NetEqualizer News: February 2017


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include 8.5 Release feature previews, a customer case study, an introduction to our 20 Gbps NetEqualizer unit, and more!

 

  February 2017

 

8.5 Release – Your Additions!
Greetings! Enjoy another issue of NetEqualizer News.

It is not quite spring here in Colorado. We are enjoying our typical mix of snowy days, followed by days of warmth (55-60 degrees) and sun. I must admit I am ready for warmer weather, and the spring bird migration (birding is a favorite hobby of mine). It seems like all of the U.S. is having unusual weather right now, especially California with their seemingly constant rain & flooding.

While we await for the arrival of spring, we are huddled down focused on building out the 8.5 Release. I am happy to say that our 8.5 development is now well underway. This month, we discuss additional features that we have planned for the 8.5 Release, including some that have come directly from customer input! We really do listen to your ideas, and appreciate all suggestions. We always are happy to hear from our long-time customers. This month, we share a Case Study on Hobart and William Smith Colleges, as they mark their 10 year anniversary with the NetEqualizer.

We continue to work with you to solve some of your most pressing network problems – so if you have one that you would like to discuss with us, please call or email me anytime at 303.997.1300 x103 or art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: 8.5 Release – Your Additions

:: 8.5 Release – Features Preview

:: Featured Case Study

:: 20 Gbps NetEqualizer

:: Best of Blog: Five Things to Know About Wireless Networks

8.5 Release – Your Additions

Here is what we added into the 8.5 Release – based on your feedback

We asked for input into our 8.5 Release and you responded with some great ideas – thank you!Here is what we selected for the 8.5 Release, based on three criteria:

1) popularity – how many customers recommended the feature,

2) impact – what we thought would provide the most value to all customers, and

3) alignment – what fit well with the code areas that we planned to work on for 8.5

These two features fit our criteria, and will be discussed in our Features Preview (below)

Active Connections Enhancements
&
DNS Name on RTR Reports

As you can see, your voice does count! So, please keep your suggestions coming. While we cannot guarantee that your specific feature will be built, we always incorporate them into our Features Request database, and then assess for each release.

8.5 Release – Features Preview

 8.5 Release Additions (continued from January)

In January, we talked about Pool-specific RATIO and HOGMIN, and retaining RTR State upon reboot. This month we introduce several more features planned for 8.5:

1) Active Connections Enhancements

Beginning with the 8.5 Release, the Active Connections page in RTR will show you which active connections are currently being equalized. This way, you can see in real-time which IPs are getting penalized on your network. We’ll highlight these connections in the table and allow you to sort based on them.

This suggestion came from one of our university customers!

2) Domain Name System Name (DNS) on RTR Reports

Beginning with the 8.5 Release, certain RTR reports will have a hostname mode that allows you to see the DNS name (hostname from nslookup), along with the IP address. If you have an internal naming system for your organization, this can be extremely valuable in identifying problem users or connections!

This suggestion came from our K-12, university, and business customers!

As always, the 8.5 Release will be free to our customers with valid NetEqualizer Software and Support (NSS) plans.

Featured Case Study

Hobart and William Smith Colleges

Longtime customer Hobart and William Smith Colleges (HWS) recently celebrated 10 years of solid service with the NetEqualizer to help manage their Internet connectivity.

We thought it would be great to share their experience in a Case Study. Derek Lustig, Director of Network and Systems Infrastructure, and his staff, graciously agreed to help put this together with us. Thank you Derek, Christopher, and Christina for sharing your insights!

Here are some excerpts from the Case Study…

…HWS implemented the NetEqualizer solution based on its stellar reputation in the education space as well as its value, which is difficult to match in competing products….

…The NetEqualizer has been a great solution because it is extremely easy to maintain, and – when needed – it just works, says Derek Lustig of HWS.

You can click on the PDF picture to read the full Case Study, or click here to see all our Higher Education testimonials.

20 Gbps NetEqualizer

Our new high-bandwidth unit…

We are currently testing a high-end NetEqualizer with 20Gbps optics, and we have some good news! Our results have shown that we can push close to 15 Gbps with a full load (provided by our shaping simulator courtesy of Candela Technologies). If you plan to be pushing beyond 10 Gpbs in 2017 or 2018, let us know. We would love to talk to you!

