Mike's Technology and Finance Blog covers a number of different topics in finance and technology. Most technical posts provide architecture, development, implementation, troubleshooting techniques for different Enterprise IT systems that run on the Windows, UNIX, and Linux platforms. Some posts also include my personal opinions and rants.
In previous posts, I covered how to obtain HyperTerminal for Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 using an installation of Windows Server 2003 or Windows XP. Not everyone still has copies of these outdated operating systems and it might be time to move on to newer serial console software. In this post, I provide a few alternatives to using Hyperterminal.
PuTTY
PuTTY is most known as a good general use SSH/Telnet client, but a less commonly known fact is that PUTTY is capable of initiating serial connections.
TeraTerm
Tera Term is a good serial emulation program if you need more functionality than what PuTTY provides (specifically if you need to send/receive data via the Xmodem/Ymodem protocols).
Minicom
For linux dual booters and cygwin users, the most functional serial console tool that I have found is minicom. This is available as a package for most linux distributions and can also be built from source. There are potentially a lot of options for configuring minicom because it also provides modem dialing capabilities in addition to serial connectivity.
Strong encryption is the most important important aspect to ensuring data confidentiality when it is in transit across a network. Various protocols for transport level encryption exist. A couple of the more commonly cited ones are Secure Sockets Layer (SSL)/Transport Layer Security (TLS) and IP Security (IPSec).
SSL and TLS are common for websites, file transfers, and other application level services while IPSec is typically used to encrypt all traffic (or potentially a subset) between two or more endpoints (node-node IPSec), two or more gateways (gateway-gateway IPSec), and between oner or more nodes and one or more gateways (node-gateway IPSec).
In this example, I will configure IPSec encryption between two "trusted" networks over a network that is "untrusted." Assume that we have the following topology:
To begin, we need a plan...
Traffic originating from 192.168.1.0/24 and traveling across T1's fa0/0 interface to 192.168.2.0 should be encrypted. Traffic from 192.168.2.0/24 to 192.168.1.0/24 should also be encrypted (note that it is possible to encrypt asymmetrically, but not recommended). In this case, we are looking for security over performance, so we will use AES encryption (vs 3DES or DES, which are considered weak).
To begin, let's configure suitable policies on T1 and T2:
! Define a new internet security association key management protocol (ISAKMP) policy crypto isakmp policy 1
! Use AES encryption encryption aes
! Define pre-shared keys, as opposed to certificate based authentication/exchange authentication pre-share
! Diffie-Hellman group 2 - more secure than group 1, but also more CPU intensive group 2
! Specify the key lifetime (time until renegotiation) lifetime 600
! Define a shared key for encrypting traffic between T1 and T2. Use password 'mypasswd' crypto isakmp key mypasswd address 1.1.1.6
Now for the configuration on T2 (similar to T1, but with different peer address):
Now, we want to define the transform set. For the c3725 Series routers running IOS 12.4, we can define up to three transforms + compression. In this case, we'll define an authentication header (AH) and the AES ESP.
On T1:
crypto ipsec transform-set T2 ah-sha-hmac esp-aes
On T2:
crypto ipsec transform-set T1 ah-sha-hmac esp-aes
Note that using AH without ESP does not encrypt the packet, where it is possible to encrypt the packet using ESP without using the authentication header (AH). Combining AH and ESP encapsulates and encrypts the entire packet as we can see from the packet capture further below.
After we have the ISAKMP Policy and the transform set defined, we want to define ACLs and a crypto map that define which traffic flows need to be encrypted. The crypto map entries are fairly straightforward, defining the peer address for encryption/decryption, the transform set do be used, and the extended ACLs that define which traffic should be encrypted.
Below are the extended ACLs for matching traffic to be encrypted:
On T1:
! Match traffic originating from 192.168.1.0/24 going to 192.168.2.0/24 access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
On T2:
! Match traffic originating from 192.168.2.0/24 going to 192.168.1.0/24 access-list 101 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
And now for the specific crypto map entries:
On T1:
crypto map T2 10 ipsec-isakmp set peer 1.1.1.6 set transform-set T2 match address 101
On T2:
crypto map T1 10 ipsec-isakmp set peer 1.1.1.2 set transform-set T1 match address 101
Now we have all of the pieces in place for IPsec. We now need to assign the crypto map to the outgoing interfaces.
On T1:
! interface FastEthernet0/0 ip address 1.1.1.2 255.255.255.252 duplex auto speed auto crypto map T2
!
On T2:
! interface FastEthernet0/0 ip address 1.1.1.6 255.255.255.252 duplex auto speed auto crypto map T1
!
