Five #QGIS network analysis toolboxes for #routing and #isochrones | Free and Open Source GIS Ramblings
▻https://anitagraser.com/2019/07/07/five-qgis-network-analysis-toolboxes-for-routing-and-isochrones
Based on local network data
– Default QGIS Processing network analysis tools
– QNEAT3 plugin
Based on web services
– Hqgis plugin (HERE)
– ORS Tools plugin (openrouteservice.org)
– TravelTime platform plugin (TravelTime platform)
#map
Building a Pincode Mapper and #routing engine with #postgis and pgrouting
▻https://hackernoon.com/building-a-pincode-mapper-and-routing-engine-with-postgis-and-pgrouting-
? Storing and Processing #gis data :Storing and Processing GIS data has become really important nowadays as many organizations deal with geospatial data all the time. As you might know #postgres offers a beautiful extension called Postgis that can be easily used to store, query and process spatial information. Pgrouting extends postgis to provide geospatial routing functionality.Sometimes we have location data with respect to time. Such data is called spatiotemporal data and this data is very useful to track something or someone with respect to both space and time.Trajectories in Postgis can be used to handle spatiotemporal data but if your data is huge then you could make use of Geomesa or Geospark with Apache Accumulo and Geoserver to handle your spatiotemporal Bigdata.QGIS along with (...)
#maps
Graphs at Work. At school. And in other places, too.
▻https://hackernoon.com/graphs-at-work-at-school-and-in-other-places-too-9936493dec51?source=rss
My better half teaches further mathematics for the International Baccalaureate (IB) program at a nearby school. I had a previous encounter with their Math club, on the topic of “Math at work”. Back then, work was focused on the roll-out of Scrum at scale, so I touched on Fibonacci numbers (used for effort estimation) and scratched the surface of queuing theory, M/M/1 queues in particular, to model service time in a work queue.Fast forward a month ago, the further mathematics class completed a healthy introduction to #graph Theory, including Dijkstra’s algorithm and the traveling salesman problem. Students remembered the “Math at work” session and asked for a sequel on “Graphs at work”. Based on conversations at home, I fully expected wickedly smart kids to wander in that class, so this was (...)
Will #cisco Be the Next Roadkill for #aws?
▻https://hackernoon.com/will-cisco-be-the-next-roadkill-for-aws-f6fff2a56135?source=rss----3a814
I’m not keeping very close track, but it feels like months since Amazon Web Services (AWS) most recently turned a major tech industry upside down. But with all their resources and market power, I’m sure there’s always something interesting cooking in the kitchens of wherever Amazon’s headquarters happens to be right now.So let me throw my purely speculative prediction into the silence. As I describe in my Learn AWS in a Month of Lunches book, AWS has happily replaced your server room with EC2, your SAN and NAS with S3, your data warehousing with Redshift, and your database with RDS (and Aurora). They’ve also invented entirely new deployment models: politely informing you, for instance, that you simply have to serve your mobile apps via serverless functions (Lambda).So what’s next? Well how (...)
“When routers try to be smart and helpful, they end up being dumb and harmful”
▻https://huitema.wordpress.com/2018/03/03/having-fun-and-surprises-with-ipv6
#IPv6 #internetworking #interréseautage #routage #routing
“Early this morning (UTC) our systems detected a suspicious event where many prefixes for high profile destinations were being announced by an unused Russian Autonomous System.
Starting at 04:43 (UTC) 80 prefixes normally announced by organizations such Google, Apple, Facebook, Microsoft, Twitch, NTT Communications and Riot Games were now detected in the global BGP routing tables with an Origin AS of 39523 (DV-LINK-AS), out of Russia.”
▻https://bgpmon.net/popular-destinations-rerouted-to-russia
Example of a Facebook prefix briefly routed towards AS39523 DV-LINK-AS (on Twitter):
@bgpstream
BGP,HJ,hijacked prefix AS32934 31.13.84.0/24, Facebook, Inc.,-,By AS39523 DV-LINK-AS, ▻http://bgpstream.com/event/119987
Comme d’habitude, impossible de savoir s’il s’agit d’un détournement de trafic volontaire, ou bien d’un simple « fat fingering » (erreur de configuration). Comme l’AS en cause est russe, les états-uniens vont évidemment trancher en faveur de la première hypothèse, alors que de tels détournements, sans être quotidiens, ne sont quand même pas exceptionnels.