If you would like to participate in a trial, let us know that as well.

We will be looking to trial our latest creation under real world conditions later this year.

contact_us_box

Best Of Blog

Five Things to Know About Wireless Networks

By Art Reisman

Over the last year or so, when the work day is done, I often find myself talking shop with several peers of mine who run wireless networking companies. These are the guys in the trenches. They spend their days installing wireless infrastructure in apartment buildings, hotels, and professional sports arenas to name just a few. Below I share a few tidbits intended to provide a high level picture for anybody thinking about building their own wireless network…

Photo of the Month
Saguaro Cactus

The Saguaro is an amazing cactus that can only be found in a very specific climate found in Arizona, California, and Mexico. The cactuses can live to be 150 years old, and are protected by governments that oversee this land. If you are ever in the area, they are worth checking out! The one in this picture has seen better days.

APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 

Pros and Cons of Using a Reseller for Networking Equipment


There are various advantages  for using a reseller when purchasing networking equipment.  There are also benefits to buying direct from the Manufacturer. Below we detail those trade-offs with some intelligent introspection.

 

Reseller: Logistics, the reseller holds local stock, and takes care of taxes, tariffs, currency fluctuation in your region.

Within the US and Canada  and other common trading partners, there may be no logistical advantage for ordering from a reseller over  a direct purchase; however if you are in a remote country where most products must be imported it is almost  a necessity. Some countries have less than above-board customs,  and taxation rules, dare I say bribes. In these cases,  a  local reseller who specializes in local corruption etiquette is a necessity .

Reseller: Local Support, easy to reach technical support in your time zone, training, returns, and trials.

A well-trained reseller who  exclusively  handles the product you are purchasing is essentially an extension of the Manufacturer. Think of Automobiles. This complex and expensive product to support, could not exist without a large dealer network. In the world of Networking equipment , some things are becoming  more of a  commodity , routers  ,firewalls, and thus, diminishing the need for a reseller. Buying through a channel and the associated mark up may not be worth the added value ,especially if the manufacturer  offers good direct support , and an overnight replacement policy.

Reseller: Pre Sale Product Knowledge, a good reseller will educate and explain options for the products they represent.

The potential downside here is that often the Reseller is motivated by the Equipment they give them better OEM incentives to sell, hence if they are selling more than one product line, they may actually downplay one over the other.

Reseller: Representation to the manufacturer , for new features, re-calls

The reseller often times can carry clout to represent you back to the Manufacturer since they represent many sales , they can be very  beneficial if you have a problem that needs to be resolved by the manufacturer .

Reseller:  Requirements for competitive bid, or government contract dictating approved venders

Companies that provide this type service are generally puppets set up by a government agency , often out of political need to create jobs.  If you work for a government agency that forces you to buy through an approved reseller , you are likely well aware of the game.

Reseller and Manufacturer: Personal Relationships

Having  a trusting relationship with the person you purchase equipment from is the tried and true way of doing business in many industries, and often these relationships trump all other factors.  I personally try not buy based on relationships because I feel it is a disservice to my employer, hence I keep them at arm’s length.

Manufacturer: Price Price Price

Buying direct from the Manufacturer should give a major price break. Any product purchased through a reseller channel is going to add a minimum 35 percent to the direct price and often even double or even  triple, depending upon the product and number of hops in the channel. OEMs and channels partners have had a love hate relationship since perhaps biblical times. As mentioned above, personal relationships are the key to most sales in many industries,  and for this  reason  manufacturers must rely on a local sales partner. On top of that, there are also agreements that manufactures sign so as not to undercut the local reseller price, hence the end customer has no choice but to purchase through a reseller. For many traditional products. However new companies  coming on the market are often going direct to get a pricing advantage, after you talk to your reseller for a product  be sure and do some research on your own and look for similar products sold direct, the price difference could be significant.

Manufacturer:Support

Why is it that Cisco’s best customers  are provided with direct engineering support?  The answer is simple, because it is better.  If you can get direct support take it.  I’ll leave it at that.

For Profit Wired Home Internet, is it Coming to an End?


mob

Low resolution ghost mode is where your video quality drops down to save bandwidth.  The resulting effect transforms once proud basketball players into a slurry of mush, as their video molecules are systematically destroyed.”

