I'm working on windows azure project and trying to use out of box azure tool. This tool seems to make lots of outgoing request to azure APIs. Unfortunately, most of the IP addresses are blocked by our internal firewall. Security team has requested a range of or specific IP addresses so that they can open port.
I've tried to use Wireshark to track outgoing IP addresses. Sadly, there are so many stuff going on on the trace. Could someone help me how to setup/configure wireshark such that it logs the outgoing requests for specific application?
Thanks.
This tool is what you want. Just learn how to use Wireshark filters.
Try Microsoft Network Monitor.
Take a look at Petri and read this blog:
Microsoft Network Monitor - Part 1
I like to point to this picture.
Related
I know nothing about networking. so I need serious help here. I was on a Zoom call with my mentor and we were talking about the difference between HTTP, HTTP1, and HTTP2. Then he noticed that even websites which are supposed to use HTTP1 all of them were showing as if they are using HTTP2.
He mentioned possible problems are:
I'm using VPN
or my web traffic is redirected via a Proxy server. (which I'm not since I work from home via my wifi provided to me via fiber optic cable)
I suspect that there is some kind of proxy malware on my laptop. Can anybody tell me how can i detect any possible malware and find out in general what is wrong? (if anything is wrong at all)
Thanks in advance.
The range from 10.0.0.0 to 10.255.255.255 is one of the private IP Ranges and as you are using wifi its normally assigned by your wifi-router/accesspoint to your computer using dhcp.
But seriously, a professor who thinks he is capable talking about http(x) should know the very basics of the protocol stack. If he doesn't know such simple things, you better get someone better.
My actual goal is to monitor the traffic going through a zyxel USG60 switch (v4.15). For that I use zabbix.
The problem I got is that I actually monitor the interfaces of the switch, but I need to go deeper (if you know what I mean), in the term that my boss asked me if I could monitor on each interface, the different traffic port by port (I mean service, like port 80 is for http), to check precisely who is using bandwidth and for what.
I tried to see if snmp can do that, but it seems it didn't go further the interface level. Since I don't know where to start or search, I need your help and advice.
One last precision, the monitoring server will be run under ubuntu 14.04 .
You need to collect additional data using NetFlow/sFlow protocols to get the detailed traffic information.
I have an asterisk Soft PBX running on my Ubuntu Machine and i managed to do extensions calls from one softphone to another by doing required configurations in the Sip.Conf as well as extension.conf.I can dial as well as receive calls.Now my next target is to make this working for the real Outbound and Inbound calls.I will tell you i am a novice asterisk player who is trying to learn the things to play with.So my questions regarding this are:
Do i need some hardware to make the required things happen, if yes,Please specify.
What are the nature of the Dialplans to execute the calls successfully.
What are the things we need to get from the Telephone Service Provider End.
Also ,i will share that i am residing in INDIA.
Please guys help me.
Thanks in advance..
No, you not need any hardware.
You need SIP trunk/voip provider.
Need a basic direction in the following project.
There is a linux based controller doing some industrial control stuff.
The box is equipped with cellular modem and is capable to get online through cellular carrier. Cellular communication is used because controller is mostly installed where no cables or short range radio is available. Places where sun don't normally shine :)
The task is to allow internet clients to connect directly to the box for some basic control/monitoring stuff. The problem is connectivity - how clients will discover the box? - I'd like to have the box act as a server (if possible). Assuming that cellular carrier allows the box to get online doesn't necessarily mean that the box will get public IP so that anyone would be able to get connected. To my understanding the cellular network acts as a gateway from those who are working inside of it, and reaching someone in that network from outside isn't possible. Am I wrong? We are looking for a generic solution, not a solution around particular cellular provider. The controller is installed in different countries, we need to find the standard way to "webify" it.
The software (and hardware) in the box is ours, we can basically do anything, but I am looking for the right way to do it in order to avoid surprises with different providers later. BTW, the solution doesn't necessarily have to be technical, may be it's possible to buy a permanent IP's per box, or setup VPNs.. Which way should I dig to? What questions to ask?
Your ideas are welcome!
Your summary of the problem is basically correct. I've implemented several systems that do this, and the odds of success are good.
The way you tackle this will depend on the number of remote units you expect a single user to interact with. If each user will handle only one or two devices, it's plausible to implement the web server on the remote device. If each user handles many devices, consider centralising as much administration as possible. I've implemented this using Zenoss for data logging, and a custom control server.
If the web server sits on the remote device, you can either buy a SIM with a static IP, or use a proxy server. I recommend setting up a proxy server unless the number of devices is very small.
There are three options for SIMs:
Static IP with an address on the public Internet will be expensive, and negotiating the deal with each provider in each country will be irksome. No proxy server is required.
Private APN SIMs will give you the option of a static address, but in a private address range. Negotiation with the mobile network is still required, and you will require a proxy server to sit between the public Internet and the private address range,
Standard data SIMs will connect to the Internet through NAT. You can use these to host your service by opening a VPN connection (we used openvpn) to your server. You can now reach the devices directly by connecting to the same VPN, or through a proxy server.
If you use openvpn, here are some more tips:
Give each unit a public serial number, and a private key. Store these in the firmware of the unit, and in a central database. Put the public serial number on the outside of the unit. You can use an openvpn login script to ensure that a particular unit always appears at the correct IP address, which keeps the proxy configuration static.
You can control openvpn's bandwidth usage by adjusting its keepalive behaviour, and how often it renegotiates. Measure and tune this before a large deployment.
The NAT timeouts in the mobile networks are generally between 5 and 15 minutes. The device must send a packet to the server often enough to keep NAT alive.
Cheap SIM deals may be web only with limited ports.
Other tips:
GPRS modem firmware can (rarely) crash internally. If your hardware supports it, provide software with the ability to power cycle the modem.
Test your box in areas with poor coverage in your own country before you send out international shipments.
This is a typical problem with "mobile agent" appearing in different places or using different providers (in this case just one provider, but it's almost the same). Usually it's solved using some kind of home agent - a server that the mobile connects to and gives details about how to reach it or if it can't be reached directly then the home agent acts as a proxy.
Client always contact the home agent first and then if it is possible they contact the mobile or if it's not they use the server as a proxy.
In some cases dynamic dns might be sufficient in other you need real proxy/ façade.
There's a good book: Andrew S. Tanenbaum & Maarten van Steen :"Distributed Systems: Principles and Paradigms"
You can ask cellular provider to give you a SIM card with internet access and fixed IP address. Then you can host any server you like. Do not forget that you are dealing with limited bandwidth.
We're developing an embedded application, running on a standalone GPRS connected device (no operating system there). We are trying to get an IP address of domain name. I think that we should use some public DNS service, like Google DNS (8.8.8.8). The question is - what is the simplest request we should send to 8.8.8.8:53 in order to receive IP address of our domain?
Again, we can't use libresolve or any other similar libraries. We will make a simple TCP connection to port 53 of Google DNS, and will format our request ourselves.
I tried to understand RFC1053 myself, but failed. Too many words :)
I'm not a DNS expert in any way, but I thought that DNS generally use UDP rather than TCP?
Either way, here's a link to a page that describes the communication using less words that might be easier to understand than the RFC itself.
Also, even if you can't use the libresolve library itself, can't you look at an open source version of that library and use the code from one of those (assuming that the license is compatible with your work). Here's one from Apple that I found via google.