Photo by Leon on Unsplash

I still recall the moment when I was part of the first machine learning project that our team was working on. The requirement was to identify that part of the text that potentially contained date and time information. We were a set of amateur’s in data science aiming to build this date time pattern recognizer. Suddenly from nowhere, I wonder what struck us, we found a fun filled methodology to build and evaluate a model. Technically, we devised a methodology to evaluate if the set of features extracted out of the raw data is sufficient enough for a machine learning…


By veeterzy on https://unsplash.com

Microservice architecture is an architectural style wherein an application is broken down into independent components that are capable of providing a specific service. When a chain of these components is invoked, a business logic of the application is serviced.

Be it any architecture style, the quality of the software is crucial in providing flawless and trust-worthy service. Intensive testing is key to releasing a quality software. Software engineers perform multiple levels of testing to ensure that the microservice, business logic and eventually the whole application does not misbehave in any case. One such testing process is called the FMEA.

FMEA


DHCP, Dynamic host configuration protocol, is a network protocol that offers an IP address and other required details that include gateway IP, DNS IP to a host that enters a network. The DHCP protocol as defined in RFC2131 involves 4 transactions back and forth between the client and server, namely:

  • DHCP Discover — broadcast from the client
  • DHCP Offer — broadcast from the server
  • DHCP Request — unicast from client
  • DHCP ACK — unicast from server

Wikipedia explains the DHCP protocol amazingly!

DHCP Attacks

Similar to the ARP protocol, due to its inability to authenticate users who enter the network, there have…


Port forwarding is a technique in which a port in one machine is tunneled to a port in another machine. In simple words, a request made to a port P1 of a machine M1 is “forwarded” as a request to port P2 of a machine M2.

In the previous blog, we set up the experiment environment which emulated the setup as shown in the following diagram. In this blog, we shall perform the penetration test as we go along learning port forwarding.


Port forwarding is a technique in which a port in one machine is tunneled to a port in another machine. In simple words, a request made to a port P1 of a machine M1 is “forwarded” as a request to port P2 of a machine M2.

Imagine a web application server, where the incoming traffic is filtered by a firewall that allows only traffic to port 80 and 443 and denies the rest. A malicious user found the password to login to the web application server at port 22. But unfortunately, the firewall denies his SSH requests. What if the…


Source: https://i.pinimg.com/originals/fd/1a/81/fd1a81a46480470ef86750fa81b48a0a.jpg

ARP spoofing or ARP cache poisoning is a network exploitation technique in which a malicious node in a local area network claims itself to be one of the other nodes in the network. A malicious user performs this attack on LAN to establish itself as a man in the middle, or sometimes act as the destination node itself.

What is ARP?

ARP stands for Address resolution protocol. This protocol works between Layer 2 and Layer 3 of the OSI model. …


ipconfig /all

IP address, Internet Protocol address, I believe is the revolutionary invention made by humans. It let’s one uniquely identify a host in a network. The common questions that I hear are:

  • why is there an IP address when there is a MAC address and vice versa?
  • What is all about the concept of private and public IP addresses?

I hope this blog answers these questions and more.

(Not a boring) Evolution of network addressing scheme: My perspective

Let me give you a brief of how the internet started so that you may be able to appreciate the concept of MAC Addresses and IP addresses. …


Docker enables developers to create containers to host microservice applications in the most easiest way possible. Docker provides networking support, with the help of which two or more containers can communicate with each other.

Alright, so if the docker containers are in the same subnet, then the single broadcast domain will ensure communication between containers by switching packets. But, what if the containers are in different subnets (in different broadcast domains)? Does docker have the capability of routing packets too?

Magic:

Consider two hosts in two different subnets: 10.10.10.0/24 and 192.168.10.0/24.

To ensure that the shells on the right top corner…


We were taught in our programming classes that, to calculate gcd of two integers efficiently use the Euclid’s algorithm.

Magic:

The Euclid algorithm is programmed as follows:

Take a step back and think for a minute. Why does it work?

How did you do that?

I will explain this with the magic as the starting point to end up stating the Euclid’s theorem. Reverse Engineering!

Rewriting the code

Now carefully understand the following,


Encoded text

Communicating in secret language with the trusted ones is so much fun, right? Let me show you something interesting. It could be a starting point for you to begin your journey in Cryptography.

Magic:

Thread-2 Conclusion: Function overloading is not possible in python. https://www.geeksforgeeks.org/python-method-overloading/

How did you do that?

These encoding form the bread, butter, and jam for Information Security. Let’s get into each one, one at a time.

Hex code:

Hex code is the simplest form of encoding. Hex encoding works on 16 (=2⁴) characters 0 through 9 and a through f.

0x 0 = 0b 0000 (0x = hexadecimal, 0b = binary)
0x 1 = 0b…

Manoj Vignesh K M

Technical Evangelist — Security Automation using AI | Intuit Inc, Identity and Access Management

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store