Information

Affiliation:: NIL Data Communications

Fans

6 of 255 fansSee All

Social Hacking » Blog Archive » Facebook Platform Privacy Issues

4:42am Jun 27

What IPv6 address is that? (ISP Column - August 2008)

4:07am Jun 26

Events

1 past eventSee All

Pilot online session: Routing ...
Internet (WebEx)
Wednesday, December 3 at 5:00pm

Create a Page Report Page

Ivan Pepelnjak

Filters

Two days ago I’ve managed to write aGenuineStupidity™ (OK, maybe I cannot get a trademark on this concept): the MQC shaping actions cannot be attached to a Dialer interface; they have to be specified on the underlying physical interface (in case of PPPoE link, the outside Ethernet...

Thu at 11:32pm

Ivan Pepelnjak

What went wrong: end-to-end ATM

Red Pineapple was kind enough to share his 15-year-old ATM slides...

Thu at 11:32pm

Ivan Pepelnjak

Service Provider “Services and Solutions” bootcamp

Last week I happened to be copied on an e-mail which included a PDF describing a “SP Services and Solutions” bootcamp I knew nothing about...

June 30 at 11:12pm

Ivan Pepelnjak

ADSL QoS basics

Based on the ADSL reference model we’ve discussed last week, let’s try to figure out how you can influence the quality of service over your ADSL link (for example, you’d like to prioritize VoIP packets over web download)...

June 29 at 10:46pm

Ivan Pepelnjak

There is no local command authorization

Shahid wrote me an e-mail asking about local command authorization...

June 29 at 12:03am

Ivan Pepelnjak If you're old enough to remember Thick Coax Ethernet with the vampire taps, pleasant memories will probably surface after reading this article.

Twenty years later

Source: www.potaroo.net

As I write this, on the 23rd June 2009, I've been reminded that some 20 years ago, on the night of the 23rd June 1989, Robert Elz of the University of Melbourne and Torben Neilsen of the University of ...

June 28 at 10:30am

You and Ed like this.

Ed likes this.

Ivan Pepelnjak

Help appreciated: touch-screen drawing

I’m looking for a touch screen device that would work (well) with PowerPoint. I’d like to start drawing my diagrams with a pen, not with a mouse; I have a completely unfounded irrational belief that drawing with a pen might be faster and easier than using a mouse. Any (tested) ideas?

June 28 at 9:19am

Ivan Pepelnjak Four pretty serious potentially exploitable Facebook privacy issues

Social Hacking » Blog Archive » Facebook Platform Privacy Issues

Source: theharmonyguy.com

For the record, Facebook has some of the most flexible and robust privacy controls I’ve seen in any online social networking service. I never want to take for granted that Facebook engineers have ...

June 27 at 4:42am

Ivan Pepelnjak A nice overview of the IPv6 address space

What IPv6 address is that? (ISP Column - August 2008)

Source: www.potaroo.net

If you have enabled IPv6 on your computer, and in an idle moment you've browsed through the interface configuration information for IPv6 addresses you may have been a little surprised by the fact that there's not just one IPv6 address that's been loaded, but many. ...

June 26 at 4:07am

Perron at 4:48am June 26

so many addresses even your toaster can be on the Internet. Talk about big brother!

Ivan Pepelnjak

IOS HTTP vulnerability

The Cisco Subnet RSS feed I’m receiving from Network World contained interesting information a few days ago: Cisco has reissued the HTTP security advisory from 2005...

June 26 at 3:38am

Ivan Pepelnjak Interesting argument: you lose if you act on misbehavior of your customers, you lose if you don't.

Opinion: The ISPThe Uncommon Carrier - The Internet Protocol Journal - Volume 5, Number 3

Source: www.cisco.com

There is a long-standing role in the communications industry where a provider of public carriage services undertakes the role of a common carrier. What's so special about the role of a common carrier, ...

June 25 at 3:37am

Ivan Pepelnjak

Internet anarchy: I’ll advertise whatever I like

We all know that the global BGP table is exploding (see the Active BGP entries graph) and that it will eventually reach a point where the router manufacturers will not be able to cope with it via constant memory/ASIC upgrades (Note: a layer-3 switch is just a fancy marketing name for a router)...

