Russ

Author Archives: Russ

Live Webinar: How Routers Really Work

This Friday (the 12th) I’m presenting a live webinar on How Routers Really Work over at Pearson. From the description:

This training will peer into the internal components of a router, starting with an explanation of how a router switches packets. This walk through of a switching path, in turn, will be used as a foundation for explaining the components of a router, including the various tables used to build forwarding tables and the software components used to build these tables.

Please join me by registering here.

I’ve changed just a few of the slides from the last time I gave this talk and reordered some things.

Weekend Reads 110521


From Facebook to LinkedIn to Indeed, ads are popping up that promise well-paying jobs — if applicants provide their Social Security numbers and other details up front. Scammers then use the information to apply for unemployment benefits.


The coronavirus pandemic giveth to Amazon retail business and its Amazon Web Services cloud business, and the pandemic taketh away from the Amazon retail business.


Companies should recognize that collaboration platforms aren’t isolated, secure channels where traditional threats don’t exist.


The Federal Aviation Administration said on Tuesday it had issued a special information bulletin alerting manufacturers, operators, and pilots that action may be needed to address potential interference with sensitive aircraft electronics caused by the use of 5G telecommunications technology.


The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a lure about a wayward package that needs redelivery.


If not handled in time, the attacks can lead to IP reputation loss and blocklisting, causing severe and expensive damage to companies, but a few precautionary steps can help keep the threats at bay.


The following resources and tutorials will enhance your understanding of container network security and help you get started.


With Continue reading

Hedge 107: Career Advice with Terry Slattery

Whether you’re just starting in your technology career, or you’re an old hand who likes to go back to basics and understand how to move forward in your career, this episode of the Hedge is for you. Terry Slattery joins Tom Ammon and Russ White to discuss the things you can do to build a successful career as in the world of network engineering.

download

Weekend Reads 102921


If your organization includes Android devices as part of its bring-your-own-device (BYOD) policy or uses embedded systems, then a recent root expiration for Let’s Encrypt digital certificates may potentially place your organization at risk.


In a threat hunting approach, when we find some malicious file, binary, or a program, we need to collect the artifacts from them and search within our whole environment to find any possible traces of malicious activity.


In other words, how to fool advanced threat detection systems, past the all-seeing eye of which, according to marketers, no extra byte can slip through. I am talking about systems that use big data analytics as one of the main tools for detecting suspicious activity like SIEM and XDR.


Intel Corp. and Alphabet Inc.’s Google Cloud on Wednesday said they have worked together to create a new category of chip that Intel hopes will become a major seller in the booming cloud computing market.


Attacks involving SEO poisoning — where adversaries artificially increase the search engine ranking of websites hosting their malware to lure potential victims — are on the rise.


The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance Continue reading

Master Class: Resilience in Large-Scale Fabrics

In the aftermath of a major network outage, the natural reaction of most network engineers is to find some way to avoid all future outages—regardless of the cost. The first line of defense against is future outages is redundancy, whether in the form of additional parallel links, new routers, new firewalls, new … whatever, so long as there is more of it so packets have more paths to make it from source to destination.

Please join me for this live webinar.

Controversial Reads 102221


Mark Zuckerberg, unlike Einstein, did not dream up Facebook out of a sense of moral duty, or a zeal for world peace. This summer, the population of Zuckerberg’s supranational regime reached 2.9 billion monthly active users, more humans than live in the world’s two most populous nations—China and India—combined.


The greatest risk of monopolies is that they’ll obstruct the ideas that will make our homes truly smart. Our “Jetsons” future is on the line.


Given these concerns, it seems especially bizarre that Amazon was willing to reference the price of competing smart thermostats sold via its platform during the launch. Its smart thermostat is “less than half the average cost of a smart thermostat sold on Amazon.com,” the company’s senior vice president of devices and services, Dave Limp, said.


Apple’s co-founder changed how we view tech. A decade after his death, we’ve changed how we view the tech industry, too.


The U.S. government is secretly ordering Google to provide data on anyone typing in certain search terms, an accidentally unsealed court document shows. There are fears such “keyword warrants” threaten to implicate innocent Web users in serious crimes and are more common than previously thought.


