Do you like this site? Remember to share it to all your friends on Facebook and Twitter!

Friday, April 27, 2018

BGP Injection instead of Leak, my observation notes for MyEtherWallet incident

After reading articles by Doug Madory, and by Louis Poinsignon, here are some notes I observed and learned.

[What happened in this incident?]

Hackers somehow made some BGP routers of “eNet” to falsely announce that they own the following 5 IP subnets, which are indeed NOT belonging to “eNet”. The true owner is Amazon. To be more specific, they are for Amazon’s Route 53 DNS name resolution services.

  • 205.251.192.0/24
  • 205.251.193.0/24
  • 205.251.195.0/24
  • 205.251.197.0/24
  • 205.251.199.0/24

The registered domain server for domain “MyEtherWallet.com” is hosted on Amazon Route 53.

Hackers also somehow embedded malicious DNS server (or servers, I really don’t know) also inside service network of “eNet”.

After that, any affected clients’ DNS query for domain “MyEtherWallet.com” would hit hacker’s malicious DNS server. Of course, malicious DNS server would respond with false IP addresses, and those false IP addresses are indeed hacker’s own web servers.

At this moment, clients thought they were accessing “MyEtherWallet.com”, and they indeed were accessing hacker’s web servers.

Sunday, September 10, 2017

Prepare Python 2.7 on Microsoft Windows using PowerShell

Everyone today talks about the programming language Python while discussing Software-defined Networking (SDN). Since Python is so popular, it would be a good idea for network administrators to know more about Python. First thing first. I talk about how I prepare Python running environment on Microsoft Windows.

It would be nothing special if I only download the installation software from Python official web site by mouse clicking. Instead, I use PowerShell to download and install for me. That is, prepare one scripting running environment using another scripting language.

Here is the recorded video of how I do this.


The version I talk about is version 2.7.13.

Thursday, May 18, 2017

Starting IS-IS routing protocol without CCNP training

The routing protocol Intermediate System to Intermediate System (IS-IS) is an advanced and robust link-state protocol used in many service provider networks. Most of the other enterprises I know of prefer to use protocols like OSPF or EIGRP instead of IS-IS. Therefore, enterprise administrators might not be familiar to this protocol at all.

Here I want to share my short note to start IS-IS quickly without digging into protocol details. In case you must configure and maintain an IS-IS network, this note might save you some time.

Wednesday, April 26, 2017

How do we repair a broken submarine fiber cable?

On April 22, 2017, one segment of Asia-Pacific Cable Network 2 (APCN2) that serves Taiwan’s major Internet connectivity with Japan, Europe, and America, was broken. According to some news sources, it might take one month just to fix this outage. I live in Taiwan, and I do feel the Internet speed became slow after this outage. I was wondering how could the repairing take one month.

I want to know how to repair a broken submarine fiber cable. I searched on Google and I found this video. This video was created and published by TE SubCom. I summarize the key steps mentioned in this video, and I also added some of my own notes all in this post. I hope this post together with the original video would help you to understand the repairing operation as well.

Wednesday, March 29, 2017

Clear configured allowed VSAN list on trunk ports of Cisco MDS

A friend asked a good question about how this command works on Cisco MDS FibreChannel switch: “switchport trunk allowed vsan all”.

To my surprise, I cannot find any specific official documents to explain it clearly. I did some experiment on one Cisco MDS 9148. And here is my conclusion.

Bay, beach, and cliff near Chung-De Station. (崇德海灣).
Hualian County, Taiwan.


Popular Posts