Last year, I’ve built a Captcha Server in Python, which is used to generate captchas, serve them over http and validate the users input. The implementation is used to filter layer7 ddos attacks on web applications. However, as Python webapps based on flask and served by gunicorn, cause some serious […]
Category: Uncategorized
Modern sflow? pysflowd!
Recently I’m working a lot on my so called “pysflowd” application. pysflowd is a python based sflow collector, which collects, stores, analyzes and exports (to Elasticsearch) sflow datagrams. pysflowd reads sflow datagrams from a udp socket, parses the datagram and stores the parsed data into a in-memory sqlite3 database (which […]
Redship-ES – Redis-Elasticsearch Shipper
Ever found in a situation, to store data in redis over a long time, in a environment where key collisions could happen? Recently I’m dealing a lot with Redis to store large arrays of metadata over a short period for analysis purposes. However, Redis is of course not the right […]
syslog in C? Hello sendto()!
Local file based logging is quite simple. But why bother with rsyslog to ship logs, instead of just implementing a quite easy “client” in C? 20 minutes later: Surely, thats just a simple implementation and still misses setting proper severity levels, but it just does what it is intended to: […]
High performance DDoS statistics
Recently, I’m dealing with Redis/Hiredis C library in order to implement flow statistics into our flowShield DDoS-Mitigation application. First, I’ve thought about using MySQL, as we already heavily use the MySQL C Library. However, MySQL has some serious performance issues and could (seriously) not cope with 4.000 Insert Queries per […]
Speedup block devices with bcache
Comparing NVMe drives with normal SSDs or even SAS/SATA HDDs is like comparing apples with pears in terms of performance. However, it’s not always feasible to run everything on all-flash storage, as it’s still quite costly. Thats were bcache steps into the game. Whats bcache? bcache is a kernel module, […]
KVM Memory Latency
I’m recently dealing a lot with performance adjust- and measurements for flowShield v3. Interestingly, I’ve figured out, that KVM adds some serious latency to memory operations, which is problematic, as it means increased latency and at some point packetloss once for user- and kernelspace networking applications. Lets imagine, you have […]
GlusterFS – Replacing nodes online
Recently, at combahton, we had to migrate several older GlusterFS Nodes to new nodes, as they were not able to keep up with our current performance requirements. We had basically two options: Physically move the drives node-by-node into the new servers Use GlusterFS inbuilt features to move a brick (a […]