June 25 at 12:00am

Ivan Pepelnjak

Autocommands in AAA environment

A reader who prefers to remain anonymous has reported an interesting observation: autocommands configured on local usernames do not work after configuring aaa new-model.This article is part of You've asked for it series. Read more in Cisco IOS Hints and Tricks blog

June 23 at 10:45pm

Ivan Pepelnjak

IS-IS is not running over CLNP

A while ago I’ve received an interesting question from someone studying for the CCNP certification: “I know it’s not necessary to configure clns routing if I’m running IS-IS for IP only, but isn’t IS-IS running over CLNS?”I’ve always “known” that IS-IS uses a separate layer-3...

June 23 at 10:45pm

Ivan Pepelnjak

ADSL reference diagram

I’m getting lots of ADSL QoS questions lately, so it’s obviously time to cover this topic...

June 22 at 9:58pm

Ivan Pepelnjak

ATM is like a duck

It was (around) 1995, everyone was talking about ATM, but very few people knew what they were talking about...

June 22 at 9:58pm

Ivan Pepelnjak

Inter-VRF static routes

Swapnendu was trying to implement inter-VRF route leaking in multi-VRF environment without using route targets...

June 22 at 9:58pm

Perron at 3:45am June 23

interesting.

Ivan Pepelnjak Brad Reese stumbled on a gold nugget. Excellent text by George Morton.

How to reduce the high cost of T1 service

Source: www.networkworld.com

18Mbps down and 2Mbps up service for 15% of the cost of T1 service, 36Mbps down and 4Mbps up service for 33% of the cost of T1 service

June 19 at 11:20pm

Ivan Pepelnjak I like the quote at the end of the article: "My competitors are welcome to them. They won't earn anything on them either."

KPN to stop offering 'free' mobiles

Source: www.telegeography.com

Dutch telecoms operator KPN says it will stop offering free mobile handsets to customers taking out a pay-as-you-go package

June 19 at 11:05pm

Stevko Trajkovski hi Ivan,
Do you have any cisco configuration for "Dual Internet Connections without BGP enabled ISP" which really works?
note: all configuratios i tested on cisco1841 have some bugs

THX :)

June 18 at 9:04am · Report

Ivan Pepelnjak at 1:04am June 23

The configurations I've published in the "Small site multihoming" series were all tested (I would never publish a Notepad-generated configuration), but maybe not thoroughly enough.

Get in touch with me with specific issues and we'll try to figure something out.

Ivan Pepelnjak

Recommendations for keepalive/hello timers

The “GRE keepalives or EIGRP hellos” discussion has triggered another interesting question:Is there a good rule-of-thumb for setting hold-down timers in respect to the bandwidth/delay of a given link...

June 17 at 12:07pm

Ivan Pepelnjak Paul McNarama could easily use the same approach on NetworkWorld articles ;)

'Fear grips Google' ...? | NetworkWorld.com Community

Source: www.networkworld.com

... or, 'How headline writers create news.'

June 16 at 9:51am

Ivan Pepelnjak

Filter excessively prepended BGP paths

A few months ago, a small ISP was able to disrupt numerous BGP sessions in the Internet core by prepending over 250 copies of its AS number to the outbound BGP updates...

June 15 at 12:34am

Calin at 2:04am June 15

Why in the name of God they would choose to prepend 250 copies?!

Ivan Pepelnjak at 12:47pm June 16

Read the linked-to posts :) They've used a weird box that has IOS-like CLI but expects the number of AS numbers to prepend, not the actual AS path (and fails to check the parameters :D ).

Ivan Pepelnjak Great interview with Randy Bush. Very interesting thoughts about costs experienced when hitting the IPv4 wall (starting @ 02:30).

Randy Bush Testimonial

Source: www.youtube.com

June 12 at 10:29pm

Ivan Pepelnjak Interesting social engineering tactics

InformIT: Top 10 Social Engineering Tactics > #10. Social Engineering in Reverse

Source: www.informit.com

If someone you trusted has ever tricked you, you know what it feels like to be socially engineered. Security expert Andrew Whitaker explains both the technical and non-technical techniques used by social engineers today to gain trust and manipulate people for their benefit. ...

June 12 at 3:12am

You and Cata like this.

Cata likes this.

Yasser at 6:57am June 12

Good :)

Ivan Pepelnjak

GRE keepalives or EIGRP hellos?

It looks like everyone who’s not using DMVPN is running IPSec over GRE these days, resulting in interesting questions like »should IP use EIGRP hellos or GRE keepalives to detect path loss?«Any dedicated link/path loss detection protocol should be preferred over tweaking routing protocol timers...

June 11 at 11:55pm

Ivan Pepelnjak

TFTP server protection with CBAC

I had an interesting debate with an engineer who wanted to use TFTP between a router and a server reachable through an outside interface...

