Adaptive DDOS IDS firewall

We had a task to build a simple solution for DDOS protection on the learning phase of attack. Main goals were:

  1. To build it fast: We chose Ubuntu … as everything needed is compiled and build in.
  2. Minimum network intervention: We opted for L2/L3 bridge with iptables integration which we plugged between our autonomous system (AS) and internet.
  3. Auto learning offenders: Using honeypot service to distinguish non-legitimate connections. Log source IP address and drop packet with iptables. Using suricata ids to additionally analyze client requests.
  4. Auto block offenders: Using fail2ban to pars logs generated by iptables and suricata and temporary disable all connections from offending sources.
  5. Have some connection limit capabilities: Again we used iptables with connlimit and conntrack modules activated.

Continue reading “Adaptive DDOS IDS firewall”

OpenWrt mass configure simple script

 

How to remove duplicated VMs in VMM console

  1.  Move machine to another hyper-v host via Failover Cluster Manager Console
  2.  Get ID of duplicated VM
  3. Double check working and duplicated machine
  4. Delete duplicated VM configuration

    Note the -Force option! You are risking to delete your data If you do NOT put -Force.

Exchange mailbox statistics in MB

 

exchange_stats

Hyper-V Replicate all VMs

 

Installing Apache Ambri on Ubuntu 14.04

If you have error like this:

 

You have to edit :

 

And change version number:

 

ambri_errd

 

 

EMC Recover Point – how to recreate repository volume

We have to recreate repository volume of our RP but I could not find any guidance from EMC site. So I’m documenting my steps here for further usage:

Procedure overview:
On EMC storage:

  1. Create about 6-8 GB LUN.
  2. Present that LUN to storage group of RP nodes.

On RP appliances:
On last cluster member:

  1. Detach RPA from cluster
  2. Format repository volume
  3. Reboot
  4. Attach RPA to cluster

On each subsequent appliance:

  1. Detach RPA from cluster
  2. Select repository volume
  3. Reboot
  4. Attach RPA to cluster

This is a transcript of console sessions:
Continue reading “EMC Recover Point – how to recreate repository volume”

Car diagnostic with ATmega328P Nano

I was in trouble reading my car’s live data. So I’ve wrote a little utility to read raw car sensors data i.e. i hook up before ECU and send it via serial port to PC using ATmega328P Nano and finally store it to file.

Where to get one:
http://www.banggood.com/ATmega328P-Nano-V3-Controller-Board-Compatible-Arduino-p-940937.html

How to install:
1. Flash AnalogReadSerial.hex  to ATMega.
2. Extract and run carauto. .Net 4 is needed.
3. Choose com port from dropdown menu.

How to use:
Connect analog/digital input to intended sensor via 1KOmh resistor. Please note that all inputs are 5V only!
Shorting digital Input 12 to ground will produce human readable data and will decrease sample rate.

Reading data:
Data are stored in Output.csv file with approximately 1000 samples/second.

carauto

Dell DRAC 5 config via ssh

Changing http, https, remote console ports

clear some space

reload