Russ

Author Archives: Russ

Upcoming Webinar: How the Internet Really Works (Part 1)

This live training will provide an overview of the systems, providers, and standards bodies important to the operation of the global Internet, including the Domain Name System (DNS), the routing and transport systems, standards bodies, and registrars. For DNS, the process of a query will be considered in some detail, who pays for each server used in the resolution process, and tools engineers can use to interact DNS. For routing and transport, the role of each kind of provider will be considered, along with how they make money to cover their costs, and how engineers can interact with the global routing table (the Default Free Zone, of DFZ). Finally, registrars and standards bodies will be considered, including their organizational structure, how they generate revenue, and how to find their standards.

Thoughts on Auto Disaggregation and Complexity

Way in the past, the EIGRP team (including me) had an interesting idea–why not aggregate routes automatically as much as possible, along classless bounds, and then deaggregate routes when we could detect some failure was causing a routing black hole? To understand this concept better, consider the network below.

In this network, B and C are connected to four different routers, each of which is advertising a different subnet. In turn, B and C are aggregating these four routes into 2001:db8:3e8:10::/60, and advertising this aggregate towards A. From a control plane state perspective, this is a major win. The obvious gain is that the amount of state is reduced from four routes to one. The less obvious gain is A doesn’t need to know about any changes in the state for the four destinations aggregated into the /60. Depending on how often these links change state, the reduction in the rate of change is, perhaps, more important than the reduction in the amount of control plane state.

We always know there will be a tradeoff when reducing state; what is the tradeoff here? If C somehow loses its connection to one of the four routers, say the router advertising 11::/64, Continue reading

Weekend Reads 111221


We’ve had too many face-palm-worthy incidents of organizations hearing “hey, I found your data in a world readable S3 bucket” or finding a supposedly “test” server exposed that had production data in it.


Virtually all compilers — programs that transform human-readable source code into computer-executable machine code — are vulnerable to an insidious attack in which an adversary can introduce targeted vulnerabilities into any software without being detected, new research released today warns.


2021 has already been a banner year for cybercriminals — the record-largest ransomware payment of $40 million was made by an insurance company this year. And the attacks won’t stop.


In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning.


When it comes to cybersecurity, risks are omnipresent. Whether it is a bank dealing with financial transactions or medical providers handling the personal data of patients, cybersecurity threats are unavoidable. The only way to efficiently combat these threats is to understand them.


‘Functional, Continue reading

Hedge 108: In Defense of Boring Technology with Andrew Wertkin

Engineers (and marketing folks) love new technology. Watching an engineer learn or unwrap some new technology is like watching a dog chase a squirrel—the point is not to catch the squirrel, it’s just that the chase is really fun. Join Andrew Wertkin (from BlueCat Networks), Tom Ammon, and Russ White as we discuss the importance of simple, boring technologies, and moderating our love of the new.

download

Live Webinar: How Routers Really Work

This Friday (the 12th) I’m presenting a live webinar on How Routers Really Work over at Pearson. From the description:

This training will peer into the internal components of a router, starting with an explanation of how a router switches packets. This walk through of a switching path, in turn, will be used as a foundation for explaining the components of a router, including the various tables used to build forwarding tables and the software components used to build these tables.

Please join me by registering here.

I’ve changed just a few of the slides from the last time I gave this talk and reordered some things.

Weekend Reads 110521


From Facebook to LinkedIn to Indeed, ads are popping up that promise well-paying jobs — if applicants provide their Social Security numbers and other details up front. Scammers then use the information to apply for unemployment benefits.


The coronavirus pandemic giveth to Amazon retail business and its Amazon Web Services cloud business, and the pandemic taketh away from the Amazon retail business.


Companies should recognize that collaboration platforms aren’t isolated, secure channels where traditional threats don’t exist.


The Federal Aviation Administration said on Tuesday it had issued a special information bulletin alerting manufacturers, operators, and pilots that action may be needed to address potential interference with sensitive aircraft electronics caused by the use of 5G telecommunications technology.


The holiday shopping season always means big business for phishers, who tend to find increased success this time of year with a lure about a wayward package that needs redelivery.


If not handled in time, the attacks can lead to IP reputation loss and blocklisting, causing severe and expensive damage to companies, but a few precautionary steps can help keep the threats at bay.


The following resources and tutorials will enhance your understanding of container network security and help you get started.


With Continue reading

Hedge 107: Career Advice with Terry Slattery

Whether you’re just starting in your technology career, or you’re an old hand who likes to go back to basics and understand how to move forward in your career, this episode of the Hedge is for you. Terry Slattery joins Tom Ammon and Russ White to discuss the things you can do to build a successful career as in the world of network engineering.

download

Weekend Reads 102921


If your organization includes Android devices as part of its bring-your-own-device (BYOD) policy or uses embedded systems, then a recent root expiration for Let’s Encrypt digital certificates may potentially place your organization at risk.


In a threat hunting approach, when we find some malicious file, binary, or a program, we need to collect the artifacts from them and search within our whole environment to find any possible traces of malicious activity.


In other words, how to fool advanced threat detection systems, past the all-seeing eye of which, according to marketers, no extra byte can slip through. I am talking about systems that use big data analytics as one of the main tools for detecting suspicious activity like SIEM and XDR.


Intel Corp. and Alphabet Inc.’s Google Cloud on Wednesday said they have worked together to create a new category of chip that Intel hopes will become a major seller in the booming cloud computing market.


Attacks involving SEO poisoning — where adversaries artificially increase the search engine ranking of websites hosting their malware to lure potential victims — are on the rise.


