POPULARITY
Come inside ICMP's new laboratory to examine bones and teeth - essential evidence for court cases and for families of the missing. Do like, subscribe and leave us a review. Want to find out more? Check out all the background information on our website including hundreds more podcasts on international justice covering all the angles: https://www.asymmetricalhaircuts.com/ Or you can sign up to our newsletter: https://www.asymmetricalhaircuts.com/newsletters/ Did you like what you heard? Tip us here: https://www.asymmetricalhaircuts.com/support-us/ Or want to support us long term? Check out our Patreon, where - for the price of a cup of coffee every month - you also become part of our War Criminals Bookclub and can make recommendations on what we should review next, here: https://www.patreon.com/c/AsymmetricalHaircuts Asymmetrical Haircuts is created, produced and presented by Janet Anderson and Stephanie van den Berg, together with a small team of producers, assistant producers, researchers and interns. Check out the team here: https://www.asymmetricalhaircuts.com/what-about-asymmetrical-haircuts/
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Network traffic tunneling is a technique used by attackers to bypass security controls and exfiltrate data or establish covert communication channels. Threat actors use various tunneling methods, including DNS tunneling, HTTP/S tunneling, and ICMP tunneling, each with its own advantages depending on the target environment.The "BadPilot" hacking campaign has been linked to Russia's Sandworm threat group, a unit of the GRU known for cyber espionage and disruptive attacks.GreyNoise has observed active exploitation of CVE-2025-0108, a critical authentication bypass vulnerability in Palo Alto Networks' PAN-OS. This vulnerability allows unauthenticated attackers to gain administrative access to affected firewall devices, posing a significant risk to organizations relying on PAN-OS for network security.Security researcher Paul Butler has demonstrated a novel technique for smuggling arbitrary data using emojis, leveraging the way modern text encoding and rendering systems handle Unicode characters.Kitty Stealer is a newly identified malware targeting macOS systems, designed to steal sensitive user data such as credentials, browser cookies, and cryptocurrency wallets.
Send us a textUnlock the secrets to mastering core networking concepts crucial for your CISSP exam and cybersecurity career with Sean Gerber on the CISSP Cyber Training Podcast. Ever wondered how the intricate dance between IPv4 and IPv6 affects your daily online interactions? Get ready to explore these foundational Internet protocols, their histories, and the innovative transition mechanisms bridging them. We kick off with a discussion on the eye-opening Mega Breach Database, spotlighting the staggering exposure of around 26 billion records. This breach serves as a cautionary tale of our digital age, underscoring the necessity for robust password management and multi-factor authentication.Journey through the complex landscape of IP addressing as we untangle the web of IPv4 and IPv6 structures. We'll break down IPv4's network and host partitions, the role of TCP and UDP protocols, and the creative, albeit temporary, fix provided by NAT routing. With a shift towards IPv6, discover the implications of its advanced hexadecimal notation and the flexibility offered by CIDR in IP address allocation. If you're grappling with the divide between the old and new, Sean shares insights on key transition strategies, ensuring you comfortably adapt to the evolving technological environment.Lastly, we tackle essential networking protocols like ICMP, IGMP, and ARP, which are indispensable for anyone eyeing the CISSP certification. Learn how to apply these concepts to real-world scenarios, such as identifying potential man-in-the-middle attacks. Whether you're a cybersecurity novice or a seasoned expert, our discussion will equip you with comprehensive knowledge and sharpen your skills, helping you excel in the CISSP exam and beyond. Join us for this enlightening episode, and walk away with the confidence to navigate the complex world of networking.Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!
On this episode, we're joined by GreyNoise Founder and Chief Architect, Andrew Morris, to take a ride in the Mystery Mobile to discover a hidden message buried in the payloads of over two million mis-directed ICMP packets. Along the way, we discuss the history of "noise storms" seen through the lens of GreyNoise's planetary-scale network of internet sensors, talk about some other, recent mega-storms, then don our bestest tin-foil hats to conspiracy theorize who sent this encoded message and why. Forecast - Digital Disturbance Advisory! Subscribe to Storm⚡️Watch - https://stormwatch.ing Storm Watch Homepage >> Learn more about GreyNoise >>
ICMP, short for Internet Control Message Protocol, is utilized by network devices like routers to communicate error messages and operational status regarding the network's conditions. Network devices typically generate ICMP messages in response to errors, such as when a packet cannot be delivered to its destination or when a router needs to communicate that it is experiencing congestion.
Romain Basset is back for another podcast episode. Today, Andy and Romain discuss the notorious threat actor group, Anonymous Sudan. They explore who this group is, their affiliations, motivations, and the tactics, techniques, and procedures (TTPs) they employ. The discussion includes an overview of various types of threat actor groups, situating Anonymous Sudan within this landscape, and providing a detailed background on the group's emergence, targets, and the significant impact of their attacks. Key Takeaways: Anonymous Sudan is a threat actor group that sits between being an activist group and a state-sponsored cyber-criminal group. The group is known for highly disruptive and visible DDoS attacks, often targeting large organizations and infrastructure like Microsoft's Azure, OneDrive, and Outlook.com. Anonymous Sudan utilizes a variety of DDoS techniques and tools, including HTTP floods, SYN floods, UDP floods, and ICMP floods, often coordinating with other botnets to amplify the impact. Anonymous Sudan's tactics appear focused on disruption and visibility, aiming to make a public impact and spread their political/religious messaging. Timestamps: (02:43) - Categories of Threat Actor Groups (05:44) - Ties Between Anonymous Sudan and Russia (10:59) - Tools Used by Anonymous Sudan (15:47) - Techniques and Procedures of Anonymous Sudan (24:08) - Typical DDoS Attack Procedure Episode Resources: Next-gen Microsoft Security and Compliance Management to meet your Requirements
Send us a Text Message.Are multi-layer protocols the key to safeguarding our digital world amidst the rising tide of cyberattacks? Join me, Sean Gerber, as I unravel the complexities of these protocols and their vital role in cybersecurity, drawing from the CISSP ISC² domains 4.1.4 and 4.1.5. By sharing my firsthand experiences and highlighting the alarming $22 million ransomware payout by Change Healthcare, I underscore the urgent need for redundancy in critical systems, especially within vulnerable sectors like healthcare.Let's decode the layers of data encapsulation, from the basic principles of TCP/IP to the robust security offered by TLS and IPsec. We'll discuss how VPN tunnels enhance security and tackle the sophisticated challenge of attackers concealing their activities within encrypted traffic. Discover methods to unmask these covert channels using decryption appliances and targeted traffic inspection, and explore the fascinating realm of steganography for data concealment.The journey continues with a deep dive into data exfiltration techniques, including EDI communication and low-level network protocols like ICMP and DNS. Learn how malicious actors bypass detection and how network administrators can stay vigilant. Finally, I'll share my passion for mentorship in cybersecurity, highlighting the enriching experiences and opportunities available through CISSP Cyber Training and my own platforms. Whether you're a seasoned professional or an aspiring expert, this episode offers valuable insights and resources to bolster your cybersecurity knowledge and career.Gain access to 60 FREE CISSP Practice Questions each and every month for the next 6 months by going to FreeCISSPQuestions.com and sign-up to join the team for Free. That is 360 FREE questions to help you study and pass the CISSP Certification. Join Today!
Songwriting isn't just about inspiration; it's also about understanding the basics, piece by piece, fitting all elements together to create the song we love. In this episode, Xylo chats with ICMP Songwriting Professor, Sophie Daniels, about the creative process of songwriting and understanding the basic structures in creating a song. Follow Sophie Daniels & ICMP Instagram: https://www.instagram.com/libertysmother Website: https://www.sophiedanielsmusic.com/ https://www.libertysmother.com/ ICMP Website: https://www.icmp.ac.uk/ Discover your place in the music industry with ICMP at www.icmp.ac.uk/apply
Light Round Volume 7: Approach to a patient with subclinical AF
In today's music industry, boundaries have been continuously pushed to move traditional music expression to a whole new level. But have you ever wondered how artistry and engineering have been seamlessly merged to achieve this? In this episode, Xylo chats with pioneering inventor-producer-performer, Lia Mice, on the creative process of instrument making, innovating more sustainable instrument designs, and integrating digital and physical instruments to make them more accessible and inclusive, especially for musicians with disabilities. Follow Lia Mice & ISM: Instagram: https://www.instagram.com/lia_mice/ Facebook: https://www.facebook.com/lia.mice Twitter: https://twitter.com/Lia_Mice YoutTube: https://www.youtube.com/c/liamice Website: https://www.liamice.com/ ICMP Website: https://www.icmp.ac.uk/ Discover your place in the music industry with ICMP at www.icmp.ac.uk/apply
Enjoy the Irish & Celtic Music Podcast #648. La famille LeBlanc, Matt & Shannon Heaton, Wolf & Clover, Avery LeVine, Sassenach, The Byrne Brothers, Seán Heely, Corey Purcell, Juha Rossi, Marc Gunn, Eimear Arkins, Piskey Led, Eclectic Revival, Celtic Woman GET CELTIC MUSIC NEWS IN YOUR INBOX The Celtic Music Magazine is a quick and easy way to plug yourself into more great Celtic culture. Enjoy seven weekly news items for Celtic music and culture online. Subscribe now and get 34 Celtic MP3s for Free. VOTE IN THE CELTIC TOP 20 FOR 2024 This is our way of finding the best songs and artists each year. You can vote for as many songs and tunes that inspire you in each episode. Your vote helps me create next year's Best Celtic music of 2024 episode. You have just three weeks to vote this year. Vote Now! You can follow our playlist on Spotify to listen to those top voted tracks as they are added every 2- 3 weeks. It also makes it easier for you to add these artists to your own playlists. You can also check out our Irish & Celtic Music Videos THIS WEEK IN CELTIC MUSIC 0:02- Intro: Mitchell Petersen, ICMP audio engineer 0:06- La famille LeBlanc "Suite en vièle acadienne" from New/Nouveau- Perdrais- je mon temps...