Pull to refresh

Network technologies *

From Ethernet to IPv6

Show first
Rating limit
Level of difficulty

How to send messages over sockets and create your own messanging protocols in C++

Level of difficulty Medium
Reading time 28 min
Views 2.4K

Network programming in C++ can be challenging. But even a greater challenge is to find educational content that will arm you with the knowledge on how to apply your networking skills in real applications.

In this article you can learn the basics of socket communication and many ways how you can design your internal messaging protocols.

Read more
Total votes 2: ↑2 and ↓0 +2
Comments 3

Wie ich ein einfaches Monitoring von Kanälen mit Benachrichtigungen an Slack ohne Erfahrung gemacht habe

Level of difficulty Easy
Reading time 3 min
Views 526

Arbeiten im technischen Support brachte zusätzlich zu allen Aufgaben die Pflicht mit sich, die Kommunikationskanäle zu überwachen. Dies wurde über den Grafana-Dienst realisiert, der die erforderlichen Metriken aus Zabbix bezog. Da die Art der Arbeit jedoch bedeutete, dass man nicht immer an seinem Arbeitsplatz sitzt, kam mir die Idee, dies ein wenig zu automatisieren und Benachrichtigungen auf das Telefon oder zum Beispiel in einen Messenger zu erhalten, falls ein Kommunikationskanal ausfällt. Allerdings hatte ich keinen Zugriff auf das Zabbix-System und auch keinen erweiterten Zugriff auf Grafana.

Read more
Total votes 5: ↑5 and ↓0 +5
Comments 0

Validation WebHook troubleshooting, how low can you go?

Level of difficulty Medium
Reading time 11 min
Views 1.1K

I'm Alex Movergan, DevOps team lead at Altenar. I focus on automation in general and on improving troubleshooting skills within my team. In this article, I'll share a captivating tale that revolves around Kubernetes, validation webhooks, kubespray, and Calico.

Join me on this DevOps journey as we explore real-world scenarios unraveling the intricacies of troubleshooting in a Kubernetes environment.

Read more
Total votes 4: ↑4 and ↓0 +4
Comments 2

Q4 2022 DDoS Attacks and BGP Incidents

Reading time 7 min
Views 1.6K

Now that 2022 has come to an end, we would like to share the DDoS attack mitigation and BGP incident statistics for the fourth quarter of the year, which overall saw unprecedented levels of DDoS attack activity across all business sectors.

In 2022, DDoS attacks increased by 73.09% compared to 2021. 

Let's take a closer look at the Q4 2022 data.

Read more
Total votes 7: ↑7 and ↓0 +7
Comments 0

BGP Route Leak prevention and detection with the help of the RFC9234

Reading time 8 min
Views 1.7K

All the credit is due to the RFC’s authors: A. Azimov (Qrator Labs & Yandex), E. Bogomazov (Qrator Labs), R. Bush (IIJ & Arrcus), K. Patel (Arrcus), K. Sriram.

A BGP route leak is an unintentional propagation of BGP prefixes beyond the intended scope that could result in a redirection of traffic through an unintended path that may enable eavesdropping or traffic analysis, and may or may not result in an overload or complete drop (black hole) of the traffic. Route leaks can be accidental or malicious but most often arise from accidental misconfigurations.

Read more
Total votes 9: ↑9 and ↓0 +9
Comments 0

IDS Bypass at Positive Hack Days 11: writeup and solutions

Reading time 10 min
Views 1.7K

The IDS Bypass contest was held at the Positive Hack Days conference for the third time (for retrospective, here's . This year we created six game hosts, each with a flag. To get the flag, participants had either to exploit a vulnerability on the server or to fulfill another condition, for example, to enumerate lists of domain users.

The tasks and vulnerabilities themselves were quite straightforward. The difficulty laid in bypassing the IDS: the system inspected network traffic from participants using special rules that look for attacks. If such a rule was triggered, the participant's network request was blocked, and the bot sent them the text of the triggered rule in Telegram.

And yes, this year we tried to move away from the usual CTFd and IDS logs towards a more convenient Telegram bot. All that was needed to take part was to message the bot and pick a username. The bot then sent an OVPN file to connect to the game network, after which all interaction (viewing tasks and the game dashboard, delivering flags) took place solely through the bot. This approach paid off 100%!

Total votes 3: ↑3 and ↓0 +3
Comments 0

Q4 2021 DDoS attacks and BGP incidents

Reading time 6 min
Views 980

2021 was an action-packed year for Qrator Labs.

It started with the official celebration of our tenth year anniversary, continued with massive routing incidents, and ended with the infamous Meris botnet we reported back in September.

Now it is time to look at the events of the last quarter of 2021. There are interesting details in the BGP section, like the new records in route leaks and hijacking ASes, but first things first, as we start with the DDoS attacks statistics.

