3 Not-to-Miss Storage Stories
From innovative startups like Lightbits Labs and RackTop Systems to new super-fast, low-latency...
SDxCentral Weekly Wrap: Nvidia Will Buy Mellanox Technologies for $6.9B
SDxCentral Weekly Wrap for March 15, 2019: Nvidia usurps rivals with Mellanox deal. Virtualization...
What the Facebook Outage Tells Us About the Threat of Micro-Outages
Catchpoint found that the social media site’s widespread outages were preceded by a micro-outage...
Seeking Canadian Feedback: Draft Report on Securing the Internet of Things in Canada
Trying to remove cyber security risks from the growing world of connected things is not an easy task. That said, there’s no time like World Consumer Rights Day to give Canada a shout out for its global leadership to champion a safer digital future for all.
Recognizing the need to secure the Internet of Things (IoT), the Internet Society, in partnership with the Ministry of Innovation Science and Economic Development (ISED), the Canadian Internet Registration Authority (CIRA), Canadian Internet Policy and Public Interest Clinic (CIPPIC), and CANARIE, led a voluntary multistakeholder process to develop a broad-reaching policy to ingrain security at the core of innovation in Canada.
Over the past year, we led a series of meetings with business leaders, technical experts, government representatives, civil society, and academia to discuss challenges and recommend the best ways to address them. We gathered feedback through in-person and online attendance. Collectively, these efforts, combined with well-rounded research and documentation, formed the Canadian Multistakeholder Process for Enhancing IoT Security.
Rather than a top-down, government-imposed regulatory model, our multistakeholder approach helped us balance roles and contributions among the group. By working in a way that includes feedback from all participants, we are developing IoT security Continue reading
RFC8482 – Saying goodbye to ANY
Ladies and gentlemen, I would like you to welcome the new shiny RFC8482, which effectively deprecates the DNS ANY query type. DNS ANY was a "meta-query" - think of it as a similar thing to the common A, AAAA, MX or SRV query types, but unlike these it wasn't a real query type - it was special. Unlike the standard query types, ANY didn't age well. It was hard to implement on modern DNS servers, the semantics were poorly understood by the community and it unnecessarily exposed the DNS protocol to abuse. RFC8482 allows us to clean it up - it's a good thing.
But let's rewind a bit.
Historical context
It all started in 2015, when we were looking at the code of our authoritative DNS server. The code flow was generally fine, but it was all peppered with naughty statements like this:
if qtype == "ANY" {
// special case
}
This special code was ugly and error prone. This got us thinking: do we really need it? "ANY" is not a popular query type - no legitimate software uses it (with the notable exception of qmail).
ANY is Continue reading
Heavy Networking 435: End-To-End Network Performance Monitoring With AppNeta (Sponsored)
On today’s sponsored Heavy Networking episode we explore how AppNeta wraps user metadata around Netflow records, deep packet inspection, and discovery of networks to help engineers get a continuous view of end user performance and the telemetry to find and fix problems.
The post Heavy Networking 435: End-To-End Network Performance Monitoring With AppNeta (Sponsored) appeared first on Packet Pushers.
Unit Testing Worker Functions
If you were not aware, Cloudflare Workers lets you run Javascript in all 165+ of our Data Centers. We’re delighted to see some of the creative applications of Workers. As the use cases grow in complexity, the need to sanity check your code also grows.
More specifically, if your Worker includes a number of functions, it’s important to ensure each function does what it’s intended to do in addition to ensuring the output of the entire Worker returns as expected.
In this post, we’re going to demonstrate how to unit test Cloudflare Workers, and their individual functions, with Cloudworker, created by the Dollar Shave Club engineering team.
Dollar Shave Club is a Cloudflare customer, and they created Cloudworker, a mock for the Workers runtime, for testing purposes. We’re really grateful to them for this. They were kind enough to post on our blog about it.
This post will demonstrate how to abstract away Cloudworker, and test Workers with the same syntax you write them in.
Example Script
Before we get into configuring Cloudworker, let’s introduce the simple script we are going to test against in our example. As you can see this script contains two functions, both of Continue reading
DNS Privacy Frequently Asked Questions (FAQ)
We previously posted about how the DNS does not inherently employ any mechanisms to provide confidentiality for DNS transactions, and mentioned some of the protocols that have been recently developed to improve user privacy.
