Port Knocking

Port knocking is security through obscurity. Now normally, I say anything to do with security through obscurity is bad practice if that’s the only thing you’re relying on. The idea is that it’s not going to outright secure your network, but it’s going to drastically reduce the risk of an attack during an attacker’s discovery phase. Hiding valuables in your vehicle when it’s left unattended will reduce the likelihood of a criminal passerby from breaking into your vehicle....

August 3, 2020 · Steven Polley

TCP Keepalive

Question: How long can an idle TCP connection remain open? Answer: According to the standard, indefinitely, however, most implementations impose a connection timeout. TCP keepalive is a feature that isn’t defined in the TCP specification, as crazy as that might sound. RFC1122 under section 4.2.3.6 mentions keepalives instead. Excerpt from RFC1122 4.2.3.6 TCP Keep-Alives Implementors MAY include "keep-alives" in their TCP implementations, although this practice is not universally accepted. If keep-alives are included, the application MUST be able to turn them on or off for each TCP connection, and they MUST default to off....

January 25, 2020 · Steven Polley

Fallacies of Distributed Systems

False assumptions in distributed computing happen all the time, and they often have high costs. Peter Deutsch asserts that there are at least 7 false assumptions system architects and software developers are likely to make, and James Gosling later added an eighth fallacy. The network is reliable Latency is zero Bandwidth is infinite The network is secure Topology doesn’t change There is one administrator Transport cost is zero The network is homogeneous We’ll look through each one, why it’s relevant when designing and operating any distributed application, and explain what you should genuinely assume (the worst)....

June 23, 2019