournaments for lego mindstorms has a program called FTC (first tech challenge) for highschoolers and you can get a college scholarship to a lot of schools if ur team does well enough

Sounds cool, I think I did see it at one point but I never joined any actual robotics team.

Alright I have to go for the night cya guys.

Bye!

Is this good practice for opening a port on a server to the outside?

Internet folk to port 6981
     ---> PFSense WAN interface Allow port 6981 FROM US traffic only
      ---> NAT source traffic with new destination of server in DMZ
       ----> Hit server with ufw enabled for port 6981 only
         ---> users reach service

That sounds pretty decent

So it wouldnt be necessary to do something like checking if source ip is trying to make a connection 5 times in a row (basic dos)?

It depends on the service. If it's an end user service then there could be multiple devices behind the same ip that randomly decide to all connect at once. If that would never happen then consider how often you would expect requests from the same IP. Maybe some services you only expect once an hour at max so you set no more than two connections from an IP on any given hour. Maybe it's something where you expect to only have one connection from an IP at once even if there are a lot of packets once connected. Maybe it's something where it's password protected so you ban IPs that have too many failed attempts.

Hmm, I think it will be password protected. It is basically an ethical hacking game server

it supports login and they will need it

so I think I might do it via failed login attempts then

That's the best idea

Also, I know it is not going to be an updated appliance that we are publishing

chances of it getting compromised are low though?

if we safeguard the ports, and change root username

root password*

disable root login even

It is a ubuntu 18 LTS instance

Chances of any small target getting compromised is low but even a low chance could happen. Best thing to do, consider cost of putting in the security vs cost of being compromised times the chance it will happen. If it's easy to put in extra security, it might as well be done even if it is not strictly required

I think it would be easy since we do have some documentation to take us through the steps (with some tweaking)

but it will be inside a VM where it keeps other production esxi servers

but since it has different IP and all, it should be safe?

We do keep esxi updated at least

People always think that things should be safe until they suddenly aren't

I try to make it safe as much as I can. But my professor wants to just throw it up there without

doing the security part

I try to make the case to him that we should secure it better before implementing

So the service will run in a VM whose IP can contact no one else internally

only the internet connections

I guess it depends on how bad it is if it is compromised. I have little security on most of my servers but I also have nothing of importance on them and no connections to things that do. It sounds like your VM is essentially isolated where it could not do harm even if it wanted to so it's probably not a big issue.

Alright, so it looks like the plan I currently propose may just work for us fine

yeah we will snapshot the VM and restore if necessary

Now wait, if we start getting hammered with internet traffic and the router cant handle it, that just means we need to investment in some newer equipment?

newer as in faster?

I was reading online that ddos protection is only as good as the hardware in the router

Depends on where the bottleneck is. If it's in equipment you control then yes, otherwise you can't do much than hope you can cache or go serverless. Cloudflare makes some good points of DDos mitigation in their article https://blog.cloudflare.com/how-to-drop-10-million-packets/

thanks for that

He cant wait to get this up and running because he wants to have ethical hacking competitions with other schools

@fresh copper Have you worked with esxi before?

Unfortunately, I have not

Oh. I did have an additional question for that but

no worries its fine

Also, ethical hacking competitions are so fun. CTFs and stuff like that

Yeah this game server keeps score and starts the activities for students to play and work with. they can be on teams and all. They will have a great time i just know it. It is capture the flag-based. Basically i've helped my school take their lab up to the next level and bring these capabilities (finally) after 5 years of dealing with sub-par performance and lack of server-anything

The IT department does not show love to the cybersecurity program unfortunately. My professor is really the only one that can deal with the things that go wrong in the classroom

I can imagine that

I came along in the picture in like 2014, but they had these issues for the longest time

in fact, they started the cyber security program because of the lab improvements done

before the classroom had no computers on the desk

it was strictly lecture room

Now all of a sudden, the school is getting thousands of dollars from the many students enrolling to take the degree program

In the end, its good change and to the advantage for the students, which makes me happy.

@rocky badge I have a question for you about esxi

If a vswitch is created and the VM is using an adapter within that vswitch with an ip block of 172.16.x.x, is it possible for something like PFsense to forward traffic to 172.16.10.10 (the VM) by making a static route to the Esxi system that holds the VM (192.168.1.50)?

would Esxi be smart about it and forward it to the vswitch internal network?

@little schooner I'm not sure for esxi, but if the 192.168.1.50 is the hypervisor itself - it shouldn't. That would be mixing up control plane and userplane.

At the very base the answer is no

Esxi only operates at layer 2

I believe with the add-ons there's a potential it can but I'm drawing a blank on what the add-on is called and it costs way more

It's called NSX

Hey guys, I’m back. What’s up?

Ethical hacking sounds fun if it’s done properly and ethically.

The thing is, ethical hacking is like another art/skill form, there are quite a few ways to accomplish a task. Ultimately, there is no perfect way sometimes.

However other times, there is only a certain way to do things in order to achieve a result.

That’s the fun of it, experimenting is what will ultimately give you experience.

@hexed vault @waxen scroll thanks

Why am I finding all these random devices and things connected to my network that are unassigned and not connected?