There are Continue reading

Weekend Reads 102121


A recent phishing campaign targeting Coinbase users shows thieves are getting smarter about phishing one-time passwords (OTPs) needed to complete the login process.


What does it mean to cloud-connect the network? Simply put, it means connecting network equipment to the cloud and collecting telemetry, but this simple idea has far-reaching benefits that can up level the support experience for customers and vendors.


This post will focus on a key part of DNSSEC infrastructure — Root KSK ceremonies. These ceremonies exist to provide transparency to the Internet community around the creation, use, and storage of the Root KSK.


Despite 60% surge in dangerous third-party domain registrations, domain security is an underutilized security component to curb phishing and related ransomware attacks.


The term “code debt” in computer programming refers to the idea that certain decisions in writing computer code will lead to future consequences which have to be dealt with.


Before you give in to your impulses and wipe your screen with whatever you have at hand, let us stop you right there. Your display is way more delicate than you think, and if you want it to last you a long time in optimal conditions, you’ll need to treat it with Continue reading

Hedge 105: Johan Gustawsson and Changing Provider Architectures

Many service providers have the feeling that they “didn’t do anything wrong, but somehow we still lost.” How are providers reacting to the massive changes in the networking field, and how are they trying to regain their footing so they can move into the coming decades better positioned to compete? Join Johan Gustawsson, Tom Ammon, and Russ White as we discuss the impact of merchant silicon and changing applications on the architecture of service providers.

download

You can read Johan’s post on this topic here.

Weekend Reads 101521


Russia is the source of the lion’s share of nation-state cyberattacks Microsoft has observed in the past year (58%), followed by North Korea (23%), Iran (11%), China (8%), and South Korea, Vietnam, and Turkey all with less than 1% representation, a new pool of data reveals.


Equinix has been testing the use of liquid cooling in its data centers, and hopes to use the technology in its Equinix Metal service to create a high-density, energy efficient computing platform.


As a rule, the English term “computer” and the equivalent German term “Rechner” describe calculating machines. But until the middle of the 20th century, computers were, in fact, humans who performed calculations.


The job-killing robots are almost at the door, we are told, mere moments away from replacing the last traces of human inefficiency and heralding the dawn of a world without work.


The technological breakthroughs and intelligence superiority of the Israel Defense Force’s Unit 8200 position it, and Israel, as a world leader, at the same level as the United States, Russia, or China.


New PCIe 6.0 technology is in the works, and according to nonprofit electronics industry consortium PCI-SIG, it’s in the final draft stages.


Recently I was asked Continue reading

Hedge 104: Automation with David Gee

Automation is often put forward as the answer to all our problems—but without a map, how can we be certain we are moving in the right direction? David Gee joins Tom Ammon and Russ White on this episode of the Hedge to talk about automata without a map. Where did we come from, what are we doing with automation right now, and what do we need to do to map out a truly better future?

download

Live Stream: The Journey to Architect

On Thursday the 19th of October at 1PM ET, I’ll be joining Keith Bogart for the em>INE Live live stream. You can find the details on their web site.

In this session, Keith Bogart will interview prolific author and Network Architect, Russ White Ph.D. One of only a handful of people who have attained CCAr status, Russ White has authored several books such as “Practical BGP”, “The Art of Network Architecture” and “Computer Networking Problems And Solutions”. During this session we’ll find out about his journey to becoming a Network Architect and how his passion for technology can inspire you!

Weekend Reads 100821

first, a few interesting stories on the facebook outage


Facebook says that a configuration error broke its connection to a key network backbone, disconnecting all of its data centers from the Internet and leaving its DNS servers unreachable, the company said.


Following the Facebook outage that took place on 4 October, we saw people looking to BGPlay to get a better view of what went on. Here’s a look at what the RIPEstat visualisation has to show us about the event in question.


On October 4th Facebook managed to achieve one of the more impactful of outages of the entire history of the Internet, assuming that the metric of “impact” is how many users one can annoy with a single outage. In Facebook’s case the 6-hour outage affected the services it provides so some 3 billion users, if we can believe Facebook’s marketing hype.


