≡ Menu

A Closer Look at LG G4

I have had the pleasure to be given the opportunity to participate in the #TryLGG4 program. I am someone who usually change my phone every 9-12 months and am currently a LG G3 user. I was not looking for any upgrade because I felt that all current devices on the market can’t match what a G3 offers. This all changed when I had the chance to use the LG G4. Here are my thoughts of the device as I opened the box.

1) Lightweight
2) Ergonomic design
3) Interchangeable battery
4) Expandable storage

The device feels extremely lightweight with an ergonomic design. This is something everyone will look for from a phone and I am very impressed to see how LG has perfected the overall design of G4 while giving the user an option to change battery and expandable storage. Since I am usually in the move through out the day, I always look for a phone with interchangeable battery and expandable storage for my photos and videos. This is by far one of attraction point of the G3 and now the G4. Every users requirement of a phone is different and for me point 3) and 4) are the deal breakers.

The 5.5 inch screen of this device is exceptionally well calibrated and stands out among all the devices in the market. The quantum display will definitely beat any device on the current market.

The camera on the LG G4 is absolutely brilliant and I can’t think of any device on the the current market which can beat the G4’s photo quality. The overall quality is not only great on moderate light area but it is performing exceptionally well on low light area. The camera application itself is very intuitive and gives the user to quickly change the mode according to his/her liking. This is something any user would prefer to take the perfect snap on a given moment in time.

Battery life of the G4 is average and being a power user, I can pretty much use it for an entire day with a full charge. If you are a power user who wouldn’t get to charge the device at night, then I would recommend taking advantage of the option to interchange battery and a spare battery would definitely give you the peace of mind.
To add to the G4, I have had the chance to use it with the LG Bluetooth Infinim which Performance, Style/Design, easy to use, Features/Settings, Quality, excellent audio quality goes hand in hand with the G4.

To conclude, overall design and the software on the LG G4 is what I expected from LG. The 3GB RAM upgrade on the G4 does help the software to run smoothly. I would definitely recommend LG G4 to anyone who wants to have best phone of 2015.

Filtering unwanted traffic from the Internet

The following post will explain one of the recommended method of filtering unwanted traffic from the internet to the internal network.

Most administrators filter RFC-1918 traversing from the internet to internal networks, while they are allowing a list of bogons prefixes which is defined in RFC-3330. These addresses are _not_ publically assigned, therefore should not see them as source IP destined to your internal network. Furthermore, it is a best practice from a security prospective to filter these ranges in case you are targeted with a spoofing attack.

As a reference to this post, please check RFC-3330 which contains all the prefixes in question.

The following configuration example shows RFC-3330 filtering on a Cisco ASA Firewall.

object-group network RFC-3330
   network-object 0.0.0.0 255.0.0.0
   network-object 10.0.0.0 255.0.0.0
   network-object 14.0.0.0 255.0.0.0
   network-object 24.0.0.0 255.0.0.0
   network-object 39.0.0.0 255.0.0.0
   network-object 127.0.0.0 255.0.0.0
   network-object 128.0.0.0 255.255.0.0
   network-object 169.254.0.0 255.255.0.0
   network-object 172.16.0.0 255.240.0.0
   network-object 191.255.0.0 255.255.0.0
   network-object 192.0.0.0 255.255.255.0
   network-object 192.0.2.0 255.255.255.0
   network-object 192.88.99.0 255.255.255.0
   network-object 192.168.0.0 255.255.0.0
   network-object 198.18.0.0 255.254.0.0
   network-object 223.255.255.0 255.255.255.0
   network-object 224.0.0.0 240.0.0.0
   network-object 240.0.0.0 240.0.0.0

CREATE ACCESSLIST, where the ACL name INTERNET define OUTSIDE interface.

access-list INTERNET deny ip object-group RFC-3330 any

When it comes to Cisco ASA, both Port-Object and Service-Object achieve the same result. However, application of extended Access Control List (ACL) and calling the Port-Object or Service-Object would differ in the ACL statement.

Below, we look at two tcp protocols, namely www and https defined using Port-Object and Service-Object as follows…

Port Object

object-group service WEB-PORTS tcp
 port-object eq www
 port-object eq https

Service Object

object-group service WEB-PORTS
 service-object tcp eq 80
 service-object tcp eq 443

The port-object defines the object name and the protocol in the object statement, while the service-object defines the protocol and the port together. The following ACL explains that…

Port-Object within an extended ACL
The port-object is defined at the end of the ACL.

access-list ACL_in extended permit tcp NETWORK SUBNET any object-group WEB-PORTS

Service-Object within an extended ACL
While the service-object statement is replaced as a substitute for the protocol with the ACL.

access-list ACL_in extended permit object-group WEB-PORTS NETWORK SUBNET any

The following method will enable a Cisco Aironet Autonomous Access Points to be converted into Lightwright mode by flashing the code. I have tested this on c1252 model but the same method should work as long as the models are supported by Cisco.

Download the recovery image and place it in the TFTP Server.
c1250-rcvk9w8-tar.152-4.JB6.tar

Remove the trailing .tar from the image filename, it should look something like the following.
c1250-rcvk9w8-tar.152-4.JB6

Set the Laptop IP Address as follows…
IP Address: 10.0.0.5
Subnet Mask: 255.255.248.0
Default Gateway: 10.0.0.10

Once you are in RAMON format flash: and set the IP Address on the AP as the following.

ap: format flash:
ap: set IP_ADDR 10.0.0.5
ap: set NETMASK 255.255.248.0
ap: set DEFAULT_ROUTER 10.0.0.10
ap: tftp_init

Issue the following command on the AP to transfer the file from the TFTP Server to Flash

ap: tar -xtract tftp://10.0.0.5/c1250-rcvk9w8-tar.152-4.JB6 flash:

Use the following command to find the exact location of the image.
[click to continue…]

The following JunOS configuration has been tested on PlusNet Fibre broadband running with external BT Openreach Modem. This setup should work with other VDSL/FTTC providers since they use the same underlaying BT infrastructure.

  • The configuration has been tested on SRX210H running JunOS 11.4R9.4 & 12.1X44-D35.5
  • BT Openreach modem connect to interfaces fe-0/0/7 on the SRX

Set the underlaying interface encapsulation to be PPP-Over-Ethernet.

set interfaces fe-0/0/7 unit 0 encapsulation ppp-over-ether

Set PPP Options with Authentication method CHAP.

If your ISP happen to use PAP Authentication method, then you need to reflect that.

set interfaces pp0 unit 0 ppp-options chap default-chap-secret YOUR-PASSWORD
set interfaces pp0 unit 0 ppp-options chap local-name YOUR-USERNAME
set interfaces pp0 unit 0 ppp-options chap no-rfc2486
set interfaces pp0 unit 0 ppp-options chap passive

[click to continue…]

How to Configure Failover on Cisco ASA Firewall

Configuring a Cisco ASA firewall to achieve resiliency is straightforward. Implementing the failover feature in the firewall to be on Active Standby mode can achieved by the following commands.

Please note that it is not recommended to use the Management interface for failover purposes, especially for stateful failover in which the security appliance constantly sends the connection information from one security appliance to the other.

Furthermore, we have to consider the future implication of using such Management Interface, as you may be want to create a completely new network for the Out Of Bound (OOB) access where the Management Interface on each device will participate. Therefore, using a Management Interface might cause design issues in the future.

On this example below, I will be using GigabitEthernet0/5 on both devices as the Failover interface.
[click to continue…]