Automatic recording of incoming calls from unknown numbers

About a year ago, Google introduced the ability to record calls to the Google Phone app on Pixel devices. Shortly afterward, Google launched this feature on several Nokia and Xiaomi devices. It is reported that Google is currently working on the Google phone app to enable automatic recording of incoming calls from unknown numbers.

XDA-Developers' website has been able to uncover some new code strings that highlight this feature through a teardown in version 59, the latest update to the Google Phone app. As stated in the first string thus detected, the other person in the call with you will be notified of each recorded call. In order to use this call recording feature, you must first agree to allow calls to be recorded. It also states that all recordings recorded in this way will be stored only on your phone.

The other strings thus detected confirm two automatic call recording options, one called "Always record" and the other "Cancel". However, Google has not yet officially confirmed this feature. Keep in mind that this feature is only a feature detected through an app teardown.

You can use the XDA-Developers website and the GSMArena website to learn more about this feature.

Testing and proving the difference between Extended ACL vs. NAMED ACL

  Extended ACL vs. Named ACL

 

 

Case1:

We need the BLOCK the traffic from PC2 to PC1

Allow others.

 

Use a Extended ACL

# access-list 100 deny ip host 192.168.2.100 host 192.168.1.100

# int f0/1 (R2 interface to SW2)

# ip access-group 100 in

Here ALL GOOD as we cannot ping PC1 from PC2, but can ping other devices.

But when we try R3, it also cannot ping

PING from PC2 to PC4 also fails.

That’s means implicit deny rule there.

 

 

 

Adding an ACL to ACL 100.

R2(config)#access-list 100 permit ip any any

 

 

 

Now::

When ping from PC2 --> PC1 Deny due to RULE 10 sequence

When ping from PC2 --> other allow (able to PING) it goes via 20 rule. Permit any any.

Now the manager wants to disable ping from PC2 --> R3

Let’s add a deny rule to access-list 100

R2(config)#access-list 100 deny ip host 192.168.2.100 host 192.168.1.254

 

 

But this does not work and why?

Ping from PC2 --> PC1 fail (due to denying rule 10)

We think after adding the deny rule to the R3 network will deny the ping from PC2 to R3.

But not, because 20 rule ANY ANY satisfied the ACL as it permit any network to any destination.

Even 30 rule is there, after satisfying the ping from rule 20, it will not check the rule 30 sequence.

 

However, don’t remove the any any rule, it will remove the all ACL 100.

Let's try to add ACL 101 to deny R3

 

 

 

NOW !!! we cannot ping the device due to deny rule and after that implicit deny rule.

 

We add ANY ANY rule to 101 ACL

 

 

Now,

Ping from PC2 to R3 DENY

Ping from PC2 to other devices ok means 100 ACL 10 sequence is not working.

That rule skips because there is 101 ANY ANY rule.

 

So, now the problem is, when ACL is there, how to block another IP.

When we implement a new ACL it will skip other rules.

If we put the RULE into the same ACL (100), a sequence number set and rules go to below and the top rules are not working because of ANY ANY rule there.

 

The BEST solution here is to USE NAMED-ACL. it can set the SEQUENCE.

So if any rule is satisfied it will APPLY the RULE and don’t go further as checking the next RULE sequence.

Let’s implement this.

 

 

 

 

 

DENY PING from PC2 --> PC1

ALLOW PING from PC2 --> Other devices

BLOCK PING from PC2 --> R3

 

R2(config)#ip access-list extended BLOCK-PC1

R2(config-ext-nacl)#deny ip host 192.168.2.100 host 192.168.1.100

R2(config-ext-nacl)#permit ip any any

 

 

 

 

10=deny ping to PC1

20=allow ping to other devices.

 

NOW apply a rule to block R3

 

 

 

Here DENY 30 rule is not working, ping R3, it will allow by 2 rules and be satisfied.

So we need to get the RULE sequence between 10-20 to deny the R3

R2(config)#ip access-list extended BLOCK-PC1

R2(config-ext-nacl)#no 30 deny ip host 192.168.2.100 host 192.168.1.254

R2(config-ext-nacl)#15 deny ip host 192.168.2.100 host 192.168.1.254

 

 

 

DONE DEAL….. LAB DONE!!!!!

PC2 cannot ping PC1 and R3.

But can ping 4 network.

 

Let’s go further.

Let’s block the 4 network by new NAMED-ACL rule

 

OH NO! Block all devices. Because after the new NAMED ACL, it takes the sequence.

SO NEW rule has to be checked 1^st.

