Tag: Internet

Africa Internet Summit 2018 – Getting ready for the Hackathon – Day 1

On day 1, I woke up early in the morning and went outside for a morning walk. Everyone in Senegal says Bonjour to each other, irrespective of being a stranger. The people of Dakar seem very polite and relaxed in nature. Whilst walking on the coastal road of Novotel, I admired the beauty of several massive Baobab trees. 

Baobab tree coastal road of Novotel
Baobab tree coastal road of Novotel

Back at the hotel, the breakfast was delicious with lots of fruits and cakes accompanied with juice. By the time, breakfast was over, it was already 0800 AM. I took a Panoramic view from the back of Novotel.

Panorama picture coastal road of Novotel
Panorama picture coastal road of Novotel

I had to get ready as I needed to travel from Novotel hotel to Radisson Blu where the hackathon preparation was going on. I met with Serge-Parfait GOMA instructor at the Hackathon together with Loganaden Velvindron from Afrinic. On Day 1, there were about 15 participants who already registered themselves. We had to prepare for the Hackathon as it needed to be carried out both in English and French.

From Left to Right : Logan, Nitin and Serge

Preparing for the Hackathon demands lots of time and trying to cover the maximum: from the basics until when the code need to be hacked. The project chosen was the NTP client. I created both slides in English and French.

Whilst I was preparing for the slides, Serge was busy setting up the Pidgin channel. We also tested the livestream. I brought a tripod for my Iphone 7 as it’s so easy for live YouTube video broadcast. We also checked out the hackathon room and carried out several tests. We were happy to be assisted by the guys from ISOC who were always there to help. We reviewed the code anew and discussed a little about the RFCs and Internet Drafts for that specific hackathon.

Time for dinner where I met fellows from Afrinic such as Duksh Koonjoobeeharry from Atlassian User group of Mauritius and Afrinic, Tamon Mookoom from Afrinic – That guy is an IPv6 ninja, Charles Eckel from CISCO who was also leading the hackathon on the network programmability track. I also met other persons from the ISOC team and Nishal Goburdhan a FreeBSD evangelist who gave me a FreeBSD sticker.

Panorama view at the cocktail event
Panorama view at the cocktail event
 
Screen Shot 2018-05-15 at 10.27.26 AM
Screen Shot 2018-05-15 at 10.27.14 AM
Screen Shot 2018-05-15 at 10.28.00 AM
Screen Shot 2018-05-15 at 10.27.50 AM
Screen Shot 2018-05-15 at 10.27.39 AM
Screen Shot 2018-05-15 at 10.26.59 AM

By the time, dinner was over, it was already late. I went to meet the ISOC and Afrinic guys who were still working hard to set up the hackathon room. I took a cab and headed directly to Novotel hotel.

In case you missed Day 0, do check the article here

Tunnelix.com is constantly retweeting the #AISdakar. It can be viewed here:

Hackers.mu VideoStream #2 : Modem Insecurity in Mauritius

Some days back, the hackers.mu team made our first video stream on Youtube about Modem Insecurity in Mauritius. We received several feedbacks from the public, friends and local medias about the issue raised. Upon further research I noticed that there are several countries including Vietnam, China amongst others are in the same problematic situation as they are using the same Huawei modem. More and more vulnerabilities are now being faced by the end users. Users aware of the issue can mitigate it from their side whilst others are still in the dark.

On Friday, the 20th of October 2017, another video stream was carried out by the hackers.mu team alongside other friends and professionals. We started with a short introduction from everybody in the videostream.

We had Billal, Codarren, Edriss, Irshaad, Logan, Kifah, Selven, Rahul, Yash and myself (Nitin) participating in the video stream. You can view the VideoStream here:

Our agenda was as follows:

  • An introduction from participants
  • Huawei’s acceptance of upgrading Dnsmasq
  • Other discoveries in the Huawei modem
  • Implication of Krack attack
  • Understanding of the mitigation techniques on Krack attack
  • Everyone’s perspective about the vulnerabilities on the Huawei modem

Other sources talking about hackers.mu‘s insecurity detection on the Huawei modem

Dare to do a brute force attack again!

