Setting Your MTU

Wednesday, April 25, 2007

So to follow up with the previous post about MTU and MSS, I wanted to show you how to set the MTU value on your computer. On most Unix-like boxes it is a fairly straight forward process to change your MTU. On Windows it gets a little trickier with registry changes and such things that can brick your computer.

Read the rest of this entry »

Busy This Week, Here’s A tcpdump example

Friday, April 20, 2007

I have been behind in my posts, and I have quite a few items to get posted. Today I wanted to walk through an example of tcpdump can be useful when tracking down malicious traffic on your network. I am going to use the example of IrnBot to demonstrate a handy technique. IrnBot (named after the Scottish drink IrnBru), also popularly known as Rinbot, produces a lot of traffic on port 1433, 2967 and 139. It also opens up a connection to irc servers on the outside over port 8080.

Read the rest of this entry »

Getting stats with awk, sort and uniq

Saturday, April 14, 2007

I find myself sorting through logs all the time, and I have developed a couple of tricks for pulling the information I need out. With a little awk, sort and uniq magic you can get a great deal of info out of your logs.

Read the rest of this entry »

More Fun With tcpdump and Resets

Tuesday, April 10, 2007

Here is another handy little trick for tcpdump that will help you identify some potential network issues. Often times when there is some trouble along the line you will see reset connections. This happens for many reasons and can be an indication of everything form a network program to a crashed application that suddenly stops responding.

Read the rest of this entry »

Quick Network Analysis With tcpdump

Friday, April 6, 2007

You see that light blinking like crazy on the switch, and want to see what it is that your systems is doing? If you are on a (u|li)n[i|u]x or bsd of some sort pick up a copy of tcpdump. If you are on OS X it is already included.

Read the rest of this entry »

Take Your Keys With You

Monday, April 2, 2007

Now that you have created keys for logging into you servers, you might find that you are moving between systems, or you just don’t like leaving your keys behind when you go home. There is a quick fix for this.

Read the rest of this entry »

Password Free Logins Over ssh (Part 1)

Friday, March 30, 2007

Are you sick of typing in passwords when sshing into systems or when transferring files of scp of sftp. Well the good news is that there is an easier and safer way to do this with ssh keys.

Read the rest of this entry »

DNS Change Regression Testing

Wednesday, March 28, 2007

For those who have needed to make a bunch of DNS changes and want to verify what the effect of those changes are, here is a little shell script that does a sort of regression test. Basically, it tells you what changes were made to a zone so you can see if any major mistakes were made.

The usage is simple try dnscheck -? for a list of options. It isn’t the fanciest thing in the world, but for those who need it, it might be helpful.

Open it in your favorite text editor to set the basic configuration options and make it executable and you are on your way.

Read the rest of this entry »