Author Archives: Russ
Author Archives: Russ
In this short take, recently posted over at the Network Collective, I discuss what a side channel attack is, and why they are important.
Cisco has always bragged that it doesn’t play in markets where it doesn’t command a 65 percent market share and a 65 percent operating margin, but you won’t hear the new top brass at Cisco saying that. The reason is simple: That ain’t ever gonna happen again. —Timothy Prickett Morgan @The Next Platform
Low latency is coming to a network near you. In fact, it’s probably coming to your network, whether or not you realize it.
While bandwidth has always been the primary measure of a network, and cross sectional or non-contending bandwidth for data center fabrics, further research and reflection has taught large scale network operators that latency is actually much more of a killer for application performance than lack of bandwidth—and not only latency, but its close cousin, jitter. Why is this?
To understand, it is useful to return to an example given by Tanenbaum in his book Computer Networks. He includes a humorous example of calculating the bandwidth of a station wagon full of VHS tapes, with each tape containing the maximum amount of data possible. For those young folks out there who didn’t understand a single word in that last sentence, think of an overnight delivery box from your favorite shipping service. Now stuff the box full of high density solid state storage of some kind, and ship it. You can calculate the bandwidth of the box by multiplying the number of devices you can stuff in there by the capacity of each device, and then dividing by roughly Continue reading
The internet is the ultimate software-based network, consisting of a relatively simple core layer connecting billions of fully programmable computers at the edge. Software is simply the encoding of human thought, and as such has an almost unbounded design space. —Chris Dixon @Medium
It’s been a busy few weeks in cybercrime news, justifying updates to a couple of cases we’ve been following closely at KrebsOnSecurity. In Ukraine, the alleged ringleader of the Avalanche malware spam botnet was arrested after eluding authorities in the wake of a global cybercrime crackdown there in 2016. @Krebs on Security
Reflection amplification is a technique that allows cyber attackers to both magnify the amount of malicious traffic they can generate, and obfuscate the sources of that attack traffic. For the past five years, this combination has been irresistible to attackers, and for good reason. —Carlos Morales @Arbor
For years, we’ve been pioneering the use of DNS to enforce security. We recognized that DNS was often a blind spot for organizations and that using DNS to enforce security was both practical and effective. Why? Because DNS isn’t optional. It’s foundational to how the internet works and and is used by every single device that connects to the network. If you’re considering using DNS for security, it’s important to understand the facts so you can combat the fiction. —Kevin Rollinson @Cisco
I was asked by a reader to add categories and links for videos; I actually added three new categories, one for short videos, another for long videos, and a third for written posts. You can find these under the bottom menu item on the left. I am having a problem with the menu not showing up correctly, so I move the resources under the third menu item, as well.
Finally, I added a new archive page, which shows you all the posts in the “left” category across the three years this blog has been “in production.” I couldn’t figure out how to narrow things down so pictures and other stuff are not included, so there is more on the page than needed right now, but it’s a start.
On this episode of the Network Collective, we’re chatting with Miguel Villareal and Scott Wheeler about cloud connectivity.
…we developed a project to identify IPv4 addresses shared simultaneously by many users — we call such addresses ‘gateway’ addresses— and understand the nature of the shared address, that is if they are being used as a company/campus proxy, a CGN, or public hotspot. —Ramakrishna Padmanabhan @APNIC
On this episode of the History of Networking, we talk to Alia Atlas about the history of fast reroute and Maximally Redundant Trees (MRTs). Remember to send in your suggestions for guests and technologies.
On a recent history of networking episode, Alia talked a little about Maximally Redundant Trees (MRTs), and the concept of Depth First Search (DFS) numbering, along with the idea of a low point. While low points are quickly explained in my new book in the context of MRTs, I thought it worthwhile to revisit the concept in a blog post. Take a look at the following network:
On the left side is a small network with the nodes (think of these as routers) being labeled from A through G. On the right side is the same network, only each node has been numbered by traversing the graph, starting at A. This process, in a network, would either require some device which knows about every node and edge (link) in the network, or it would require a distributed algorithm that “walks” the network from one node to another, numbering each node as it is touched, and skipping any node that has already been visited (again, for more details on this, please see the book).
Once this numbering has been done, the numbers now produce this interesting property: if you remove the parent of any node, and the node can still reach Continue reading