To deny all traffic

 

 

What happens, if we apply new ACL 200 to allow PC1

 

PC1 is okay because we permit it.

 

But as that implicit deny rule will block all devices.

 

TESTING!!!!!! RESULT!!!!!

NAMED ACL is better….

Because;

Ping deny from PC2 to PC1

Put allow the rule to allow other devices.

ALL OKAY.

Meanwhile, the manager asked to blow R3.

Apply a rule to block R3

IT WILL NOT WORK.

WHY? Because 2^nd sequence is ANY ANY RULE.. it will satisfy and not check the next sequence rule as the new rule to block R3.

 

Solution:

Check the show access-list

APPLY NAMED ACL (already created one)

Change the SEQUENCE BETWEEN THE RULES.

 

DONE!!!! CHEERS!!!! ACL DONE!!!! 

IPsec Site-to-site VPN with Cisco routers

 

01. PC1 can ping to PC2 - Verified!

02. IPsec Implementation

IPsec allows exchanging of security protocols and encryption algorithms. Two configuration

elements are needed to implement IPsec VPN.

- Implement IKE and IPsec parameters.

• IKE P1 => define key exchange method used to pass and validate IKE policies btw peers.

• IKE p2 => peers exchange & match IPsec policies for authentication & encryption of data traffic.

IKE must enable to function IPsec. #crypto isakmp enable </enable isakmp on the router>

To allow IKE P1 negotiation => create ISAKMP policy and configure a peer association involving

that ISAKMP policy. ISAKMP policy defines auth:, enry:% & hash function used to send control traffic between

the two VPN endpoints.

When the ISAKMP security association is accepted by IKE peers, IKE P1 has been completed. IKE p2 will configure later.

03. Create ISAKMP policy

# crypto isakmp policy 10

Configure the ISAKMP policy on R1 & R3

hash => data integrity, not change the data

auth => packet get by the real peer

DH group => create a secret key shared by the peer.

# show cryp isakmp policy

04. Create pre-shared key # crypto isakmp key abc address 10.2.2.1 <peers IP address facing to other router>

05. IPsec TRANSFORM SET => router negotiate to form a security association.

# crypto ipsec transform-set 50 ?

# crypto ipsec transform-set 50 esp-aes 256 esp-sha-hmac

<ESP transfor with AES 256 CIPHER with ESP and the SHA hash function> The tranform set must match.

The function of IPsec transform set? it specifies the cryptographic algorithms and functions (transforms)

that a router employs on the actual data packets sent through the IPsec tunnel.

These algorith includes, encry: encapsu:auth: and data integrity service that IPsec can apply.

# crypto ipsec security-association lifetime seconds 1800

06. Define interesting traffic!!!

ACL => which traffic to encrypt. A packet that is denied by one of these ACL is not

dropped it is sent unencrypted. if there is no IPsec security association correctly configured, no traffic

is encrypted and traffic is forwarded unencrypted.

ACL

R1# access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.3.0 0.0.0.255

R3# access-list 101 permit ip 192.168.3.0 0.0.0.255 192.168.1.0 0.0.0.255

The ACL should be mirrored. otherwise not IPsec not form a security association.

07. Create and apply CRYPTO MAP

# crypto map CMAP 10 ipsec-isakmp

# match address 101 <which ACL>

# set peer 10.2.2.1

# set pfs group 5

# set transform-set 50

# set security-association lifetime seconds 900

# exit

# int e0/0

# crypto map CMAP

VERIFY IPSEC VPN OPERATION

R1#sh crypto isakmp sa

dst src state conn-id slot status

No output! because no interesting traffic has been identified.

PING from R1 to R2... this will not give an output cos

the interesting traffic means, if should obey to the ACL 101

which traffic from 192.168.1.0 network to 3.0 network.

Generate interesting traffic

R1#ping (enter)

target IP 192.168.3.1

source 192.168.1.1

....