But surely the bigger lesson is that we are all too dependent on too few Really Big providers. EU Competition Commissioner told Reuters “Facebook’s (FB.O) six-hour outage the previous day shows “the repercussions fn relying on just a few big players and underscores the need for more rivals.”

and other stories, as usual


Email Continue reading

Hedge 103: BGP Security with Geoff Huston

Our community has been talking about BGP security for over 20 years. While MANRS and the RPKI have made some headway in securing BGP, the process of deciding on a method to provide at least the information providers need to make more rational decisions about the validity of individual routes is still ongoing. Geoff Huston joins Alvaro, Russ, and Tom to discuss how we got here and whether we will learn from our mistakes.

download

Weekend Reads 100121


Bowles is showing off her whatever-it-takes strategy for narrowing the digital divide between people with reasonably speedy internet access and those without.


Articles 33 and 34 outline the requirements for breach notification; however, most businesses are still unaware of their responsibilities. Details such as what an organization should report, when, to whom it should be reported, and what should be included in the breach notification are some of the major aspects that businesses overlook.


The idea behind Security.txt is straightforward: The organization places a file called security.txt in a predictable place — such as example.com/security.txt, or example.com/.well-known/security.txt.


Air is an absolutely terrible medium with which to move or remove heat from a system, but it sure is a lot easier and cheaper (well, at least in terms of the cost of goods sold sense) than adding some sort of liquid cooling to a system.


The EU aims to have a common charging port for mobile phones, tablets, and headphones under a European Commission proposal presented on Thursday in a world first, with the move impacting iPhone maker Apple more than its rivals.


As we head toward the annual Supercomputing Conference season we wanted Continue reading

Hedge 102: BGP Security with Geoff Huston

Our community has been talking about BGP security for over 20 years. While MANRS and the RPKI have made some headway in securing BGP, the process of deciding on a method to provide at least the information providers need to make more rational decisions about the validity of individual routes is still ongoing. Geoff Huston joins Alvaro, Russ, and Tom to discuss how we got here and whether we will learn from our mistakes.

download

Keith’s Law (1)

I sometimes reference Keith’s Law in my teaching, but I don’t think I’ve ever explained it. Keith’s Law runs something like this:

Any large external step in a system’s capability is the result of many incremental changes within the system.

The reason incremental changes within a system appear as a single large step to outside observers is the smaller changes are normally hidden by abstraction. This is, in fact, the purpose of abstraction—to hide small changes inside a system from external view. Keith’s law is closely related to Clarke’s third law that “Any sufficiently advanced technology is indistinguishable from magic.” What looks like magic from the outside is really just a bunch of smaller things—each easier to understand on its own—combined into one single “thing” through abstraction.
If you’ve read this far, you’re probably thinking—what does this have to do with network engineering?
Well, several things, really.

First—the network is just an abstraction that moves packets to its users. Moving packets seems so … simple … to network users. You put data in here, and data comes out over there. All the little stuff that goes into making a network work are lost in the abstraction of the virtual Continue reading

Controversial Reads 092521


Apple then made public what was private. The company, under CEO Tim Cook’s leadership, had actually been consulting the FBI on various methods for hacking the phone. In fact, the FBI had botched one of the suggested techniques after a mistake. The agency wasn’t willing to risk another gaffe.


Software locks, API restrictions, legal threats, forced downgrades and more – these are why Big Tech stays big.


Megan Borovicka joined Facebook in 2013 and then forgot she even had an account. But Facebook never forgot about her.


On May 27, 2020, in the French National Assembly, Cédric O, the French Secretary of State for Digital Economy, forcibly expressed his government’s frustration with Apple and Google in terms more appropriate to a cold war confrontation between superpowers.


Almost everything we do online today is designed to be addictive. The average American spent more than two hours a day on social media in 2020.


Gary Gensler, Joe Biden’s deeply establishmentarian SEC head, has dropped a bomb on the crypto community with his sudden attack on Coinbase, the leading crypto platform.


As the data these devices collect is sold and shared—and hacked—deciding what risks you’re comfortable with is a necessary part of making Continue reading

1 18 19 20 21 22 162