Mais ça fait voyager : l’opérateur en cause, « Vasilliev Ivan Ivanovitch » est installé dans le kraï de #Khabarovsk ▻https://fr.wikipedia.org/wiki/Kra%C3%AF_de_Khabarovsk
L’annonce en question vue par RIPE stat (il s’agit du "second event" noté par BGPmon) :
{
"timestamp": "2017-12-12T07:07:59",
"type": "A",
"attrs": {
"source_id": "00-146.228.1.3",
"path": [
1836,
6939,
31133,
39523
],
"community": [
"1836:110",
"1836:3000",
"1836:3010",
"1836:20000"
],
"target_prefix": "31.13.84.0/24"
}
},
Introduction of MAPCAT - the new world map portal
The company Mapcat from Hungary is a new competitor in the market for #map #tiles, #routing and #geocoding
▻https://blog.mapcat.com/mapcat-world-map-introduction
https://blog.mapcat.com/wp-content/uploads/2016/10/Screenshot-2017-01-04-13.40.40.jpg 
https://blog.mapcat.com/wp-content/uploads/2017/04/Screenshot-2017-03-16-11.03.59-1024x530.jpg According to your choice, we will offer you beautiful vector or raster (png) map tiles working with high speed, based on the highly-detailed, community edited OpenStreetMap database.Furthermore, with MAPCAT, you will be able to:
– Access OSM, the world’s most detailed and dynamic community-edited map database, turned into beautifully customized, easy-to-use maps
– See updates of OSM data in real time, practically with no lead time
– Have the maps in your own language or any preferred language (I18N)
– Switch to MAPCAT maps easily, without redesigning your current application
– Set custom views – streetmap, bicycle map, terrain map
▻https://blog.mapcat.com/vectorraster-maps
Un nouveau mapbox ? En tout cas leur ty chat qui illustre tous leurs billets de blog est kromeugnon et ils n’oublient pas de citer osm (à tout va).
#osm
bcosca/fatfree: A powerful yet easy-to-use #php micro-framework designed to help you build dynamic and robust Web applications - fast!
▻https://github.com/bcosca/fatfree
Condensed in a single ~65KB file, F3 (as we fondly call it) gives you solid foundation, a mature code base, and a no-nonsense approach to writing Web applications. Under the hood is an easy-to-use Web development tool kit, a high-performance URL #routing and cache engine, built-in code highlighting, and support for multilingual applications. It’s lightweight, easy-to-use, and fast. Most of all, it doesn’t get in your way.
F3 supports both SQL and NoSQL databases off-the-shelf: MySQL, SQLite, MSSQL/Sybase, PostgreSQL, MongoDB and its own lightning fast Flat-File DB (we call it Jig). It also comes with powerful object-relational mappers for data abstraction and modeling that are just as lightweight as the framework. No configuration needed.
F3 can also shield you from spam and DoS attacks, by performing DNSBL checks. It can increase your server health and uptime, by controlling web server traffic with profile analysis and bandwidth throttle.
Petit mais costaud, ça fait plus « out of the box » que Lumen et Silex.
Pas mal pour faire une API Rest rapidement, entre autres.
12.5 Gbps RIPv1 DDoS
Reflector type attack where the victim’s IP is spoofed as destination of a RIPv1 message that sends back routing table responses.
Interesting thought is Akamai’s recommendation for mitigation: as it is impossible for manufacturers of all kinds of small & SOHO routers to begin updating all devices to disable RIPv1 by default (many devices are end of life and no longer supported), the recommendation is to have ISPs think about blocking that RIPv1 traffic. Obviously a touchy subject, but already today some ISPs block by default some ports for residential users as a security measure. If a user wants he can have the ports activated. (usually only expert users request this, who know what they are doing – or are more likely to know)
It’s time to declare RIPv1 to Rest In Peace.
▻http://www.infoworld.com/article/2942749/network-security/obsolete-internet-protocol-once-again-becomes-an-attack-vector.html
Internal Internet traffic routed outside Russia by a Chinese operator
The Russian Internet traffic in several circumstances has been re-routed outside the country, the incidents seem to be caused by routing errors made by China Telecom.
The news has been published by the Internet monitoring service Dyn in a blog post, which also reports that domestic traffic was re-routed apparently due to a networking fault caused by a weakness in the Border gateway protocol (#BGP).
However, as can often happen with these [peering] relationships, one party can leak the routes received from the other and effectively insert itself into the path of the other party’s Internet communications. This happened over a dozen times in the past year between these two providers. This is a general phenomenon that occurs with some regularity but isn’t often discussed in BGP security literature. In this blog post, we’ll explore the issue via the lens of this single example. In a follow-on blog, we’ll explore several additional examples.
The original article below gives a fairly comprehensive explanation of peering and what can go wrong. It also explains the #Vimpelcom and #China_Telecom peering agreement and shows how it went wrong on several occasions. (eg China Telecom announcing full tables)
▻http://research.dyn.com/2014/11/chinese-routing-errors-redirect-russian-traffic
http://research.dyn.com/wp-content/uploads/2014/11/normal_ops.gif 
http://research.dyn.com/wp-content/uploads/2014/11/leak_scenario1.gif 
http://research.dyn.com/wp-content/uploads/2014/11/leak_scenario2.gif The above article also references the following very good and self-explanatory read that explains BGP prefix hijacking, and available security measures:
Why Is It Taking So Long to Secure Internet Routing?