The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published cybersecurity guidance Continue reading

Master Class: Resilience in Large-Scale Fabrics

In the aftermath of a major network outage, the natural reaction of most network engineers is to find some way to avoid all future outages—regardless of the cost. The first line of defense against is future outages is redundancy, whether in the form of additional parallel links, new routers, new firewalls, new … whatever, so long as there is more of it so packets have more paths to make it from source to destination.

Please join me for this live webinar.

Controversial Reads 102221


Mark Zuckerberg, unlike Einstein, did not dream up Facebook out of a sense of moral duty, or a zeal for world peace. This summer, the population of Zuckerberg’s supranational regime reached 2.9 billion monthly active users, more humans than live in the world’s two most populous nations—China and India—combined.


The greatest risk of monopolies is that they’ll obstruct the ideas that will make our homes truly smart. Our “Jetsons” future is on the line.


Given these concerns, it seems especially bizarre that Amazon was willing to reference the price of competing smart thermostats sold via its platform during the launch. Its smart thermostat is “less than half the average cost of a smart thermostat sold on Amazon.com,” the company’s senior vice president of devices and services, Dave Limp, said.


Apple’s co-founder changed how we view tech. A decade after his death, we’ve changed how we view the tech industry, too.


The U.S. government is secretly ordering Google to provide data on anyone typing in certain search terms, an accidentally unsealed court document shows. There are fears such “keyword warrants” threaten to implicate innocent Web users in serious crimes and are more common than previously thought.


There are Continue reading

Weekend Reads 102121


A recent phishing campaign targeting Coinbase users shows thieves are getting smarter about phishing one-time passwords (OTPs) needed to complete the login process.


What does it mean to cloud-connect the network? Simply put, it means connecting network equipment to the cloud and collecting telemetry, but this simple idea has far-reaching benefits that can up level the support experience for customers and vendors.


This post will focus on a key part of DNSSEC infrastructure — Root KSK ceremonies. These ceremonies exist to provide transparency to the Internet community around the creation, use, and storage of the Root KSK.


Despite 60% surge in dangerous third-party domain registrations, domain security is an underutilized security component to curb phishing and related ransomware attacks.


The term “code debt” in computer programming refers to the idea that certain decisions in writing computer code will lead to future consequences which have to be dealt with.


Before you give in to your impulses and wipe your screen with whatever you have at hand, let us stop you right there. Your display is way more delicate than you think, and if you want it to last you a long time in optimal conditions, you’ll need to treat it with Continue reading

Hedge 105: Johan Gustawsson and Changing Provider Architectures

Many service providers have the feeling that they “didn’t do anything wrong, but somehow we still lost.” How are providers reacting to the massive changes in the networking field, and how are they trying to regain their footing so they can move into the coming decades better positioned to compete? Join Johan Gustawsson, Tom Ammon, and Russ White as we discuss the impact of merchant silicon and changing applications on the architecture of service providers.

download

You can read Johan’s post on this topic here.

Weekend Reads 101521


Russia is the source of the lion’s share of nation-state cyberattacks Microsoft has observed in the past year (58%), followed by North Korea (23%), Iran (11%), China (8%), and South Korea, Vietnam, and Turkey all with less than 1% representation, a new pool of data reveals.


Equinix has been testing the use of liquid cooling in its data centers, and hopes to use the technology in its Equinix Metal service to create a high-density, energy efficient computing platform.


As a rule, the English term “computer” and the equivalent German term “Rechner” describe calculating machines. But until the middle of the 20th century, computers were, in fact, humans who performed calculations.


The job-killing robots are almost at the door, we are told, mere moments away from replacing the last traces of human inefficiency and heralding the dawn of a world without work.


The technological breakthroughs and intelligence superiority of the Israel Defense Force’s Unit 8200 position it, and Israel, as a world leader, at the same level as the United States, Russia, or China.


New PCIe 6.0 technology is in the works, and according to nonprofit electronics industry consortium PCI-SIG, it’s in the final draft stages.


Recently I was asked Continue reading

Hedge 104: Automation with David Gee

Automation is often put forward as the answer to all our problems—but without a map, how can we be certain we are moving in the right direction? David Gee joins Tom Ammon and Russ White on this episode of the Hedge to talk about automata without a map. Where did we come from, what are we doing with automation right now, and what do we need to do to map out a truly better future?

download

Live Stream: The Journey to Architect

On Thursday the 19th of October at 1PM ET, I’ll be joining Keith Bogart for the em>INE Live live stream. You can find the details on their web site.

In this session, Keith Bogart will interview prolific author and Network Architect, Russ White Ph.D. One of only a handful of people who have attained CCAr status, Russ White has authored several books such as “Practical BGP”, “The Art of Network Architecture” and “Computer Networking Problems And Solutions”. During this session we’ll find out about his journey to becoming a Network Architect and how his passion for technology can inspire you!

Weekend Reads 100821

first, a few interesting stories on the facebook outage


Facebook says that a configuration error broke its connection to a key network backbone, disconnecting all of its data centers from the Internet and leaving its DNS servers unreachable, the company said.


Following the Facebook outage that took place on 4 October, we saw people looking to BGPlay to get a better view of what went on. Here’s a look at what the RIPEstat visualisation has to show us about the event in question.


On October 4th Facebook managed to achieve one of the more impactful of outages of the entire history of the Internet, assuming that the metric of “impact” is how many users one can annoy with a single outage. In Facebook’s case the 6-hour outage affected the services it provides so some 3 billion users, if we can believe Facebook’s marketing hype.


But surely the bigger lesson is that we are all too dependent on too few Really Big providers. EU Competition Commissioner told Reuters “Facebook’s (FB.O) six-hour outage the previous day shows “the repercussions fn relying on just a few big players and underscores the need for more rivals.”

and other stories, as usual


Email Continue reading

1 18 19 20 21 22 162