NetworkingNexus.net

2016 in review: The year in Android

Android is in a very different place than it was when 2016 began. While the last 12 months were filled with much of the usual pomp and circumstance surrounding the release of new handsets, connected gadgets, and OS refreshes, the state of Android has never been more promising or less predictable. Google stepped out from behind the curtain and into the spotlight. Headsets took over smartwatches as the trend of the moment. And Samsung’s phablet woes opened the door for smaller players to make big gains.Through it all, one thing was constant: Android’s dominance. Throughout 2016’s wild ride, the mighty platform continued its reign, extending its penetration to a near-90 percent of the global market, and all but ending the OS wars once and for all. And somehow it still seems like Android is still just getting its feet wet. So before we step into what’s shaping up to be an exciting 2017 for Android, let’s take a look at everything that made this year so memorable:To read this article in full or to leave a comment, please click here

Outsourcing trends to watch in 2017

This year, we saw outsourcing integration challenges multiply, production workloads and enterprise systems hit the cloud, and security hit the top of the agenda.So what’s ahead for 2017? Uncertainty for one thing. Industry watchers expect a number of shifts in the IT and business process services space — not least of which will be the initiation of more flexible outsourcing terms as the world watches and waits to see what happens once president elect Donald Trump takes office and Brexit takes hold.[ Related: Trump presidency could sound death knell for offshore outsourcing ]To read this article in full or to leave a comment, please click here

Tech outages of 2016 and how to prevent them in 2017

DowntimeImage by Thinkstock2016 has seen major downtime events lead to lost revenue for a number of highly-recognizable brands and caused a severe knock to their reputation and consumer confidence. One of the most common causes of outages is unplanned configuration changes to a system, often when an immediate fix for a bug or potential system vulnerability unintentionally creates a much larger problem.To read this article in full or to leave a comment, please click here

Tech outages of 2016 and how to prevent them in 2017

Enable Source-Specific Multicast in Iperf

How Does Internet Work - We know what is networking

I was preparing lab environment to test configuration of Source-Specific Multicast on Juniper SRX Equipment and needed a tool to generate and measure Source-Specific Multicast streams. I was aware that Iperf is a good enough tool to generate and measure multicast and unicast traffic but support for SSM was missing from current version. Fortunately there are always some developers which are interested in networking so one of them developed a special Iperf version 2.0.5 with SSM support. The idea here is to show how to make this version of Iperf work on your Cent OS or similar Linux machine. Here

Enable Source-Specific Multicast in Iperf

OpenBSD on the Sixth Generation Intel NUC

I recently decided it would be fun to upgrade the hardware on my main OpenBSD machine at home (because, you know, geek). These Intel NUC machines are pretty interesting. They are pretty powerful, support a decent amount of RAM, certain models support internal storage, and they are very low power and low noise. Perfect for a machine that is a shell/email/development box.

The model I chose is the NUC6i3SYH.

Core i3 processor (because my machine is not at all CPU bound)
Very low power consumption (15W)
Supports a 2.5″ SSD

OpenBSD 6.0 boots with the GENERIC kernel; no tuning or tweaking required. Full dmesg is at the end of this post. Hightlights of the hardware include:

Wired network: Intel I219-V using the em(4) driver
Wireless network: Intel Dual Band Wireless AC 8260 using the iwm(4) driver (no support for 802.11ac in OpenBSD at the time of this writing so it’s 802.11n only)
Dual-core CPU with hyperthreading (be sure to boot GENERIC.MP)

The kernel recognizes the Intel SpeedStep capabilities of the CPU and will adjust the CPU’s clock speed as needed (further keeping the power consumption of the machine at a very Continue reading

Some notes on IoCs

Obama "sanctioned" Russia today for those DNC/election hacks, kicking out 35 diplomats, closing diplomatic compounds, seizing assets of named individuals/groups. They also published "IoCs" of those attacks, fingerprints/signatures that point back to the attackers, like virus patterns, file hashes, and IP addresses.

These IoCs are of low quality. They are published as a political tool, to prove they have evidence pointing to Russia. They have limited utility to defenders, or those publicly analyzing attacks.

Consider the Yara rule included in US-CERT's "GRIZZLY STEPPE" announcement:

What is this? What does this mean? What do I do with this information?

It's a YARA rule. YARA is a tool ostensibly for malware researchers, to quickly classify files. It's not really an anti-virus product designed to prevent or detect an intrusion/infection, but to analyze an intrusion/infection afterward -- such as attributing the attack. Signatures like this will identify a well-known file found on infected/hacked systems.

What this YARA rule detects is, as the name suggests, the "PAS TOOL WEB KIT", a web shell tool that's popular among Russia/Ukraine hackers. If you google "PAS TOOL PHP WEB KIT", the second result points to the tool in question. You can download a copy here Continue reading

Laying the Foundation for a Conforming Network with Big Cloud Fabric

Technology Short Take #75

Welcome to Technology Short Take #75, the final Technology Short Take for 2016. Fortunately, it’s not the final Technology Short Take ever, as I’ll be back in 2017 with more content. Until then, here’s some data center-related articles and links for your enjoyment.