(Would I be losing my time...) 3:08- WELCOME 4:48- Matt & Shannon Heaton "In Tune with Reality/Aileen Dillane/Brown Weasel (reels)" from Whirring Wings 9:24- Wolf & Clover "Shanagolden" from Shanagolden 14:42- Avery LeVine "Aoibhneas Éilís Ní Cheallaigh/The Swaggering Jig" from The Rainy Day 16:44- Sassenach "Spancil Hill" from Passages 21:00- FEEDBACK 23:27- The Byrne Brothers "Raggle Taggle Gypsy" from The Boys of Doorin 28:32- Seán Heely "Dramagical : The Twa Corbies / The Charmed 3 / Dramagical" from Dramagical 34:19- Corey Purcell "Jock Stuart" from Undaunted 39:03- Juha Rossi "The Butterfly" from Irish Tunes on Mandolin 41:49- THANKS 45:22- Marc Gunn "Redemption" from Come Adventure With Me 48:56- Eimear Arkins "The Hare's Lament - Song" from Here & There 53:17- Piskey Led "Come All Good Cornish Boys" from Piskey Led 59:24- Eclectic Revival "Goodbye Whiskey" from Life & Love 1:03:27- CLOSING 1:04:51- Celtic Woman "Dúlamán" from 20th Anniversary 1:08:51- CREDITS The Irish & Celtic Music Podcast was produced by Marc Gunn, The Celtfather and our Patrons on Patreon. The show was edited by Mitchell Petersen with Graphics by Miranda Nelson Designs. Visit our website to follow the show. You'll find links to all of the artists played in this episode. Todd Wiley is the editor of the Celtic Music Magazine. Subscribe to get 34 Celtic MP3s for Free. Plus, you'll get 7 weekly news items about what's happening with Celtic music and culture online. Best of all, you will connect with your Celtic heritage. Please tell one friend about this podcast. Word of mouth is the absolute best way to support any creative endeavor. Finally, remember. Reduce, reuse, recycle, and think about how you can make a positive impact on your environment. Promote Celtic culture through music at http://celticmusicpodcast.com/. WELCOME THE IRISH & CELTIC MUSIC PODCAST * Helping you celebrate Celtic culture through music. I am Marc Gunn. This podcast is here to build a diverse Celtic community and help the incredible artists who so generously share their music with you. If you hear music you love, please email artists to let them know you heard them on the Irish & Celtic Music Podcast. Musicians depend on your generosity to keep making music. So please find a way to support them. Buy a CD, Album Pin, Shirt, Digital Download, or join their communities on Patreon. You can find a link to all of the artists in the shownotes, along with show times, when you visit our website at celticmusicpodcast.com. If you are a Celtic musician or in a Celtic band, then please submit your band to be played on the podcast. You don't have to send in music or an EPK. You will get a free eBook called Celtic Musicians Guide to Digital Music and learn how to follow the podcast. It's 100% free. Just Email follow@bestcelticmusic and of course, listeners can learn how to subscribe to the podcast and get a free music- only episode. THANK YOU PATRONS OF THE PODCAST! You are amazing. It is because of your generosity that you get to hear so much great Celtic music each and every week. Your kindness pays for our engineer, graphic designer, Celtic Music Magazine editor, promotion of the podcast, and allows me to buy the music I play here. It also pays for my time creating the show each and every week. As a patron, you get music- only episodes before regular listeners, vote in the Celtic Top 20, stand- alone stories, and you get a private feed to listen to the show. All that for as little as $1 per episode. A special thanks to our Celtic Legends: Bill Mandeville, Marti Meyers, Brenda, Karen DM Harris, Emma Bartholomew, Dan mcDade, Carol Baril, Miranda Nelson, Nancie Barnett, Kevin Long, Gary R Hook, Lynda MacNeil, Kelly Garrod, Annie Lorkowski, Shawn Cali HERE IS YOUR THREE STEP PLAN TO SUPPORT THE PODCAST Go to our Patreon page. Decide how much you want to pledge every week, $1, $5, $25. Make sure to cap how much you want to spend per month. Keep listening to the Irish & Celtic Music Podcast to celebrate Celtic culture through music. You can become a generous Patron of the Podcast on Patreon at SongHenge.com. TRAVEL WITH CELTIC INVASION VACATIONS Every year, I take a small group of Celtic music fans on the relaxing adventure of a lifetime. We don't see everything. Instead, we stay in one area. We get to know the region through its culture, history, and legends. You can join us with video adventures or listen to our the Celtic Invasion Vacations podcast to hear more about the invasions. Learn more about the invasion at http://celticinvasion.com/ #celticmusic #irishmusic #celticmusicpodcast I WANT YOUR FEEDBACK What are you doing today while listening to the podcast? Please email me. I'd love to see a picture of what you're doing while listening or of a band that you saw recently. Email me at follow@bestcelticmusic. Howie Broyles commented on Facebook: "Love the podcast. I have always liked Celtic music and anything to do with Scotland or Ireland. It wasn't until I took a DNA test that I figured out why. I always thought I was mostly German because of my name and where it originates. Turns out I got mostly my moms side and they are all UK based. Ireland, Scotland and Yorkshire. So now I even enjoy it more knowing that it is my history." Aimee Greenfield sent a picture: "Hi Mark, I love to weave and listen to Celtic music. This music has inspired me for the last 30 years while creating! The music is definitely woven into my current project of Turkish Beach Towels. Thanks for the entertainment!"
Get ready to fortify your cyber defenses and unwrap the complexities of internet protocols with me, Sean Gerber, in a week charged with cybersecurity insights. We're dissecting the digital fabric of IPv4 and IPv6, from the nuances of subnetting to the stealthy signals of ICMP, ensuring you walk away with a fortified understanding of the cyber terrain. Don't miss the pivotal segment where I unravel the CIDR notation—a cornerstone concept for network professionals—and how recognizing a Class C address, such as 192.168.1.1, can be the key to differentiating your network strategy.As the shadow of ransomware looms over our critical infrastructure, I delve into the harrowing onslaught of attacks plaguing wastewater treatment facilities, bringing to light the urgent call for cyber vigilance. Discover the significance of link-local addresses and the potential pitfalls of rogue IPv6 devices in your network. The world of cybersecurity is a battleground, and this episode is your armory—equip yourself with the knowledge to lead the charge against the digital threats of today and tomorrow.Gain access to 30 FREE CISSP Exam Questions each and every month by going to FreeCISSPQuestions.com and sign-up to join the team for Free.
Ever wondered how the invisible threads of the internet hold together the vast tapestry of global communication? Join me, Sean Gerber, as we unravel the mystique behind internet protocols, where the transition from IPv4's limited landscape to IPv6's boundless horizons marks a revolution in digital connectivity. Illuminating the depths of IP classes, address schemes, and the critical importance of understanding these concepts, we equip you with the essential know-how to navigate the cybersecurity realm with confidence.The digital era's Achilles' heel—cybersecurity—is laid bare as we dissect the harrowing Mega Breach Database incident, a stark reminder of our shared vulnerability in this interconnected world. Together, we shed light on the armor of password management and the shield of multi-factor authentication, forging strategies to fortify our defenses against cyber threats. By imparting this knowledge to peers and loved ones, we join forces in the ongoing battle to secure cyberspace for generations to come.As we chart the course toward the coveted CISSP certification, grasp the significance of every concept, from ARP tables to potential vulnerabilities lying in ambush for the unwary. This episode isn't just about passing an exam; it's about instilling a foundation of cybersecurity comprehension that stands firm against the tides of technological advancement. Whether you're setting foot on the path of a cybersecurity career or already marching through the ranks, this journey through the landscape of cyber defense is tailored to keep you one step ahead.Gain access to 30 FREE CISSP Exam Questions each and every month by going to FreeCISSPQuestions.com and sign-up to join the team for Free.
In this episode, Lois Houston and Nikita Abraham, along with Rohit Rahi, look at two important services that Oracle Cloud Infrastructure provides: Compute and Load Balancing. They also discuss the basics of instances. Oracle MyLearn: https://mylearn.oracle.com/ Oracle University Learning Community: https://education.oracle.com/ou-community X (formerly Twitter): https://twitter.com/Oracle_Edu LinkedIn: https://www.linkedin.com/showcase/oracle-university/ Special thanks to Arijit Ghosh, Kiran BR, David Wright, the OU Podcast Team, and the OU Studio Team for helping us create this episode. -------------------------------------------------------- Episode Transcript: 00:00 Welcome to the Oracle University Podcast, the first stop on your cloud journey. During this series of informative podcasts, we'll bring you foundational training on the most popular Oracle technologies. Let's get started. 00:26 Nikita: Hello and welcome to the Oracle University Podcast. I'm Nikita Abraham, Principal Technical Editor with Oracle University, and with me is Lois Houston, Director of Innovation Programs. Lois: Hi there. You're listening to our Best of 2023 series, where over the last few weeks, we've been revisiting our most popular episodes of the year. 00:47 Nikita: In today's episode, which is #5 of 6, we'll listen in to a conversation Lois and I had earlier this year with Rohit Rahi, Vice President of CSS OU Cloud Delivery, on OCI Compute and Load Balancing. We began by asking Rohit why one would use Load Balancer. Lois: So let's get right to it! 01:06 Rohit: You would use Load Balancer to achieve high availability and also achieve scalability. So typically the way Load Balancer works is, they're also referred to as Reverse Proxies, you would have a Load Balancer, which would be used accessed by multiple clients, various clients. And these clients would hit the Load Balancer, and the Load Balancer would proxy that traffic to the various backend servers. So in this way, it not only protects the various backend servers, but also provides high availability. In case a particular backend server is not available, the application can still be up and running. And then it also provides scalability because if lots of clients start hitting the Load Balancer, you could easily add more backend servers. And there are several other advanced capabilities like SSL termination and SSL passthrough and a lot of other advanced features. So the first type of Load Balancer we have in OCI is a layer 7 Load Balancer. Layer 7 basically means it understands HTTP and HTTPS. That's the OSI model. And then there are various capabilities available here. 02:13 Nikita: The Load Balancer comes in two different shapes, right? Can you tell us a little about that? Rohit: One is called a flexible shape where you define the minimum and the maximum and you define the range. And your Load Balancer can achieve any kind of-- support any kind of traffic in that particular range, going from 10 Mbps all the way to 8 Gbps. The second kind of shape is called dynamic where you predefine the shapes. So you have micro, small, medium, large, and you predefine the shape. And you don't have to warm up your Load Balancer. If the traffic comes to that particular shape, the Load Balancer automatically scales. 02:53 Rohit: You can always do a public and a private Load Balancer. Public means Load Balancer is available on the web. Private means your multiple tiers, like a web tier, can talk to your database tier and balance the traffic between them, but both tiers don't have to be public. A Load Balancer is highly available, highly scalable by design. 03:12 Lois: And what about the second type of Load Balancer? Rohit: The second kind of Load Balancer we have in OCI is called the Network Load Balancer. And as the name specify, Network Load Balancer operates at layer 4, layer 3, and layer 4 so it understands TCP, UDP, also supports ICMP. Again, like HTTP Load Balancer, it has both public and a private option, so you could create a public Network Load Balancer or a private Network Load Balancer. It's highly available, highly scalable, all those features are supported. 03:42 Nikita: Now, why would you use Network Load Balancer over an HTTP Load Balancer? Rohit: The primary reason you would use it is it's much faster than HTTP Load Balancer. It has much lower latency. So if performance is a key criteria for you, go with Network Load Balancer. On the contrary, the HTTP Load Balancer has higher level intelligence because it can look at the packets, it can inspect the packets, and it gets that intelligence. So if you're looking for that kind of routing intelligence, then go with HTTP Load Balancer. 04:15 Rohit: So OCI Compute service provides you virtual machines and bare metal servers to meet your compute and application requirements. The three defining characteristics of this service include this scalability, high performance, and lower pricing. So the first thing in the OCI Compute service is you have this notion of flexible shape. What does it mean? Well, it means you could choose your own course, your CPU processors, and you could also choose your own memory. Literally, there are thousands and thousands of configurations you can choose from. 04:49 Lois: But what's the use of doing this? Rohit: The use of doing this is you could select the right machine type by using our flexible shapes. And in the cloud, there's this notion of T-shirt sizing. So you have a small, medium, large kind of shapes, and your application has to fit those shapes. And sometimes you overprovision or underprovision, and you have to go through that painful process of changing your machine types. We hope with this flexible shapes, you don't have to do that. 05:20 Rohit: If you still want to use the traditional approach, we have virtual machines, we have bare metal servers, and we have dedicated host. And you could use either one of them or all of them. And bare metal servers basically means you get a full machine, a full server which is completely dedicated to you. Dedicated host basically means that you get a full dedicated bare metal machine. But on top of that, you could run virtual machines. Not only this, but OCI is only one of the two cloud providers to provide you options on processors. So you can run AMD-based instances, you could run Intel-based instances, and you could also run Arm-based instances-- are really a powerful thing for mobile computing. The phones you are using today are probably running on Arm processors. Now, Arm is coming into the data centers. 