I’ve been manually forgetting the devices from the home personal network. However in a few days it’s re-populated with more or this junk.

Should I enabled a MAC filter list and only allow whitelisted MAC address to access the network?

wowwwwww

big spender

shelled out for that xFi eh?

i saw that price and was like LOL NO

Not really no. The only reason we have this gateway is because it old one got fried from a lightning strike near the house.

do you have internet of things?

could be your washing machine, thermostats, etc

lol

No, none of those things.

I have an Amazon Echo Dot.

OOOOF xFi

That’s about it in iOT.

What is bad about xFi?

Just the price?

i forget so dont quote me, my local area charges about $30-40/m ontop of your bill for xfi

as far as performance i have no experience

I’ll have to check the next bill that comes in, and see if they actually charge more for this xFi gateway stuff.

In terms of reliability, it is pretty good for the most part. I’ve had no serious issues with it.

Imagine not having your ISP having full control over your router

And imagine not paying monthly for your router

My family is not paying monthly for this device. Like I stated earlier, they replaced our old gateway due to it being fried from a lightning strike near the house.

my bad, theres two tiers

still

I think my family will cut the coord as well soon, paying for commercials is just crazy.

yep. i cut the cord LOL

when comcast told me my internet only bill was $40/m i was like YEAH RIGHT

they werent lieing. no added taxes or fees

For what speed thought?

150

Not bad at all. More than enough for streaming.

Assuming you have a good coverage.

i do, and sometimes i can get 200mb for a bit

Nice, I think my family gets like 250+ download speeds. However depending on how many people are on the network etc, sometimes the speeds can go down to like around 100 or less.

my family (two different houses) also cut the cord and my friends are beginning to as well

RIP TV

some do have tv replacements like youtube tv or kodi

I really could care less for cable, the only things I watch maybe would be on demand movies or maybe some news now or then.

oof https://blob.linusdrop.tips/d41529896a.png

And even on demand has advertisements on it as well(No surprise there.)

god forbid they dont advertise in that movie you spent 9.99 to stream

I'm really going to see what the best affordable options are and see if I can even convince my parents to cut the landline phone as well.

Currently my family has bundle.(TV,Phone,Internet) and I think we're paying something like ~$200 a month.

i pay nearly that for just tv/internet

I know it sounds like my family is rich, but were not. I'm personally not that type of guy that is "flashy" or always has to have the "latest and greatest.

I really am going to talk to my parents about cutting a lot a stuff we don't need.

ive debating cutting the tv out, saves like 100$ a month

This is just a brief summary of my family's monthly bill.

Xfinity Package: $144.99
Equipment and Service fees: $29.94
Other Charges: $26.37
Taxes and Surcharges: $10.46

if you have reliable cell service, landlines are useless

just buy 6 Xfinity lines

and bond them

4head

lol

boot faster https://blob.linusdrop.tips/7ae91e0e3a.png

I don't care if you're rich, I'm being sarcastic

with charter you cant have more than 1 modem in an account

you can

I have two

Really?? Lol

i tried out here, and they wouldnt do it

$200x12 = $2,400 just for service.

lol

That is insane.

so i could have my own internet seperate from landlord.. lol

had to make a sub acct for it

the guy pays $360/mo for his Xfinity lines

I'll have to ask Comcast about two modems

and gets 3Gbps/3Gbps

So this guys is using phone lines for internet?

Isn't that you know...Dial-Up?

No

you can bond multiple cable lines into 1 main device that deals with the connection details

[i forget what its called]

https://blob.linusdrop.tips/ee8599ea57.png

Link Aggregation?

juniper ax2100

i would be happy with symetrical up/down

^

the same router given to Comcast 2Gigabit

For me personally whenever I start living on my own, all I'll ever need is cellular service and internet.

That will be it.

https://medium.com/@Gtwy/comcasts-2000mbit-fiber-to-the-home-f106d64d5f51

👀

https://cdn-images-1.medium.com/max/1600/1*v0XipGPJ5TZm7jnYdpKRGQ.jpeg

why yes ill take that

just not the comcast part

pls boot https://blob.linusdrop.tips/c6b70065a7.png

blob broke machine

@thick minnow https://blob.linusdrop.tips/c0894a0388.png

thats how i feel every time i start my router blob

damn. 300 a month

i feel like most customers of that would have their own gear..

My teacher said there are companies who will install fiber lines into your house for prices that are generally affordable.(Depending on what you need of course.)

EPB fiber in Chattanooga charges $299/mo for their 10 Gigabit

https://motherboard-images.vice.com/content-images/contentimage/38919/1477511082163505.JPG?resize=1050:*

for 10 Gigabit

i cant get fiber in my house, which is funny, cuz i live literaly a 5 min drive from the trans-pacific deep sea fiber cable

termination point

EPB also charges $69/mo for Gigabit/Gigabit

I think for most homes 1Gigabit is more than enough.

Do you agree?

no

Gigabit is too slow

i think its 6 fiber termination points, and over 80% of the island cant get fiber internet//

How is it slow?

Gigabit is around the speeds of a HDD

youd love 300/20 then

So it's just the size of potential throughput that makes Gigabit appealing to companies that need to move large amounts of data even if it means slower speeds?

most of the time gigabit is all they can get

So it's really fiber they want for everything?

