Worth Reading: vDoS for Money

At the height of vDOS’s profitability in mid-2015, the DDoS-for-hire service was earning its proprietors more than $42,000 a month in PayPal and Bitcoin payments from thousands of subscribers. That’s according to an analysis of the leaked vDOS database performed by researchers at New York University. —Krebs on Security

The post Worth Reading: vDoS for Money appeared first on rule 11 reader.

On the ‘web: All you ever wanted to know about EIGRP

In episode 5 the Network Collective panel dives deep into the inner-workings of EIGRP and how to tune the protocol to work best for you. This isn’t your run of the mill EIGRP training session though, so buckle up and dig in to learn a lot about a protocol which appears pretty straight forward on the surface.

This last week I was on the Network Collective discussing EIGRP with Nick Russo; even if you think this protocol is dead, it’s well worth watching or listening to. And if this isn’t enough EIGRP for you, the EIGRP book on Addision-Wesley is another good resource.

The post On the ‘web: All you ever wanted to know about EIGRP appeared first on rule 11 reader.

Worth Reading: World IPv6 Report

On the fifth anniversary of World IPv6 Launch, we’re excited to share a detailed report on the State of IPv6 Deployment in 2017. It really is staggering how far IPv6 deployment has progressed in five years. In mid-2012, Google measured less than 1% of users accessing their services over IPv6. Today that figure is getting close to 20%. Since World IPv6 Launch, several major operators are now delivering the majority of traffic from major content sources like Google, Akamai and others over IPv6. Individual operators, like T-Mobile USA, have deployed IPv6-only networks for their subscribers. —CircleID

The post Worth Reading: World IPv6 Report appeared first on rule 11 reader.

Worth Reading: Keeping positive while job hunting

Like many cities, Washington DC is a place one’s job title can define his or her success or self-worth. In the digital age, many still carry business cards with our titles. Romantic meet-ups begin with “So, where do you work?” —The Federalist

The post Worth Reading: Keeping positive while job hunting appeared first on rule 11 reader.

Nonblocking versus Noncontending

“We use a nonblocking fabric…”

Probably not. Nonblocking is a word that is thrown around a lot, particularly in the world of spine and leaf fabric design—but, just like calling a Clos a spine and leaf, we tend to misuse the word nonblocking in ways that are unhelpful. Hence, it is time for a short explanation of the two concepts that might help clear up the confusion. To get there, we need a network—preferably a spine and leaf like the one shown below.

Based on the design of this fabric, is it nonblocking? It would certainly seem so at first blush. Assume every link is 10g, just to make the math easy, and ignore the ToR to server links, as these are not technically a part of the fabric itself. Assume the following four 10g flows are set up—

• B through [X1,Y1,Z2] towards A
• C through [X1,Y2,Z2] towards A
• D through [X1,Y3,Z2] towards A
• E through [X1,Y4,Z2] towards A

As there are four different paths between these four servers (B through E) and Z2, which serves as the ToR for A, all 40g of traffic can be delivered through the fabric without dropping or queuing a single packet (assuming, of Continue reading

Worth Reading: Processing Logs in Real Time with Naiad

You have lots of components in your datacenter producing logs (about 13,000 service instances in the datacenter logs studied for this paper). The authors assume a unique Id is assigned to every request entering the system, and that this is propagated on service requests, leading to log records with metadata such as… —The Morning Paper

The post Worth Reading: Processing Logs in Real Time with Naiad appeared first on rule 11 reader.

Large Scale Network Design Video on Sale

The Large Scale Network Design video Alvaro and I recorded for Pearson is on sale as part of the Cisco Live preshow sale. This is a great video series. It might even keep you entertained until the new book is published (hopefully early next year).

You can find the sale here.

The post Large Scale Network Design Video on Sale appeared first on rule 11 reader.

Worth Reading: Tracing down flashing dialogs

In a recent update to their Office suite on Windows, Microsoft made a mistake where every hour, for a fraction of a second, a black window pops up on the screen. This leads many to fear their system has been infected by a virus. I thought I’d document how to track this down. —Errata Security

The post Worth Reading: Tracing down flashing dialogs appeared first on rule 11 reader.

Ducks

The post Ducks appeared first on rule 11 reader.

Worth Reading: Fast changes, illustrated

A new industrial revolution has begun. Here are two small examples to illustrate what it will be like. Extrapolate these a thousand fold. Then do so again. That’s what will happen in the next 70 years. Let’s start to prepare now. —Fabius Maximus

The post Worth Reading: Fast changes, illustrated appeared first on rule 11 reader.