06:16 Have something interesting to share with the Oracle University Learning Community? Present your topic at an exclusive community event. Help yourself by helping others. Start building your reputation and personal brand today. If you are already an Oracle MyLearn user, go to MyLearn to join the community. You will need to log in first. If you have not yet accessed Oracle MyLearn, visit mylearn.oracle.com and create an account to get started. 06:48 Nikita: What can you tell us about the pricing of this, Rohit? Rohit: On the pricing side, the service implements pay-as-you-go pricing. We are 50% cheaper than any other cloud out there, just to begin with. And not only that, you could use something like a Preemptable VMs to reduce your cost by more than 50% from your regular instances. Preemptable VMs are low cost, short lived VMs suited for batch jobs and fault tolerant workloads. These are similar to regular instances, but priced 50% lower. So you can use them to reduce your cost further. So when we say an instance, what we mean is a compute host. And it has several dependencies. So let's look at them. 07:31 Rohit: So you have an Oracle Cloud region here. A region is comprised of multiple ADs. An AD is nothing but a data center. The first dependency the compute service has or compute hosts have is on Virtual Cloud Network. So in order to spin up a compute instance, you need a Virtual Cloud Network. You have a network divided into smaller portions called subnets. So you have a subnetwork here, and you need to create these before you can spin up a compute host. 08:00 Rohit: Now you can spin up a compute host. It's a physical construct. Networking is a virtual construct. So how are they related? Within a compute host, you have a physical network interface card, and you virtualize that card. We give you this virtual NIC. And that virtual NIC is placed inside the subnet. And that's the association for the compute host. And that's where the private IP for the compute host comes from, because every compute host or VM you are running, or a bare metal machine, has a private IP address. Now, there is another set of dependency the compute instances have, and that's to the boot volume and the boot disk and the block volumes. 08:42 Lois: What does that mean, exactly? Rohit: Well, each of these compute hosts you are spinning up has an operating system. And the image that's used to launch an instance determines its operating system and other software. So you have this concept of an image that comes from this network storage disk called a boot disk. So it doesn't stay on the compute host, it's actually living on the network somewhere. And you also have data, like file systems, etc. You're working on the compute instances. They also live on the network. So there is the data disks and operating system disks together. There's a service called block volume service which the compute host uses to run its operating system and run its data disks. Now, these are remote storage. 09:33 Rohit: There is one more feature which is really relevant when you are talking about compute instances, and that's live migration. We know that computers fail all the time. So how do we make sure that whatever compute host you are running is always up and running, itself? So we have this feature called live migrate. And the idea here is if one of the compute hosts goes down, there's a problem, we would migrate your VM to another host in our data center, and it will be transparent to you. There are multiple options you provide-- whether opt-in or opt-out-- you can choose from. But the idea is we migrate your virtual machines so you can live-migrate between hosts without rebooting. This keeps your applications running even during maintenance events. To achieve this in your own data centers is a not-so-trivial task, but we make that seamless within OCI. 10:22 Nikita: Thanks for that, Rohit. To learn more about OCI, please visit mylearn.oracle.com, create a profile if you don't already have one, and get started on our free OCI Foundations training. Lois: You will find skill checks that you can take throughout the course to ensure that you are on the right track. Nikita: We hope you enjoyed that conversation. Join us next week for our final throwback episode. Until then, this is Nikita Abraham... Lois: And Lois Houston, signing off! 10:54 That's all for this episode of the Oracle University Podcast. If you enjoyed listening, please click Subscribe to get all the latest episodes. We'd also love it if you would take a moment to rate and review us on your podcast app. See you again on the next episode of the Oracle University Podcast.
Our today's interviewee is Ms Kathryne Bomberger is the Director General of the International Commission on Missing Persons. And we'll be talking about the tasks this commission performs in the world, and is going to do in Ukraine in particular.
Light Rounds 3: LV thrombus
In this episode of PING, Dr Rolf Winter, the Professor of Data Communications at Augsburg University of Applied Sciences discusses his work on ‘reverse traceroute', which is an approach to using the well-known traceroute mechanism but driven from the other end. The inherent problem with traceroute and its related diagnostics is that it only informs you about the path outwards from your address to the other end. Reverse traceroute is an attempt to ‘mechanize' the reverse path information, using proposed new codepoints in the Internet Control Message Protocol (ICMP). Rolf discusses this approach and some of the logistical issues with attempting to modify an established protocol like ICMP, and measurements of the acceptability of proposed new codepoints in the wild. Read more about Professor Winter's work on the APNIC Blog: Troubleshooting ‘the other half' Watch his presentation at DENOG 14 Visit his GitHub code repository
Hello everyone! This episode will be about Microsoft Patch Tuesday for March 2023, including vulnerabilities that were added between February and March Patch Tuesdays. Watch the video version of this episode on my YouTube channel. Read the full text of this episode with all links on avleonov.com blog.
In this episode we continue the conversation with Kathryne Bomberger, the Director General of the International Commission on Missing Persons (ICMP). Our discussion builds on our conversation in the last episode to investigate more in depth the problem of missing persons and learn from Kathryne's expertise and insight on this important topic. We talk about why people go missing, what has improved over time in addressing the issue of missing persons, what states can do to contribute to the solution and Kathyne's recommendations for ways forward. For more on the ICMP go to: https://www.icmp.int/Don't forget to rate us, recommend us and share on social media!Support the show
In this Episode we introduce you to Kathryne Bomberger, the Director General of the International Commission on Missing Persons - the ICMP, and talk about ICMP's work and Kathryn's role at the organization. We focuse on how the issue of missing persons evolved over time from a humanitarian to a human rights issue, how the ICMP was created and the challenges faced on its journey.For more on the ICMP go to: https://www.icmp.int/Don't forget to rate us, recommend us and share on social media!Support the show
The Linux kernel has some exciting updates this week, including a significant Asahi milestone and some good news for Android. Then we take openSUSE's new web-based installer for a spin.
The Linux kernel has some exciting updates this week, including a significant Asahi milestone and some good news for Android. Then we take openSUSE's new web-based installer for a spin.
Legóból épített százmilliós céget egy magyar vállalkozó G7 2022-11-28 04:34:44 Cégvilág Több száz millió forintos üzlet az egyedi tervek alapján készült legók tervezése és összeállítása. Csecsen emberrablók a Völner-Schadl vádiratban 24.hu 2022-11-28 05:55:58 Belföld USA Völner Pál Schadl György Schadl György barátja egy színlelt emberrablási sztorival csalt ki 200 ezer amerikai dollárt a vádirat szerint. Mibe fektessek? Jól megdrágultak egyes állampapírok a múlt héten Privátbankár 2022-11-28 05:18:02 Gazdaság Kamat Kötvény Hozam Állampapír Alaposan leesett egyes futamidőkre a hazai állampapírok hozama a múlt héten, de még így is van olyan, amely rövid távon 12,5-13,0 százalékot hoz. A változó kamatozású papírok egy részétől is alacsonyabb kamatot várhatunk. Olyan kötvényünk is van, amely éppen akkor lehet kedvező, ha Magyarország helyzete nem javul, hanem éppen romlik. Újabb stratégiai fontosságú régiót adhatnak fel az oroszok, miközben beállt a tél Ukrajnában - Háborús híreink hétfőn Portfolio 2022-11-28 06:20:00 Külföld Ukrajna háború Kijev Atomerőmű Az ukrán Enerhoatom értesülései szerint az orosz csapatok "csomagolni" kezdtek Enerhodar városában, ahol Európa legnagyobb atomerőműve is található. Mindeközben folytatódnak az ukrán energetikai infrastruktúrát érő támadások, Kijevben pedig beköszöntött a tél. Cikkünk folyamatosan frissül. Ha Binotto marad, Leclerc a Mercedeshez távozhat? F1világ 2022-11-28 06:25:00 Forma1 Olaszország Mercedes-Benz Ferrari Charles Leclerc Olasz médiajelentések szerint szinte biztos, hogy Fred Vasseur lesz a Ferrari új Forma-1-es csapatfőnöke – a francia szakember érkezésének pedig Charles Leclerc örülhet igazán. A gyors termelés a biztonság rovására mehet autopro 2022-11-28 04:20:00 Cégvilág Ahogy felfutott a gyártás, úgy egyre nagyobb biztonságbeli problémák merültek fel a Riviannál. „Többen jelezték már, hogy be kellett zárniuk, mert elfogyott a benzin” – csak néhány napra elég készlete van a kisebb kutaknak rtl.hu 2022-11-28 06:15:37 Gazdaság Üzemanyag Tankolás MOL Százhalombatta Több száz benzinkút fogyhat ki az üzemanyagból napokon belül – ezt mondták az rtl.hu-nak a Független Benzinkutasok Szövetségénél. A kis benzinkutak kiszolgálását a Mol az ellátásbiztonságra hivatkozva függesztette fel, az intézkedés határozatlan időre szól. Az olajtársaság szerint a gondot az okozza, hogy a százhalombattai finomító csökkentett kapa Költségcsökkentéssel készülnek a vállalkozók a 2023-as év várható nehézségeire Hungarianpress 2022-11-28 04:00:00 Gazdaság Nem nagy meglepetés, hogy az előttünk álló 2023-as év bizonytalanságaitól sok vállalkozó tart. Költségcsökkentést, áremelést és akár szervezeti átstrukturálást is terveznek. Most már számokban is látni lehet, hogy ki, mire készül. A több mint 160 ezres vállalkozói felhasználó bázissal rendelkező Billingo online számlázó kutatást végzett ügyfelei kö Már több mint tizenötezer embernek veszett nyoma Ukrajnában Infostart 2022-11-28 05:47:00 Külföld Ukrajna háború Kijev A kilenc hónapja tartó háborúban több mint tizenötezren tűntek el - közölte csütörtökön Kijevben az Eltűnt Személyek Nemzetközi Bizottságának (ICMP) egyik vezetője. Verstappent kockázatos tőzsde támogatja Fintech 2022-11-28 05:10:00 Modern Gazdaság Hollandia Tőzsde Max Verstappen Red Bull A hétvégén a Red Bull színeiben versenyző Max Verstappen nyerte meg az idei utolsó, Abu Dzabiban rendezett Nagydíjat és ezzel a holland lett a 2022-es világbajnok. Ahogyan azt már egy korábbi cikkünkben írtuk, a Red Bull csapatát idén február 16-tól a Bybit nevű tőzsde támogatja. Mostani cikkünkben pedig kitérünk arra, hogy miért is jelent kockázat Magyar páros a világranglista élén Magyar Mezőgazdaság 2022-11-28 04:09:00 Állatvilág Gazdaság Mezőgazdaság Spanyolország A Spanyolországi Vicben rendezték meg a nyolcéves fiatal lovak távlovas világbajnokságát. A rendkívül taktikus 120 kilométeres pályát negyvenkét indulóból mindösszesen tizenhat ló-lovas páros fejezte be, köztük dr. Fekete Patrícia, Janita de S. José nevű lovával. Michelisz Norbi még egyszer utoljára dobogóra állhatott a Wtcr-ben, elbúcsúzott a sorozat Eurosport 2022-11-27 22:51:14 Sport gyorsulás Hétvége Szaúd-Arábia Hyundai WTCR Michelisz Norbert Az első futamon második, a második versenyen pedig negyedik helyen ért célba Michelisz Norbert, a Hyundai magyar versenyzője a túraautó-világkupa (WTCR) idényzáró hétvégéjén, Szaúd-Arábiában. Felhúzta magát a horvát kapitány a másik edzőn 24.hu 2022-11-28 04:42:14 Foci VB Kanada A horvát-kanadai meccsnek komoly előélete volt. Zlatko Dalic a 4-1-es győzelem ellenére morcos volt, az ok a másik kapitány viselkedése volt. Még sokáig várat magára a jelentős időjárás-változás Kiderül 2022-11-28 05:09:23 Időjárás Alapvetően eseménytelen időjárás vár ránk a következő napokban egy anticiklonnak köszönhetően. A hét közepén mediterrán ciklon közelíti meg hazánkat, mely a déli megyékbe hozhat némi esőt.