ISPs tend to be huge dick bags about everything (cuz they can)

Most ISPs are all fiber til the consumer

https://blob.linusdrop.tips/50a13e04d5.png

yea, charter is all fiber on their end

nice, you got it to boot

Most likely these ISP's keep the fiber all to themselves, unless there is a company and or personal client willing to pay big $$$.

i hate when pfsense fails to boot

ive had it die bring up the wan interface

lol

What is pfsense?

@thick minnow you talking about big money for connection?

thank god it booted last night, no monitor to see if it failed

one second

Yes

pfsense is a router os

https://blob.linusdrop.tips/6716a5459d.png

Ah ok.

that can be installed on basically anything

why pay 27k for 1g, when 3g is only 9

nevermind, its only 300m

cant read

300m is basically what I get right now.

Cisco routers at each site

with site to site VPN

300MB/s Download and 11MB/s Upload.

4 of those 1 Gigabit lines go to a single site

(the biggest site)

Alright guys I have to go for now, cya later.

Best of luck to you Blob.

i would love getting the gigabit service, but dont want to pay a 300$ fee for some asshole to climba pole

lol

charter install fees should be criminal

200$ for 300mb install in a house with cable already in it

ours are usually $89

charter makes it higher for higher tier service

for no reason really

other than they are the only isp in the area

[the phone co doesnt do internet 20 miles from their home base]

Comcast is worse sometimes.

$120 for an xFi Pod pack of two? Excuse me?

It's just a range extender.

lmao

i cant wait to see how bad the combined comcast/att will be

ill just go to walmart and get 2 range extenders for 50$

sigh why can't people just get genuine service at affordable costs...

i know right

where i live you get charter for internet/tv (i think you can get sat tv too), and cinicinatte bell for phone/internet (if you live in a single city)

I am having some issues understanding the information that is presented in this view:

What does it mean by VLAN group and what does it mean by members?

But what does that mean? Arent they all local ports?

There are exactly 4 ports that you can plug a cable into them

I did not setup any "groups" of ports

that is why this is so confusing

so members doesnt mean vlan tags?

im worried that if I enable the option, 802.1q it will kick me off

you just have to yolo

maybe if you edit one of the lines it will be more clear

i cant understand why they made the GUI say vlan group and port # then a port list

could be private VLAN but its a weird interface

yeah tell me about it. what was pfsense group even thinking

@waxen scroll

it is crazy indeed

I will Yolo it probably on Monday since I need someone there to fix it in case i lose connection. this is remote access

you could set it to allow connections on the wan side for admin..

then play with vlans

the problem then is that those lan ports are currently being used for production as well

no one would fix it until monday

I finished reading chapter 5 of my networking course.

It covered IPv4,IPv6,Subnets,Subnet Masks, Binary to Decimal Conversion for IPv4,Decimal to Binary Conversion for IPv4,Subnetting, and more.

I remember studying for networking course. I really did read each word from the chapter but what helped a lot were the animations and diagrams they posted in the lecture material

It gets better once you start doing the hands on assignments with cli and stuff

the theory isnt as much fun but still necessary to grasp

Gonna be using my old H520S as a NAS. Reckon I should upgrade the i3 in it to a i5 and get some more ram? its only 2nd gen.

can someone explain how people get their own websites for photos? i know they use sharex, but i wanna set up my own one. and i also have a domain

ping me if u can help

Setup webserver

Create images folder

what I did:
Create S3 bucket
Create IAM user
Create CloudFront
Create CNAMEs
Create Identity profiles

setup sharex to drop photos in there

Done

LMao blob

Not everyone has dat google money

lel

Is downloading floatplane vids

https://blob.linusdrop.tips/66407e5a25.png

xd https://blob.linusdrop.tips/d52a9baeb9.png

like, can the web server be a vm]

Sure why not

Btw speed is everything or @rocky badge Will yell at you

idk if i should host it in my main machine or a vm

xd @hallow nimbus

does hosting use much resources

Nah

https://blob.linusdrop.tips/0a018a8996.png

dood i have a rly low end pc lmao

4gb ram

and a core 2 duo

that should be 404

👀

lol

Slow server blob

it's a 17MB file

Lmao

holy

That small

I have done 8K images to my server

😂

https://blob.linusdrop.tips/81ea1c9d54.png

how da fak am i supposed to protect my crap server from dddos

I can do max 5TB per object

(object = file)

nvm ill go back to flask lol

Lol

hypecrab? lol

isnt that the realtek logo?

Yup.

Hey everyone, how are you all doing ?

I hope you all are doing well.

I have my networking class today at 3:15PM ET.

and what are you teaching the class

teach the class VRF today

tagging @clear igloo for lols

one of the things i hated about my degree was that it only prepared me for small business

That's the Realtek logo.

i had to do a lot of work to get up to speed on networking for medium-large

CCNA still uses serial in all the Netacad labs.

i know lol

Like... Why do we have to do that more than once?

i heard a rumor they finally added BGP to the latest CCNA test

thats 20 years too late

I mean sure... Do it once in a lab because it isn't hard but setting it up is bad practice.

But every time? What kinds of networks do you want to prepare people for?