To complement this, we are publishing our DNS Privacy Frequently Asked Questions (FAQ). This highlights and provides answers to the most important aspects of DNS privacy.
Please also check our DNS Privacy page for more information!
Further Information
- Introduction to DNS Privacy
- DNS Privacy
- DNS Privacy Frequently Asked Questions (FAQ)
- DNS Privacy Project
The post DNS Privacy Frequently Asked Questions (FAQ) appeared first on Internet Society.
IPv6 Security for IPv4 Engineers | Internet Society
Good reference material from the Internet Society
The post IPv6 Security for IPv4 Engineers | Internet Society appeared first on EtherealMind.
Gene Spafford – The RSA 2019 Conference
A take on the RSA conference
The post Gene Spafford – The RSA 2019 Conference appeared first on EtherealMind.
Vrnetlab: Emulate networks using KVM and Docker
Vrnetlab, or VR Network Lab, is an open-source network emulator that runs virtual routers using KVM and Docker. It supports developers and network engineers who use continuous-integration processes for testing network provisioning changes. Researchers and engineers may also use the vrnetlab command line interface to create and modify network emulation labs in an interactive way. In this post, I review vrnetlab’s main features and show how to use it to create a simple network emulation scenario using open-source routers.
Vrnetlab implementation
Vrnetlab users create Docker images for each type of router that will run in their network. They package the router’s disk image together with KVM software, Python scripts, and any other resources required by the router into the Docker image. Vrnetlab uses KVM to create and run VMs based on router software images, and uses Docker to manage the networking between the network nodes.
Virtual nodes
Vrnetlab users create Docker images that incorporate the router’s qemu disk image, along with software packages such as qemu-kvm, and the other resources needed by the router, such as a launch script and license files. The new Docker image represents a “virtual router” that comes with all the software and Continue reading
Feedback: Data Center Interconnects Webinar
I got great feedback about the first part of Data Center Interconnects webinar from one of ipSpace.net subscribers:
I had no specific expectation when I started watching the material and I must have watched it 6 times by now.
Your webinar covered just the right level of detail to educate myself or refresh my knowledge on the technologies and relevant options for today’s market choices
The information provided is powerful and avoids useless discussions which vendors and PowerPoint pitches. Once you ask the right question it’s easy to get an idea of the vendor readiness
In the first live session we covered the easy cases: design considerations, and layer-3 interconnect with path separation (multiple routing domains). The real fun will start in the second live session on March 19th when we’ll dive into stretched VLANs and long-distance vMotion ideas.
You can attend the live session with any paid ipSpace.net subscription – details here.
Fact or Fiction? With IoT It’s Not Always Clear
Recently, owners of expensive smart shoes found themselves at loose ends. Unable to pair the shoes to their smart phone app, they couldn’t tighten their self-lacing sneakers. It sounds like science fiction, but this really happened.
From dental sensors that can monitor what a person eats to kitty litters that can track a cat’s every movement, it can be difficult to sort fact from fiction when it comes to the Internet of Things (IoT). Can you tell which is real and which is not?
Fact or Fiction? The voice came from inside the Arizona man’s home – his home security camera to be exact. “You’ve never met me. I’m just a hacker.” Fortunately, it was a friendly hacker, alerting the household to a vulnerability in their home security system.
Fact: The hacker had a solution: turn on two-factor authentication. When using IoT devices, consumers can take this simple step, plus a few others, to help protect their privacy and security.
Fact or Fiction? A couple returned home to find that their carpet had been worn through by their overzealous Internet-connected vacuum cleaner. A hacker had programmed it to clean one square foot of their carpet for several Continue reading
rbenv Install CentOS 7
Install rbenv on CentOS 7 linux.rbenv Install CentOS 7
rbenv is a utility for installing multiple ruby versions on a host machine. Using rbenv allows you to install ruby in a path you have ownership over so you can install gems without having to have sudo or root privileges. rbenv also allows you to target the exact ruby version in development...Arista Helps Facebook Reimagine Its Data Centers
The companies contributed both Minipack and the Arista 7368X4 switch to OCP.