Cisco’s Talos cyber intelligence unit have discovered an advanced piece of IoT botnet malware, dubbed VPNFilter, that has been designed with versatile capabilities to gather intelligence, interfere with internet communications, as well as conduct destructive cyber attack operations. —Swati Khandelwal @The Hacker News
The public cloud, like Internet service and Internet hosting, is a rich person’s game. If you can’t pony up billions of dollars for infrastructure design, manufacturing, and installation each quarter, then you probably are not going to get the kind of low infrastructure costs that AWS, Google, Microsoft, IBM, and Alibaba can, and therefore you are going to be priced out of the infrastructure cloud. —Timothy Prickett Morgan @The Next Platform
Network operators are intrigued by the concept open optical systems, whereby they can assemble an optical network by piecing together parts from various vendors. They are encouraged by concepts like disaggregated transponder boxes for DCI applications, an Open ROADM MSA, and the Telecom Infra Project Voyager white box initiative. While there is undoubtedly increasing interest in the open model, the question is how far can and should this model be pushed. —Jonathan Homa @ECI
IoT and the much anticipated 5G takeover, as well as several other data-related advances, hinge on greater network efficiencies—that is, speed. Real-time processing and streamlined data pathways are vital to seeing these next-generation technologies take hold. —Bob DeSantis @Data Center Journal
Congestion control has proven to be one of the hardest problems to solve in packet based networks. The “easy” way to solve this problem is with admission control, but this “easy” solution is actually quit deceptive; creating the algrorithms and centralized control to manage admission control is much more difficult than it seems. This is why many circuit switched networks just use some form of Time Division Multiplexing (TDM), giving each device connected to the network a single “slot,” and filling empty slots with idle frames, ultimately throwing bandwidth away in the name of simpler computation of fairness.
The problem space has, however, attracted a lot of research. In this post, I’ll be looking at one such effort, a research paper published in the October 2016 edition of ACM Queue describing a system called BBR, a congestion-based congestion control system. At the heart of this system is the concept of the bottleneck link, or bottleneck in the path, which is the lowest bandwidth, highest delay, or perhaps the most congested link in the path between two hosts. The authors use the following figure to describe the current operational point of most congestion control systems, and then the optimal point of Continue reading
It’s been six years since World IPv6 Launch day on the 6th June 2012. In those six years we’ve managed to place ever increasing pressure on the dwindling pools of available IPv4 addresses, but we have still been unable to complete the transition to an all-IPv6 Internet. —Geoff Huston @Potaroo
A newly-uncovered form of DDoS attack takes advantage of a well-known, yet still exploitable, security vulnerability in the Universal Plug and Play (UPnP) networking protocol to allow attackers to bypass common methods for detecting their actions. —Danny Palmer @ZDNet
Today, that’s coming in the form of imperceptible musical signals that can be used to take control of smart devices like Amazon’s Alexa or Apple’s Siri to unlock doors, send money, or any of the other things that we give these wicked machines the authority to do. That’s according to a New York Times report, which says researchers in China and the United States have proven that they’re able to “send hidden commands” to smart devices that are “undetectable to the human ear” simply by playing music. —Sam Barsanti @AVI News
First, we investigated the QUIC-capable infrastructure in IPv4 on its common UDP port 443, from which we built a ZMap module to rapidly enumerate QUIC hosts. We exercised QUIC’s version negotiation feature within our module, which yields QUIC support as well as the supported QUIC versions. —Jan Rüth @APNIC
We often treat security as an absolute, “that which must be done, and done perfectly, or is of no value at all.” It’s time to take this myth head on, and think about how we should really think about security.
Many enterprises monitor their networks using passive measurements techniques such as NetFlow. Although monitoring functions on routers or middleboxes can be convenient from a deployment viewpoint, they miss a lot of information about the performance of the network as they need to infer the state of each connection. —Olivier Tilmans @APNIC
In medical treatment there is a concept of an “adjuvant” — an agent that enhances the effect of other agents. It’s not the cure, but it helps the cure be more effective. Adjuvants are added to medicines to enhance their responses and lengthen their effect. We can use this same concept for security work —Raymond Pompon @Dark Reading
In this edition of the Network Collective, Eyvonne, Jordan, and I talk about where the ‘cast has been, and share some thoughts on where it is going. While we like technology as much as anyone else, the NC is really all about community.
In particular, we discuss the upcoming subscription service. We have a lot of new, exciting, material being recorded around the skills needed to be a better engineer exclusively for the subscription service. For instance, we’ve started a series on communication that does not take the standard line, but looks at how to communicate from the perspective of our experience in living on every possible side of the network engineering world, and developing and delivering every possible kind of content. And we have our first Q&A guest lined up, as well as a lot of fantastic material from Rachel Traylor already being recorded. This is going to be fantastic material, designed to push your career forward in a way that includes technology, but goes beyond technical skills, as well.