Last night, I was trying to watch a basketball game on my Hulu through my Business class Comcast line, which promises 20 meg down and 4 meg up.  Not only was my Hulu feed breaking up periodically, but my Drop Cam was going up and down constantly, and sending me emails that it was offline.  I checked my bandwidth through my NetEqualizer to find that I was not even pulling 6 megabits, less than 1/3 my contracted rate.   When  Hulu was not locking up completely, it was dropping down into low resolution ghost mode.  I have documented my Comcast findings before through various experiments. Clearly, Comcast has upstream congestion issues or is shaping selected video traffic. Either way I am at their mercy when trying to watch video on the Internet.

What options does one have for alternative Internet service in the Denver Metro area, or for that matter other Metro Areas around the country?

Option #1 Get Closer to the Source

Beam Internet directly via Microwave Link from a hot building. A friend of mine runs an ISP that does essentially this.  He buys large bulk bandwidth and from a point of presence rooftop downtown, he can beam internet via  point-to-point circuit, directly to your residence or building.  I called him out of desperation but I am not in line of sight for any of his services.

Option #2  Century Link

They constantly run commercials touting they are better than Comcast. I call them perhaps once a year or so, only to find out that my neighborhood is not wired for their high speed service.

Option #3  Use my unlimited T-Mobile as a Hot Spot 

Believe it or not, I actually did this for a while,  and the video service was a bit better than Comcast. The problem with this solution is that T-Mobile will drop your speeds down once you have consumed 24 Gigabytes in a month, and it will become useless for anything other than email.    (24 Gigabytes would be approximately 4 full length movies).

Option #4 Move

The city just to the North of me , Longmont, put in it’s own fiber ring to the curb. Early reports are that it works great, and that the residents love it. Since it is essentially a public utility,  there are no shaping games destroying your Hulu.  If you contract for 20 megabits, you get 20 megabits. And now the city of Boulder is considering doing the same.

With two nearby cities essentially kicking out their entrenched providers within a few miles of my home, I can see other municipalities quickly following suit.  Having good quality, affordable municipal Internet service is not just a luxury for a city, it is essential for economic development.  As I can attest, it will be a factor in where I choose to live the next time I move. I will not put myself at the mercy of Comcast again.

By Art Reisman

 

 

NetEqualizer News: January 2017


We hope you enjoy this month’s NetEqualizer Newsletter. Highlights include a preview of more 8.5 Release features, an announcement of our 8.4 User Guide, our planned 2017 Road Trips, and more!

 

  January 2017

 

8.5 Release Planning is Underway!
Greetings! Enjoy another issue of NetEqualizer News.

As we kick off the new year, I am excited to begin development on our 8.5 Release, currently planned for late spring/early summer. This month, we continue to discuss the features planned for 8.5.img_2686I also like to get out in the field to meet with our customers, and those interested in the NetEqualizer. Check out my 2017 Road Trip plans in this month’s newsletter.

And finally, we have the 8.4 User Guide available, for those of you who like to delve into our features in detail – enjoy!

We continue to work with you to solve some of your most pressing network problems – so if you have one that you would like to discuss with us, please call or email me anytime at 303.997.1300 x103 or art@apconnections.net.

And remember we are now on Twitter. You can follow us @NetEqualizer.

– Art Reisman (CTO)

In this Issue:

:: 8.5 Release Features Preview

:: 8.5 Feedback Received – Thank You!

:: The 8.4 User Guide is Now Available!

:: 2017 Road Trips

:: Time for a Tech Refresh?

:: Best of Blog: Top 5 Reasons Confirming Employers Don’t Like Their IT Guy

8.5 Release Features Preview

We are staring to develop our 8.5 Release!

Continued from November 2016

In November we talked about Cloud Reporting, Read-Only Login, and NetEqualizer Logout.

This month we introduce several more features planned for 8.5:

1) Pool-specific RATIO and HOGMIN

2) Retain RTR State Upon Reboot

Pool-specific RATIO and HOGMIN

Ever since we first started making NetEqualizers, there has been one RATIO and one HOGMIN setting that applied to all traffic going through the device. Beginning with Release 8.5, however, we’ve enhanced our software to allow for Pool-specific RATIO and HOGMIN settings. This means that each Pool can have it’s own unique configuration with regard to these values. These changes help administrators have more fine-tuned control over when Equalizing occurs and what the minimum requirements for Equalizing will be on a Pool level rather than a network level.