R1#sh crypto isakmp sa

dst src state conn-id slot status

10.2.2.1 10.1.1.1 QM_IDLE 1 0 ACTIVE

R1#sh crypto ipsec sa

interface: Ethernet0/0

    Crypto map tag: CMAP, local addr 10.1.1.1

   protected vrf: (none)

   local  ident (addr/mask/prot/port): (192.168.1.0/255.255.255.0/0/0)

   remote ident (addr/mask/prot/port): (192.168.3.0/255.255.255.0/0/0)

   current_peer 10.2.2.1 port 500

     PERMIT, flags={origin_is_acl,}

    #pkts encaps: 40, #pkts encrypt: 40, #pkts digest: 40

    #pkts decaps: 40, #pkts decrypt: 40, #pkts verify: 40

    #pkts compressed: 0, #pkts decompressed: 0

    #pkts not compressed: 0, #pkts compr. failed: 0

    #pkts not decompressed: 0, #pkts decompress failed: 0

    #send errors 1, #recv errors 0

     local crypto endpt.: 10.1.1.1, remote crypto endpt.: 10.2.2.1

     path mtu 1500, ip mtu 1500, ip mtu idb Ethernet0/0

     current outbound spi: 0xBBCDE611(3150833169)

     inbound esp sas:

      spi: 0x1608598B(369645963)

        transform: esp-256-aes esp-sha-hmac ,

        in use settings ={Tunnel, }

        conn id: 2001, flow_id: SW:1, crypto map: CMAP

        sa timing: remaining key lifetime (k/sec): (4563839/326)

        IV size: 16 bytes

        replay detection support: Y

        Status: ACTIVE

     inbound ah sas:

     inbound pcp sas:

     outbound esp sas:

      spi: 0xBBCDE611(3150833169)

        transform: esp-256-aes esp-sha-hmac ,

        in use settings ={Tunnel, }

        conn id: 2002, flow_id: SW:2, crypto map: CMAP

        sa timing: remaining key lifetime (k/sec): (4563839/325)

        IV size: 16 bytes

        replay detection support: Y

        Status: ACTIVE

     outbound ah sas:

How to install Cisco L2/L3 Switch in GNS3 and Build a Switching Lab

Windows 10

GNS3 1.3.2

VirtualBox

1. Install GNS3 IOU VM 1.3.2 (the same version which GNS3 GUI has) in VirtualBox.

Import the image file appliance. Use the default setting to import the file.

Start the GSN3 VM.

Error:

Click ''Çhange Network Settings" => Ok

Enter (gns3/cisco) to login.

Enter IP address in the URL and upload the required files to install L2/L3 switches.

Run the python script to generate the license key. 

Copy the Key and create an IOURC file.

Give the correct GNS3 VM name

Copy the file to the GNS3 VM location.

C:\Users\tech.laptop-cc1\VirtualBox VMs\GNS3 IOU VM

Add the GNS3 VM to GNS3 GUI.

Give the IOURC path.

Adding L2/L3 Switch

Give IOU image path

/home/gns3/GNS3/images/IOU/i86bi-linux-l2-adventerprise-15.1b.bin

Save.

Rockstar has officially announced the release of the Grand Theft Auto 6 computer game

GTA 6 is one of the most anticipated upcoming games to create the most hype in the gaming community. Although there is no official release date for this game yet, Rockstar recently released a Twitter message confirming that the GTA 6 will be released soon. But analysts say GTA 6 will be released next year between April 1, 2023 and March 31, 2024. With the official announcement of the upcoming release of GTA 6 by Rockstar, there has been a lot of talk in the PC Games community about whether the PC version will be released as soon as the console is released. However, it is not yet possible to give a correct answer on these matters.

This is due to the fact that the GTA 5, two major games recently released at GTA, were released to the console two years after the PC version was released in 2015 and the RDDR 2 was released to the PC almost two years after the 2018 release to the console. But with the advancement of the PC Games community today, it is to be hoped that the PC version will be released with the release of the GTA 6 console version on their influence.

Now you have a question about how long the game is being created based on. As this has been widely reported on the Internet, it is expected to be based on the GTA Vice City timeline of the 1980s or 1990s. But TOM HENDERSON, which has released some controversial information about Call Of Duty Vanguard and Battlefield 2042, the most trusted person in the game leaks, says the GTA 6's timeline will be similar to the current one. Considering the revelations made by TOM HENDERSON in the past and his connections, this information cannot be considered as mere leaks.

The top two most active GTA franchise titles at the moment are GTA V and GTA Online. TOM HENDERSON says that GTA 6 could be largely built around the Modern Timeline because it wants to go. He added that although GTA 6 was built on a modern timeline, GTA 6 could contain the GTA Vice City Map and provide this map as a DLC (downloadable content).

According to him, the entire map of GTA 6 will not be available with the launch of the same game and will be available in DLC format at any given time. According to TOM HENDERSON, the main characters in the game may include one black man and one woman, and this woman will do a great job using modern technology.

