As venture capital firm DP Fox began to migrate its business-critical applications to the cloud it needed a connectivity service that could keep up with its growing portfolio.
It's been a while since we last wrote about Layer 3/4 DDoS attacks on this blog. This is a good news - we've been quietly handling the daily onslaught of DDoS attacks. Since our last write-up, a handful of interesting L3/4 attacks have happened. Let's review them.
It was a notable event for a couple of reasons.
First, it was really large. Previously, we've seen only amplification / reflection attacks at terabit scale. In those cases, the attacker doesn't actually have too much capacity. They need to bounce the traffic off other servers to generate a substantial load. This is different from typical "direct" style attacks, like SYN floods. In the SYN flood mentioned by John, all 942Gbps were coming directly from attacker-controlled machines.
Secondly, this attack was truly distributed. Normal SYN floods come from a small number of geographical locations. This one, was all over the globe, hitting all Cloudflare data centers:
Thirdly, the attack seem to be partially spoofed. While our analysis was not conclusive, we saw random, spoofed source IP addresses in the largest internet exchanges. The above Hilbert curve shows the source IP Continue reading
This blog post was initially sent to subscribers of my SDN and Network Automation mailing list. Subscribe here.Read more ...
Today marks the 100th anniversary of the armistice that ended the first World War. The 1918 ceasefire re-introduced a fragile peace that had collapsed when the world failed to defend common rules and international cooperation. International security and stability are as important now as they were a century ago.
That’s why French President Emmanuel Macron and leaders from around the world are about to gather in Paris for the first Paris Peace Forum. The forum will attempt to pave a way forward for a world that is shifting and changing faster than most of us can keep up with. That change and shift, and the speed of it is enabled by the Internet.
That is why the Internet Society is participating in the Forum.
I will be in Paris to speak on a panel about creating peace in cyberspace. Cybersecurity concerns across the world are real and justified and need to be addressed. We believe that the collaborative approach that helped to drive the growth of the Internet and allows it to thrive is essential for establishing cybersecurity.
The essence of a collaborative approach is that it allows stakeholders to create a shared vision for security.
The Shared Vision
At the Continue reading
The Netherlands-based startup provides device visibility, continuous network monitoring, and threat and anomaly detection specific to operational technology and industrial environments.
While Cisco adds Kubernetes support across its portfolio, other vendors like VMware and IBM recently bought companies to boost their container cred.
In my previous blog (Fun in the Lab: FTDv & FMC – Install and Deploy) we deployed a FMC VM and a FTDv VM and ended the blog with the FTDv successfully added to the FMC.
Now? Now let’s add IP addressing for the FTDv and also set up routing protocol neighbor relationships. I learned what I am about to show you from my co-worker and friend, Keith Brister. So don’t thank me, thank Keith.
I tossed together a ~29 minute YouTube. Obviously you can watch the entire thing. Or… here you go for the big sections.
Done and Done. Easy Peasy!
This new Research Brief from AvidThink delves into the evolution of the mobile network and explores new threats.
This is my Stealthwatch playground…. errrr… I mean … ahem… “work environment” for a Technical Solution Workshop I am working on for Stealthwatch.
Going to set up FTDv and FMC today. A co-worker and friend, Scott Barasch, helped me get jump started… so figure I’ll pass on what I just learned to you.
What this blog will cover is
So let’s begin. What I have to host my FMC & FTDv VMs is a UCS M4 with a NIC connected to a Cat4948 in vlan 1. That NIC is tied to vSwitch0 in the UCS. Continue reading
The virtualization giant updated its hybrid cloud stack with new Kubernetes support and also announced a new integration with IBM Cloud’s managed Kubernetes service.
Broadcom took over Veracode as part of its $18.9 billion purchase of CA Technologies, which it completed this week. CA bought Veracode in 2017.
It's no surprise that groups representing wireless workers claim the merger will cost American jobs. But connecting T-Mobile and Sprint to possible security risks related to China is a new angle that could have an impact on the deal.
The two acquisitions will boost the company's mobile and enterprise credentials, particularly with regard to Active Directory and mobile application security.
The security of the global Default Free Zone DFZ) has been a topic of much debate and concern for the last twenty years (or more). Two recent papers have brought this issue to the surface once again—it is worth looking at what these two papers add to the mix of what is known, and what solutions might be available. The first of these—
Demchak, Chris, and Yuval Shavitt. 2018. “China’s Maxim – Leave No Access Point Unexploited: The Hidden Story of China Telecom’s BGP Hijacking.” Military Cyber Affairs 3 (1). https://doi.org/10.5038/2378-07126.96.36.1990.
—traces the impact of Chinese “state actor” effects on BGP routing in recent years. Whether these are actual attacks, or mistakes from human error for various reasons generally cannot be known, but the potential, at least, for serious damage to companies and institutions relying on the DFZ is hard to overestimate. This paper lays out the basic problem, and the works through a number of BGP hijacks in recent years, showing how they misdirected traffic in ways that could have facilitated attacks, whether by mistake or intentionally. For instance, quoting from the paper—
Execs didn’t say which competitors Fortinet’s security products displaced, but it competes against companies including Palo Alto Networks, Check Point Software, and Cisco.
National-security experts have been warning of terrorist cyberattacks for 15 years. Why hasn’t one happened yet?As a pen-tester who has broken into power grids and found 0dayss in control center systems, I thought I'd write up some comments.
Cisco developed a four-step model for IT operations maturity showing where organizations are now and where they would like to be in two years.
To understand where next-gen communications will be tomorrow, look to the 5G trials of today.