Retain RTR State Upon Reboot

This has been one of the most requested features ever since we introduced RTR, and we are happy to say it will be part of Release 8.5. With this release, RTR will start upon reboot and maintain all your reporting settings so that you don’t need to go back into the device and start the service manually. This is useful in case the device is affected by a power outage or another type of unplanned activity.

Stay tuned to our newsletter for further updates on Release 8.5. We are currently underway in the development process and are still shooting for a late spring/early summer release. As always, the release is free to those with valid NetEqualizer Software and Support (NSS) plans. Contact us today with questions!

contact_us_box

8.5 Feedback Received – Thank You!

 We Appreciated Your Suggestions!

We asked for input to our 8.5 Release and you responded with some great ideas – thank you!fancy thank-you

Here are the features that you asked us to consider for 8.5. We will let you know what makes it over the course of future newsletters…

– Quota Enhancements: Email Customer on Exceed Quota, Summary Email before Reset, Quota in the Cloud, Web Portal

– Add sophisticated SNMP logic

– Protocol Tracking Reports

– Traffic by Source IP Report

– Bandwidth Test for Troubleshooting

– Build out Automated Alerts

– Add Real-Time Penalties to RTR Dashboard

– Add Name capability to HL, Masks, VLANs, P2P, and Priority

– Add Visibility to Penalty against what Rule

– Add Host Name from NSLookup to RTR Reports

If any of the above suggestions would also be useful to you and your organization, please let us know!

unnamed-3

The 8.4 User Guide is Now Available!

Dive into the details on NetEqualizer’s features…

We are excited to announce the User Guide has been updated to reflect Software Update 8.4, in several key areas.screenshot-at-feb-08-23-53-34

We have focused on updating the configuration sections, describing our new Batch Entry Screens for setting up Bandwidth Limits, limiting P2P Traffic, setting Bandwidth Priorities, and restricting Bandwidth Usage.

We also have added a new section to the User Guide, which walks through our Perform Quick Edits capability.  Quick Edits is useful when you want to add or delete one or a small number of rules.  We offer Quick Edits for seven (7) types of rules, including Pools, Hard Limits, and P2P Traffic Limits.

You can view the updated User Guide by clicking here or on the picture at right.

Note that the Appendices and Monitoring & Reporting sections are not yet updated to 8.4.

We plan to update the remaining sections of the User Guide to 8.4 soon. Look for an update in an upcoming newsletter!

2017 Road Trips

We’re hitting the road…

Our CTO, Art Reisman, is planning to make a swing up the East coast this spring. Most likely he will be in the Boston and New England area the week of Feb 20th – with some room for flexibility in the timeframe. If you are on the East coast and would like to host a formal on-site Tech Refresh, let us know and we will try to get it scheduled!

contact_us_box

Time for a Tech Refresh?

Re-familiarize yourself with NetEqualizer!

Now that Release 8.4 has been out for 6 months, and many customers have moved to it, you may have questions! Release 8.4 had a lot of changes associated with it that may be slightly confusing if you are used to older GUI versions.

Don’t worry though, we are here to help! If you are current on your NetEqualizer Software and Support (NSS) plan, we’d like to offer you a FREE 30 minute Tech Refresh to go over any questions or issues you might have with your NetEqualizer. Contact us today to schedule a time slot with an engineer!

contact_us_box-1

Best Of Blog

Top 5 Reasons Confirming Employers Don’t Like Their IT Guy

By Art Reisman

ca3b912d-b4a8-40d4-a2a8-320abe66658e

1) The IT room is the dregs

Whenever I travel to visit with my IT customers, it is always a challenge to find their office.  Even if I find the right building on the Business/College Campus, finding their actual location within the building is anything but certain. Usually it ends up being in some unmarked room behind a loading dock, accessible only by secret passage designed to relieve the building of cafeteria waste near the trash bins. Many times, their offices are one and the same thing as the old server computer room, with the raised floor, screaming fans, and air cooled to a Scottish winter…

Photo of the Month
a4b5df23-0e88-48dc-a3c3-82e7b0d74d94
TEDx Aruba

This past fall, a staff member and his wife, Andrea, visited the island of Aruba in the south Caribbean Sea. The official slogan for the country is “One Happy Island,” and this held true the entire trip – all of the people were extremely friendly and welcoming. The purpose of the trip was to present at TEDx Aruba on the topic of sustainability – specifically how our trash plays a role in the most pressing environmental issues of our time. Andrea runs a non-profit based in Boulder, CO that helps educate people on how to reduce their trash and plastic footprint as well as live more simple, meaningful lives. Check out her website and follow her on Instagram if you are so inclined!

