RIPE 76 Sees Strong Focus on Routing Security
The RIPE 76 meeting is happening this week in Marseille, France, held at the fantastic location of the Palais du Pharo overlooking Marseille’s Old Port. And it’s also another record attendance with over 850 people registered.
The first couple of days have primarily been devoted to plenary sessions, and there’s been a big focus on routing security. Erik Bais (A2B Internet) kicked off the discussion with a presentation on ‘Why are we still seeing DDoS traffic?‘, which highlighted that DDoS attacks are still originating from the same networks. Looking at the list of the worst offenders, there’s even one amongst the regular RIPE attendees, and he called for networks to clean up their acts. This was also a good opportunity to highlight the MANRS initiative, which of course includes measures to mitigate amplification attacks, and encourages networks to make good routing practices the norm.
Alexander Azimov (Qrator Labs) reinforced this message by outlining the current problems with BGP, including the ongoing route leaks and hijacks affecting the Internet. There are currently only moral obligations to not use other providers’ address space or to support anti-spoofing policies, yet major providers (including Tier 1 providers) continue to both originate Continue reading
DNS Server Troubleshooting: 3 Free Tools
In this video, Tony Fortunato demonstrates software utilities to test the performance of your DNS servers.
Get Familiar with Leaf-and-Spine Fabrics
An attendee of my Building Next-Generation Data Center online course asked me what the best learning path might be for a total (data center) beginner that has to design and install a small leaf-and-spine fabric in a near future.
This blog post was written for ipSpace.net subscribers who want to get the most out of ipSpace.net content. If you’re only interested in free stuff, you might feel it’s a waste of your time. You’ve been warned ;)
Read more ...Barracuda Drops Cloud-Delivered Web Application Firewall Service
Verizon’s annual data breach report found web applications had the most breaches in 2017.
Full Stack Journey 021: Continual Learning With Cody Bunch
Today's Full Stack Journey explores continual learning for technologists. Guest Cody Bunch shares tips on how to approach new information, why you should share what you learn, how to take notes, time management, and more.
The post Full Stack Journey 021: Continual Learning With Cody Bunch appeared first on Packet Pushers.
Full Stack Journey 021: Continual Learning With Cody Bunch
Today's Full Stack Journey explores continual learning for technologists. Guest Cody Bunch shares tips on how to approach new information, why you should share what you learn, how to take notes, time management, and more.
Why I’m Joining Cloudflare
I love working as a Chief Security Officer because every day centers around building something that makes people safer. Back in 2002, as I considered leaving my role as a cybercrime federal prosecutor to work in tech on e-commerce trust and safety, a mentor told me, “You have two rewarding but very different paths: you can prosecute one bad actor at a time, or you can try to build solutions that take away many bad actors' ability to do harm at all.” And while each is rewarding in its own way, my best days are those where I get to see harm prevented—at Internet scale.
In 2016, while traveling the United States to conduct hearings on the condition of Internet security as a member of President Obama's cyber commission, my co-commissioners noticed I had fallen into a pattern of asking the same question of every panelist: “Who is responsible for building a safer online environment where small businesses can set up shop without fear?” We heard many answers that all led to the same “not a through street” conclusion: Most law enforcement agencies extend their jurisdiction online, but there are no digital equivalents to the Department of Continue reading
Trump Axes Top Cybersecurity Role, Kaspersky Moves to Switzerland
A new U.S. cybersecurity strategy calls on government agencies to work more closely with private sector companies to reduce risks.
Dismantling Cisco’s Conservation of Complexity Gambit
From the very beginning, Cisco Systems tightly embraced the use of complexity as a market differentiator. Creating a complicated CLI to configure networking gear instead of a relatively simple GUI – Wellfleet’s choice — was an early move down this path. The next cab off this particular rank was the creation of the CCIE (Cisco Certified Internetwork Expert) program in the early 1990’s, which, in full disclosure, I had a hand in developing back in the day. This program was explicitly designed to be as difficult and complicated as possible – mirroring the products themselves – so that a CCIE “diploma” on a cubicle wall would be considered a badge of honor and give bragging rights to its owner. And, with something like 3-1/2-million CCIEs out there today, this particular bit of planned complexity was clearly a winner.
