Blog

What's an ASN?

Published: December 16, 2016

In a recent blog post, I mentioned that I had learned about CIDR notation while mitigating malicious website activity that originated from a range of IP addresses. Another networking concept that I learned about at that time is ASNs (Autonomous System Numbers).

In this post, I’ll explain what ASNs are, and offer a few tidbits on how to make use of them.

What Is CIDR Notation?

Published: December 15, 2016

Recently, I was involved in mitigating malicious scripted activity against a site that was found to be coming from a range of IP addresses. whois is a useful tool when dealing with this type of an issue. It can provide a network range for a given IP address.

$ whois 104.232.39.143

NetRange:       104.232.32.0 - 104.232.47.255
CIDR:           104.232.32.0/20
NetName:        NET3-INC
NetHandle:      NET-104-232-32-0-1
Parent:         NET104 (NET-104-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS36352, AS62584, AS55286
Organization:   Net3 Inc. (NETIN-11)
RegDate:        2014-10-27
Updated:        2014-10-27
Ref:            https://whois.arin.net/rest/net/NET-104-232-32-0-1


OrgName:        Net3 Inc.
OrgId:          NETIN-11
Address:        8195 Sheridan Drive
City:           Buffalo
StateProv:      NY
PostalCode:     14221
Country:        US
RegDate:        2013-07-10
Updated:        2015-08-14
Ref:            https://whois.arin.net/rest/org/NETIN-11


OrgTechHandle: NOC13226-ARIN
OrgTechName:   Network Operations Center
OrgTechPhone:  +1-289-408-9989
OrgTechEmail:  [email protected]
OrgTechRef:    https://whois.arin.net/rest/poc/NOC13226-ARIN

OrgAbuseHandle: NOC13226-ARIN
OrgAbuseName:   Network Operations Center
OrgAbusePhone:  +1-289-408-9989
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    https://whois.arin.net/rest/poc/NOC13226-ARIN

OrgNOCHandle: NOC13226-ARIN
OrgNOCName:   Network Operations Center
OrgNOCPhone:  +1-289-408-9989
OrgNOCEmail:  [email protected]
OrgNOCRef:    https://whois.arin.net/rest/poc/NOC13226-ARIN

I provided the range of IP addresses (104.232.32.0 - 104.232.47.255) to the hosting company to block at the firewall. However, in their correspondence, they began referring to the IP address range in a way I wasn’t familiar with. It looked like this:

104.232.32.0/20.

Curious as always, I did a little investigation and found out that this way of referring to networks is called CIDR notation. I became interested and decided to learn a little more about CIDR notation…what is it used for and why? Here, I’ll share my learnings for anyone else who is curious.

Full List of Apache Hooks

Published: December 7, 2016

Apache’s hooking system provides a very convenient way to customize request processing. However, thorough documentation is difficult to track down. The Apache developer documentation refers readers to the Doxygen documentation, however that page makes no mention of some commonly used hooks such as log_header_size_post_read_request.

Writing An Apache Module To Add Custom "%" Directives

Published: December 5, 2016

mod_log_config provides many useful ”%” directives for defining CustomLog formats. In combination with its friend, mod_logio, 99% percent of logging use cases are covered. However, one day, you may find that there’s something you want to log that is not accessible with the tools Apache provides you. Luckily, you can utilize Apache’s module system to add your own logging directives. In this guide, we’ll write an Apache module that adds a %^IH % directive which records request header size, in bytes.

Foreign Key Constraints Are Business Decisions

Published: December 1, 2016

A foreign key constraint is defined by Wikipedia as follows…

A field (or collection of fields) in one table that uniquely identifies a row of another table or the same table.

Sounds pretty technical, right? Frequently, a developer uses his or her judgement when planning the architecture of some feature to decide when a foreign key is appropriate. However, I had an experience today where I learned that often, foreign key constraint enforcement is a business decision rather than a technical one.

Logging PHP Arrays

Published: November 30, 2016

How should I log a PHP array?

If you work as a PHP developer this is probably a question you’ve asked yourself before. There are quite a few guides you’ll find online in regards to this subject.

• How to print array contents in log file
• Using error_log with print_r to gracefully debug PHP
• Logging an Array in Laravel

Typically, they point to PHP’s print_r function.

Unfortunately, they’re wrong

PSA: print_r() for logs sucks...

— Max Chadwick (@maxpchadwick) November 30, 2016

So why, exactly, does print_r suck for logging? Allow me to elaborate.