APconnections, home of the NetEqualizer | (303) 997-1300 | Email | Website 

Five Things to Know About Wireless Networks


By Art Reisman
CTO, APconnections

overwhelmed

Over the last year or so, when the work day is done, I often find myself talking shop with several peers of mine who run wireless networking companies.  These are the guys in he trenches. They spend their days installing wireless infrastructure in apartment buildings , hotels, professional sports arenas to name just a few.  Below I share a few tidbits intended to provide a high level picture for anybody thinking about building their own wireless network.

There are no experts.

Why? Competition between wireless manufacturers is intense. Yes the competition is great for innovation, and  certainly wireless technology has come a long way in the last 10 years; however these fast paced  improvements come with a cost.  New learning curves for IT partners, numerous patches, combined with  differing approaches,   make it hard for any one person to become an expert.    Anybody that works in this industry usually settles in with one manufacturer perhaps 2, it is moving too fast .

The higher (faster) the frequency  the higher the cost of the network.

 Why ? As the industry moves to standards that transmit data at higher data rates, they must use higher frequencies to achieve the faster speeds.  It just so happens that these higher frequencies tend to be less effective at penetrating   through buildings , walls, and windows.   The increase in cost comes with the need to place more and more access points in a building to achieve coverage.

Putting more access points in your building does not always mean  better service. 

Why?  Computers have a bad habit of connecting to one access point and then not letting go, even when the signal gets weak.    For example when you connect up to a wireless network with your lap top in the lobby of a hotel, and then move across the room, you can end up in a bad spot with respect to original access point connection. In theory, the right thing to do would be to release your current connection and connect to a different access point. Problem is most of the installed base of wireless networks , do not have any intelligence built in  to get you routed to the best access point,hence even a building with plenty of coverage can have maddening service.

Electro Magnetic Radiation Cannot Be Seen

So What?  The issue here is that there are all kinds of scenarios where the wireless signals bouncing around the environment can destroy service. Think of a highway full of invisible cars traveling in any direction they wanted.  When a wireless network is installed the contractor in charge does what is called a site survey. This is involves special equipment that can measure the electro magnetic waves in an area, and helps them plan how many and where to install wireless access points ;  but once installed, anything can happen. Private personal hotspots , devices with electric motors, a change in metal furniture configuration are all things that  can destabilize  an area, and thus service can degrade for reasons that nobody can detect.

The more people Connected the Slower their Speed

Why?  Wireless  access points use  a technique called TDM ( Time Division Multiplexing) Basically available bandwidth is carved up into little time slots. When there is only one user connected to access point, that user gets all the bandwidth, when there are two users connected they each get half the time slots. So that access point that advertised 100 megabit speeds , can only deliver at best 10 megabits when 10 people are connected to it.

