Short Take – Metaengineering
What’s the difference between being an engineer or a metaengineer? In this Network Collective Short Take, Russ White differentiates between the two and explores when it makes sense to be one or the other.
Russ White
The post Short Take – Metaengineering appeared first on Network Collective.
Memcached DDoS – There’s Still Time to Save Your Mind
In case you haven’t heard, there’s a new vector for Distributed Denial of Service (DDoS) attacks out there right now and it’s pretty massive. The first mention I saw this week was from Cloudflare, where they details that they were seeing a huge influx of traffic from UDP port 11211. That’s the port used by memcached, a database caching system.
Surprisingly, or not, there were thousands of companies that had left UDP/11211 open to the entire Internet. And, by design, memcached responds to anyone that queries that port. Also, carefully crafted packets can be amplified to have massive responses. In Cloudflare’s testing they were able to send a 15 byte packet and get a 134KB response. Given that this protocol is UDP and capable of responding to forged packets in such a way as to make life miserable for Cloudflare and, now, Github, which got blasted with the largest DDoS attack on record.
How can you fix this problem in your network? There are many steps you can take, whether you are a system admin or a network admin:
- Go to Shodan and see if you’re affected. Just plug in your company’s IP address ranges and have it Continue reading
IT Automation: Not Just for the Big Dogs
Hyperscale companies like AWS have led the way on automation, but enterprise IT can close the gap by following these steps.
Video: Create an NSX Logical Switch with PowerNSX
After introducing PowerNSX Anthony Burke illustrated how easy it is to use with a Hello, World equivalent: creating a logical switch (VXLAN segment).
You’ll need at least free ipSpace.net subscription to watch the video.
Want to know more about VMware NSX? We’ll run an NSX-focused event and a NSX Deep Dive workshop in Zurich on April 19th 2018, an overview webinar comparing NSX, ACI and EVPN on March 1st, and a deep dive in VMware NSX architecture later in 2018.
1 Terabit DDoS Attacks Become a Reality; Reflecting on Five Years of Reflections
Special thanks to Hardik Modi, Steve Siadak and Roland Dobbins for their contributions on this post. Reflection amplification is a technique that allows cyber attackers to both magnify the amount of malicious traffic they can generate, and obfuscate the sources of that attack traffic. For […]1 Terabit DDoS Attacks Become a Reality; Reflecting on Five Years of Reflections
Special thanks to Hardik Modi, Steve Siadak and Roland Dobbins for their contributions on this post. Reflection amplification is a technique that allows cyber attackers to both magnify the amount of malicious traffic they can generate, and obfuscate the sources of that attack traffic. For […]NSX Layer 2 VPN: Migrating workloads between Datacentres
Selecting a migration strategy
As a consultant within the NSX PSO practice, one of the conversations that comes up with customers often is how NSX enables migration from a legacy datacentre to an NSX managed datacentre. This was the case with a customer recently who were looking to move out of a datacentre that was scheduled to be decommissioned. The problem was that the customer workloads needed to be migrated to a Logical Switch within the new datacentre without changing IP addressing, and with minimal downtime.
There are four approaches available to us with NSX for vSphere that might help solve this problem:
- Universal Logical Switching – we could deploy NSX to the remote site and extend L2 networks using Cross-vCenter NSX and Universal Logical Switches, then migrate the workload
- Native L2 Bridging – within the same datacentre we could use the NSX Distributed Logical Router native functionality to create a Layer 2 Bridge between a VLAN and a Logical Switch
- Hardware VTEP – using a compatible hardware device from a VMware Partner that acts as a VXLAN Tunnel Endpoint and can bridge between a VLAN and a Logical Switch
- Layer 2 VPN – using an NSX managed Edge, or Continue reading
AT&T, Sprint, T-Mobile and Verizon Use Blockchain as Part of Mobile Authentication Platform
The platform interoperates with the GSMA's Mobile Connect technology.
Empowering Education for the Next Generation In Paraguay
Colegio Técnico National (CTN) of Asunción is one of the top schools in Paraguay offering the technical baccalaureate. It was created by the country’s Ministry of Education and Science in 1980. The school is attended by more than 1,500 students from the capital city and from nearby towns like Luque, Fernando de la Mora, San Lorenzo, Lambaré, and Capiatá.
As with most of Paraguayan state schools, the CTN does not have the right infrastructure for an appropriate development of modern education. The little equipment owned by the CTN, donated more than 25 years ago by private or charitable institutions, are today too obsolete. Classes do not have any type of interactive material due to the lack of an Internet connection, equipped laboratories, and modern computers. A new project lead by the Paraguay Chapter and supported by the Internet Society Beyond the Net Funding Programme will provide the school with Internet access and set up a high-tech electronics lab to ensure a quality environment for the development of innovative solutions based on robotics, automation, e-learning systems, and the Internet of Things. 250 students will be trained in the use of online tools. ReVa , a virtual library, will be available Continue reading