No DNS records are needed for a QNAME or Client-IP trigger. The name or IP address itself is sufficient, so in principle the query name need not be recursively resolved. However, not resolving the requested name can leak the fact that response policy rewriting is in use and that the name is listed in a …
This is a custom version of “DNS Top RPZ Hits” report with added Discovered Name/Network View fields and removed Time field.
This simple search shows IPAM network usage statistic.
index=ib_ipam sourcetype="ib:ipam:network" cidr<25
| streamstats dc(_time) as distinct_times | head (distinct_times == 1)
| table NETWORK address_total address_alloc address_unalloc
This is a custom version of this dashboard. I’ve added networks filter. The query for the filter is not an optimal in terms of performance but anyway will work good for small IPAM databases.
This report is a custom version of “Inactive IP Addresses” report and provide information about MAC addresses that were not connected to a network for a while.
Recently Infoblox released a new version of our reporting solution, which we renamed “Infoblox Reporting and Analytics”. The solution is based on the Splunk engine and delivers an enhanced reporting interface so now you can create custom dashboards, reports, and alerts. This gives you unlimited possibilities to analyze data and mine invaluable knowledge about your …
Начиная с января месяца многие провайдеры в РФ подверглись/подвергаются атакам на DNS инфраструктуру, помимо Amplification/Reflection атаки активно использовалась/используется атака Random subdomain/Phantom Domain (атака случайными или фантомными доменами). Информация по атакам была получена мной от нескольких провайдеров в европейской части России и в западной Сибири (крупные региональные и московские провайдеры). При этом кто-то просто подтверждал наличие …
Almost every IT specialist knows that open recursive DNS server can be very dangerous but I’ve never seen any example what happens and how fast it will be utilized in inappropriate way. These were interesting questions for me and I decided to make a small study and opened my DNS server for everybody in Internet. …
Sometimes it is necessary to change MAC address of a virtual machine and in most cases there is no any issue except MAC-addresses which belong to reserved VmWare MACs. In this situation ESXi shows such error:
Unable to manually change MAC address for virtual machine
Failed to start the virtual machine.
Module DevicePowerOn power on failed.
Could not set up "macAddress" for ethernet2.
Invalid MAC address specified.
00:0c:29:bd:e6:18 is not an allowed static Ethernet address. It conflicts with VMware reserved MACs.
To fix the problem you can use the algorithm described below (all information about it you can find in this …
Creating scripts in Network Automation is a very simple task. But these scripts can be very powerful and useful.Look at my presentation and you will know how to create Perl-scripts, to use internal objects, to interact with network devices and to sync data with Infoblox DDI solution.