Worth Reading: Connecting Nepal

In 1997, we finally got the Internet in Nepal. Unfortunately, it was only available in the capital, Kathmandu, which is very far from my village of Nangi. But almost immediately, I started thinking of ways we could get Nangi online. I was already familiar with the Internet from studying in the United States, and I had a lot of ideas about how being online could improve life in Nangi. —The Internet Society

The post Worth Reading: Connecting Nepal appeared first on rule 11 reader.

The 40 hour work week

Before 1900 the average American worker worked more than 60 hours a week. A standard schedule was ten-hour days, six days a week. The only structural limits to working were lighting and religion. You stopped working when it was too dark to see or to go to church. It was exhausting. It was often fatal. —Collaborative Fund

The 40 hour work week is foremost a result of the physical limits of the human body—but we often fail to take into account the mental limits, as well. Why was working for more than 40 hours a week on a railroad dangerous? It was not just because people were physically tired, but also because they were mentally tired. The resulting discussion among coders has been rampant and widespread (see, for instance, here).

First, the focus on time and the length of the work week may be a little misdirected. We are still a world focused on physical presence as a proxy for accomplishing work. I know a lot of companies prefer to have people in the office—ironically, this is a big deal with most of the companies in the world that aim to bring networks, and network based services, to the masses. Continue reading

Worth Reading: pbgpp

pbgpp allows network operators to apply a wide range of filters, either on network layer (src IP, dst IP), but foremost BGP fields — for example, prefix, communities, or next hop. Filters are applied in two steps, improving analysis performance. Before parsing the BGP-specific fields in the captured packet, lower-layer packet header field filters (IP or MAC source or destination) are applied. Thus, we do not parse all packets, but only the matching ones. BGP-specific filters are applied subsequently after parsing. —APNIC

The post Worth Reading: pbgpp appeared first on rule 11 reader.

Worth Reading: The forecast is still cloudy

The technical content of this year’s BCE was, as usual, presented by some of the best and brightest minds in telecom. Unfortunately, most of those minds were in agreement that the landscape for SDN and NFV, in particular, has not gotten any clearer in the last year. In fact, in many ways the clouds have gotten denser. —ECI blog

The post Worth Reading: The forecast is still cloudy appeared first on rule 11 reader.

iSPF verse PRC

The post iSPF verse PRC appeared first on rule 11 reader.

Worth Reading: Good Samaritans with network visibility

In a big open office 30 feet from me, a team of US Veterans speak intently on the phone to businesses large and small, issuing urgent warnings of specific cyber security threats. They call to get stubborn, confused people to take down hidden ransomware distribution sites. They call with bad news that a specific computer at the business has malware that steals login credentials. They call with good news — you can beat the bad guys this time by not sending the money — minutes before an email arrives to the business with fraudulent wire transfer instructions. —CircleID

The post Worth Reading: Good Samaritans with network visibility appeared first on rule 11 reader.

OneLogin and Password Managers

An interesting incident this last week brings password managers back to the front of the pile—

OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data. —Krebs on Security

I used to use LastPass, but moved off of their product/service when LogMeIn bought them—my previous encounters with LogMeIn have all been negative, and I have no intention of using their service again in any form. During that move, I decided it was important to make another decision about the tradeoff between an online (cloud based) password manager, or one that keeps information in a local file. The key problem with cloud based services of this kind are they paint a huge target onto your passwords. The counter argument is that such cloud based services are more likely to protect your passwords than you are, because they focus their time and energy on doing so.

First lesson: moving to a cloud based application does not mean moving to a situation where the cloud provider actually knows what you are storing, nor how to access Continue reading

Open Networking for Large-Scale Networks

Shawn Zandi and I recently recorded a new webinar for Ivan over at ipspace.net around open source and disaggregated networking. If you have ever wanted to find out about these topics, this webinar is a great place to start in understanding what options are available, and how easy/hard it is to get this kind of thing running.

The webinar is available here.

The post Open Networking for Large-Scale Networks appeared first on rule 11 reader.

Worth Reading: WannaCry and Vulnerabilities

All software contains bugs or errors in the code. Some of these bugs have security implications, granting an attacker unauthorized access to or control of a computer. These vulnerabilities are rampant in the software we all use. A piece of software as large and complex as Microsoft Windows will contain hundreds of them, maybe more. These vulnerabilities have obvious criminal uses that can be neutralized if patched. Modern software is patched all the time — either on a fixed schedule, such as once a month with Microsoft, or whenever required, as with the Chrome browser. —Schneier on Security

The post Worth Reading: WannaCry and Vulnerabilities appeared first on rule 11 reader.

Worth Reading: Tolerance

The idea of tolerance is that reasonable people can disagree. You still believe you are right, and the other person is wrong, but you accept that they are nonetheless a reasonable person with good intentions, and that they don’t need to be punished for holding the wrong opinion. —Errata Security

The post Worth Reading: Tolerance appeared first on rule 11 reader.