To verify the setup, we can send packets that need to be encrypted (in this case using the IOS extended ping utility). The first ping may time out because of the security association negotiation that needs to occur:
T1#ping 192.168.2.1 source Lo0 Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 104/105/108 ms
We now look at whether we have an SA:
T1#show crypto isakmp sa IPv4 Crypto ISAKMP SA
dst src state conn-id slot status
1.1.1.6 1.1.1.2 QM_IDLE 1007 0 ACTIVE
T1#show crypto isakmp sa detail Codes: C - IKE configuration mode, D - Dead Peer Detection
K - Keepalives, N - NAT-traversal
X - IKE Extended Authentication
psk - Preshared key, rsig - RSA signature
renc - RSA encryption
IPv4 Crypto ISAKMP SA
C-id Local Remote I-VRF Status Encr Hash Auth DH Lifetime Cap.
The .Net Framework's most recent versions (4 and 4.5) come with a fairly useful charting library for developing Windows Forms applications. It is really easy to put together a charting application using the System.Windows.Forms.DataVisualization.Charting namespace and the .Net Chart class.
Most of the chart types are fairly straightforward, but the financial chart types (point and figure, candlestick, and OHLC) are a little less intuitive because they require multiple Y values per DataPoint and Microsoft has done a poor job documenting the right order to add these. I suppose that this post could fill that gap.
For the OHLC and Cadlestick chart types, the right order to add the open, high, low, and close values to a DataPoint is the following: high, low, close, open. See the following code sample where I plot a set of trading day values for a particular equity:
In many support scenarios, it is necessary to obtain information on the loaded drivers and hardware for a system. This information can be dumped using the msinfo32 utility found on every current supported version of the Windows Operating System.
For Windows Vista, Windows 7, Windows Server 2008, and Windows Server 2008 R2, this tool can be ran from the "search" bar on the start menu:
For the most recent Windows OD (Windows 8 and Windows Server 2012), use the search functionality by pointing the mouse (or tapping) to the top right corner of the screen and clicking search:
Inside of the tool, click File -> Save and save the system information to the file. The saved file can then be uploaded/emailed to the person providing support.
In my last post I covered some of the basics with using IComparer and Comparison for sorting collections in .Net that implement the Sort() method. In this post, we will take a look at some more advanced sorting scenarios where multi-level sorting needs to be used.
First, what is multi-level sorting?
Multi-level sorting requires sorting each record of a set by more than one parameter. Each successive parameter in the sort is used if the preceding parameters are equal. Take the following example showing 5 unsorted first and last names:
First Name
Last Name
John
Smith
Jane
Smith
Benjamin
Franklin
George
Washington
Now, let's say we want this example to be sorted by last name (first parameter) and then by first name (second parameter).
First Name
Last Name
Benjamin
Franklin
Jane
Smith
John
Smith
George
Washington
For Benjamin Franklin and George Washington, the second sort parameter (first name) doesn't matter because there are no other people with the last names Washington or Franklin in the set. For John and Jane, the second sort parameter matters because they have the same last name.
Now on to an applied example from the world of finance... Let's take an example where we have a set of investment positions (both long and short) across commodities, foreign exchange (forex), and the equities (stock) markets. We'll start out with the following basic definitions:
publicenumPositionType
{
///<summary>
/// A long position is generally taken when an asset
/// is expected to increase in value. An investor would
/// profit by buying an asset (stock,bond, foreign currency,
/// mutual fund, exchange traded fund (ETF), commodity futures
/// contract, equity option, etc.) at a low price and then
/// selling it at a higher price at some time in the future
///</summary>
Long,
///<summary>
/// A short position is generally taken when an asset
/// is expected to decrease in value. An investor would
/// profit by borrowing and selling an asset (stock,bond,
/// foreign currency, mutual fund, exchange traded fund (ETF),
/// commodity futures contract, equity option, etc.) at a high price
/// and then buying it back at a lower price at some time in the future
///</summary>
Short
}
publicenumInvestmentType
{
Bond,
Commodity,
Private_Equity,
Foreign_Exchange,
Public_Equity,
Mutual_Fund,
Equity_Option,
Other_Derivative
}
publicclassInvestmentPosition
{
publicInvestmentType InvestmentType;
publicPositionType PositionType;
publicstring Description;
publicint Quantity;
publicdecimal Initial_Price;
publicdecimal Final_Price;
} --> --> -->
Now, we'll define a problem where we have a number of investment positions that we want to sort by dollar-value gain/loss and within each gain/loss category we want to order by description (note that I've artificially set up the prices to have a few instances of equal gains/losses so that we end up sorting on the Description field). The reason why I included the InvestmentType enumeration in this example is because gain/loss is calculated differently for foreign exchange than it is for most other investments and we'll end up needing to take this into account. How to calculate the gain or loss on a foreign exchange position or a typical asset is below:
Foreign Exchange Trades
Most Other Investments
Like my previous example, we will start out by creating a new unit test and create some investment positions.
