Developers Club geek daily blog

How to make the password reliable and memorable

1 year, 5 months ago
Passwords guard our data. And degree of their reliability plays an important role. It is clear, that and to crack the difficult password it will be difficult. There is a lot of only personal accounts and systems demanding authorization. And to remember tens if not hundreds of different combinations from characters — are almost impossible.



How to make the password more reliable and at the same time not to forget it? There are several options …

Read more »


Research of the Mikrotik variables. Script of the Dynamic DNS updating of the records FreeDNS.afraid.org

1 year, 5 months ago
I use Mikrotik as house and office router, and in general the system very much is pleasant. RouterOS has ample opportunities which cover 90% of my tasks if something lacks, then it is possible "to add" functionality by means of internal scripts. But when you begin to write more or less responsible script or you try to understand and apply someone else's recipe, outlines of underwater part of an iceberg become noticeable, strange features of language emerge.

Read more »


Zoo of communications protocols for GPS trackers (part 2)

1 year, 5 months ago


This continuation of article about the network protocols used with GPS trackers. If in the first part we discussed a frame decoders, then in the second part we will look at coding of different types of useful data on options. Many vendors of devices for GPS monitoring develop own application layer protocols for data transmission from the device on the server, and sometimes developers resort to different sophisticated and not always to clear solutions for data coding.

Read more »


Multihome IPv4 in Linux

1 year, 5 months ago
Contents: how to make so that the computer answered on the Internet all the IP addresses on all the interfaces, each of which gateway by default. Concerns both servers, and desktops.

Key word: policy routing, source based routing

Lyrics: There are enough articles about policy routing in Linux. But they most often sort the general, thinner and difficult cases. I will sort the trivial scenario of the following type:



To our computer (server) well three interfaces. On each interface the gateway issued it IP (a statics or on dhcp, it is not important) and told "send all traffic to me".

If we leave this configuration as is, then the principle "who will be used the last got up, that and the default gateway". On the picture above if the last the lower interface (241) rises, then all traffic will go to it. If to our server the request for the first interface (188) comes, then the answer to it all the same will go on lower. If the router/provider has at least the minimum protection against counterfeit of addresses, then the answer is just dropnut as non-valid (from the point of view of 241.241.241.1 it sent from a network 241.241.241.0/24 a packet with src 188.188.188.188 that, obviously, should not be).

In other words, in normal option only one interface will work. To make a situation it is worse if addresses are received on dhcp, then updating of lease on other intefreysa can rewrite the gateway by default that means that that interface which worked will cease to work, and other interface will begin to work. Successful stable work to your server, so to speak.

Solution

Read more »


Protocols of link state and one-zone OSPF (part 3)

1 year, 5 months ago
фото с сайта amazon.comContinuation of transfer of chapter of the book Chris Bryant "CCNP Route Study Guide". Its website — thebryantadvantage.com. The book is available on amazon.

From all watched videos, the read books for preparation for CCNP ROUTE, material from this seemed to the easiest for assimilation. Allows to classify everything. Except the theory I also liked practical examples. At the end of each chapter there are links to lessons to youtube.
Part 1,
Part 2.

Read more »


Errors of our youth. Or as the network engineer learns the console nature

1 year, 5 months ago


Hi everyone! Today would like to talk about standard mistakes which we make at setup of network equipment. I think, the feeling when you enter the next command into the console is familiar to all and suddenly you understand that the console stopped responding, and the equipment on other side of Earth (which you just also configured) does not respond any more. At this moment for a second breath fades, you begin to hear a beating of the heart clearly. The aggravated hearing completely concentrates on a telephone call which will just about be distributed. The organism shrinks and you understand that it is the end. Search, of course, not the end, but the beginning of heroic overcoming of that situation into which you just drove yourself. And the feat, the story about your feat and, perhaps, even will be farther than an ovation from colleagues. And the most important, you once again will pledge to yourself that you more so will NEVER do. Many will object me that it not about them and that they, true professionals, do not allow it. It is fine, and I am sincerely glad for them. But are not born true professionals and do not become suddenly.

Read more »


How to cover with monitoring all layers of infrastructure

1 year, 5 months ago
image

Somehow I considered that 1 minute of idle time of hh.ru on weekdays affects about 30 000 users in the afternoon. We constantly solve a problem of decrease in number of incidents and their duration. We can reduce quantity of problems the correct infrastructure, architecture of the application is a separate subject, we will not take it in attention yet. Let's talk better about how quickly to understand what occurs in our infrastructure. Here just we are also helped by monitoring.

In this article on the example of hh.ru I will tell and I will show how to cover with monitoring all layers of infrastructure:
  • metrics client-side
  • metrics from frontends (nginx log)
  • network (that can be got from TCP)
  • application (log)
  • database metrics (postgresql in our case)
  • operating system (cpu usage can be useful too)

Read more »


How to improve the analysis and management of a network traffic, watching DNS

1 year, 5 months ago
In spite of the fact that almost everywhere we use domain names instead of IP addresses, tools for monitoring and control of a network traffic as a rule operate with IP addresses. Permission of names in general (and DNS in particular) is used quite conditionally.

It is connected with some features of work of DNS — the result of permission of a name in the address can quickly turn sour, the following request can return other address, results can differ depending on geography and the provider requesting.

Whether it is possible to have an actual look-up table of names and addresses for small networks? What domains were requested by users and what received IP addresses? With some clauses — yes.

Read more »


Passions on the Sex.com domain

1 year, 5 months ago
Sex.com domain history as if the detective thriller, it is impregnated with dramatic nature and mystery. This domain saga tells about long fight for the right ownership of property.

And began history in 1994 when the engineer Gary Kremen registered domain name of Sex.com. In those time the international Organization Network Solutions registering domains for all comers acted as the direct logger of domains. Bright Kremen realized at once that in the future will be able to earn from such simple and popular name not bad. And it appeared the rights.



Read more »


Kazakhstan implements the CA for listening of all TLS traffic

1 year, 5 months ago
The state Kazakhtelecom provider, in connection with innovations of the law of the Republic of Kazakhstan "About communication", intends to listen to all ciphered TLS traffic since January 1, 2016, substituting certificates of the websites for the national certificate of safety issued by Committee of communication, informatization and information of the Ministry of investments and development of the Republic of Kazakhstan.
That users were not frightened messages on substitution of the certificate, AO "Kazakhtelekom" intends to issue a bit later in December the detailed step-by-step instruction for adding it in the key keeper in mobile phones and tablets based on iOS and Android, personal computers and notebooks based on Windows and MacOS, on the website www.telecom.kz
According to the Law telecom operators are obliged to perform traffic transmission with use of the protocols supporting enciphering using the certificate of safety, except for a traffic, encoded means of cryptographic information protection in the territory of the Republic of Kazakhstan.

The national certificate of safety will provide protection of the Kazakhstan users when using protocols of the encoded access to foreign resources of the Internet.

According to the Managing director for innovations of AO "Kazakhtelekom" Nurlan Meyrmanov, Internet users it is necessary to set the national certificate of safety which will be available through Internet resources of AO "Kazakhtelekom". "The user needs to visit the website www.telecom.kz and to set on the devices of access to the network the Internet this certificate, following the step-by-step installation instruction" — N. Meyrmanov emphasized.

Read more »