Clik here to view.
Pi-hole Installation Guide
You probably know already the concept of the Pi-hole. If not: It’s a (forwarding) DNS server that you can install on your private network at home. All your clients, incl. every single smartphone,...
View ArticleClik here to view.
Top on Top: ForeverSpin Kreisel auf Gitarren
Neben dem Gebastel mit technischen Geräten macht mir vor allem das Spielen von Saiteninstrumenten viel Spaß. So haben sich mit der Zeit ein paar Insturmente aller Couleur angesammelt: E-Gitarren,...
View ArticleClik here to view.
Publishing IPv6 NTP Servers with DHCPv6
During the last weeks, I had an interesting request to publish NTP servers to client systems by using DHCPv6 in an IPv6 only network. Our Fortigate (or me?) had to learn how to publish the information....
View ArticleClik here to view.
DHCPv6 Relay Issue with Cisco ASA and Ubuntu
Some months ago, my co-worker and I ran into an interesting issue: a notebook with a newly installed Ubuntu 20.04 does only work with IPv4, but this office network is dual-stacked (IPv4 and IPv6)....
View ArticleClik here to view.
Cisco APIC: New Certificate
This post is about adding an own (trusted) X.509 certificate for the HTTPS GUI of the Cisco Application Policy Infrastructure Controller aka APIC. You can do this via the GUI itself or via the API....
View ArticleClik here to view.
#heiseshow: IPv6 setzt sich langsam durch – die wichtigsten Fragen
Ich durfte zu Gast bei der #heiseshow zum Thema IPv6 sein. In Anlehnung an die Artikelserie über IPv6 in der c’t 7/2022, in der auch mein Artikel über die Vorteile von IPv6-Adressen erschienen ist,...
View ArticleClik here to view.
Partial NTP Pool: The leap second that wasn’t
An analysis of some falsified leap second warnings that appeared in November 2021 on public NTP servers out of the NTP Pool Project. Introduction When using time scales such as UTC that do not use...
View ArticleClik here to view.
PAN: Logging of Packet-Based Attack Protection Events e.g. Spoofed IP
I just had a hard time figuring out that a network routing setup was not working due to a correctly enforced IP Spoofing protection on a Palo Alto Networks firewall. Why was it a hard time? Because I...
View ArticleClik here to view.
Palo Packet Capture: Choosing the Right Filter
Palo Alto firewalls have a nice packet capture feature. It enables you to capture packets as they traverse the firewall. While you might be familiar with the four stages that the Palo can capture...
View ArticleClik here to view.
Server-Verfügbarkeit: Monitoring-Werkzeuge
Angreifer verwenden gern Ping und Traceroute, um Server im Internet ausfindig zu machen. Das bringt viele Security-Admins in Versuchung, den Ping- und Traceroute-Verkehr mittels ihrer Firewall in ihrem...
View ArticleClik here to view.
Netzwerkmitschnitte mit tshark analysieren
Haben Sie mal Netzwerkmitschnitte untersucht, ohne zu wissen, was genau Sie suchen? Mit Wireshark wird das leicht zu einer Odyssee: Das Analysewerkzeug filtert zwar fabelhaft, reagiert bei großen...
View ArticleClik here to view.
Netzwerkprotokolle: Nachschlagewerk für Wireshark
Wenn es im Netzwerk knirscht, versuchen Admins den Fehler in Analyse-Tools wie Wireshark anhand von Paketmitschnitten einzukreisen. Jedoch hat der Herr viel mehr Netzwerkprotokolle gegeben, als sich...
View ArticleClik here to view.
Zehn Vorteile von IPv6!
Das moderne Internetprotokoll IPv6 gilt als so komplex und umständlich, dass manche Administratoren beharrlich beim vertrauten, aber veralteten IPv4 bleiben. Zehn Praxisbeispiele belegen, warum viele...
View ArticleClik here to view.
Why counting IPv6 Addresses is nonsense
From time to time I stumble upon Tweets about counting the number of IPv6 addresses (1 2 3). While I think it is ok to do it that way when you’re new to IPv6 and you want to get an idea of it, it does...
View ArticleClik here to view.
IPv6 Crash Course @ SharkFest’22 EUROPE
Fortunately, there was a SharkFest – the “Wireshark Developer and User Conference” – this year in Europe again. I was there and gave an IPv6 Crash Course likewise. Yeah! It’s my favourite topic, you...
View ArticleClik here to view.
Small Servers PCAP
For some reason, I came across a blog post by Gian Paolo called Small servers. This reminded me of some fairly old network protocols (that no one uses as far as I know) that are not in my Ultimate PCAP...
View ArticleClik here to view.
Linux’s Traceroute
The other day I just wanted to capture some basic Linux traceroutes but ended up troubleshooting different traceroute commands and Wireshark display anomalies. Sigh. Anyway, I just added a few Linux...
View ArticleClik here to view.
Accessing IPv6-only Resources via Legacy IP: NAT46 on a FortiGate
In general, Network Address Translation (NAT) solves some problems but should be avoided wherever possible. It has nothing to do with security and is only a short-term solution on the way to IPv6....
View ArticleClik here to view.
Who sends TCP RSTs?
At SharkFest’22 EU, the Annual Wireshark User and Developer Conference, I attended a beginners’ course called “Network Troubleshooting from Scratch”, taught by the great Jasper Bongertz. In the end, we...
View ArticleClik here to view.
RADIUS & TACACS+ PCAP
Again two more commonly used network protocols for the Ultimate PCAP: the Remote Authentication Dial-In User Service (RADIUS) and the Terminal Access Controller Access-Control System Plus (TACACS+)...
View Article