According to him, GTA 6 has a very complex story and a very high level of graphics. It is no secret that Rockstar is a company that launches quality games in the market, so it is safe to say that it will release a very high-quality game over time. According to some sources, the game will be released by the end of this year (2022) and will be released in the summer of 2023 or 2024 after improving the Bugs Test and Physical Details. In addition, according to some leaks, the GTA 6 will be released as an AAA game and will be priced at around $ 59. So, in our opinion, it's worth taking some time to release, but it's not too fast like Cyberpunk, it's worth optimizing things like Graphics, Physics, Ai, and contributing a good design to the gaming community.

Learn more about the best 13 privacy features of iOS ahead of Android

With the new Privacy Update on WhatsApp, many people are talking about this Privacy. This article is about the privacy changes that Apple has made to the iOS operating system. Apple has been passionate about privacy for many years. Apple believes that users who use their products, especially the iPhone, should have an understanding of how their data is used (Privacy and Data Transparency).

01. Sign in with Apple: You have seen options like Sign in with Google / Login with Facebook on many web sites and apps. But because it collects user email and other personal information, Apple provided this signing with the Apple facility. The special feature here is that you can use the Random Email Address provided by Apple instead of your Email Address. This will prevent annoying News Letters / Promotion / Ads from reaching your Email Address.

02. Location Usage Request: If an app accesses your geolocation, it allows the user to grant permission. The special feature here is the ability to enable the Location Service only when using the relevant service.

03. Clipboard Access Notification: You can see this notification every time you copy and paste something from another app and it will also give you a hint about if an app accesses your clipboard without notifying you. A number of popular apps, including Tiktok, embarrassed by this and were later removed.

04. Camera and Microphone Recent Usage: This will make the user aware of the apps that are using your camera and microphone. Upon accessing the Control Panel, the app shows the camera or microphone used.

05. Camera and Microphone Usage Indicator: When an app accesses your camera, a green mark is made and if the microphone is accessed, an orange sign is indicated near the signal bar. This allows you to block camera or microphone access without notifying you of an app.

06. Safari Privacy Report (Intelligent Tracking Prevention): This allows Safari Browser to track the activities that you visit on a particular website (Browser Activities) by other websites and how many Tracking Sites can be blocked. To do so, go to Safari Browser, tap on View Option [AA] in the Address Bar and go to Privacy Report. It allows you to see how many websites are tracking you.

07. Trust Your Device: You often use a charger to charge your iPhone, but sometimes you have to connect it to a computer and charge it. But when you connect your iPhone to a guest computer, even if the phone is unlocked, asking for your passcode again will prevent you from unknowingly transferring data.

08. Private Address in WIFI: Normally when you join a WIFI network your device will share a unique identification number called MAC Address to the network and it will always be one. This allows you to easily track your device, and this private address on iOS uses a different MAC address on different networks, blocking you from being tracked. (Settings -> WIFI -> Connected SSID (WIFI Name) -> Info -> Private Address)

09. Precise Location: If you do not want to give your location to an app, you can stop it by going to Settings> Privacy> Location Service App Name> Precise Location. This gives the app only the approximate location you have.10. Local Network If an app communicates with a device on your local network, that is, on the WIFI network, the permission for that is stated here. This will allow an app to control the hardware on the local network without your control.

Settings> Privacy> Location Service App Name> Precise Location

10. Selected Photos: This feature may make it difficult for you to use the app that works with Photos after you update to iOS 14. What happens here is that instead of giving full access to your image gallery, only the photos you have selected will be allowed to access the relevant app.

11. App Usage and Analytics: This allows developers to limit the sharing of errors and usage patterns (crash data and analytics) that may occur when using an app.

Settings -> Privacy -> Analytics & Improvement -> Share with App Developers

12. Quick Disable FaceID / TouchID: This is also a very small but important safety feature. If at some point someone tries to unlock your phone by forcibly pointing it at your finger or face, this can thwart that attempt. What happens here is that by pressing power + volume up you will be taken to the Shutdown screen and the passcode will be prompted when unlocking again.

13. Control Third Party Keyboard Access: Third-party keyboards sometimes have more features than stock keyboards. But if they get what you type, they have the opportunity to control it. (Often this data is used by developers to improve features such as Auto-Correction / Auto Suggestion) But if you do not wish to provide such data, this will allow you to limit it.

Settings -> General -> Keyboard -> Select Third Party Keyboard -> Disable Allow Full Access

Smart Wireless room 2022 with Xiaomi, charge everything via wireless even at a distance of several meters

Xiaomi. unveiled its latest wireless charging technology, Mi Air Charge Technology.

They point out that with this technology it is possible to charge several devices simultaneously, giving 5W of power to one device even at a distance of several meters.