Not one use of optical fiber, which might be more relevant in the near future.

Even in CCNA security Netacad labs it's serial between ISRs.

well any idiot can do fiber

its like plugging copper in

the serial need more than just plugging it in

i agree with you anyway

i think CCNA already covers singlemode vs multimode

What are two good network cards? One for Nas one for client

@thick minnow if you want to blow minds, bring up VRF and VDC

if you smash both together it would create even bigger lols

>serial

You just plug both sides in and set the clock.

Fiber's barely covered.

Does anyone know when mainstream gigabit internet will come to the UK? right now max speed is 362Mbps from virgin media...

You cant complain

I am stuck with 200 down and 20 up

i can get 2gb

👀

but its a car payment and locked in for 2 years

I can get 400/40 max

Is it from comcast @waxen scroll 👀

yes, comcast fiber

install fee is $500

Activation fee $500

Total costs over 24 months is more than my car was worth when I bought it but damn, I'd take it if I could get it where I live. (Wrong country, Australia)

We get 3mbps and "We don't give a fuck about your speeds" from our ISP for $90/mo.

its a good deal considering they have to run fiber thats not close to your house, then install a 10GB juniper edge switch which means likely building out a telco room of sorts in your basement

That switch is apparently worth a fortune.

usually they are

i'd say $3-4k

Like "this isn't even really profitable" kinds of deals.

so comcast is actually losing money on this until after a year or so

lol

It's apparently 10 gig and ratelimited on the switch.

its tempting to get just so i can mark my house price up when i go to sell it cause nobody else is gonna have it

Damn I look at this stuff and compare it to what we have here...

Fastest consumer plans are 100/40mbps.

100+ is new out here. we didnt have it until ~2-3 years ago

Current government plans are no upgrades until 2040.

(FTTN, so 100/40 is by no means guaranteed.)

most of us get capped to 1TB data no matter the speed

unlimited = $50/m more

Go here and scroll. https://www.speedtest.net/global-index#fixed

im surprised USA is even #8

Australia's a little lower than that.

we have a ton of remote areas that might not be reflected in those results

It's averages.

We dropped to #60 in January, only way forward is down until we get rid of the government that killed off fiber deployments in the country and allegedly took bribes from our cable company and telco monopoly to do so.

Hey guys., currently studying my CCNP. Does anyone have any recommended resources aside from the Cisco texts that you like to use?

https://www.udemy.com/share/1000eMA0UZcF5WQXo=/

its on deep sale too

but honestly

nothing beat real production experience

xD

CCNP tests do sometimes ask questions that arent covered in the book

but they are covered in the test syllabus cisco provides, however vague it is

im not sure if im going to go for it. my CCNA expires in a few months and i cant directly get a CCNP

I stopped at ccna because ccnp was focused on more of their equipment instead of being generalized. But also because I didn't have the cash to pay exam fees when probably a company wouldn't even care about the cert too

If I need it they will pay it for me as a training expense

thats another thing. i havent worked at a single place that was willing to pay for certs, let alone send me to a conference

$300/test for ccnp is nuts

yeah it's crazy

I was happy with just ccna, it taught me the general stuff I needed to know

without being Cisco centric 24/7

we have two people who live in tampa

my company refused to send them to cisco live in orlando

wouldnt even buy a ticket

didnt need hotel or food

Someone tagged me?

What's up?

@waxen scroll https://www.reddit.com/r/sysadmin/comments/ax9tx9/help_me_figure_out_the_direction_to_pivot_my/?utm_medium=android_app&utm_source=share

hmmmmmmm

i mean

its a bizarre post but hes not entirely wrong

cloud is a massive fad right now

Edge is love
Edge is life

its not going away but people will realize sooner or later its more expensive and go back to onprem while keeping some cloud

edge wat

Edge all the things 😛

Take your compute and put it on the edge 😄

my company is at stage 1 "we just signed a deal, lets close all datacenters"

it'll come full circle

yup

i can tell you that ive heard that teams arent allowed to just keep servers running

when they're done doing dev for the day or testing, they have to shut them off

so they are already cheaping out

lol, wow

yep.

im always waiting for devops to die

devops and agile

oh my god the amount of money wasted

I hate those words

thats how bad IT decisions get made and it directly affects financials

the problem is since people have budgets, its not easily clear to upper management just how wasteful it is

as long as the budget isnt broken

heres one im dealing with now

Business unit decides to push their [important complex application] to a managed service provider

they argue on how the provider can ensure SLAs on the network and decide "the vendor needs to take 100% responsibility, we're hands off"

so the vendor orders two MPLS circuits to each datacenter of ours

well geniuses decide after the contracts were signed "wait, it costs how much?! ...and... you cant see into our own network anyway?"

so now they decide we need to order our own MPLS circuits on our side and share a VRF with the vendor who buys the circuits on their own side

wow

AGILE!

devops!

its so fast

just make the decisions

We have a couple customers who have us doing "agile" testing. Which consists of "new code is out? Stop all work on the existing code and move to the new stuff and start over"

Oh, we want this automated....
It will cost HOW much to automate years of test cases?!?!
Automate faster but we won't shell out more money!

