My initial impression of VMWare Fusion is just, wow. While Parallels was the first out there, VMWare is now bringing their deep virtualization expertise to OS X now. The latest public beta really delivers on the Linux side. While Parallels seems to have their focus on the Windows market, VMWare has been building for the Linux market as well.
So to follow up with the previous post about MTU and MSS, I wanted to show you how to set the MTU value on your computer. On most Unix-like boxes it is a fairly straight forward process to change your MTU. On Windows it gets a little trickier with registry changes and such things that can brick your computer.
I have been behind in my posts, and I have quite a few items to get posted. Today I wanted to walk through an example of tcpdump can be useful when tracking down malicious traffic on your network. I am going to use the example of IrnBot to demonstrate a handy technique. IrnBot (named after the Scottish drink IrnBru), also popularly known as Rinbot, produces a lot of traffic on port 1433, 2967 and 139. It also opens up a connection to irc servers on the outside over port 8080.
I find myself sorting through logs all the time, and I have developed a couple of tricks for pulling the information I need out. With a little awk, sort and uniq magic you can get a great deal of info out of your logs.
You see that light blinking like crazy on the switch, and want to see what it is that your systems is doing? If you are on a (u|li)n[i|u]x or bsd of some sort pick up a copy of tcpdump. If you are on OS X it is already included.
Now that you have created keys for logging into you servers, you might find that you are moving between systems, or you just don’t like leaving your keys behind when you go home. There is a quick fix for this.
In the last post I suggested you add a passphrase to keep your private key secure. The problem with this is that now you have traded entering a password for entering a passphrase which is most likely longer. Doesn’t seem like such a great trade off.