Have you ever wondered how big is the routing table of core internet routers? Well I was! So upon my research I found one of the best connected APNIC’s routers at DIX-IE in Tokyo, Japan.
You can view BGP routing table of this router here:
BGP Routing Table Analysis
I find it funny where people believe Macs are “safe” because they don’t get infected. Last night, owner of the sauna where I go every Wednesday was a proof of that. She had a strong opinion against Windows and was telling me how she thinks everyone should use Apple computers with Mac OS.
Firstly, Mac is not designed for a corporate world and without tools like Active Directory alone is next to unimaginable to be found in any serious IT infrastructure, but that’s a different story.
Few days ago all over the news you could see how Russian security firm discovered botnet with over 500,000 infected computers. Lets take a look at the simple proportion:
Statcounter.com reports the following stats for the last 12 month (March 2011 to March 2012):
Mac OS (any version): 6.76%
Windows (any version): 90.65%
As you can see there is a significant gap in popularity.
Lets look at the largest botnets in history:
Windows: Google search reports Mega-D botnet to have 500,000 but this is small because I know there were attacks that delivered 100Gbps, there were several servers with fat pipes. 100Gbps is something that brings huge websites like facebook, fbi, nasa you name it, well upstream carries will be feeling the “heat”. Anyway, I know some botnets had 800,000 zombies.
Mac: Trojan-Downloader.OSX.Flashfake.ab – 600,000 unique infected hosts.
Lets skip the math as difference is visible by itself and you should be the judge.
Lets look at another side of the stick: “bad” guys infecting computers. Nowadays every virus attack has financial motive. Making a virus requires extensive knowledge, time and resources and all these things cost money. Any business model tries to achieve only maximum return on the investment.
Thus it is obvious that there will be more viruses for Windows platforms.
Finally some pills for Mac people:
Kaspersky lab created a “honeypot” for infected Macs so now you can check if your computer is a zombie. Go to the flashbackcheck.com and just follow instructions.
Also you can download free utility here that will check for infection and remove it after.
Great document from Cisco that shows relationship between SNMP and show command counters on Cisco IOS devices.
http://www.cisco.com/warp/public/477/SNMP/5.pdf
One of our clients required to connect all of its client via VPN tunnel. Obviously, to have the highest comparability with customer’s end devices I chose IPSec. To improve security as well as have theĀ lowest impact to the clients in case we had to make some changes we had the following requirement. All traffic originating from us inside IPSec tunnel had to be NATed as well as clients had to NAT all of their traffic. We used Vyatta as our VPN concentrator. I had little experience with Vyatta and found there is a luck of documentation. This document assumes you have basic knowledge of NAT and IPSec configuration of Vyatta.
Command below allows you to pull all users and their last authentication and put them into CSV file:
AdFind>adfind -b ou=Users,dc=domain7543,dc=local -f “objectcategory=user” cn displayName LastLogonTimeStamp -tdcs -csv > out2.csv
I will demonstrate how to mass deploy WLAN profiles with simple .bat scripts and wlan.exe utility from Microsoft. Active Directory GPO prior to 2003 native mode doesn’t give you the option to mass deploy WLAN profiles. Also if you don’t run AD infrastructure at all and want a simple script you will find this useful.
Script takes into account that some clients don’t have Wireless card and will skip them.
Continue reading
A lot of applications which run as a service under Windows System account use settings from that profile. Lately, I encountered a problem with 2 pieces of software: Symantec Endpoint Protection and some Xerox application. Both of them run as a service under system account. They require communication with central server. I encountered that communication was failing. Upon my investigation we found that applications were trying to connect through the proxy server (which we, of course, didn’t specify in the application or standard LAN Setting within Internet Explorer).
Continue reading
The following script demonstrates how to query registry to check if specific registry key exists. If it does, it checks the value and if doesn’t match required it will remove and recreate with proper value.
Continue reading
The following script demonstrates how to query NT Service Controller for service status. This script was used to check if the application (service) is running and if not install. msi package. Basic logging is also included.
You might need to find out service name. To do so issue the following cmd command to list all services:
sc query
Continue reading
In today’s world email became preferred way of communication in public and private sectors. With the progress and ever increased popularity of multimedia content on the network average email size increased. Many organization face the dilemma of keeping up to date their software and hardware to meet this ever changing requirements. I this article I would be focusing on mid- to large business organizations that have their own email private infrastructure. How to share large files with the convenience factor of email when your current email infrastructure can’t support it.