😄

never. EVER. let developers be in charge of infrastructure.

they do code. they dont do infra

anyway

im wondering how long till agile and devops die

They are developing an agile model to sprint their way off the cliff I hope 😛

also wondering how long r/networking 's incorrect views on python and network engineers die too

xD

i swear i bet 90% of r/networking and r/sysadmin work at business with less than 200 people

wouldn't surprise me

i dont agree with rolling your own shit

if you make some small helpful script for just you... ok... great

you shouldnt run the network on it

you arent paid to write network automation software, you arent going to be there to support your python at some point

you might even cripple a company when you leave

yup

i actually lectured a recruiter for whole foods last month about this

dunno if i told you

Not that I recall

they tried to get me to join an internal team which is fully rolling their own network / cloud automation solution

im like..... dude

you're a grocer

you arent amazon

your goal is to sell food

They are Amazon 😛

why are you writing automation software from the ground up

yes yes i know

The big question is, why aren't they using Amazon's software

you get what im saying though

yah

exactly

But I'm sure they were agile about their devops 😛

then i did what i do to any amazon recruiter

i linked the article on how fucking toxic it is to work at amazon or a sub company

told him good luck

lol

Haha, nice

...he didnt reply

when google comes calling i link james damore

the political climate at many of these FAANG companies is super left and super toxic

....so anyway i dont blame the guy

but thats BRAVE going to reddit and saying it that way

at least say "not cloud"

dont RRREEE

@rocky badge dont drop an article and leave

comment

lol

I don't want to work with the cloud

but I want to stay in the industry

yeah? cloud isnt as popular as you think it is

xD

@waxen scroll It's just someone else's computer in the end

So move ALL your infra to it 😛

yep

lemme just add 20ms latency!

its just a number!

oh fuck? every 1ms you add [critical replication] delays by 1hr?

[network engineer] its all your fault!

no, i warned you twice

these are real conversations people

and blobby hosts AD in AWS

thats fucking brave

i'd never allow that

👺 🗡

There are tradeoffs for and against it. New York Times as a great example of where the cloud has really helped them and latency is not the most important to them.

@clear igloo any LOLs for latency?

Latency is fine, it's all fine 😛

https://open.nytimes.com/moving-the-new-york-times-games-platform-to-google-app-engine-e9337f2c9444

@green gazelle for web like a news site? i wont argue

Lots of people fall into a similar situation where 0 latency is the most important thing.

i got to see what it does to oracle first hand, it wasnt pretty

dude added 4ms between his webserver and oracle and it was a disaster

xD

that was the easiest packet capture case ive ever done

i have someone at my new company repeating the same mistake

That was a typo "0 latency isnt* the most important".

How can I access my home gateway from a command line?

I know you can do it through the default gateway address in your web-browser.

Would I have to Telnet into my home gateway? Because it does have a switch built into it.

it is likely you cant telnet in

Well, I'll try. Only on wired though.

Telnet is not secure at all over wireless.

My desktop is wired into the gateway anyways.

Nope.

Shucks.

I think it would be safer if you setup a VPN to your home network first

and then telnet from there

I might at some point but for now, I'm still learning in this network course.

only because that would open your network to the whole internet

and infections abound

I'm not looking for remote access via telnet. LMAO god no.

oh

sorry I misunderstood

Local CMD/Terminal based local access to the gateway is what I'm interested in.

Any good methods of doing this?

uhh you can enable telnet on your gateway first and then use a program like PuTTY to connect to it by ip address

it will prompt for username and password, and you type it in

Here's the thing though, I cant get into my gateway because I forgot the login credentials for the gateway itself.

So I probably need to reset it.

yeah

Or, remember the password.

kek

have to reset it or remember

or use backdoor password

if one exists lol

Hmm...

Well, I guess it's time for me to reset my gateway.

Big OOF.

what gateway

it probably has no cli

;p

The new switch I was planning to get with 4 10g sfp+ costs 279 but it has no cli support. If I were to get a managed one, it would jump up to 500ish

it's a shame they charge such extra for cli management

@thick minnow what is the model of your router?

It's an Xfinity xFi gateway.

I can get you the model of you want.

Here are the two possible models: TG3482G and CGM4140COM

It has 2 Gigabit Ethernet Ports.

Interesting...

Maximum Data Throughput: 1 Gbps

https://www.xfinity.com/support/articles/broadband-gateways-userguides

if that has telnet/ssh i would be shocked

I agree

Telnet would be bad, SSH not so much if it's using SSH V2 or higher.

At least, that's what I would guess.

Telnet is perfectly fine for a lab or home use. SSH only goes up to v2

Ah ok.

https://www.speedtest.net/result/8090123773.png

Not bad speeds.

