netlab 1.6.3: BGP Nerd Knobs
netlab release 1.6.3 added numerous BGP nerd knobs:
- You can create EBGP multihop sessions in the global routing table when using Arista EOS, Cisco IOSv, Cisco IOS-XE, FRR and Cumulus Linux 4.x.
- ebgp.utils plugin supports TCP-AO, configurable BGP timers, and Generic TTL Security Mechanism (TTL session protection)
- BGP neighbor reports hide irrelevant columns.
We also:
netlab 1.6.3: BGP Nerd Knobs
netlab release 1.6.3 added numerous BGP nerd knobs:
- You can create EBGP multihop sessions in the global routing table when using Arista EOS, Cisco IOSv, Cisco IOS-XE, FRR and Cumulus Linux 4.x.
- ebgp.utils plugin supports TCP-AO, configurable BGP timers, and Generic TTL Security Mechanism (TTL session protection)
- BGP neighbor reports hide irrelevant columns.
We also:
AI in Data Centers: Increasing Power Efficiency with GaN
Systems to meet the exploding demand for AI are energy intensive. GaN semiconductors are being eyed to boost efficiency and density to the levels demanded by Generative AI and the next generation of IT.Tech Bytes: Why Retail Branches Need Next-Gen SD-WAN And SASE (Sponsored)
Today on the Tech Bytes podcast, we talk with sponsor Palo Alto Networks about SD-WAN for retail locations. From securing payment card data to supporting customer Wi-Fi to connecting a multitude of IoT devices, a secure, reliable WAN is a must for retail. We talk with Palo Alto Networks about how SD-WAN can help retail locations get and keep shoppers in stores.
The post Tech Bytes: Why Retail Branches Need Next-Gen SD-WAN And SASE (Sponsored) appeared first on Packet Pushers.
Tech Bytes: Why Retail Branches Need Next-Gen SD-WAN And SASE (Sponsored)
Today on the Tech Bytes podcast, we talk with sponsor Palo Alto Networks about SD-WAN for retail locations. From securing payment card data to supporting customer Wi-Fi to connecting a multitude of IoT devices, a secure, reliable WAN is a must for retail. We talk with Palo Alto Networks about how SD-WAN can help retail locations get and keep shoppers in stores.Victims of Success
It feels like the cybersecurity space is getting more and more crowded with breaches in the modern era. I joke that on our weekly Gestalt IT Rundown news show that we could include a breach story every week and still not cover them all. Even Risky Business can’t keep up. However, the defenders seem to be gaining on the attackers and that means the battle lines are shifting again.
Don’t Dwell
A recent article from The Register noted that dwell times for detection of ransomware and malware hav dropped almost a full day in the last year. Dwell time is especially important because detecting the ransomware early means you can take preventative measures before it can be deployed. I’ve seen all manner of early detection systems, such as data protection companies measuring the entropy of data-at-rest to determine when it is no longer able to be compressed, meaning it likely has been encrypted and should be restored.
Likewise, XDR companies are starting to reduce the time it takes to catch behaviors on the network that are out of the ordinary. When a user starts scanning for open file shares and doing recon on the network you can almost guarantee they’ve Continue reading
Network Break 450: Cisco, Nutanix Announce HCI Gear; HPE Aruba Releases Wi-Fi 6e Sensor; Amazon Ships Test Satellites Into Orbit
This week's Network Break covers new HCI gear from the Cisco/Nutanix partnership, a sensor to detect Wi-Fi 6e performance, Intel financial engineering, Amazon shipping test satellites for a space broadband service, and more IT news.
The post Network Break 450: Cisco, Nutanix Announce HCI Gear; HPE Aruba Releases Wi-Fi 6e Sensor; Amazon Ships Test Satellites Into Orbit appeared first on Packet Pushers.
Network Break 450: Cisco, Nutanix Announce HCI Gear; HPE Aruba Releases Wi-Fi 6e Sensor; Amazon Ships Test Satellites Into Orbit
This week's Network Break covers new HCI gear from the Cisco/Nutanix partnership, a sensor to detect Wi-Fi 6e performance, Intel financial engineering, Amazon shipping test satellites for a space broadband service, and more IT news.HTTP/2 Rapid Reset: deconstructing the record-breaking attack
Starting on Aug 25, 2023, we started to notice some unusually big HTTP attacks hitting many of our customers. These attacks were detected and mitigated by our automated DDoS system. It was not long however, before they started to reach record breaking sizes — and eventually peaked just above 201 million requests per second. This was nearly 3x bigger than our previous biggest attack on record.
Concerning is the fact that the attacker was able to generate such an attack with a botnet of merely 20,000 machines. There are botnets today that are made up of hundreds of thousands or millions of machines. Given that the entire web typically sees only between 1–3 billion requests per second, it's not inconceivable that using this method could focus an entire web’s worth of requests on a small number of targets.
Detecting and Mitigating
This was a novel attack vector at an unprecedented scale, but Cloudflare's existing protections were largely able to absorb the brunt of the attacks. While initially we saw some impact to customer traffic — affecting roughly 1% of requests during the initial wave of attacks — today we’ve Continue reading