Legóból épített százmilliós céget egy magyar vállalkozó G7 2022-11-28 04:34:44 Cégvilág Több száz millió forintos üzlet az egyedi tervek alapján készült legók tervezése és összeállítása. Csecsen emberrablók a Völner-Schadl vádiratban 24.hu 2022-11-28 05:55:58 Belföld USA Völner Pál Schadl György Schadl György barátja egy színlelt emberrablási sztorival csalt ki 200 ezer amerikai dollárt a vádirat szerint. Mibe fektessek? Jól megdrágultak egyes állampapírok a múlt héten Privátbankár 2022-11-28 05:18:02 Gazdaság Kamat Kötvény Hozam Állampapír Alaposan leesett egyes futamidőkre a hazai állampapírok hozama a múlt héten, de még így is van olyan, amely rövid távon 12,5-13,0 százalékot hoz. A változó kamatozású papírok egy részétől is alacsonyabb kamatot várhatunk. Olyan kötvényünk is van, amely éppen akkor lehet kedvező, ha Magyarország helyzete nem javul, hanem éppen romlik. Újabb stratégiai fontosságú régiót adhatnak fel az oroszok, miközben beállt a tél Ukrajnában - Háborús híreink hétfőn Portfolio 2022-11-28 06:20:00 Külföld Ukrajna háború Kijev Atomerőmű Az ukrán Enerhoatom értesülései szerint az orosz csapatok "csomagolni" kezdtek Enerhodar városában, ahol Európa legnagyobb atomerőműve is található. Mindeközben folytatódnak az ukrán energetikai infrastruktúrát érő támadások, Kijevben pedig beköszöntött a tél. Cikkünk folyamatosan frissül. Ha Binotto marad, Leclerc a Mercedeshez távozhat? F1világ 2022-11-28 06:25:00 Forma1 Olaszország Mercedes-Benz Ferrari Charles Leclerc Olasz médiajelentések szerint szinte biztos, hogy Fred Vasseur lesz a Ferrari új Forma-1-es csapatfőnöke – a francia szakember érkezésének pedig Charles Leclerc örülhet igazán. A gyors termelés a biztonság rovására mehet autopro 2022-11-28 04:20:00 Cégvilág Ahogy felfutott a gyártás, úgy egyre nagyobb biztonságbeli problémák merültek fel a Riviannál. „Többen jelezték már, hogy be kellett zárniuk, mert elfogyott a benzin” – csak néhány napra elég készlete van a kisebb kutaknak rtl.hu 2022-11-28 06:15:37 Gazdaság Üzemanyag Tankolás MOL Százhalombatta Több száz benzinkút fogyhat ki az üzemanyagból napokon belül – ezt mondták az rtl.hu-nak a Független Benzinkutasok Szövetségénél. A kis benzinkutak kiszolgálását a Mol az ellátásbiztonságra hivatkozva függesztette fel, az intézkedés határozatlan időre szól. Az olajtársaság szerint a gondot az okozza, hogy a százhalombattai finomító csökkentett kapa Költségcsökkentéssel készülnek a vállalkozók a 2023-as év várható nehézségeire Hungarianpress 2022-11-28 04:00:00 Gazdaság Nem nagy meglepetés, hogy az előttünk álló 2023-as év bizonytalanságaitól sok vállalkozó tart. Költségcsökkentést, áremelést és akár szervezeti átstrukturálást is terveznek. Most már számokban is látni lehet, hogy ki, mire készül. A több mint 160 ezres vállalkozói felhasználó bázissal rendelkező Billingo online számlázó kutatást végzett ügyfelei kö Már több mint tizenötezer embernek veszett nyoma Ukrajnában Infostart 2022-11-28 05:47:00 Külföld Ukrajna háború Kijev A kilenc hónapja tartó háborúban több mint tizenötezren tűntek el - közölte csütörtökön Kijevben az Eltűnt Személyek Nemzetközi Bizottságának (ICMP) egyik vezetője. Verstappent kockázatos tőzsde támogatja Fintech 2022-11-28 05:10:00 Modern Gazdaság Hollandia Tőzsde Max Verstappen Red Bull A hétvégén a Red Bull színeiben versenyző Max Verstappen nyerte meg az idei utolsó, Abu Dzabiban rendezett Nagydíjat és ezzel a holland lett a 2022-es világbajnok. Ahogyan azt már egy korábbi cikkünkben írtuk, a Red Bull csapatát idén február 16-tól a Bybit nevű tőzsde támogatja. Mostani cikkünkben pedig kitérünk arra, hogy miért is jelent kockázat Magyar páros a világranglista élén Magyar Mezőgazdaság 2022-11-28 04:09:00 Állatvilág Gazdaság Mezőgazdaság Spanyolország A Spanyolországi Vicben rendezték meg a nyolcéves fiatal lovak távlovas világbajnokságát. A rendkívül taktikus 120 kilométeres pályát negyvenkét indulóból mindösszesen tizenhat ló-lovas páros fejezte be, köztük dr. Fekete Patrícia, Janita de S. José nevű lovával. Michelisz Norbi még egyszer utoljára dobogóra állhatott a Wtcr-ben, elbúcsúzott a sorozat Eurosport 2022-11-27 22:51:14 Sport gyorsulás Hétvége Szaúd-Arábia Hyundai WTCR Michelisz Norbert Az első futamon második, a második versenyen pedig negyedik helyen ért célba Michelisz Norbert, a Hyundai magyar versenyzője a túraautó-világkupa (WTCR) idényzáró hétvégéjén, Szaúd-Arábiában. Felhúzta magát a horvát kapitány a másik edzőn 24.hu 2022-11-28 04:42:14 Foci VB Kanada A horvát-kanadai meccsnek komoly előélete volt. Zlatko Dalic a 4-1-es győzelem ellenére morcos volt, az ok a másik kapitány viselkedése volt. Még sokáig várat magára a jelentős időjárás-változás Kiderül 2022-11-28 05:09:23 Időjárás Alapvetően eseménytelen időjárás vár ránk a következő napokban egy anticiklonnak köszönhetően. A hét közepén mediterrán ciklon közelíti meg hazánkat, mely a déli megyékbe hozhat némi esőt.
How should we investigate mass graves? Kathryne Bomberger from the ICMP and the UN's Agnes Callamard join us with a zoom audience to discuss the challenges facing states and victims' families.
