...
Attendees
Invitees:
Wajahat Hussain?(SEECS); Saqib+; Johari, Adnan Khan (UNIMAS)?; Adib, Fatima (UUM); Fizi Jalil (MYREN); Dr. Charnsak Srisawatsakul (Ubru), Les+, Bebo (maybe), Umar+
+ Confirmed attendance
- Responded but Unable to attend:
...
Umar looking at extending the comparison IPv6 vs IPv4 ping RTTs and TCP vs ICMP/ping RTTs. See Towards Analysis of ICMP vs TCP Ping Latencies.
XSS vulnerability in traceroute.pl
Working on Validating ICMP ping measurements against TCP nping measurements.
- Want MAs at SLAC (Les, Umar), Virginia Tech, China (Saqib), Malaysia (Johari), Thailand (Charnsak), Pakistan (Wajahat?). We have completed the ping vs nping measurements for SLAC and VTech. If other wish to join the paper (i.e. make the measurements), we need to know soon.
XSS vulnerability in traceroute.pl
Sent following email to Johari, Adib, Wajahat and Saqib:
There
Sent following email to Johari, Adib, Wajahat and Saqib:
There is a modified version of the PingER traceroute.pl CGI script. The new version sanitizes the QUERY_STRING variables to prevent some just exposed cross-site-scripting (XSS, see for example https://en.wikipedia.org/wiki/Cross-site_scripting) vulnerabilities. It is recommended that you replace the existing traceroute.pl script at your site with the new version, i.e. get (e.g. using wget) traceroute.pl from http://www.slac.stanford.edu/comp/net/traceroute/traceroute.pl and install in your CGI directory (often /var/www/cgi-bin or /usr/local/cgi-bin or /usr/lib/cgi-bin or /var/www/cgi-bin). You may need to make it executable with the command chmod a+x traceroute.pl. You can test it by loading the URL http://yourwebserver/cgi-bin/traceroute.pl.
No word, must be OK will send to list at PINGER-DEV@LISTSERV.SLAC.STANFORD.EDU
...
- Meta database (NODEDETAILS) is now fully ipv6 compliant, need to enter some ipv6 hosts.
- pinger2.pl works for either an IPv4 MA or an IPv6 MA.
- Gathering works for both IPv4 and IPv6, the analysis and presentation is also working for both.
- We will need to add an item to the pingtable.pl form to enable the ability to select IPv4 or IPv6 measurements or both.
Working on Validating ICMP ping measurements against TCP nping measurements.
- Scripts written to generate configuration files for perfSONAR and PingER targets.
- Also have script to compare ICMP/ping RTTs with TCP (syn/ack) RTTs.
- Staring analysis with Excel. The agreement looks good.
- Want MAs at SLAC (Les, Umar), Virginia Tech, China (Saqib), Malaysia (Johari), Thailand (Charnsak), Pakistan (Wajahat?). We have completed the ping vs nping measurements for SLAC and VTech. If other wish to join (i.e. make the measurements) the paper, we need to know soon.
PingER data is currently PingER data is currently kept on a Sun Solaris file server front ending a 1TByte disk array. Solaris is no longer supported at SLAC and the disk array is 13 years old so we need to migrate the data to GPFS. Les is working on this.
| Host | State | last seen | Status | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Pakistan | See above. | ||||||||||
| rainbow.inp.nsk.su | Unable to gather data or ping host, Sent email 1/26/2018. | Dec 6, 2017 | restored January 27,2018 | ||||||||
| last seen | Status | ||||||||||
| Pakistan | See above. | pinger.ascr.doe.gov | Node changed to appsvr2.ascr.doe.gov, unable to ping or gather data, email sent 1/26/2018 | appsvr2 never seen | Fixed the SrcName working again Feb 12, 2018|||||||
| pingeramity.in | Unable to gather data, needs re-installing the MA. Working with Amity, emails Jan 12, Jan 16, Jan 26, Feb 20 | March 22, 2017 | Aug 13, 2017 | pinger.ictp.it |
Next Meeting
Next meeting: Thursday, April 26th 9pm Pacific time; Friday, March 27th, 2018 9:00am Pakistan time; 12:00noon Malaysian & Guangzhou time; and 11am Thailand time.
...