Wednesday, February 18, 2015

ARP Poisoning mitigation with or without DAI

ARP poisoning, a mainstay of obtaining "man in the middle" position, persists despite advances in computing processing power and memory availability to switch manufacturers.  There are however current solutions and theoretical advances in the field which do not require expensive stateful packet analysis.

Cisco Catalyst 6500 series ( http://www.cisco.com/c/en/us/products/collateral/switches/catalyst-6500-series-switches/white_paper_c11_603839.html ) offers Dynamic ARP Inspection (DAI), a feature which best practice recommends to be enabled, but is not enabled by default.  DAI basically utilizes ARP table verification, putting some of the additional memory capacity and processing power to use.  The feature, however, depends upon DHCP snooping, thus upon the accuracy of DHCP data.  Despite the potential hole exposed by the dependence upon DHCP, DAI is likely to mitigate an even vaster majority of ARP poisoning attacks in the wild as the feature has mitigated in the lab.

Alternative solutions may be developed without the dependence upon DHCP snooping, but employing similar tradeoff analysis.  For example, subsequent attempts to associate a MAC with an IP Address can be limited as well as progressively throttled.

The question of how to handle when limit is reached beyond the naive "reject at limit" may call for protocol changes.  Protocol changes are, for good, practical reason, not only discouraged but a path taken at one's own peril.  The number of devices which implement ARP at the current protocol level is vast.  While the devices which we personally operate may be easily patched, patch drift is a reality due to the perceived cost/benefit of remaining up-to-date.  Nearly all networking devices utilize firmware so support patching, but patch drift of devices is larger than that of personal computers.  Therefore, the parallel support for a proposed version and current versions of the protocol have a real cost that is extremely high.  IMHO it is thus best to not employ limiting.

Progressive throttling of ARP while strengthening the certainty of a MAC to IP association would require relatively cheap (no control flow) stateful packet inspection, but would severely limit the window of opportunity and potential for ARP poisoning.  Without stateful packet inspection, progressive throttling has opportunity to succeed in preferring the actual addressee over the snooping man in the middle.

Throttling and limiting is just one example of techniques from application layer that may be employed in the networking layer.  In the meantime, DAI mitigation success should continue to be enabled as per best practices.

Monday, July 14, 2014

Naughty Beginnings

Attached is the beginnings of a game that we plan to use to test a new AI being.  This is not the most stringent test, in fact it is a children's game.  At this point, I began coding the solution, but have to run to the lab to put out a fire that the AI being started while throwing a tantrum (and a few technicians).

Get the gist: https://gist.github.com/paegun/8d5950f7c0c523669c8b

Please complete the HumanObserver.display method for a command-line interface (CLI) or HTML interface.

Please don't get distracted by the remaining classes in the overall design.  I was simply blocking out the design ahead.  Once we have the display, I expect the project will iterate rather rapidly.

Thank you.  I look forward to seeing some naughts, crosses, and elegant code.


Background: This is a Ruby adaptation of a interview question that was so popular in the hiring of C programmers that I believe it to be influential in the making of the movie "War Games".

Tuesday, July 8, 2014

Wishing you great success

Given the following definitions of success:
1. the favorable or prosperous termination of attempts or endeavors
2. the attainment of wealth, position, or honors
3. a performance or achievement that is marked by success
4. a person or thing that has had success
5. the difference between realized and expected value
6. the correct or desired result of an attempt
7. the opposite of failure
8. going from failure to failure without loss of enthusiasm
9. the result of a desire for success being greater than the fear of failure
10. the result of rising early, working hard, and striking oil

A. Which is nearest to your definition?

B. Which is the nearest to your ideal boss?

C. Which is the nearest to your ideal colleague?

D. Which is the nearest to your ideal dependency?

E. Which is the nearest to that which you would wish upon your child?

F. What type of person would you attribute to each?  For example, given a definition of "success is the cause of more work" could be attributed to a dependable worker.

Wednesday, October 9, 2013

QA Automation a la Westinghouse

No single technological advance meant more for a maturing railroad industry than the invention of the air brake…. http://explorepahistory.com/hmarker.php?markerId=1-A-1A9

This like the story of the invention of the computer programming language C++ are occasions where automation not only made a hugely significant impact, but also they are stories that are relatively open, providing great insight into the minds of great automators.