Configuration Examples with KevTechify for the Cisco Certified Network Associate (CCNA)
In this episode we are going to look at configuring Use ICMP to Test and Correct Network Connectivity.Customers have been complaining that they can't reach some network resources. We have been asked to test connectivity in the network. We will use ICMP to find out which resources are unreachable and the locations from which they can't be reached. Then, we will use trace to locate the point at which network connectivity is broken. Finally, we will fix the errors that you find to restore connectivity to the network. We will be discussing In this lab we will use ICMP to test network connectivity and locate network problems, We will also correct simple configuration issues and restore connectivity to the network, Use ICMP to locate connectivity issues, and finally Configure network devices to correct connectivity issues.Thank you so much for watching this episode of my series on Configuration Examples for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.comYouTube Channel: https://YouTube.com/KevTechify-------------------------------------------------------Cisco Certified Network Associate (CCNA)Configuration Examples for Introduction to Networks v1 (ITN)ICMPLab 13.3.1 - Use ICMP to Test and Correct Network ConnectivityPod Number: 23Season: 1-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment
Configuration Examples with KevTechify for the Cisco Certified Network Associate (CCNA)
In this episode we are going to look at configuring Use Ping and Traceroute to Test Network Connectivity.There are connectivity issues in this activity. In addition to gathering and documenting information about the network, we will locate the problems and implement acceptable solutions to restore connectivity. We will be discussing Test and Restore IPv4 Connectivity and finally Test and Restore IPv6 Connectivity.Thank you so much for watching this episode of my series on Configuration Examples for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.comYouTube Channel: https://YouTube.com/KevTechify-------------------------------------------------------Cisco Certified Network Associate (CCNA)Configuration Examples for Introduction to Networks v1 (ITN)ICMPLab 13.2.7 - Use Ping and Traceroute to Test Network ConnectivityPod Number: 22Season: 1-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment
Rogers Communications, the Canadian ISP is down. One of its ASNs (they have many) is AS812 with over 5 million IP addresses. Tried a few and none of them can be pinged from the US (not sure if ICMP is disabled or not) This is a huge deal for all Canadians and businesses affected. So sorry for every one who is affected by this, and kudus to all the engineers at Rogers working to fix this for the past what? 11 hours now? If an ASN goes dark like a Facebook or a Cloudflare that isn't a big deal you can go without using Facebook for a day. But if this is your ISP's ASN that connects you to the rest of the World goes down, actual users won't be able to connect. We still don't know the cause but my guess it might be a bad BGP entry? that's what happened to Cloudflare or FB, could be something different. again so sorry for all my Canadian followers affected. Will make a video when I get a chance Resources https://www.bigdatacloud.com/asn-lookup/AS812 https://www.bigdatacloud.com/asn-lookup/AS7018 --- Support this podcast: https://anchor.fm/hnasr/support
Configuration Examples with KevTechify for the Cisco Certified Network Associate (CCNA)
In this episode we are going to look at configuring Verify IPv4 and IPv6 Addressing.Dual-stack allows IPv4 and IPv6 to coexist on the same network. We will investigate a dual-stack implementation including documenting the IPv4 and IPv6 configuration for end devices, testing connectivity for both IPv4 and IPv6 using ping, and tracing the path from end to end for IPv4 and IPv6.We will be discussing Complete the Addressing Table Documentation, Test Connectivity Using Ping, and Discover the Path by Tracing the Route.Thank you so much for watching this episode of my series on Configuration Examples for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.comYouTube Channel: https://YouTube.com/KevTechify-------------------------------------------------------Cisco Certified Network Associate (CCNA)Configuration Examples for Introduction to Networks v1 (ITN)ICMPLab 13.2.6 - Verify IPv4 and IPv6 AddressingPod Number: 21Season: 1-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment
När PCR-tekniken var helt ny på 1980-talet användes den för att hitta de "stulna barnen" i diktaturens Argentina och para ihop dem med sina släktingar. Den knappt färdigutvecklade PCR-tekniken hjälpte genetikern Mary-Claire King att bistå alla de mormödrar som ville hitta sina stulna och försvunna barnbarn i Argentina. Det banade sedan väg för de tekniker som användes för att identifiera personer i massgravarna i Srebrenica, terrordådet vid World Trade Center och i tsunamin.Förutom Mary-Claire King hör vi kända människorättsaktivisten Estela de Carlotto, ordförande i organisationen av kämpande argentinska mor- och farmödrar, som sökte sin dotterson i 36 år.Vi hör också Thomas Parsons, vetenskaplig chef på den internationella kommissionen för försvunna personer, ICMP, och Rebecca Sjöstrand, som miste sin kusin i tsunamin, och under lång tid inte fick veta vad som hänt henne.Podden är en repris från 9 april 2021. Programledare Lena NordlundProducent Björn Gunér
After dropping out of studying drama and visual art, Mel Uye-Parker started picking up multi-track recorders, recording vocals in studios, writing songs for other artists and eventually studying recording and composition. Now, she's an artist with over two decades under her belt and programme leader of ICMP's Creative Music Production MA. Inside this episode Isobel gets to hear about all of this as well as how Mel's identity as a black, gay woman has shaped her experience of the wider white-hetero dominant culture of music production. Mel also shared about the music she's making today, including a new release under her artist project, OMOTE. ___________Girls Twiddling Knobs is hosted and produced by Isobel Anderson with production support from Jade Bailey and Francesca O'Connor and is a Female DIY Musician Production.EPISODE HIGHLIGHTS{0:00} Intro{04:42} Musical identity{16:00} How Mel got into music production{32:08} Experiencing imposter syndrome as a producer {37:54} Has Mel's identity affected her experience as an artist and an educator?{55:08} Mel's new project ‘OMOTE'{01:05:58} Episode SummaryGirls Twiddling Knobs listeners get 10% off iZotope's award-winning audio plugins and a 30 day free trial of their incredible Music Production Suite 4.1. Just use the code GIRLSPOD10 here >>Find out more about Mel's work >>Follow the OMOTE project on Instagram >> Listen to the episode hereListen on SpotifyJoin the Girls Twiddling Knobs Podcast Community here >>Which vocal mic is your perfect match? TAKE THE QUIZ >> Love Girls Twiddling Knobs? Leave a review wherever you're listening and let me know!
Introduction to Networks with KevTechify on the Cisco Certified Network Associate (CCNA)
In this episode we are going to look at Ping and Traceroute Tests.We will be discussing Ping - Test Connectivity, Ping the Loopback, Ping the Default Gateway, Ping a Remote Host, Traceroute - Test the Path, Round-Trip Time (RTT), and finally IPv4 TTL and IPv6 Hop Limit.Thank you so much for listening to this episode of my series on Introduction to Networks for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.com-------------------------------------------------------Cisco Certified Network Associate (CCNA)Introduction to Networks v1 (ITN)Episode 13 - ICMPPart B - Ping and Traceroute TestsPodcast Number: 69-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment
Introduction to Networks with KevTechify on the Cisco Certified Network Associate (CCNA)
In this episode we are going to look at ICMP Messages.We will be discussing ICMPv4 and ICMPv6 Messages, Host Reachability, Destination or Service Unreachable, Time Exceeded, and ICMPv6 Messages.Thank you so much for listening to this episode of my series on Introduction to Networks for the Cisco Certified Network Associate (CCNA).Once again, I'm Kevin and this is KevTechify. Let's get this adventure started.All my details and contact information can be found on my website, https://KevTechify.com-------------------------------------------------------Cisco Certified Network Associate (CCNA)Introduction to Networks v1 (ITN)Episode 13 - ICMPPart A - ICMP MessagesPodcast Number: 68-------------------------------------------------------Equipment I like.Home Lab ►► https://kit.co/KevTechify/home-labNetworking Tools ►► https://kit.co/KevTechify/networking-toolsStudio Equipment ►► https://kit.co/KevTechify/studio-equipment
Does Elon Musk actually understand how the Internet works? Can he explain traceroute and tracert properly? Well... let's see... I'll demonstrate how multiple operating systems: Windows 11, MacOS, Linux use traceroute. There are differences including the fact that Windows uses ICMP, but macOS and Linux use UDP and ICMP. Full Elon Musk Interview: https://youtu.be/jvGnw1sHh9M // MENU // 0:00 ▶️ Introduction 0:08 ▶️ Elon Musk Babylon Bee interview video 1:11 ▶️ How trace route works 1:40 ▶️ What is ping? 1:48 ▶️ Internet Control Message Protocol (ICMP) 2:32 ▶️ How trace route (tracert) works on Windows 3:50 ▶️ What is a router? 4:10 ▶️ Wireshark packet captures 5:21 ▶️ Time To Live (TTL) 10:18 ▶️ Domain lookup using Whois 10:55 ▶️ Time To Live (TTL) (cont'd) 12:10 ▶️ Trace route phone application 13:43 ▶️ Submarine cable map 15:22 ▶️ Traceroute on MacOS 18:34 ▶️ UDP explanation 19:56 ▶️ Traceroute on Linux 21:42 ▶️ Conclusion // iPhone App I used // Name: Network Analyzer Link: https://apps.apple.com/us/app/network... // SOCIAL // Discord: https://discord.com/invite/usKSyzb Twitter: https://www.twitter.com/davidbombal Instagram: https://www.instagram.com/davidbombal LinkedIn: https://www.linkedin.com/in/davidbombal Facebook: https://www.facebook.com/davidbombal.co TikTok: http://tiktok.com/@davidbombal YouTube: https://www.youtube.com/davidbombal // MY STUFF // Monitor: https://amzn.to/3yyF74Y More stuff: https://www.amazon.com/shop/davidbombal // SPONSORS // Interested in sponsoring my videos? Reach out to my team here: sponsors@davidbombal.com elon musk elonmusk babylon bee babylonbee elon musk interview internet star link traceroute tracert trace route internet
Catherine Anne Davies aka The Anchoress talks about the expanded edition of her critically acclaimed record The Art of Losing, her approach to songwriting and production, and why there's no such thing as great inspiration.
Just how severe is this DNS cache poisoning attack revealed this week? We'll break it down and explain why Linux is affected. Plus, the feature now removed from APT, more performance patches in the Kernel, and a big batch of project updates.
In this episode we discuss the 25th anniversary of the first DDoS (Distributed Denial of Service) and why this cybersecurity threat is a tricky one to solve. 00:00 to 2:00 Intro to Pankaj Gupta (@PankajOnCloud,CITRIX) Pankaj leads product and solutions marketing and go to market strategy for cloud, application delivery and security solutions at Citrix. He advises CIOs and business leaders for technology and business model transitions. In prior roles at Cisco, he led networking, cybersecurity and software solution marketing. 2:20 The 25th anniversary of the first Denial of Service attack against Panix, an Internet Service Provider (1996) (https://en.wikipedia.org/wiki/Denial-of-service_attack#Distributed_attack) 25 years later, the largest DDoS attack ever recorded targeted Russian ISP Yandex (https://www.cpomagazine.com/cyber-security/russian-internet-giant-yandex-wards-off-the-largest-botnet-ddos-attack-in-history/). Pankaj notes how this was exactly 25 years later to the month. 3:15 What is a DDoS Attack? 1) Connection overload 2) Volumetric like ICMP flood 3) Application Layer 5:20 Coinminer as an example of Denial of Service when CPU is exhausted 6:00 Why are we still talking about DDoS 25 years later? Pankaj states that they are now easier than ever to perform. 7:00 Larry asks about the connection between ransomware and DDoS 9:00 Pankaj describes how the motivation for DDoS has shifted from hacktivism to financial motivation 9:30 Joe asks how much it costs for an attacker to operate 10:00 Pankaj explains that unskilled attackers with access to the Dark web can orchestrate attacks 11:45 Joe discusses how many attackers target healthcare despite how this hurts people 12:45 Pankaj discusses that while federal laws exist, very few are prosecuted for DDoS attacks. 13:50 Larry asks whether businesses are paying the ransom 14:15 Pankaj says paying the ransom is never recommended. Instead, Pankaj recommends investing in DDoS protection solutions 15:25 Joe asks whether tools exist to quantify costs for downtime to justify the expense of DDoS prevention solutions. 16:30 Pankaj explains how it is not just the economic impact of downtime that is to be factored into the equation but also the damage to reputation by losing customer's trust. 17:30 Pankaj describes three trends that will cause DDoS attacks to increase in the future (things will get worse rather than better). This is due to increased bandwidth for 5G, exponential growth of IoT devices, and the improved computation power. 18:30 What is IoT? (Internet of Things). This is any device that has an internet connection such as a Nanny Camera, home router, or NEST Thermostat. Bad actors exploits vulnerabilities to transform these devices into a “BOT Network” that the attackers can then use in mass quantity against a single target. This forms the source for the DDoS attacks. All of these devices combined will send packets to the victim website. 20:50 What solutions exist for DDoS? Joe explains how he has solved DDoS historically using services from CloudFlare. 22:00 Joe explains how he configured DDoS protection by configuring DNS, and the weakness when attackers discover the direct IP using OSINT 23:15 Joe asks Pankaj how does Citrix compare with competitors 23:35 Pankaj describes four key criteria when selecting a DDoS solution. 1) The solution should protect against a variety of types of DDoS attacks 2) Can the solution scale? As DDoS attacks increase in size 20% Year over Year (it's expected to be 3 terabits). 3) The advantage of a cloud-based solution is that it can auto-scale in bandwidth whereas an on-premises DDoS solution cannot guard against bandwidth saturation. 25:50 Joe asks Pankaj if Citrix uses its own data centers (does it have exposures if data centers like Google, Amazon or Microsoft). Pankaj describes the Citrix solution as having the scale to handle 12 terabits of scrubbing across multiple points of presence (pop). 29:00 Pankaj describes two types of DDoS solutions, Always-ON, or On-Demand. If you are an e-commerce website then Always-on may make more sense even though it costs more than on-demand because every minute that you cannot sell your products will lose money. 31:00 DDoS attacks can be a diversion tactic to distract IT and SECOPS teams so that the attackers can perform other types of attacks such as financial fraud (Wire Fraud, SWIFT, etc) 32:40 Larry asks: What is the difference between a buffer overflow and DDoS? Pankaj explains that a buffer overflow could be used as a type of DDoS since it could impact the availability of the service. 34:00 Joe describes how DDoS strikes at the heart of one of the three components of the CIA Triad “Confidentiality, Integrity, and Availability.” 35:00 For businesses interested in learning more about Citrix solutions, Pankaj recommends using this contact form on the Citrix website: https://www.citrix.com/contact/form/inquiry/ 36:30 Joe asks what market is Citrix chasing: Small Business, Mid-Market or Enterprise? Pankaj responds that all businesses need DDoS protection, and how cloud-based solutions are easier to implement.
