Today didn’t start out that great. We had another SYN flood attack that took the network down momentarily. Things are getting better though. The new firewall is able to identify the attack after a fairly short ammount of time and respond. I still can’t figure out exactly why it keeps going down though. It’s running out of resources somehow, but I don’t know what. To that end I’ve been playing with SNMP all day. The Netscreens have a wealth of information that you can poll via SNMP and we picked a few to start monitoring in cacti to see what it looks like while we’re under attack. Having never touched SNMP in my life before, this has opened up a wellspring of new directions I can go with my geekiness. I’m seriously thinking of setting up cacti and snmpd on my iMac so I can graph my Airport and iMac. “Why would you do this?”, you might ask me.
Today we’ve finally come up with a concept architecture for TNS 2.0. I’m going to stay rather tight lipped about it right now, but I will say that it will be fully cross-platform, capable of running on Mac OS X, Linux and Windows natively and fully supported. It will also be capable of anonymizing all TCP and UDP traffic, rather than a select few ports as TNS works now. I can also say that it is not a VPN in the tradational sense. We’ve got some R&D to do, but as it stands now I don’t know if it will be able to anonymize, say ICMP traffic. The goal is to be as VPN-like as possible, while still being usable in places where IPSEC/L2TP or PPTP/GRE are not.
Some days things go right.