Read more
Total votes 13: ↑13 and ↓0 +13
Comments 0

New botnet with lots of cameras and some routers

Reading time 3 min
Views 1.8K

DDoS attacks send ripples on the ocean of the Internet, produced by creations of various sizes - botnets. Some of them feed at the top of the ocean, but there also exists a category of huge, deep water monstrosities that are rare and dangerous enough they could be seen only once in a very long time.

November 2021 we encountered, and mitigated, several attacks from a botnet, that seems to be unrelated to one described and/or well-known, like variants of Mirai, Bashlite, Hajime or Brickerbot.

Although our findings are reminiscent of Mirai, we suppose this botnet is not based purely on propagating Linux malware, but a combination of brute forcing and exploiting already patched CVEs in unpatched devices to grow the size of it. Either way, to confirm how exactly this botnet operates, we need to have a sample device to analyze, which isn’t our area of expertise.

This time, we won’t give it a name. It is not 100% clear what we are looking at, what are the exact characteristics of it, and how big this thing actually is. But there are some numbers, and where possible, we have made additional reconnaissance in order to better understand what we’re dealing with.

But let us first show you the data we’ve gathered, and leave conclusions closer to the end of this post.

Read more
Total votes 12: ↑12 and ↓0 +12
Comments 0

Q3 2021 DDoS attacks and BGP incidents

Reading time 7 min
Views 3.4K

The third quarter of 2021 brought a massive upheaval in the scale and intensity of DDoS attacks worldwide.

It all led to September when together with Yandex, we uncovered one of the most devastating botnets since the Mirai and named it Meris, as it was held accountable for a series of attacks with a very high RPS rate. And as those attacks were aimed all over the world, our quarterly statistics also changed.

This quarter, we've also prepared for your consideration a slice of statistics on the application layer (L7) DDoS attacks. Without further ado, let us elaborate on the details of DDoS attacks statistics and BGP incidents for Q3, 2021.

Read more
Total votes 17: ↑17 and ↓0 +17
Comments 0

Mēris botnet, climbing to the record

Reading time 7 min
Views 16K


For the last five years, there have virtually been almost no global-scale application-layer attacks.

During this period, the industry has learned how to cope with the high bandwidth network layer attacks, including amplification-based ones. It does not mean that botnets are now harmless.

End of June 2021, Qrator Labs started to see signs of a new assaulting force on the Internet – a botnet of a new kind. That is a joint research we conducted together with Yandex to elaborate on the specifics of the DDoS attacks enabler emerging in almost real-time.

Read more
Total votes 28: ↑28 and ↓0 +28
Comments 0

Private party protocol: how to distinguish friends and foes using cryptographic tools

Reading time 12 min
Views 1.2K

ENCRY presents a new interactive identification protocol aimed at controlling the access of selected users to various resources.

Close your eyes and imagine Nice, a luxurious estate whose extravagant owner throws epic parties with jazz and fireworks every weekend.

To attend such a party is a lot of the elite. Invitations are sent out in advance, and guests do not know the names of other invited persons. The owner of the estate, the mysterious Jay Gatsby, an eager luxury-lover, values ​​privacy so much that he is not ready to entrust the list of invitees to anyone, not even his buttress. Moreover, the owner of the estate would like the guests not to reveal their names when entering the property. After all, there may be the mayor of the city, or the chief prosecutor among them, and they would like to keep their visit secret. Unfortunately, the owner of the estate himself is so busy that he cannot independently check each guest at the entrance, especially since there are several access roads to his house. How could he solve this problem?

Read more
Total votes 2: ↑2 and ↓0 +2
Comments 0

Network Infrastructure — how is it seen by hyperscalers

Reading time 39 min
Views 4.3K

Network architecture at hyperscalers is a subject to constant innovation and is ever evolving to meet the demand. Network operators are constantly experimenting with solutions and finding new ways to keep it reliable and cost effective. Hyperscalers are periodically publishing their findings and innovations in a variety of scientific and technical groups.

The purpose of this article is to summarize the information about how hyperscalers design and manage networks. The goal here is to help connecting the dots, dissect and digest the data from a variety of sources including my personal experience working with hyperscalers.

DISCLAIMER: All information in this article is acquired from public resources. This article contains my own opinion which might not match and does not represent the opinion of my employer.

Total votes 4: ↑4 and ↓0 +4
Comments 1

Yggdrasil Network: Light in the Dark Depths of Mesh, or the Internet of the Future

Reading time 10 min
Views 5.7K

Smoothly the era of mesh-networks is upon us. At the very least, the term is appearing more and more often in the information sphere. What attracts the attention of networkers? Let's try to understand the question, taking Yggdrasil network as an example as one of the most promising prototypes. The article is intended for a wide range of readers.

Read more about Yggdrsail
Total votes 1: ↑1 and ↓0 +1
Comments 0

Authors' contribution