Just how severe is this DNS cache poisoning attack revealed this week? We'll break it down and explain why Linux is affected. Plus, the feature now removed from APT, more performance patches in the Kernel, and a big batch of project updates.
Hello everyone my name is vijay kumar Devireddy and I am glad to have you back on my episode 71 today we're going to discuss about we're going to focus on the concept of a Denial of Service attack.Now, a Denial of Service attack isn't a specific attack in and of itself,but instead is this category or type of attack that's carried out in a number of different ways.Essentially, the term Denial of Service is used to describe any attack which attempts to make a computer or service resources unavailable,but it can also be extended to network devices,like switches and routers as well.There are five subcategories of Denial of Service attacks,Flooding Attacks, the Ping of Death, the Teardrop,the Permanent Denial of Service attack, and the Fork Bomb.The first category is called a Flood Attack.This is a specialized type of Denial of Service which attempts to send more packets to a single server or host than it can handle.So, in this example,we see an attacker sending 12 requests at a time to a server.Now, normally a server wouldn't be overloaded with just 12 requests,but if I could send 12 hundred or 12,000 that might allow me to flood that server and take it down.Now, under a Flood Attack we have a few different specialized varieties that you're going to come across The first is called a Ping Flood,this attack is going to happen when somebody attempts to flood your server by sending too many pings.Now a ping is technically an ICMP echo request packet,but they like to call it a ping Because a Ping Flood has become so commonplace though,many organizations are now simply blocking echo replies,and simply having the firewall dropping these requests whenever they're received.This results in the attacker simply getting a request timed out message,and the service remains online,and the Denial of Service is stopped.Next we have a Smurf Attack.This is like a Ping Flood,but instead of trying to flood a server by sending out pings directly to it,the attacker instead tries to amplify this attack by sending a ping to a subnet broadcast address instead,using the spoofed IP of the target server.This causes all of the devices on that subnet to reply back to the victimized server with those ICMP echo replies,and it's going to eat up a lot of bandwidth,and processing power.Now, you can see how this looks here,with the attacker sending the ping request with the IP of that server being spoofed into the request,and now the destination is sent to the broadcast of that subnet.In this example, all three PCs in the subnet are going to reply back to that ping request thinking it's from the server,and the server gets three times the amount of ping replies than if the attacker had sent it to them directly.Now, this allows that attack to be amplified,especially if the attacker can get a large subnet,like a /16 or a /8 used in this attack.The next kind of Flood Attack is what we call Fraggle.Fraggle is a throwback reference to the kids show Fraggle Rock from the 1980s,which aired around the same time as the Smurf TV show.So you can guess that Fraggle and Smurf are kind of related.Well with Fraggle, instead of using an ICP echo reply,Fraggle uses a UDP echo instead.This traffic is directed to the UDP port of seven,which is the echo port for UDP, and the UDP port of 19,which is the character generation port.This is an older attack,and most networks don't have this vulnerability anymore,and both of these ports are usually closed,'cause again, they're unnecessary.Notice that I didn't have them in your port memorization chart either.Now, because of this,Fraggle attacks are considered very uncommon today.That said, a UDP Flood Attack,which is a variant of Fraggle,is still heavily used these days.It works basically the same way as a Fraggle attack,but it uses different UDP ports.
Just how severe is this DNS cache poisoning attack revealed this week? We'll break it down and explain why Linux is affected. Plus, the feature now removed from APT, more performance patches in the Kernel, and a big batch of project updates.
This week in the Security News: The FBI is spamming you, hacking exists in the mind, Beg Bounties, nasty top-level domains, MosesStaff, why own one npm package when you can own them all, how much is your 0day worth, upnp strikes again, when patches break exploits in weird ways, records exposed in stripchat leak, can we just block ICMP?, trojans in your IDA, suing Satoshi Nakamoto, paying to be in the mile high club, it was cilantro, and sexy VR furniture! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw719
This week in the Security News: The FBI is spamming you, hacking exists in the mind, Beg Bounties, nasty top-level domains, MosesStaff, why own one npm package when you can own them all, how much is your 0day worth, upnp strikes again, when patches break exploits in weird ways, records exposed in stripchat leak, can we just block ICMP?, trojans in your IDA, suing Satoshi Nakamoto, paying to be in the mile high club, it was cilantro, and sexy VR furniture! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw719
This week, we kick off the show with a technical segment where we walk through creating vulnerable Docker Containers – On Purpose! Then, Derek Rook from Senior Director Purple Team atTeradata, & SANS Certified Instructor joins to discuss technologies to build CTFs as well as what types of things to consider while doing so!! In the Security News: The FBI is spamming you, hacking exists in the mind, Beg Bounties, nasty top-level domains, MosesStaff, why own one npm package when you can own them all, how much is your 0day worth, upnp strikes again, when patches break exploits in weird ways, records exposed in stripchat leak, can we just block ICMP?, trojans in your IDA, suing Satoshi Nakamoto, paying to be in the mile high club, it was cilantro, and sexy VR furniture! Show Notes: https://securityweekly.com/psw719 Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
Alessandra La Vaccara , Program Manager of the Missing Migrants Project from ICMP joins the podcast. Dr. La Vaccara has been working on missing persons-related issues since 2012. Prior to joining ICMP, she worked for the ICRC, the UN Office for Disaster Risk Reduction, the International Federation of Red Cross and Red Crescent Societies, the European Commission, and the Italian Senate. Dr. La Vaccara has also pursued research activities on missing persons with the Harvard Law School as Albert Gallatin Fellow and with the Cardozo Law Institute in Holocaust and Human Rights as visiting research scholar.
How should we investigate mass graves? Kathryne Bomberger from the ICMP and the UN's Agnes Callamard join us with a zoom audience to discuss the challenges facing states and victims' families.
Lucinda Allen is a London based proficient and successful Voice & Singing Coach who works in both the Creative and Corporate sectors. In this episode, she shares her story and advice on having your Voice Unlocked. She is a strong believer that every person has the right to free and dynamic voice, and is keen to facilitate this through her in-depth knowledge and talent in teaching. - Lucinda's expertise spans across both the Spoken and Singing voice, of which she holds a Distinction at Masters level in 'The Practice of Voice and Singing' from one of the UK's most reputable Conservatoires, Guildford School of Acting. Her expertise is delivered consistently through a passion for Teaching & Learning and robust pedagogy as a fully qualified teacher. Lucinda's clientele range from leading West End Performers from shows such as (Lion King, Aladdin & Wicked, etc), Grammy Award-winning artists such as Lalah Hathaway, Actors (such as Warhorse, Curious Puppetry), Presenters (such as BBC) and Education Programmes (such as ICMP, Bird College, Westminster University, LCCM, South Bank University). As well as this Lucinda works with corporate organizations such as the NHS & Cancer Research UK. - -We invite you to subscribe to our Podcast and share it with others! -To support this Podcast visit us on Patreon -To find out more about us visit: www.artistshouseinternational.com -Instagram: @artistshouseinternational -Twitter: @artistshouseint -Facebook: @artistshouseinternational
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Encrypted Word Maldocs https://isc.sans.edu/forums/diary/More+malspam+using+passwordprotected+Word+docs/24262/ iOS / MacOS ICMP Error Remote Code Execution https://lgtm.com/blog/apple_xnu_icmp_error_CVE-2018-4407 iOS Lock Screen Bypass https://www.youtube.com/watch?v=ojigFgwrtKs
This week, we look forward with the latest OpenBSD release, look back with Dennis Ritchie's paper on the evolution of Unix Time Sharing, have an Interview with Kris This episode was brought to you by OpenBSD 6.1 RELEASED (http://undeadly.org/cgi?action=article&sid=20170411132956) Mailing list post (https://marc.info/?l=openbsd-announce&m=149191716921690&w=2') We are pleased to announce the official release of OpenBSD 6.1. This is our 42nd release. New/extended platforms: New arm64 platform, using clang(1) as the base system compiler. The loongson platform now supports systems with Loongson 3A CPU and RS780E chipset. The following platforms were retired: armish, sparc, zaurus New vmm(4)/ vmd(8) IEEE 802.11 wireless stack improvements Generic network stack improvements Installer improvements Routing daemons and other userland network improvements Security improvements dhclient(8)/ dhcpd(8)/ dhcrelay(8) improvements Assorted improvements OpenSMTPD 6.0.0 OpenSSH 7.4 LibreSSL 2.5.3 mandoc 1.14.1 *** Fuzz Testing OpenSSH (http://vegardno.blogspot.ca/2017/03/fuzzing-openssh-daemon-using-afl.html) Vegard Nossum writes a blog post explaining how to fuzz OpenSSH using AFL It starts by compiling AFL and SSH with LLVM to get extra instrumentation to make the fuzzing process better, and faster Sandboxing, PIE, and other features are disabled to increase debuggability, and to try to make breaking SSH easier Privsep is also disabled, because when AFL does make SSH crash, the child process crashing causes the parent process to exit normally, and AFL then doesn't realize that a crash has happened. A one-line patch disables the privsep feature for the purposes of testing A few other features are disabled to make testing easier (disabling replay attack protection allows the same inputs to be reused many times), and faster: the local arc4random_buf() is patched to return a buffer of zeros disabling CRC checks disabling MAC checks disabling encryption (allow the NULL cipher for everything) add a call to _AFLINIT(), to enable “deferred forkserver mode” disabling closefrom() “Skipping expensive DH/curve and key derivation operations” Then, you can finally get around to writing some test cases The steps are all described in detail In one day of testing, the author found a few NULL dereferences that have since been fixed. Maybe you can think of some other code paths through SSH that should be tested, or want to test another daemon *** Getting OpenBSD running on Raspberry Pi 3 (http://undeadly.org/cgi?action=article&sid=20170409123528) Ian Darwin writes in about his work deploying the arm64 platform and the Raspberry Pi 3 So I have this empty white birdhouse-like thing in the yard, open at the front. It was intended to house the wireless remote temperature sensor from a low-cost weather station, which had previously been mounted on a dark-colored wall of the house [...]