Networking

Ajay Chenampara has some observations about running Ansible at scale against network devices.
Andrey Khomyakov shares some information on automating the setup of whitebox switches running Cumulus Linux in part 2 of this series on learning network automation.
Russell Bryant has shared the results of some testing comparing ML2+OVS and OVN as backends for OpenStack networking. As Russell indicates in his post, some additional analysis is needed to truly understand what’s happening, but early looks at the results of his tests show performance improvements in OVN versus ML2+OVS when it comes to total time required to boot a VM.
Ivan Pepelnjak shares a Python script that creates Ansible inventory from Vagrant’s SSH configuration. Handy.

Servers/Hardware

Nothing this time around!

Security

James Green shares some information on Docker Bench, a tool designed to help secure Docker environments.
Via Mike Foley, the community now has a new resource to help educate on VM escapes.
Gordon Turner Continue reading

A Broken Process Placing Consumers at Risk

Below is a chat session I had with Pearson Vue several months ago as I attempted to schedule a recertification exam. Apparently, I have two accounts with them and that prevents next day test scheduling. To put it mildly, I don’t think they adequately explain how they could possibly guarantee non-disclosure of data with email as a transport. Moreover, this seems to indicate a serious disconnect between security and business operations.

Screen Shot 2016-04-07 at 2.00.18 PM

Image Link – for FULL Size View

I’m not going to explain the problems with this, PacketU readers understand why email is not [in and of itself] a secure method for file transport. When I experience an exchange like this, I see how segregated business practices can be and what a negative impact it can have from an information security perspective. Its not a matter of if, but a matter of when, bad things will happen as a result of not taking security seriously.

—

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.

No related content found.

The post A Broken Process Placing Consumers at Risk appeared Continue reading

The US has sanctioned Russia over election hacking

The U.S. government has sanctioned Russia's main two intelligence agencies, four military intelligence officers and is kicking out 35 Russian diplomats over what it says was aggressive harassment of U.S. officials and cyber operations around the 2016 presidential election. The move follows up on a pledge made by President Obama to retaliate against Russia for hacks of the Democratic National Committee and other political targets. The U.S. also released a detailed assessment by the Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) of the cyber attacks.To read this article in full or to leave a comment, please click here

The US has sanctioned Russia over election hacking

APM Startup AppDynamics Files for IPO

The APM unicorn seems likely to carry high expectations.

New year’s resolution for IoT vendors: Start treating LANs as hostile

In November, researchers from cybersecurity firm Invincea reported a vulnerability that could have allowed hackers to infect Belkin WeMo smart plugs with malware. The flaw was located in a configuration protocol that worked over the local area network and didn't require any authentication.In 2015, when researchers from vulnerability intelligence firm Rapid7 analyzed nine Internet-connected baby monitors, they found hardcoded credentials in four of them. Those backdoor accounts provided administrative access to the devices over the local network.To read this article in full or to leave a comment, please click here

New year’s resolution for IoT vendors: Start treating LANs as hostile

It’s 2017 and changing other people’s flight bookings is incredibly easy

The travel booking systems used by millions of people every day are woefully insecure and lack modern authentication methods. This allows attackers to easily modify other people's reservations, cancel their flights and even use the refunds to book tickets for themselves, according a team of researchers who analyzed this online ecosystem. Karsten Nohl and Nemanja Nikodijevic from Berlin-based consultancy Security Research Labs have spent months investigating the security employed by the Global Distribution Systems (GDSs) that are used by travel agencies, airlines, hotels and car rental companies. They presented their findings Tuesday at the 33rd Chaos Communications Congress in Hamburg.To read this article in full or to leave a comment, please click here

It’s 2017 and changing other people’s flight bookings is incredibly easy

brvirt: when brctl meets virsh

Hypervisors diversity is definitely one of the benefits of having Nuage managing your next-generation network. That means that we, as Nuage engineers, have to play with all kinds of hypervisors — like KVM, ESXi and Hyper-V to be more precise. As to me, I love to work with KVM most, simply because it gives you that feel that you

« Previous 1 … 2,202 2,203 2,204 2,205 2,206 … 3,616 Next »

2016 in review: The year in Android

Outsourcing trends to watch in 2017

Tech outages of 2016 and how to prevent them in 2017

Tech outages of 2016 and how to prevent them in 2017

Enable Source-Specific Multicast in Iperf

OpenBSD on the Sixth Generation Intel NUC

Some notes on IoCs

Laying the Foundation for a Conforming Network with Big Cloud Fabric

Technology Short Take #75

Networking

Servers/Hardware

Security

A Broken Process Placing Consumers at Risk

Disclaimer: This article includes the independent thoughts, opinions, commentary or technical detail of Paul Stewart. This may or may does not reflect the position of past, present or future employers.

The US has sanctioned Russia over election hacking

The US has sanctioned Russia over election hacking

APM Startup AppDynamics Files for IPO

New year’s resolution for IoT vendors: Start treating LANs as hostile

New year’s resolution for IoT vendors: Start treating LANs as hostile

New year’s resolution for IoT vendors: Start treating LANs as hostile

It’s 2017 and changing other people’s flight bookings is incredibly easy

It’s 2017 and changing other people’s flight bookings is incredibly easy

Top Docker content of 2016

Releases

Windows Containers

About Docker

brvirt: when brctl meets virsh