Are you using a fiber provider as your ISP?

heres my alright internet

Charter Spectrum

hi @clear igloo

oracle got packet captured

Did the do the oopsie?

was it a network issue or a server issue?

what do you think

I'm saying server issue

YOU WIN

😄

we know the how and not the why

server randomly sends FIN ACK out of nowhere

RUDE

we dont know why yet

interesting

it cant be a firewall or IPS, they dont do that

fin ack out of nowhere just doesnt happen

#blameblob

no, im blaming Xeon

@waxen scroll me?

yep!

why :o

because the vendor didnt have packet capture going during the time it happened

so i have no idea where FIN ACK actually came from

how is that my problem

because you refuse to install any capture agents on your servers

omg

xD

sure. but I always see both source and destination traffic

when I do it

vendor doesn't know what they doing

vendor takes a "oracle said its a network issue" approach then blames me

thats just wrong

@rocky badge Why didn't you do the capture properly?

all server people are GUILTY of this

they all do it

"vendor said!"

or "must be a network issue"

😄

@waxen scroll Look I did learn from you about the importance of having like a Wireshark on both ends or something

I admit that sometimes it's really. needed

also I remembered that things can usually uninstall cleanly

and that businesses have images ready to deploy again

etc to make it fresh again

you havent lived until you've had an opnet capture agent

what's that

opnet?

they got bought by riverbed but at two past jobs they put tiny as fuck opnet agents on all computers, including servers... someone like me could go in at any time and tell the agent on the machine to start capturing packets and record them locally so i can download later. that way you never had to walk a user through a wireshark or be desk side. you can also start/stop in mass so you can get all of the machines you need captures from sort of synced up

wow that's actually something I'd like to play with

my professor would love that idea too

the software that supported all of this could import multiple captures and smash them, so you could tell which capture point the traffic dropped at

it was all visual, no reading packets, unless you wanted

I can see how that saves so much time troubleshooting

so I'm guess it's commercial product?

yep. i dont know the cost cause i never was the buyer, but i know its $$$$$$

https://www.riverbed.com/products/steelcentral/steelcentral-transaction-analyzer.html

this is the new name of it

hah... and knowing my school, they couldn't even afford to buy new PCs for the security lab

we are using hand me downs

i think opnet has extremely deep school discounts, if not free

hmm

I'll send it to my prof, maybe he can write a proposal for it

we can really make use of it

bad typo

wot @clear igloo

our classroom switch has a single gig uplink and 20 gig computers connected to the switch

oof

it slows down when they download

we have 10 Gigabit uplinks at school for the switches

Begone Gigabit bottleneck

I suggested to my. professor to buy Dell switch

with 4 10gbps uplink

ill paste some examples but they might be confusing since you have little to go on. so in these screenshots someone complained that their website was slow after moving the DB ~4-5ms away. so i took a capture on the webserver and one on the DB, then smashed them

here you can see where the transcation clearly starts

i delete the noise

takes seconds

then i run a sim on it

the part to the right that's uncolored, that's the delay?

you can tell what happens if he kept the DB locally vs moving it

yeah that last graphic is more clear

the color is the packet sizes, the uncolor means no data seen during that time

oh

but yes latency jumped high after moving it based on that picture

but the solution for that was to what again?

this was simply telling him "sorry its not a network problem. your app cant take additional latency to your DB very well"

the solution was to move it back

@rocky badge We had a FE uplink before this switch. it was slower than pentium

another summary of what it can quickly tell me

lol

wow so powerful and quick

it's an awesome tool

@waxen scroll

so going back to that color screen

those are actually thousands of arrows

if you zoom in, they're little arrows

says what direction the individual packets were flowing

so if you layer many capture points in that graph, you can see where a drop might occur

zoom all the way in

that's a neat function

cool cool

you dont need to look for a drop, it will crunch packets and flag in there where the drop or retransmit was seen

and you can keep zooming until you get where you need

selecting an arrow will select the packet and you can open a wireshark-like view to see it

Wireshark on steroids haha

yes I can see now why it would cost $$$

these people sponsor wireshark heavily, its actually a dependency for this app to run

oh good news

i found more screens

D for drop, R for retransmit

handy for a quick overview

neat

so basically this is a bulk AF app that consumes a ton of CPU and ram.... so the goal is when a user has an issue... port health -> netflow check -> metadata check for packets stored on taps -> download tap data and/or capture on user PC -> the app i showed

the app is for when you identified what you want to look at

you dont want to feed it too much

ive seen it eat 32gb ram no problem

with a capture file of like 2gb

one other neat thing is the delta time.... when the app smashes captures you get real delta time between machines

not the one sided delta wireshark gives

@clear igloo da?

its funny watching large companies try to hire people for this

its a unicorn

my current company gave up after a year

@rocky badge da?

wot

HI BB

talk more

Interesting conversation.

Wireshark is a good tool to use, if the user knows how to appropriately handle it and if the user has permission to audit the network with it.

Has anyone ever done a side by side comparison of a old PC turned router (pf sense or what ever) to say an Asus router using merlin? Going on a strictly home use basis. I'm trying to decide if it's worth doing.

is there a way to track the Online/offline (reconnecting) of my Fritz box Kable? After it reboots the Activity log is empty

and it happens 2-3 times per day

I found out that my dad or street or something has a special deal with the ISP or something.

Got the password fmto contact their customer service

20,3 € per month for 150/15

Much cheaper than it usually is

Now I supposedly will have 20 up soon instead with 0 exstra cost for the same reason that price is cheap

I think it's because the hole street or area have them as ISP

@static gulch Smokeping?

@thick minnow no, but the asus router would definitely use less power than an old PC would. In fact, I would not even use the old pc and just make a more energy-efficient current-gen mini PC and turn that into a router

Old pcs suffer from wasting more energy

I'd consider doing it with one of my old netbooks if I didn't have so many routers.

