Wireshark Geolocation


Wireshark is the de facto packet analysis tool and it comes with a wealth of options beyond what is included in a default installation. One option I discovered recently was to leverage the free version of the MaxMind geolocation database to enhance the visibility of packet data within Wireshark to include BGP AS assignment information, cities, and countries. This allows you to create filters based on this geolocation data which can be incredibly useful to quickly include or exclude interesting traffic based upon country or origin for example.

The complete setup guide can be found here.

Network Traffic Generator

In the course of operating a network there are countless times when it’s incredibly useful to be able to generate very specific types of network traffic. Some examples I’ve personally encountered are:

  • QoS troubleshooting (the ability to generate DSCP or CoS tagged packets)
  • Reproducing specific traffic for troubleshooting purposes
  • Validating access lists and security policies
  • Testing how applications respond to unique traffic

A fantastic tool to accomplish these tasks, amongst many others, is Ostinato. Ostinato is cross-platform with API support so you can integrate it with existing tools and processes. In addition to browsing the web site I would highly recommend listening to the Packet Pushers Priority Queue episode 52. In this episode host Ethan Banks talks to one of the creators of Ostinato provides and provides great overview of the tool as well as how to put it to use.

Everything as a Service

Here’s a way I came up with to think about the differences between the different “as a service” offerings.

IaaS (Infrastructure as a Service) is like renting a kitchen full of ingredients and utensils

PaaS (Platform as a Service) is like buying an undecorated cake…you can do whatever you want with it, but you start with cake, it can’t become meatloaf or pancakes or anything else you could normally make in a kitchen

SaaS (Software as a Service) is like catering…you get the cake you want with some customizations delivered to you

IaaS is the most flexible and requires the most work

PaaS is in the middle between flexibility and effort

SaaS is the most rigid and requires the least effort

Windows Standalone FTP Server

There are times when it’s incredibly convenient to be able to stand up an FTP server without the need to actually install anything or reboot. I came across Xlight FTP for Windows and was pleasantly surprised to find that it didn’t require any installation and worked well with very little setup or configuration required. You basically double click the application and bind the FTP service to an IP address and TCP port and then you add a user account and assign directory permissions. Once done you click the “play” button and the server should start up.

Here’s a link to their page: http://www.xlightftpd.com/

They offer 32-bit and 64-bit versions as well as a “traditional” installer based version.

Cisco Universal APs

A brief history lesson:

Prior to the announcement from Cisco of “Universal Access Points” you had to select an access point based on which regulatory domain it would operate within. Regulatory domains are simply places in the world with certain laws and regulations pertaining to radio frequency devices (mobile phones, radios, access points, etc.). In the world of Cisco this meant that an access point for use in Germany would have a different part number than one used in the United States. This led to much frustration and confusion.

The good stuff:

Cisco has announced Universal AP’s which are a single part number per access point model (2700, 3700, etc.) rather than the myriad of part numbers aligned to each and every regulatory domain. The details on how this works can be found in the following blog post.


Check Cisco Warranty and SMARTnet Coverage

Need a simple, easy way to check if a piece of Cisco hardware is covered under warranty or SMARTnet? Look no further than this useful site: https://cway.cisco.com/sncheck

You will need to login using your Cisco.com (CCO) username and password, but then  you can check on coverage for ANY serial number. If the serial number is covered under a contract associated with your CCO account then you will see additional details including coverage end date and coverage level.

Twilio – Cloud Based SMS, VoIP & Voice API’s

Twilio offers a wide range of services from API’s that integrate with your applications to SIP trunking services and phone numbers. I first discovered Twilio as I was looking for an easy to use API that offered two-way SMS/text messaging services. The fact that Twilio not only offers that services, but also can provide local phone numbers in a huge number of areas across the United States made their service all the more attractive.

I would highly recommend taking a look at Twilio should you need to integrated voice/SMS/VoIP services with your applications.