Related Article

Wireless is nice but wired networks are here to stay

Seven Tips To Improve Performance of your Wireless Lan

Top 5 Reasons Confirming Employers Do Not Like Their IT Guy


it guy

  • The IT room is the dregs
    Whenever I travel to visit with my IT customers, it is always a challenge to find their office.   Even if I find the right building on the Business/College Campus, finding their actual location within the building is anything but certain.  Usually it ends up being in some unmarked room behind a loading dock, accessible only by secret passage designed to relieve the building of cafeteria waste near the trash bins.   Many times, their offices are one and the same thing as the old server computer room, with the raised floor, screaming fans, and air-cooled to a Scottish winter.
  • Nobody knows you are in the building.  Often times I enter the building on the upper floors, the floors with windows and young well-dressed professionals trying to move up the ladder.  Asking these people if they know where the IT room is usually brings on blank stares of confusion and embarrassment.  To them, the IT guy is that person they only see when their computer fails with a virus.  Where he emanates from nobody knows, perhaps a trap door opens in the floor. I am not making this up.  The usually way I am instructed to meet the IT guy is tht they send me an e-mail instructing me to meet at some well-known landmark out front, like a fountain or statue with a rendezvous time.
  • You are expected to be an expert in Wireless technology. Let’s face it, the companies that make wireless controllers are sending out patches almost hourly. Why? Because they have no idea what works in the real world, and so you are part of the experiment.  The real fact is nobody is an expert in real-world wireless technology. As the IT guy, you can never admit to any holes in your wireless knowledge. If you are not willing to lie, there are plenty of people with no experience willing to make that claim with a straight face.  You just can’t be honest about this – because your boss has already told his boss you are an expert.  Here is the last paragraph of a recent article on Verizon’s trial with the latest 5G wireless….

Of course, 5G wireless has never been truly tested at scale in true market scenarios. There’s talk of gigabit capable speeds, but how would a single tower supporting fixed wireless 5G at scale compare to fiber and HFC based networks connected all the way to homes and businesses? No one really knows – yet.

Setting up a new wireless network with the latest technology is like a taking a physics test in wave propagation before you have taken the class, and expecting to pass.

  • You will never get rewarded if things work without issues.  I like to compare a good IT tech to a good umpire or a ref in a soccer game.  At best, if they do a perfect job, nobody notices them.   If I ran a big company, I would hand out bonuses to my IT staff for the days I did not need them, but I do not have an MBA. (see next paragraph)
  • Any time a  company hires a brilliant MBA from some business school, the first thing they do is explore outsourcing the IT staff.  Why ? Because nobody teaches them anything about IT in business school. They live in a fantasy world where some unknown third party with a slick brochure, and an unrealistic low-ball estimate, is going to care more about IT needs than the 4 poor schlubs in the basement who have been loyal for years. You and the in-house staff have always been on call, missing many weekends over the years, just to insure the IT infrastructure stays up, and yet the Harvard guy will shoot himself in the foot with outsourcing every time.

Proving The Identity of The DNC Hacker Not Likely


Screen Shot 2016-04-05 at 10.07.59 AM.png

By Art Reisman

CTO, APconnections

Inspired by the recent accusations regarding  the alleged Russian Hacking of the DNC e-mail servers, I ask the question, is it really possible for our intelligence  agencies to say with confidence exactly who hacked those servers?  I honestly don’t think so. To back up  my opinion, I have decided to  take our faithful blog readers through the mind and actions of  a professional hacker,  intent on breaking into a  corporate e-mail server, without leaving a trace. From there you can draw your own conclusions.

My  hacking scenario below is based  on actual techniques that our own ethical hackers use to test security at corporations. These companies  contract with us to deliberately  break into their It systems, and yes sometimes we do break in.

First we will follow our hacker through the process of a typical deliberate illegal break in, and then we will  analyze the daunting task of a forensic expert must deal with after the fact.

 

Here we go….

Phase I

  • First I need a platform for the first phase  of my attack. I want to find a computer with no formal ties to my identity. Just like  the public telephone booth of the 70’s and 80’s were used for calling in bomb threats,  the computers in your   public  libraries can easily conceal my identity.
  • To further cover my trail, I bring my own  flash memory with me to the library, it contains a software program commonly referred to  as  “BOT”. This allows me to move data programs onto the library computer without doing something like logging into my personal e-mail , which would leave a record of me being there.  In this case my BOT  specializes in crawling the Internet looking for consumer grade desktop computers to break into.
  • My BOT  searches the Internet at random looking for computers which are un-protected.  It will hit several thousand computers an hour for as long as I let it run
  • I don’t want to go to long with my BOT running from the Library,  because all the outbound activity it generates, may be detected as a virus by an Upstream ISP. The good news in my favor is that  BOTs both friendly and malicious are very common. At any time of the day there are millions of them  running all over the world.

Note, running a bot in itself is not a crime, it is just bad etiquette and annoying.  It is extremely unlikely that anybody would actually be able to see that I am trying to hack into computers (yes this is a crime)  with my BOT , because that would take very specialized equipment , and since I chose my Library at random the chances of drawing attention at this stage are minuscule. Typically a law enforcement agency must attain a warrant to set up their detection equipment.  all the upstream provider would sense is an unusual high rate of traffic coming out of the library.