Dare to do a SSH Bruteforce attack again and you are banned!! I have noticed that there are several DDOS SSH botnets attack these days on my server. Despite that i would prefer SSH to listen on port 22, i can imagine how many attempts can be made to breakthrough it. Though these attacks are very common, it can increase CPU consumption on your server and consequently the server can die. However, if you did not protect the server from malicious SSH remote connection, things can get pretty dangerous and the attacker can take over the machine.

fail2ban
Photo credits – fail2ban.org

Fail2Ban is one of the tools which you can installed on your machine to ban IPs that show malicious signs. However, today with the help of Kheshav, we have decided to find a solution to reveal all the IPs to the public. From the fail2Ban log we can find all IPs that that are being banned. The solution was an easy one.

1.Install Nodejs, npm package

yum install nodejs npm

2. Install frontail with the npm utility

npm install frontail -g

3. Now you can launch frontail on any port as a demon with the following command

frontail -p {port number here} -h {IP or Hostname here} {location of your log} -d

Afterwards, you have to include the IP, the port number and the location where you want the log to be streamed live.

Here are the banned IPs – US time attempting some brute force on tunnelix.com. You can also view the IPs on the right side widget of the blog. It might take some few seconds before loading.

There are several websites where you can report IPs for abuse as well as verification of precedent attacks. We are still brewing up some ideas to produce a better and well defined output of the log.

Internet Speed – How far is your ISP truthful ?

Have you ever notice that your ISP (Internet Service Provider) advertise you Internet package in a very tricky way? One of the best way to manipulate you is with the use of technical term such as Bytes and bits. To be more brief its the term Kilobits per seconds (kbps).

However, if you would be browsing the Internet or downloading some files, you would notice that your browser is indicating the speed at Kilobytes per second (kB/s)

To be more clear, your ISP sells Internet service in terms of kilobits per seconds (kbps) whilst your browser indicates you kilobytes per seconds (kBp/s). The trap is the word b – bits and B – Bytes.

lets say you have applied  for a 512 kbps.

Firstly, divide your speed by 8 and multiply by 1024 to convert from kilobits per second to bytes per second; i.e 512 x 1024/8 = 65,536 bytes per second

Then convert from bytes/s to kilobytes/s

65,535 bytes = 65,535/1000 kB/s = 65.5 kB/s 

So, in brief Internet speed is what are advertised to you and what you pay for! On the other hand, what your browser download speed is What you should get!

512 kbps = 65.5 kB/s

1 Mbps = 122.1 kB/s 

2 Mbps = 244.2 kB/s

10 Mbps = 1220.1 kB/s

Now, make as if you are going to download a 700 Megabytes file. What will happen is that your browser will make an estimation of the Downtime. However, you can monitor your downloads with several tools available on the Internet. Lets say, you have a 1Mbps Internet connection from your ISP which means that your speed will be 65.5KB/s.
 
Calculate the Download time as follows

700 x 1024 = 716800 kilobytes (convert from 700 megabytes to kilobytes)

Therefore, if

65.5 kilobytes downloads in 1 sec (i.e 65.5kB = 1 s) then,

716800 kilobytes will download in 716800/65.5 = 5870.6 seconds

5870.597870598 / 60 = 97 minutes

Assume we have still have to subscribe to a 1 mb. The trick is that when you buy an internet connection. Your ISP does not inform you or commit themselves to what is required! and evade the fact by using the famous word “up to”!! What i am referring is that your pay the internet connection up to “xxx kbps”
 

This is called CIR – committed information rate. According to wikipedia, CIR is “Committed information rate or CIR in a Frame relay network is the average bandwidth for a virtual circuit guaranteed by an ISP to work under normal conditions.”

Therefore the CIR is the minimum speed provided by your ISP. Does ISPs provide that CIR? Is this mentioned in the Law?. My understanding is that, one cannot complain until that CIR is mentioned in the contract!!.
 

Another issue is something called PEO (Protocol Encapsulation Overhead). When you’re buying, say an ADSL link of 2 Mbps, your line is syncing with your ISP at 2 Mbps over ATM or any other backbone technology. (PPOA. PPOE). Now, the catch is that the Point to Point Protocol over ATM (PPOA), needs to be encapsulated over the ATM media. There is an overhead to do so, meaning you are not effectively getting 2 Mbps Internet Protocol connectivity.