(Fairly slow, but so is my internet and having built-in good-enough wifi, a UPS and a 4G modem slot makes it an alright option.)

I did remote gaming on a netbook, it was soooooooooooooooooooooooooooooooooooooooooooooo slow. The delay would be a full 2 seconds for controls

You'd have nothing locally bar a shell.

1.5ghz is nothing for a computing device but will take a home router a long way.

It would yes

Low efficiency, but low power anyways.

what do you think the minimum specs is for 10gbps speed router?

dual core?

Clock, core, architecture and config specifics are important.

okay, lets say its on intel architecture

more than 1.5GHz

with 4GB ram

What year's the CPU?

from 4 years ago

I would personally avoid this setup, it sounds too weak.

this is a hypothetical not a real thing

I want to build a router that is better than edgerouter with 10Gbps support

Hm. I'd want quad/hex-core, >3ghz, fastpath and I'd want more if I'm inspecting traffic.

something like this? https://mitxpc.com/products/nml-sm4ctln4fa although it doesn't meet the 3GHz requirement

so expensive

I guess it depends on what features you wanted, and if that 10gbps link was symmetric+expected to route like that in real use.

Looks interesting.

$830.70 is not that bad for something like that. At least, the way I configured it.

Specced out, it’s like $4,300.00

Some gaming PCs cost 4.3K

lmao

LMao

One RTX 2080TI costs like $700.

kek

ITs

It is, I’m not upgrading my personal desktop for a while.

@pseudo blade well just for internal routing

I would like 10gbps

Why are my speeds so bad

How do I fix it?

Are you using wifi or cable

And man ur ip is in that ss

vodafone lul

Could I please get some help with my plan for adding a NAS to my room? Just need to know somet hings

(please ping if you're replying to me c:)

@hot condor whats up

Guys, I suck at networking, so i need some help.
I have this cable modem: https://www.avanzada7.com/en/productos/networking/routers/tc7200-20
Right now i am connected by WIFI on my desktop computer because i can't bring cables to my room.
How can i improve the WIFI signal/range?
I read on internet that WIFI extenders are bad, and they will even reduce the signal.
Will router connected to the modem help me?

@hallow nimbus IP addresses are not a big deal, They are the backbone of network communication

@dry raptor wifi extenders are bad if they are not strategicly placed around the home

the idea is you space them not too too far apart for the signal to be good at the last extender

@dry raptor You could try a solution like this.
2 Pack - Sling Media SlingLink Turbo W1 HomePlug Ethernet Adapter (ES157089) https://www.amazon.com/dp/B07HFG3RRJ/ref=cm_sw_r_cp_apa_i_MtjGCbJXJDG4Y

@dry raptor Ethernet over power "might" work better for you.

@little schooner It would also depend on which 10Gb NIC and what hardware offload features it has and if those can be leveraged. Intel has some more custom SoCs for that type of task, so does embedded EPYC for that matter.

https://cdn.discordapp.com/attachments/375436621450969089/553159578129268740/unknown.png

is this good

vpswala

https://freevps.us/thread-18186.html

would not buy/get one there

free, good, vps

choose one

also the 60$ plan sucks totally

ive seen better for much less

but as stated in the topic i linked, the paid plans only there for distraction

So, has ASUS fixed the 2.4 issue on their routers yet or? I keep seeing that as an issue on ones like this https://www.amazon.com/Dual-band-Dual-core-AiProtection-Compatible-RT-AC86U/dp/B0752FD3XJ/ where the 2.4 just randomly dies for good.. Might get a nighthawk instead.

https://www.amazon.com/Netgear-R7800-100NAS-Nighthawk-Ethernet-Compatible/dp/B0192911RA/ might get this instead this summer.

@lavish warren, I believe you were referring to PoE.(Power Over Ethernet)

It’s commonly used for VoIP Phones, AP’s and even some other minor devices/nodes,

2.4? ive had 5g issues on asus routers

sounds like just dont buy them

😄

@rocky badge muh UBNT

@waxen scroll I'll get the nighthawk then

$200 for a router?

Why?

Why not?

lots of people, 4k streaming, gaming, and more. My archer c9 isn't exactly working as ideally as I'd like it too for that.

fuck you lurick

you make people pay $5000 for a router

ya, I'm not paying 5k four a router XD I just need some better performance than what a c9 offers.

What router costs $5,000.00?

Something commercial I would assume?

yep. cisco stuff

Damn.

i have a few that i think are somewhere around $300k each

i didnt buy them so i dont know the final cost

so pretty

hey we have something that looks like that

but not that expensive

it is cisco too but I'm not allowed in the networking closet too much

its a service provider router

its about as tall as a human

we bought 4 of them because we had too many routers for various things

im told the costs made sense

yeah I believe it

a service provider needs that kind of power

also the CLI is completely different than other cisco products

because of course

oh that stinks

learning curve

@waxen scroll Of course, gotta keep you thinking on your feet 😛

its how luricks company gatekeeps young people out of the network industry

:X

lol

pay us for CCNA!

oh but its not enough

😮

CCAr 😛

the sad part is with all the experience i have, i still get companies who wont even reply to my application

Yah, HR filters are stupid =/

💯 🔥

It’s funny seeing how even basic job searches for IT jobs require 4-5 years of experience.