June 11 at 12:04am

Ivan Pepelnjak Involved in project or team management?

A List Apart: Articles: Managing Werewolves

Source: www.alistapart.com

If I move a muscle, I’m dead. Jane, who I’m pretty sure is a Werewolf, is jumping from one player to the next, testing will and looking for weakness. She’s looking for a sign of guilt or discomfort and it’s not just her. ...

June 10 at 10:18pm

Ivan Pepelnjak

New wireless DOS attacks? … Maybe not.

A few days ago, City College of New York hosted the “Cyber Infrastructure Protection Conference”, including a keynote speech by Krishnan Sabnani who described “new class of denial-of-service (DOS) attacks that threaten wireless data networks” … or so the Network World claims in its...

June 10 at 12:13am

Ivan Pepelnjak Don't guess. Test. Works every time (even in web design).

Guesses vs. Data as Basis for Design Recommendations (Jakob Nielsen's Alertbox)

Source: www.useit.com

Even the tiniest amount of empirical facts (say, observing 2 users) vastly improves the probability of making correct UI design decisions.

June 9 at 1:23pm

Ivan Pepelnjak

Quick tip: Matching default route in a standard ACL

I've got the following question from Matthew: »how would one go about matching the default route for filtering using standard ACLs?«In all routing protocols but EIGRP (which can carry the »default candidate« flag on any IP prefix), the default route has IP address 0.0.0.0 and subnet mask...

June 8 at 11:22pm

Ivan Pepelnjak T-mobile hit by hackers?

T-Mobile net reportedly hit by hacker/extortion attack | NetworkWorld.com Community

Source: www.networkworld.com

T-mobile customers are awakening this morning to reports that hacker/extortionists have victimized the cellular carrier through a massive network breach resulting in the theft of untold amounts of corporate and customer data, which they're threatening to sell to the highest bidder.

June 8 at 9:47pm

Ivan Pepelnjak

EIGRP load and reliability metrics

Everyone studying the EIGRP details knows the “famous” composite metric formula, but the recommendation to keep the K values intact (or at least leaving K2 and K5 at zero) or the inability of EIGRP to adapt to changing load conditions is rarely understood.IGRP, the EIGRP’s predecessor, had...

June 8 at 12:42am

Ivan Pepelnjak It's too late for true dual stacking

The Dual Stack Dilemma | NetworkWorld.com Community

Source: www.networkworld.com

We are entering the transitional period between IPv4 andIPv6, and things are going to get awkward for a while. IPv4 addresses will officially be used up in the next couple of years, although for most practical purposes you can consider the pool of unallocated IPv4 addresses to be depleted already. ....

June 5 at 11:53pm

You and Cata like this.

Cata likes this.

RECENT ACTIVITY

Ivan Pepelnjak commented on their own note Filter excessively prepended BGP paths.

Show Older Posts...

Information

Fans

6 of 255 fansSee All

Links

3 of 54 linksSee All

Events

Ivan Pepelnjak

Ivan Pepelnjak If you're old enough to remember Thick Coax Ethernet with the vampire taps, pleasant memories will probably surface after reading this article.

Ivan Pepelnjak Four pretty serious potentially exploitable Facebook privacy issues

Ivan Pepelnjak A nice overview of the IPv6 address space

Ivan Pepelnjak Interesting argument: you lose if you act on misbehavior of your customers, you lose if you don't.

Ivan Pepelnjak Brad Reese stumbled on a gold nugget. Excellent text by George Morton.

Ivan Pepelnjak I like the quote at the end of the article: "My competitors are welcome to them. They won't earn anything on them either."

Stevko Trajkovski hi Ivan,Do you have any cisco configuration for "Dual Internet Connections without BGP enabled ISP" which really works?note: all configuratios i tested on cisco1841 have some bugsTHX :)

Ivan Pepelnjak Paul McNarama could easily use the same approach on NetworkWorld articles ;)

Ivan Pepelnjak Great interview with Randy Bush. Very interesting thoughts about costs experienced when hitting the IPv4 wall (starting @ 02:30).

Ivan Pepelnjak Interesting social engineering tactics

Ivan Pepelnjak Involved in project or team management?

Ivan Pepelnjak Don't guess. Test. Works every time (even in web design).

Ivan Pepelnjak T-mobile hit by hackers?

Ivan Pepelnjak It's too late for true dual stacking

Stevko Trajkovski hi Ivan,
Do you have any cisco configuration for "Dual Internet Connections without BGP enabled ISP" which really works?
note: all configuratios i tested on cisco1841 have some bugs

THX :)