. But when I put the sensor into the birdhouse, the signal is too weak for the weather station to receive it (the mounting post was put in place by a previous owner of our property, and is set deeply in concrete). So the next plan was to pop in a tiny OpenBSD computer with a uthum(4) temperature sensor and stream the temperature over WiFi. The Raspberry Pi computers are interesting in their own way: intending to bring low-cost computing to everybody, they take shortcuts and omit things that you'd expect on a laptop or desktop. They aren't too bright on their own: there's very little smarts in the board compared to the "BIOS" and later firmwares on conventional systems. Some of the "smarts" are only available as binary files. This was part of the reason that our favorite OS never came to the Pi Party for the original rpi, and didn't quite arrive for the rpi2. With the rpi3, though, there is enough availability that our devs were able to make it boot. Some limitations remain, though: if you want to build your own full release, you have to install the dedicated raspberrypi-firmware package from the ports tree. And, the boot disks have to have several extra files on them - this is set up on the install sets, but you should be careful not to mess with these extra files until you know what you're doing! But wait! Before you read on, please note that, as of April 1, 2017, this platform boots up but is not yet ready for prime time: there's no driver for SD/MMC but that's the only thing the hardware can level-0 boot from, so you need both the uSD card and a USB disk, at least while getting started; there is no support for the built-in WiFi (a Broadcom BCM43438 SDIO 802.11), so you have to use wired Ethernet or a USB WiFi dongle (for my project an old MSI that shows up as ural(4) seems to work fine); the HDMI driver isn't used by the kernel (if a monitor is plugged in uBoot will display its messages there), so you need to set up cu with a 3V serial cable, at least for initial setup. the ports tree isn't ready to cope with the base compiler being clang yet, so packages are "a thing of the future" But wait - there's more! The "USB disk" can be a USB thumb drive, though they're generally slower than a "real" disk. My first forays used a Kingston DTSE9, the hardy little steel-cased version of the popular DataTraveler line. I was able to do the install, and boot it, once (when I captured the dmesg output shown below). After that, it failed - the boot process hung with the ever-unpopular "scanning usb for storage devices..." message. I tried the whole thing again with a second DTSE9, and with a 32GB plastic-cased DataTraveler. Same results. After considerable wasted time, I found a post on RPI's own site which dates back to the early days of the PI 3, in which they admit that they took shortcuts in developing the firmware, and it just can't be made to work with the Kingston DataTraveler! Not having any of the "approved" devices, and not living around the corner from a computer store, I switched to a Sabrent USB dock with a 320GB Western Digital disk, and it's been rock solid. Too big and energy-hungry for the final project, but enough to show that the rpi3 can be solid with the right (solid-state) disk. And fast enough to build a few simple ports - though a lot will not build yet. I then found and installed OpenBSD onto a “PNY” brand thumb drive and found it solid - in fact I populated it by dd'ing from one of the DataTraveller drives, so they're not at fault. Check out the full article for detailed setup instructions *** Dennis M. Ritchie's Paper: The Evolution of the Unix Time Sharing System (http://www.read.seas.harvard.edu/~kohler/class/aosref/ritchie84evolution.pdf) From the abstract: This paper presents a brief history of the early development of the Unix operating system. It concentrates on the evolution of the file system, the process-control mechanism, and the idea of pipelined commands. Some attention is paid to social conditions during the development of the system. During the past few years, the Unix operating system has come into wide use, so wide that its very name has become a trademark of Bell Laboratories. Its important characteristics have become known to many people. It has suffered much rewriting and tinkering since the first publication describing it in 1974 [1], but few fundamental changes. However, Unix was born in 1969 not 1974, and the account of its development makes a little-known and perhaps instructive story. This paper presents a technical and social history of the evolution of the system. High level document structure: Origins The PDP-7 Unix file system Process control IO Redirection The advent of the PDP-11 The first PDP-11 system Pipes High-level languages Conclusion One of the comforting things about old memories is their tendency to take on a rosy glow. The programming environment provided by the early versions of Unix seems, when described here, to be extremely harsh and primitive. I am sure that if forced back to the PDP-7 I would find it intolerably limiting and lacking in conveniences. Nevertheless, it did not seem so at the time; the memory fixes on what was good and what lasted, and on the joy of helping to create the improvements that made life better. In ten years, I hope we can look back with the same mixed impression of progress combined with continuity. Interview - Kris Moore - kris@trueos.org (mailto:kris@trueos.org) | @pcbsdkris (https://twitter.com/pcbsdkris) Director of Engineering at iXSystems FreeNAS News Roundup Compressed zfs send / receive now in FreeBSD's vendor area (https://svnweb.freebsd.org/base?view=revision&revision=316894) Andriy Gapon committed a whole lot of ZFS updates to FreeBSD's vendor area This feature takes advantage of the new compressed ARC feature, which means blocks that are compressed on disk, remain compressed in ZFS' RAM cache, to use the compressed blocks when using ZFS replication. Previously, blocks were uncompressed, sent (usually over the network), then recompressed on the other side. This is rather wasteful, and can make the process slower, not just because of the CPU time wasted decompressing/recompressing the data, but because it means more data has to be sent over the network. This caused many users to end up doing: zfs send | xz -T0 | ssh unxz | zfs recv, or similar, to compress the data before sending it over the network. With this new feature, zfs send with the new -c flag, will transmit the already compressed blocks instead. This change also adds longopts versions of all of the zfs send flags, making them easier to understand when written in shell scripts. A lot of fixes, man page updates, etc. from upstream OpenZFS Thanks to everyone who worked on these fixes and features! We'll announce when these have been committed to head for testing *** Granting privileges using the FreeBSD MAC framework (https://mysteriouscode.io/blog/granting-privileges-using-mac-framework/) The MAC (Mandatory Access Control) framework allows finer grained permissions than the standard UNIX permissions that exist in the base system FreeBSD's kernel provides quite sophisticated privilege model that extends the traditional UNIX user-and-group one. Here I'll show how to leverage it to grant access to specific privileges to group of non-root users. mac(9) allows creating pluggable modules with policies that can extend existing base system security definitions. struct macpolicyops consist of many entry points that we can use to amend the behaviour. This time, I wanted to grant a privilege to change realtime priority to a selected group. While Linux kernel lets you specify a named group, FreeBSD doesn't have such ability, hence I created this very simple policy. The privilege check can be extended using two user supplied functions: privcheck and privgrant. The first one can be used to further restrict existing privileges, i.e. you can disallow some specific priv to be used in jails, etc. The second one is used to explicitly grant extra privileges not available for the target in base configuration. The core of the macrtprio module is dead simple. I defined sysctl tree for two oids: enable (on/off switch for the policy) and gid (the GID target has to be member of), then I specified our custom version of mpoprivgrant called rtprioprivgrant. Body of my granting function is even simpler. If the policy is disabled or the privilege that is being checked is not PRIVSCHED_RTPRIO, we simply skip and return EPERM. If the user is member of the designated group we return 0 that'll allow the action – target would change realtime privileges. Another useful thing the MAC framework can be used to grant to non-root users: PortACL: The ability to bind to TCP/UDP ports less than 1024, which is usually restricted to root. Some other uses for the MAC framework are discussed in The FreeBSD Handbook (https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mac.html) However, there are lots more, and we would really like to see more tutorials and documentation on using MAC to make more secure servers, but allowing the few specific things that normally require root access. *** The Story of the PING Program (http://ftp.arl.army.mil/~mike/ping.html) This is from the homepage of Mike Muuss: Yes, it's true! I'm the author of ping for UNIX. Ping is a little thousand-line hack that I wrote in an evening which practically everyone seems to know about. :-) I named it after the sound that a sonar makes, inspired by the whole principle of cho-location. In college I'd done a lot of modeling of sonar and radar systems, so the "Cyberspace" analogy seemed very apt. It's exactly the same paradigm applied to a new problem domain: ping uses timed IP/ICMP ECHOREQUEST and ECHOREPLY packets to probe the "distance" to the target machine. My original impetus for writing PING for 4.2a BSD UNIX came from an offhand remark in July 1983 by Dr. Dave Mills while we were attending a DARPA meeting in Norway, in which he described some work that he had done on his "Fuzzball" LSI-11 systems to measure path latency using timed ICMP Echo packets. In December of 1983 I encountered some odd behavior of the IP network at BRL. Recalling Dr. Mills' comments, I quickly coded up the PING program, which revolved around opening an ICMP style SOCKRAW AFINET Berkeley-style socket(). The code compiled just fine, but it didn't work -- there was no kernel support for raw ICMP sockets! Incensed, I coded up the kernel support and had everything working well before sunrise. Not surprisingly, Chuck Kennedy (aka "Kermit") had found and fixed the network hardware before I was able to launch my very first "ping" packet. But I've used it a few times since then. grin If I'd known then that it would be my most famous accomplishment in life, I might have worked on it another day or two and added some more options. The folks at Berkeley eagerly took back my kernel modifications and the PING source code, and it's been a standard part of Berkeley UNIX ever since. Since it's free, it has been ported to many systems since then, including Microsoft Windows95 and WindowsNT. In 1993, ten years after I wrote PING, the USENIX association presented me with a handsome scroll, pronouncing me a Joint recipient of The USENIX Association 1993 Lifetime Achievement Award presented to the Computer Systems Research Group, University of California at Berkeley 1979-1993. ``Presented to honor profound intellectual achievement and unparalleled service to our Community. At the behest of CSRG principals we hereby recognize the following individuals and organizations as CSRG participants, contributors and supporters.'' Wow! The best ping story I've ever heard was told to me at a USENIX conference, where a network administrator with an intermittent Ethernet had linked the ping program to his vocoder program, in essence writing: ping goodhost | sed -e 's/.