??? What do you expect a kid from college to have?

Lmao

Companies should at least be willing to provide internships or at the very least a training/testing period to see if you qualify for the job.

i'd argue that those might be worthless too

based on what ive heard and if you look at r/sysadmin and r/networking, interns do very little

mostly document

document is a good skill but how do you move on after internship if all you did was document

Hey, at least in your the field right?

idk

i lucked out, i was doing DCops and some company was hiring for contractor network admins and their standards to entry were low

the company was a massive well known company in their space

so the network was huge

kickstarted my career

Lucky for you indeed.

@clear igloo is luckier than all of us

This is kind of off topic, but does anyone know if there is a .msi installer for Office 365 home?

I want to deploy it over AD

You'll need to check with your Microsoft account rep.

@waxen scroll ?

Is it true that there must be a username specified SOMEWHERE if you are logging into a system via SSH using public key authentication?

You can't specify a private key and expect it to connect you automatically?

i dont think so

last time i set one up it let me right in

obviously in the system itself its setup per user

I have it setup in pfsense, the public ssh key is for user admin

but then when I open putty and connect, it asks for a username

this is on windows. And until I type in "admin" then it connects using the private ssh key

you have to make a session profile in putty and then attach the stuff to it i think

Yes, there is a setting to attach the auth key (ssh private key)

but i can attach username to it as well?

shouldnt have to

hmm, well its not working for me on windows

its been years TBH but thats all i can remember

thanks for your input though

I haven't used an ssh server that doesn't require you to pass a user, how else would it know what pub key to auth you against?

and you can set the user in putty so it won't ask for it

its under connection > Data > Auto-login username

@chrome hound thanks for that

Does anyone have a solution to false flag attacks in pfsense's snort?

So im gonna be moving soon, and i want good networking

Can you reccomend me good bulk cable and good keystones

That can do 10gig

Any non-CCA Cat6 or Cat6A cable and keystones will do for the most part. Monoprice is usually good

CCA AKA category binworthy.

It's not Cat5/6/etc. if it's CCA.

What's the CCA for

Chocolate Crazy Aunts

Goteem

I was up so late yesterday trying to get a CA working

Big oof

omg nothing I did would accept the Certificate

Microsoft forget to add that you need Domain Enterprise permissions to add Subordinate CA

I wasted like 4 hours

I have no idea what you’re talking about, but I’ll agree anyways.

which part of it?

All of it.

oh, CA means certificate authority. it's the thing that issues computer certificates. certificates identify computers and prove their identity cryptographicly

it's like a badge

computer get certs from a server computer that issues it to them

There is a reason why I’m going to college for this shit. It’s not exactly like I’m the fastest multilayer switch in the network here.

My brain runs in half duplex most times.

keeekk

hehe good one

my professor would love that

I'm trying to learn to explain things betters... in a teacher sense

I want to be as good as my network professor

but I have ways to go

I’m sure you’ll do fine.

Just keep working hard at whatever you’re doing, and it should eventually pay off.

If not, blame your professors. Lmao

hah

@little schooner CCA is for the trash 😛

I need to get past this math course for my degree

trig

Copper Clad Aluminum is garbage cable

@clear igloo what is better?

because I wanted to wire my home soon

I didn't want to but garbage

pure copper if at all possible

buy***

pure copper within the keystone?

Pure copper cable

Regular Cat6 keystones are fine

Oh okay. I was confused there

so the box would say it's non CCA?

Usually they will say CCA on the box so if it doesn't then you're good

Ahh okay

I usually check reviews too if possible and see if anyone mentions it

Sometimes they try to spell out the acronym to make it harder for you to notice

that's ridiculous lol

marketing trickery

yah

I did buy this one for camera installs but it does not say CCA

That's good, it's bare copper so you're good

nice =)

How about this: is there an extra step when installing Cat 6a cable?

the shield part?

I saw in videos there is like an extra piece of plastic to attach

There is a plastic bit in the middle but it doesn't attach to anything, you just cut it off to fit the wires into the keystone

You're talking about the plastic shield in the cable itself?

Yeah, if I wanted to make my own cable with it

not put it in keystone

Yah, when I did mine I just cut it to the edge of the cable so only the wires were exposed

and then at that point it's the same as cat5e making?

yup

align the wires put the plug?

that's all 😃

I might redo my uplink cable because it's only 5e

nice thanks for the info @clear igloo

that feel when your house has a telco rack

my messi boii

@clear igloo premium rosewill backup switch

@little schooner muh cat6

the edge switch is new-ish. i bought this after i bought a house, so i cheaped out

@waxen scroll I want to learn how to punchdown to the patch panel

I didn't do it before

there's videos online I guess

its easy as long as you buy the tool

https://www.amazon.com/gp/product/B000E5R3HE/ref=oh_aui_search_asin_title?ie=UTF8&psc=1

if you're gonna do a bunch, i cant recommend this one enough

as long as you use the tools it is very difficult to make a bad cable

wow you bought that one?

I would buy it because I like quality parts

I know fluke