What makes it special is that you do not have to touch the device on the wireless charger as is currently the case with wireless charging systems, and can charge even a mobile phone while playing a game or walking within the relevant range. Exists.

It also has the ability to charge speakers, lamps, and other smart home devices from things like smartwatches and fitness bands, allowing you to keep almost all the technical devices in-room wireless.

Developed by Xiaomi, the device has five-phase antennas that track the location of the devices needed to charge it, and with the help of the information obtained, another 144 antennas are used to direct millimeter-wide waves to the device.

For the mobile phone or charging device, two types of antennas have been created, a beacon antenna array that uses less power and a receiving antenna array, which is an array of 14 antennas, to exchange information about the location of the device.

The millimeter wave signals received through this receiving antenna array are converted back into electricity through the charging file contained here and the ability to charge the relevant device.

However, a representative of Xiaomi confirmed in a statement to The Verge that a commercial product featuring the technology will not be released this year.

All about NAT/PAT/DYNAMIC Translations

NAT CONFIGURATION

 

 

R3=> enabling the router as a WEB server.

# ip http server 

10.10.10.10

Open up a web browser and can log to web http://20.0.0.248 to load the webpage.

All have connectivity. An example can ping from 10 networks to 20 networks.

 

STATIC NAT >>

Here we use the COMPANY router.

 

 

Reference to the COMPANY ROUTER

# int f0/0

# ip nat inside

 

# int s0/0

# ip nat outside

 

Now applying the NAT

# ip nat inside source static 20.0.0.248 209.165.100.30

(here we use the 248 as the local WEB SERVER IP and it will match to the public IP .31)

TEST from the web

 

 

Let's try with port 80

INSTEAD, we can use the port like this to web

R2(config)#ip nat inside source static tcp 10.0.0.248 80 209.165.100.30 80

 

This is port address translation

 

Now let's see NAT overload translation aka PAT - here local PC IP addresses are translated!!!!

R2(config)#access-list 10 permit 20.0.0.0 0.0.0.255

R2(config)#ip nat inside source list 10 interface g1/0 overload

PING from PC2 to PC1

Okay!!!!!

 

 

Change the PC2 IP into .101

 

NICE!!!! the NAT translation working and it is awesome!!!!

 

But the PC1 side still has PRIVATE IP which is 10 network. Let's make it to PUBLIC!!!!

 

TO do that when the traffic is coming from the R2,, the NAT has to be happening at the R1….

 

DYNAMIC NAT POOl --->

 

R1(config)#int g1/0

R1(config-if)#ip nat outside

R1(config-if)#exit

 

R1(config)#int f0/0

R1(config-if)#ip nat inside

 

R1(config)#access-list 1 permit 10.10.10.0 0.0.0.255

 

 

ip nat pool MYPOOL 209.165.100.25 209.165.100.28 netmask 255.255.255.240

ip nat inside source list 1 pool MYPOOL overload

 

Check IP subnetting > https://www.adminsub.net/ipv4-subnet-calculator/209.165.100.30/28 to create the IP POOL

 

Now try to go web 209.165.100.30 from local PC

 

 

See NAT translation is happening really well..

 

 

ALL GOOD!!!!

 

Summary!!!!!!

 

 

 

 

 

 

Should be configured the interface as it is inside or outside

Let's Consider R2 router

# int g1/0

# ip nat outside

 

# int f0/0

# ip nat inside

 

STATIC 1to1 # ip nat inside source static 20.0.0.248 209.165.100.30

PORT ADD # ip nat inside source static tcp 20.0.0.248 80 209.165.100.30 80

Translation

1to1

PAT # access-list   10   permit   20.0.0.0   0.0.0.255

# ip nat inside source list 10 int g1/0 overload

# show ip nat translation

 

 

Dynamic # access-list   10   permit  10.10.10.0   0.0.0.255

# ip nat pool MYPOOL 209.165.100.25 209.165.100.28 network 255.255.255.248

# ip nat inside source list 10 pool MYP overload

 

 

# ip nat inside source static 20.0.0.248 209.165.100.30 (STATIC)

# ip nat inside source static tcp 20.0.0.248 80 209.165.100.30 80 (PORT)

 

# ip nat inside source list 10 interface g1/0 overload (PAT)

 

# ip nat pool MYPOOL 209.165.100.25 209.165.100.28 netmask 255.255.255.24

# ip nat inside source list 10 pool MYPOOL overload (DYNAMIC)

 

# access-list 10 permit 20.0.0.0 0.0.0.255

 

ALL DONE!!! NAT!!! CHEERS!!!!