The inherent irony in all of this is that ante-Cisco life in networking was quite a simple place, really. (Show of hands anyone who remembers the two top bridging vendors, Halley Systems and Vitalink?) But, at the end of the day, networks had to grow so that businesses and, eventually, the Internet, could run on them, and bridging technology simply Continue reading
Dismantling Cisco’s Conservation of Complexity Gambit
From the very beginning, Cisco Systems tightly embraced the use of complexity as a market differentiator. Creating a complicated CLI to configure networking gear instead of a relatively simple GUI – Wellfleet’s choice — was an early move down this path. The next cab off this particular rank was the creation of the CCIE (Cisco Certified Internetwork Expert) program in the early 1990’s, which, in full disclosure, I had a hand in developing back in the day. This program was explicitly designed to be as difficult and complicated as possible – mirroring the products themselves – so that a CCIE “diploma” on a cubicle wall would be considered a badge of honor and give bragging rights to its owner. And, with something like 3-1/2-million CCIEs out there today, this particular bit of planned complexity was clearly a winner.
The inherent irony in all of this is that ante-Cisco life in networking was quite a simple place, really. (Show of hands anyone who remembers the two top bridging vendors, Halley Systems and Vitalink?) But, at the end of the day, networks had to grow so that businesses and, eventually, the Internet, could run on them, and bridging technology simply Continue reading
Rackspace Joins the Managed Kubernetes Fray
The company sees its platform as having a scale advantage over tech-focused vendors like Docker, but with more agility than larger systems integrators like IBM.
Get Ready for Real Disruption: The State of NFV
During the last five years, the NFV market has been heating up, but in order to reach the next steps of innovation and growth the market must fill a number of technological gaps.
You get TLS 1.3! You get TLS 1.3! Everyone gets TLS 1.3!
It's no secret that Cloudflare has been a big proponent of TLS 1.3, the newest edition of the TLS protocol that improves both speed and security, since we have made it available to our customers starting in 2016. However, for the longest time TLS 1.3 has been a work-in-progress which meant that the feature was disabled by default in our customers’ dashboards, at least until all the kinks in the protocol could be resolved.
With the specification finally nearing its official publication, and after several years of work (as well as 28 draft versions), we are happy to announce that the TLS 1.3 feature on Cloudflare is out of beta and will be enabled by default for all new zones.
For our Free and Pro customers not much changes, they already had TLS 1.3 enabled by default from the start. We have also decided to disable the 0-RTT feature by default for these plans (it was previously enabled by default as well), due to its inherent security properties. It will still be possible to explicitly enable it from the dashboard or the API (more on 0-RTT soon-ish in another blog post).
Our Business and Continue reading
Sprint Joins ORAN Alliance and Linux Foundation Networking Fund
The operator is growing its open source clout prior to its merger with T-Mobile.
Culture Shifts and Work Travel Learnings
I’ve seen a few Twitter threads recently about learning to live with the sudden plenty of working for tech companies. If you didn’t grow up that way, the adjustment takes time. It made me think about a few things I’ve learnt about corporate travel, and mistakes I’ve made along the way. People who grew in the corporate world instinctively know stuff I had to learn. Here’s some of the mistakes, and learnings:
Sudden Change of Scene
There’s been a few threads recently on Twitter related to the concept of “growing up poor, and learning how to adapt to working in well-paid industries.”
Here’s an example thread:
Starting a conference for people that work in tech but grew up poor. Talks:
— Mikeal Rogers (@mikeal) May 1, 2018
* Low fee ways to send money to family.
* Making yourself feel ok about spending $50 on brunch.
* Where people with money store their extra money instead of just leaving it in your checking account.
Read the thread - there’s some gems in there. Stuff like these hit home for me:
my first week at my job i spent $30 at the safeway to feed myself all week until they Continue reading