George Westinghouse, like Nikola Tesla (who Westinghouse employed), did not invent from nothing or just work hard. Where Tesla had decided upon AC as the solution upon seeing how obviously poor performant the brush-based DC solutions must be, Westinghouse decided upon an engineer-driven railroad braking system similar to how a horse-drawn carriage driver pulls the reigns, Westinghouse envisioned the engineer pulling reigns of some sort to apply brakes on every car (this couldn’t be employed with a physical connection, ie multiple levers pulling a metal shaft per car). Westinghouse’s great epiphany towards solving the problem of brakemen running on top of the cars and the scaling and (life) cost and poor stopping performance of the manual solution did not come from banging his head on a train-specific problem, his great epiphany came upon hearing news of an air-driven drill employed in Italy to excavate minerals. The simplicity of the invention in hindsight is awesome. The length of time to implement less so. The end result, though, the train industry scaled, and in the expansion was able to remove the need to have men run atop the train cars, saving lives, but more importantly to the owners increasing the number of cars at the command of the engineer who was nearest the upcoming rail obstacles.

With QA being the engineers with the clearest sight of obstacles (and opportunities since we aren’t on a rail), automation is our salvation.

Saturday, August 17, 2013

Interview Questions - Teaching, !Yet Another For Loop

Q: How would you teach loops to someone who is new to programming?
After the likely:
var loopAction =
  (i) => { Console.WriteLine("Current Value: {0}", i); };
for(var i = 0; i <= 10; i++) {
  loopAction(i);
}
Prompt for a loop that uses a non-numerical loop-control variable.  This should give the developer the opportunity to show that they truly understand the nuts&bolts of what we do.

Friday, August 9, 2013

Interview Questions - i18n and Beyond YU

Q: While updating an  ASP.NET Commerce Starter Kit (CSK) implementation, you encounter the following:
    <asp:dropdownlist font="" id="ddlCountry" nbsp="" runat="server">
        <%/* snip - other countries, for brevity snip */%>
        <asp:listitem value="YU">Yugoslavia</asp:listitem>
    </asp:dropdownlist>
Similarly, the following is in the code behind:
    public enum Country
    {
        /* snip - other countries, for brevity snip */
        [Description("Yugoslavia")]
        YU = 235,
    }
What would make this okay?
If it is not okay, what would you propose to correct this?
Background: In 1991, Yugoslavia and its status as an internationally recognized country disintegrated.
The CSK implementation was originally contracted after 1991. Does this fact change the way you will approach the solution? If so, how?

Friday, June 14, 2013

Worthy as in Ladybugs

"Interesting and helpful information. If at all you are free any time, would like to understand more on AWS side."
- Contractor who is charging the company I work for $$ per hour

Programmatic access to ephemeral ~hardware resources that has been available to the public since 2004, with documentation well written and hedged by the company and community, hmm, yes, lemme spend some of my free time regurgitating enough of it to be dangerous.

There is a part in all of us, our inner blowhard, that takes pride in receiving adoration or praise for presenting knowledge whether it is our own or as in this case quite some many others' worthy product.  We see this in tech company's efforts to re-publish the web on corporate wikis (write the novel bits instead).  We see this in hallway "soapbox" sessions.  There is no denying the satisfaction that comes from people listening (and earnestly) to you.

But free?!  Which free is intended here?  Afaic the exchange of 3rd person knowledge is neither free as in beer nor free as in speech.  Re-representing a non-novel concept in a manner that lifts those from the inability to seek and acquire information for themselves is quite costly.

But there is a place for such a thing and it lies in the distinction between a similar juxtaposition.  The exchange of knowledge should not be "Worthy as in Snickers", but "Worthy as in ladybugs".

Snickers satisfies.  If you don't like chocolate, peanuts, nougat, mouth watering caramel, and the care that goes into making this product, substitute Snickers with a product that is made with quality ingredients and is the labor of a skilled team of artisans, but available to the masses, substitute hand-crafted ale.

Ladybugs are beneficial.  If you are squeamish about "bugs", and who in software isn't (I minored in Entomology, so not I :D ), so can't appreciate the self-propagating, aphid-eating, beauties which are the "gateway insect" for so many children who grow to have a healthy relationship with their natural world, okay, substitute yeast.

In the exchange of pure information, no working product involved, worthy as in ladybugs should apparently stand out as the winner of meeting the "free" price tag.  So when should I give freely my ladybugs?  Afaic when they are going to a good garden, one that may be overrun in one corner with aphids, but not to one which has a gardener that allowed the whole garden to be overrun nor one who refuses to devote time, experiment, read the literature, well one who is clearly not a gardener, and surely to one who is worthy, one who will be ladybugging another gardener :)