*/ping/' | vocoder He wired the vocoder's output into his office stereo and turned up the volume as loud as he could stand. The computer sat there shouting "Ping, ping, ping..." once a second, and he wandered through the building wiggling Ethernet connectors until the sound stopped. And that's how he found the intermittent failure. FreeBSD: /usr/local/lib/libpkg.so.3: Undefined symbol "utimensat" (http://glasz.org/sheeplog/2017/02/freebsd-usrlocalliblibpkgso3-undefined-symbol-utimensat.html) The internet will tell you that, of course, 10.2 is EOL, that packages are being built for 10.3 by now and to better upgrade to the latest version of FreeBSD. While all of this is true and running the latest versions is generally good advise, in most cases it is unfeasible to do an entire OS upgrade just to be able to install a package. Points out the ABI variable being used in /usr/local/etc/pkg/repos/FreeBSD.conf Now, if you have 10.2 installed and 10.3 is the current latest FreeBSD version, this url will point to packages built for 10.3 resulting in the problem that, when running pkg upgrade pkg it'll go ahead and install the latest version of pkg build for 10.3 onto your 10.2 system. Yikes! FreeBSD 10.3 and pkgng broke the ABI by introducing new symbols, like utimensat. The solution: Have a look at the actual repo url http://pkg.FreeBSD.org/FreeBSD:10:amd64… there's repo's for each release! Instead of going through the tedious process of upgrading FreeBSD you just need to Use a repo url that fits your FreeBSD release: Update the package cache: pkg update Downgrade pkgng (in case you accidentally upgraded it already): pkg delete -f pkg pkg install -y pkg Install your package There you go. Don't fret. But upgrade your OS soon ;) Beastie Bits CPU temperature collectd report on NetBSD (https://imil.net/blog/2017/01/22/collectd_NetBSD_temperature/) Booting FreeBSD 11 with NVMe and ZFS on AMD Ryzen (https://www.servethehome.com/booting-freebsd-11-nvme-zfs-amd-ryzen/) BeagleBone Black Tor relay (https://torbsd.github.io/blog.html#busy-bbb) FreeBSD - Disable in-tree GDB by default on x86, mips, and powerpc (https://reviews.freebsd.org/rS317094) CharmBUG April Meetup (https://www.meetup.com/CharmBUG/events/238218742/) The origins of XXX as FIXME (https://www.snellman.net/blog/archive/2017-04-17-xxx-fixme/) *** Feedback/Questions Felis - L2ARC (http://dpaste.com/2APJE4E#wrap) Gabe - FreeBSD Server Install (http://dpaste.com/0BRJJ73#wrap) FEMP Script (http://dpaste.com/05EYNJ4#wrap) Scott - FreeNAS & LAGG (http://dpaste.com/1CV323G#wrap) Marko - Backups (http://dpaste.com/3486VQZ#wrap) ***
Catching up to BSD, news about the NetBSD project, a BSD Phone, and a bunch of OpenBSD and TrueOS News. This episode was brought to you by Headlines NetBSD 7.1 released (http://www.netbsd.org/releases/formal-7/NetBSD-7.1.html) This update represents a selected subset of fixes deemed important for security or stability reasons, as well as new features and enhancements. Kernel compat_linux(8) (http://netbsd.gw.com/cgi-bin/man-cgi?compat_linux+8.i386+NetBSD-7.1): Fully support schedsetaffinity and schedgetaffinity, fixing, e.g., the Intel Math Kernel Library. DTrace: Avoid redefined symbol errors when loading the module. Fix module autoload. IPFilter: Fix matching of ICMP queries when NAT'd through IPF. Fix lookup of original destination address when using a redirect rule. This is required for transparent proxying by squid, for example. ipsec(4) (http://netbsd.gw.com/cgi-bin/man-cgi?ipsec+4.i386+NetBSD-7.1): Fix NAT-T issue with NetBSD being the host behind NAT. Drivers Add vioscsi driver for the Google Compute Engine disk. ichsmb(4) (http://netbsd.gw.com/cgi-bin/man-cgi?ichsmb+4.i386+NetBSD-7.1): Add support for Braswell CPU and Intel 100 Series. wm(4) (http://netbsd.gw.com/cgi-bin/man-cgi?wm+4.i386+NetBSD-7.1): Add C2000 KX and 2.5G support. Add Wake On Lan support. Fixed a lot of bugs Security Fixes NetBSD-SA2017-001 (http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2017-001.txt.asc) Memory leak in the connect system call. NetBSD-SA2017-002 (http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2017-002.txt.asc) Several vulnerabilities in ARP. ARM related Support for Raspberry Pi Zero. ODROID-C1 Ethernet now works. Summary of the preliminary LLDB support project (http://blog.netbsd.org/tnf/entry/summary_of_the_preliminary_lldb) What has been done in NetBSD Verified the full matrix of combinations of wait(2) and ptrace(2) in the following GNU libstdc++ std::call_once bug investigation test-cases Improving documentation and other minor system parts Documentation of ptrace(2) and explanation how debuggers work Introduction of new siginfo(2) codes for SIGTRAP New ptrace(2) interfaces What has been done in LLDB Native Process NetBSD Plugin The MonitorCallback function Other LLDB code, out of the NativeProcessNetBSD Plugin Automated LLDB Test Results Summary Plan for the next milestone fix conflict with system-wide py-six add support for auxv read operation switch resolution of pid -> path to executable from /proc to sysctl(7) recognize Real-Time Signals (SIGRTMIN-SIGRTMAX) upstream !NetBSDProcessPlugin code switch std::callonce to llvm::callonce add new ptrace(2) interface to lock and unlock threads from execution switch the current PTWATCHPOINT interface to PTGETDBREGS and PT_SETDBREGS Actually building a FreeBSD Phone (https://hackaday.io/project/13145-bsd-based-secure-smartphone) There have been a number of different projects that have proposed building a FreeBSD based smart phone This project is a bit different, and I think that gives it a better chance to make progress It uses off-the-shelf parts, so while not as neatly integrated as a regular smartphone device, it makes a much better prototype, and is more readily available. Hardware overview: X86-based, long-lasting (user-replaceable) battery, WWAN Modem (w/LTE), 4-5" LCD Touchscreen (Preferably w/720p resolution, IPS), upgradable storage. Currently targeting the UDOO Ultra platform. It features Intel Pentium N3710 (2.56GHz Quad-core, HD Graphics 405 [16 EUs @ 700MHz], VT-x, AES-NI), 2x4GB DDR3L RAM, 32GB eMMC storage built-in, further expansion w/M.2 SSD & MicroSD slot, lots of connectivity onboard. Software: FreeBSD Hypervisor (bhyve or Xen) to run atop the hardware, hosting two separate hosts. One will run an instance of pfSense, the "World's Most Popular Open Source Firewall" to handle the WWAN connection, routing, and Firewall (as well as Secure VPN if desired). The other instance will run a slimmed down installation of FreeBSD. The UI will be tweaked to work best in this form factor & resources tuned for this platform. There will be a strong reliance on Google Chromium & Google's services (like Google Voice). The project has a detailed log, and it looks like the hardware it is based on will ship in the next few weeks, so we expect to see more activity. *** News Roundup NVME M.2 card road tests (Matt Dillon) (http://lists.dragonflybsd.org/pipermail/users/2017-March/313261.html) DragonFlyBSD's Matt Dillon has posted a rundown of the various M.2 NVMe devices he has tested SAMSUNG 951 SAMSUNG 960 EVO TOSHIBA OCZ RD400 INTEL 600P WD BLACK 256G MYDIGITALSSD PLEXTOR M8Pe It is interesting to see the relative performance of each device, but also how they handle the workload and manage their temperature (or don't in a few cases) The link provides a lot of detail about different block sizes and overall performance *** ZREP ZFS replication and failover (http://www.bolthole.com/solaris/zrep/) "zrep", a robust yet easy to use ZFS based replication and failover solution. It can also serve as the conduit to create a simple backup hub. The tool was originally written for Solaris, and is written in ksh However, it seems people have used it on FreeBSD and even FreeNAS by installing the ksh93 port Has anyone used this? How does it compare to tools like zxfer? There is a FreeBSD port, but it is a few versions behind, someone should update it We would be interested in hearing some feedback *** Catching up on some TrueOS News TrueOS Security and Wikileaks revelations (https://www.trueos.org/blog/trueos-security-wikileaks-revelations/) New Jail management utilities (https://www.trueos.org/blog/new-jail-management-utilities/) Ken Moore's talk about Sysadm from Linuxfest 2016 (https://www.youtube.com/watch?v=PyraePQyCGY) The Basics of using ZFS with TrueOS (https://www.trueos.org/blog/community-spotlight-basics-using-zfs-trueos/) *** Catching up on some OpenBSD News OpenBSD 6.1 coming May 1 (https://www.openbsd.org/61.html) OpenBSD Foundation 2016 Fundraising (goal: $250K actual: $573K) (http://undeadly.org/cgi?action=article&sid=20170223044255) The OpenBSD Foundation 2017 Fundraising Campaign (http://www.openbsdfoundation.org/campaign2017.html) OpenBSD MitM attack against WPA1/WPA2 (https://marc.info/?l=openbsd-announce&m=148839684520133&w=2) OpenBSD vmm/vmd Update (https://www.openbsd.org/papers/asiabsdcon2017-vmm-slides.pdf) *** Beastie Bits HardenedBSD News: Introducing CFI (https://hardenedbsd.org/article/shawn-webb/2017-03-02/introducing-cfi) New version of Iocage (Python 3) on FreshPorts (https://www.freshports.org/sysutils/py3-iocage/) DragonFly BSD Network performance comparison as of today (https://leaf.dragonflybsd.org/~sephe/perf_cmp.pdf) KnoxBUG recap (http://knoxbug.org/content/knoxbug-wants-you) *** Feedback/Questions Noel asks about moving to bhyve/jails (https://pastebin.com/7B47nuC0) ***
Global experts in DNA identification are flying to the Philippines to assess whether they can help families to determine, beyond doubt, which of the hundreds of victims of Typhoon Haiyan are their relatives. The International Commission on Missing Persons in Sarajevo used DNA matching to identify the thousands killed in the former Yugoslavia and has since helped in conflict zones around the world. Now, working with Interpol, scientists from the ICMP are called on to assist in victim identification after natural disasters as well, and head of forensic services, Dr Thomas Parsons, tells Adam Rutherford that a team will be sent to the Philippines on Monday.The enormous ash cloud following the 2010 eruption of the Icelandic volcano, Eyjafjallajokell, grounded aircraft across Europe for more than a week and caused unprecedented disruption. Dr Fred Prata has invented a weather radar for ash, and off the Bay of Biscay, his AVOID infra red camera system, the Airborne Volcanic Object Imaging Detector, has just been tested after a ton of Icelandic volcanic ash was dropped by aeroplane into the sky. From France, Dr Prata describes the experiment and Dr Sue Loughlin, Head of Volcanology at the British Geological Survey in Edinburgh, tells Adam how Iceland has become the scientific "supersite" for seismic research.Show Us Your Instrument: Dr Glenn Gibson at the University of Reading with his Robo gut, a full-working model of the human large intestine.Liverpool University's Dr Julian Chantrey, and his PhD student have spent the past 4 years monitoring red squirrels in the Sefton area. Out of the 93 they trapped and blood tested, 5 had antibodies for the normally-deadly squirrel pox, suggesting they had contracted the pox and survived. It's early days but this could mean that reds are developing a level of resistance to the squirrel pox, like rabbits have to myxomatosis. We could be seeing evolution by natural selection in action.Producer: Fiona Hill.