Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Go through VM template and minimize background noise #18

Open
8 of 9 tasks
orjanj opened this issue Jan 14, 2022 · 2 comments
Open
8 of 9 tasks

Go through VM template and minimize background noise #18

orjanj opened this issue Jan 14, 2022 · 2 comments
Assignees
@orjanj
Labels
component/workers Issues regarding the workers component configuration priority/critical Priority critical. Highest priority. testing Testing required
Milestone
Server preparations

Comments

@orjanj
Copy link
Owner

orjanj commented Jan 14, 2022
edited
Loading

Noise is generated with the packet captures, which causes a more unreliable data set when conducting analysis.

Tasks

  • Disable snapd services
    • snapd.socket
    • snapd.service
    • snapd.seeded
    • snapd.snap-repair.timer
  • Turn off automatic date and time
  • Disable automatic updates through APT
  • Diagonse other services using NTP/DNS
  • Disable IPv6 (see issue Disable ipv6 traffic #21)

Example noise output

tcpdump: listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
23:37:58.611322 IP (tos 0xc0, ttl 64, id 2173, offset 0, flags [none], proto ICMP (1), length 90)
    192.168.2.1 > 192.168.2.104: ICMP 192.168.2.1 udp port 53 unreachable, length 70
	IP (tos 0x0, ttl 64, id 23659, offset 0, flags [DF], proto UDP (17), length 62)
    192.168.2.104.40982 > 192.168.2.1.53: [udp sum ok] 1670+ A? api.snapcraft.io. (34)
	0x0000:  000c 29b8 e4d8 0050 56c0 0001 0800 45c0  ..)....PV.....E.
	0x0010:  005a 087d 0000 4001 ebac c0a8 0201 c0a8  .Z.}..@.........
	0x0020:  0268 0303 82f2 0000 0000 4500 003e 5c6b  .h........E..>\k
	0x0030:  4000 4011 588a c0a8 0268 c0a8 0201 a016  @[email protected]......
	0x0040:  0035 002a 2bca 0686 0100 0001 0000 0000  .5.*+...........
	0x0050:  0000 0361 7069 0973 6e61 7063 7261 6674  ...api.snapcraft
	0x0060:  0269 6f00 0001 0001                      .io.....
23:37:59.930274 IP (tos 0xc0, ttl 64, id 2395, offset 0, flags [none], proto ICMP (1), length 88)
    192.168.2.1 > 192.168.2.104: ICMP 192.168.2.1 udp port 53 unreachable, length 68
	IP (tos 0x0, ttl 64, id 23952, offset 0, flags [DF], proto UDP (17), length 60)
    192.168.2.104.58574 > 192.168.2.1.53: [udp sum ok] 33570+ A? ntp.ubuntu.com. (32)
	0x0000:  000c 29b8 e4d8 0050 56c0 0001 0800 45c0  ..)....PV.....E.
	0x0010:  0058 095b 0000 4001 ead0 c0a8 0201 c0a8  .X.[..@.........
	0x0020:  0268 0303 82f0 0000 0000 4500 003c 5d90  .h........E..<].
	0x0030:  4000 4011 5767 c0a8 0268 c0a8 0201 e4ce  @[email protected]......
	0x0040:  0035 0028 7c0a 8322 0100 0001 0000 0000  .5.(|.."........
	0x0050:  0000 036e 7470 0675 6275 6e74 7503 636f  ...ntp.ubuntu.co
	0x0060:  6d00 0001 0001                           m.....
@orjanj orjanj added the priority/minor Priority: minor. Lowest priority. label Jan 14, 2022
@orjanj orjanj added this to the Server preparations milestone Jan 14, 2022
@orjanj orjanj self-assigned this Jan 14, 2022
@orjanj orjanj added component/workers Issues regarding the workers component priority/minor Priority: minor. Lowest priority. priority/critical Priority critical. Highest priority. and removed priority/minor Priority: minor. Lowest priority. labels Jan 14, 2022
@orjanj
Copy link
Owner Author

orjanj commented Jan 17, 2022

Changed priority to critical since the parsed data sets contain more noise and makes the data set less synthetic.
Commands for mitigating these issues must be implemented in a server preparation script asap.

@orjanj
Copy link
Owner Author

orjanj commented Jan 18, 2022

In the first draft of the preparation script, I've integrated the following;

  • Disabling IPv6
  • Reloading sysctl settings
  • Deactivating automatic updates
  • Stopping and disabling given services

These settings were the most critical to implement, and are now done.

@orjanj orjanj added the testing Testing required label May 16, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@orjanj orjanj

Labels
component/workers Issues regarding the workers component configuration priority/critical Priority critical. Highest priority. testing Testing required
Projects
None yet
Milestone
Server preparations
Development

No branches or pull requests
1 participant
@orjanj