  •  Once my bot has found some unprotected home computers and I have their  login credentials, I am ready for phase 2 . I save off their IP addresses and credentials, and delete the bot from the computer in the Library and leave never to return.

You might be wondering how does a BOT get access to home computers?  Many are still out there running very old versions of Windows or Linux and have generic passwords like “password”. The BOT attempts to login   through a well  known service such as SSH ( remote Login) and guesses the password. The BOT may run into 1,000 dead ends or more before cracking a single computer. Just like a mindless robot should,  it works tirelessly without complaint 

Phase II

  •  I again go to the Library and set up shop. Only this time instead of a BOT I come armed with phishing scam e-mail on my Flash.  From a computer in the library I   remotely login into one of the home computers whose credentials I attained in Phase 1 and set up shop.
  • I set up a program that will send e-mails from the home computer to people who work at the DNC with my  trojan horse content.

If I am smart, I do a little research on their back ground(s) of the poeple I sending to so as to make the e-mails as authentic as possible. Most consumers have seen the obvious scams where you get some ridiculous out of context e-mail with a link to open some file  you never asked for, that works for mass e-mailing to the public, hopeing to find  a few old ladies, or the computer illiterate, but I would assume that people who work at the DNC , would just think it is a spam e-mail and delete it.  Hence, they get something a little more personalized.   

How do I find the targeted employ e-mails at the DNC ?  That is a bit easier , many times they are published on a Web site, or  I simply guess at employee e-mails addresses , such as hclinton@dnc.com.

  • If any of the targeted e-mails I have sent to a DNC employee are opened they will, unbeknowest to them, be  installing  a keystroke logger that captures everything they type. In this way when they login into the DNC e-mail server I also get a login and access to all their e-mails

 How do I insure my victim does not suspect they have been hacked ? Stealth , Stealth , Stealth.  All of my hacking my tools such as my keystroke logger have very small inconspicuous footprints. I am not trying to crash or detroy anything at the DNC.  The person or persons who systems I gaing entry through most likely will never know.  Also I will only be using them for a very short period of time, and I will delete them on my way out.

  • Getting e-mail access. Once the keystroke logger is in place I have it report back to another one of my hacked personal computers. In this way the information I am collecting will sit on a home computer with no ties to back to me. WHen I go to collet this information , I again go to a Library with my flash card and download key stroke information, eventually I directly load up al the e-mails I can get onto my flash drive while in the Library.  I then take them to the Kremlin ( or whoever I work for and hand over the flash drives containing 10’s of thousands of e-mails for off line analysis.

 

Debunking the Russian Hacking Theory

The FBI purports to have found a  “Russian Signature file ” on the DNC server?

  •  It’s not like the hacking community has dialects associated with their hacking tools.  Although  If I was a Chinese hacker I might make sure I left a path pointing back at Russia  , why  not ? . If you recall I deleted my hacking tools on the way out, and yes I know how to scrub them so there is no latent foot print on the disk drive
  • As you can infer from my hacking example , I can hack pretty much autonomously from anywhere in the US or the world for that matter, using a series of intermediaries and without ever residing at permanent location.
  • Even if the FBI follows logs of where historical access into the DNC  has come from, the trail is going to lead to some Grandma’s computer at some random location. Remember all my contacts directly into the DNC were from my Hijacked Grandma computers. Perhaps that is enough to draw a conclusion so the FBI can  blame some poor Russian Grandma.  As the  real hacker all the better for me, let Grandma take the diversion, somebody else is going to get the blame.
  • Now let’s suppose the FBI is really on the ball and somehow figures that Grandma’s computer was just a shill hijacked by me. So they get a warrant and raid Grandma’s computer and they find a trail .  This  path is going to lead them back to the Library where I sat perhaps 3 months ago.
  • We can go another step farther, suppose the library had video surveillance and they caught me coming and going , then just perhaps they could make an ID match

By now you get the idea, assuming the hacker was a foreign sponsored professional and was not caught in the act, the trail is going to be impossible to make any definite conclusions from.

To see another detailed account of what it takes to hack into a server please  visit our 2011 article “Confessions of a hacker

%d bloggers like this: