Datanauts 139: Getting AWS Security Right
AWS security issues show up in tech news fairly often. Today, we talk with someone who wrote about AWS services other than S3 that were found exposed to the public. Could that be some of your services?
Could be. The numbers are pretty impressive. Stay tuned, and find out how to determine whether or not your EBS snapshots, RDS snapshots, AMIs, or ElasticSearch clusters are accidentally public.
Our guest is Scott Piper, an AWS security consultant for Summit Route. You can follow him on Twitter at @0xdabbad00.
We start by exploring the types of AWS resources that can be unintentionally exposed to the public Internet, how to find them, and how to lock them down.
Then we talk about general practices such as vulnerability scanning, how to minimize human error when configuring AWS services, and drill into options such as CloudMapper and Security Monkey, open-source tools to help administrators find and control AWS resources.
Show Links:
Scott Piper’s blog – Duo.com
Scott Piper on GitHub – GitHub
Beyond S3: Exposed Resources on AWS – Duo.com
CloudMapper – GitHub
CloudTracker – GitHub
Netflix Security Monkey – GitHub
History Of Networking – Dave Crocker – Email – Part 2
Few technologies are as ubiquitous as email. In Part 2 of this two-part series, Dave Crocker joins us to talk about the History of Email. Listen in as he talks about the early days of message exchange and how the technology evolved to be an integral part of modern day communication.
Dave Crocker
Guest
Russ White
Host
Donald Sharp
Host
Eyvonne Sharp
Host
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post History Of Networking – Dave Crocker – Email – Part 2 appeared first on Network Collective.
HPE CEO Antonio Neri Commits $4 Billion to Edge Products, Services
This money will fund what Neri called “intelligent edge” research and development around connectivity, security, edge computing, automation, machine learning, and artificial intelligence.
AT&T Will Launch Nationwide NB-IoT Network in 2019
Deploying NB-IoT will require a software upgrade to the RAN and a few other network elements.
CBRS: What WLAN Pros Need to Know
Lee Badman talks with Dave Wright, presented of the CBRS Alliance, to find out the latest developments with the emerging small-cell technology.
Nmap Tutorial: Host Discovery
In this excerpt from "Nmap: Network Exploration and Security Auditing Cookbook - Second Edition," learn how to perform a ping scan to find live hosts in your network.
IoT Security is the Heart of the Matter
The Internet Society is raising awareness around the issues and challenges with Internet of Things (IoT) devices, and the OTA IoT Trust Framework is promoting best practices in protection of user security and privacy. The importance of this was brought home with the keynote talk at the recent TNC18 Conference, which was given by Marie Moe (SINTEF) who related her experiences with her network-connected heart pacemaker.
Marie is a security researcher (who also formerly worked for NorCERT, the Norwegian National Cybersecurity Centre) who has an implanted pacemaker to monitor and control her heart, and has used the opportunity to investigate the firmware and security issues that have had detrimental and potentially fatal consequences. Quite aside from uncovering misconfigurations that required tweaking (e.g. the maximum heartbeat setting turned out to be set too low for a younger person), and an adverse event that required a firmware upgrade, she was even more concerned to discover that little consideration had gone into the authentication and access aspects that might allow an attacker to take control of the device.
These devices allow their recipients to lead normal lives, and of course being network-connectable has many practical advantages in terms of monitoring and Continue reading
Worth Reading: Fake News in IT
Stumbled upon “Is Tech News Fake” article by Tom Nolle. Here’s the gist of his pretty verbose text:
When readers pay for news, they get news useful to readers. When vendors pay, not only do the vendors get news they like, the rest of us get that same story. It doesn’t mean that the story being told is a lie, but that it reflects the view of an interested party other than the reader.
High-quality content is not cheap, so always ask yourself: who’s paying for the content… and if it’s not you, you may be the product.
Full disclosure: ipSpace.net is funded exclusively with subscriptions and online courses. Some of our guest speakers work for networking vendors, but we always point that out, and never get paid for that.
Endpoint Security Firm Cylance Raises $120M in Series E
Cylance touts its predictive advantage technology that allows a company to protect endpoints from threats that may not exist for years to come.
Top 5 tips for transitioning to 100G networking
No doubt about it: the prospect of adding another zero to the end of your top network speeds is exciting. And the reward of the immediately noticeable performance improvement never gets old. Speed makes a noticeable, and not just measurable, difference. And with the massive increase in the amount of data servers need to process, 100G is soon going to be a necessity for many organizations.
But increasing network speed is about more than pushing more bits across a wire. Faster networks enable you to squeeze more out of your physical rack space. You need fewer servers, fewer network connections, and – dare I say it – fewer switches. It’s true. A faster network lets you pack more computing into the same space.
Whether you plan to do a forklift upgrade to 100G or intend to replace one switch at a time, there are some key things you need to know to avoid getting locked into one switch vendor or losing backward compatibility with your existing equipment. In this post, I’m going to give you my top 5 tips for making transitioning to 100G networking a smooth one.
Tip No. 1: Decide where 25G/100G makes sense
First, a little background. Continue reading