People have been aware of BGP’s security issues for almost two decades and have proposed a number of solutions, most of which apply simple and well-understood cryptography or whitelisting techniques. Yet, many of these solutions remain undeployed (or incompletely deployed) in the global Internet, and the vulnerabilities persist. Why is it taking so long to secure BGP?
▻http://queue.acm.org/detail.cfm?id=2668966
Thus, while we continue to make progress toward protocol-based defenses for routing security, the next frontier in routing security could very well be hardening the software and hardware used in Internet routers.
#Android in my shirt pocket, this week-end I tested #OSMAnd ’s fully offline turn-by-turn spoken #bicycle #routing with #Openstreetmap data… I’m impressed.
“Today we observed a large-scale ‘hijack’ event that affected many of the prefixes on the Internet. This blog post is to provide you with some additional information. Indosat, AS4761, one of Indonesia’s largest telecommunication networks normally originates about 300 prefixes. Starting at 18:26 UTC (April 2, 2014) AS4761 began to originate 417,038 new prefixes normally announced by other Autonomous Systems such as yours.”
Rather see ▻http://seenthis.net/messages/243546 for a discussion
Indosat AS4761 hijacked 400k+ prefixes on April 2, 2014
►http://www.bgpmon.net/hijack-event-today-by-indosat
Indosat, AS4761, one of Indonesia’s largest telecommunication networks normally originates about 300 prefixes. Starting at 18:26 UTC (April 2, 2014) AS4761 began to originate 417,038 new prefixes normally announced by other Autonomous Systems such as yours. The ‘mis-origination’ event by Indosat lasted for several hours affecting different prefixes at different times until approximately 21:15 UTC.
It appears our AS was affected as well (between 19:33 and 20:23), but I am a bit suspicious as I cannot corroborate this info with other sources than bgpmon.net
Any reference I find traces back to bgpmon. (and I cannot read Indonesian).
No Waldo here:
▻https://radar.qrator.net/general/?asnum=4761
Perhaps @Stephane Bortzmeyer has an opinion on this ?
Autres sources que découlant de bgpmon ?
paranoïa über alles : from the bgpmon service:
Users with a premium account also have access to all the individual BGP updates as well as the full AS path. This will tell you in detail what networks selected this bad route and the exact timestamps. Some of you also received a phone call to inform you of the events immideatly after detection (part of the Enterprise add-on).
I see the same thing. Probably, the leak was filtered out by Indosat’s upstream providers and received only by one BGPmon probe. ("Detected by #peers: 1" in the message I received from BGPmon.)
However, on the NANOG mailing list, there was also a testimony that it was also seen through RIS and that one Route-Views collector, 64.25.208.71 “has seen updates that contains large amount of prefixes at time 1396464452 (04 / 02 / 14 @ 6:47:32pm UTC) with path [20225, 6939, 4761]”
Besides disrupting Akamai themselves, this routing leak completely took out Indosat in what amounted to a self-inflicted DDoS attack
:D
some instructive graphs in that article, and a valuable conclusion.
Enterprises also need to carefully police their own routing policies and understand how the world reaches them.
so true.
JACK Audio Connection Kit
▻http://www.crudebyte.com/jack-ios
JACK is more than just one iOS app. It is a system that connects the music and audio world on your iOS device. JACK allows audio channels and MIDI ports of your audio & music apps to be connected with each other. It does not force a predefined schema in which way apps shall be connected with each other. You can freely connect them in any way you want, intuitively like drawing on a paper.
Version iOS de ▻http://jackaudio.org
▻http://jackaudio.org/themes/pushbutton/logo.png
Info importante apprise en visionnant les vidéos du CMS Day : #Drupal 8 va intégrer plusieurs des modules de base du #framework #symfony !
Le cœur qui implémente super proprement le standard #HTTP dans #PHP, le module de #route #routing pour faire correspondre masques d’#URL, actions HTTP, et action dans le logiciel, plein de trucs supers... qui vont être intégrés directement dans le noyau de Drupal.
Le but est de rajeunir un code vieillissant, de le rendre plus maintenable, plus testable et générique, et plus interopérable puisque le code sera partagé avec d’autres applis, ces morceaux ne seront plus propres à Drupal.
Je trouve cela extrêmement intéressant.
Le but n’est évidemment pas que tous les logiciels se ressemblent et gommer leur personnalité ou ce qu’ils pourraient apporter d’innovant.
En effet, ça intégrerait surtout des éléments bas niveaux, qui sont à priori des bonnes pratiques dans un contexte #REST, quelque soit ce qu’on en fait ensuite.
Voici l’annonce de #Fabien-Potencier, de Symfony :
Symfony2 meets Drupal 8 - Symfony
►http://symfony.com/blog/symfony2-meets-drupal-8
Et l’annonce de #Dries-Buytaert, de Drupal :
The future is a RESTful Drupal
►http://buytaert.net/the-future-is-a-restful-drupal
Des idées pour #SPIP 4 ?
