Show 362: Advanced Network Programmability With Cisco (Sponsored)
On today s Packet Pushers show, sponsored by Cisco, we discuss device programmability, network modeling with YANG, and the IOS XR Service-Level API. The post Show 362: Advanced Network Programmability With Cisco (Sponsored) appeared first on Packet Pushers.
‘Treacherous 12’ Cloud Security Threats: Is Your Company Exposed?
Cloud security threats are "moving up the stack."
SDxCentral’s Weekly News Roundup — October 20, 2017
GE partners with Apple on IoT; Intel invests $60 million in 15 technology startups; Alibaba works with Red Hat.
Ericsson’s Struggles Continue in Q3, But Networks Biz Hints at Recovery
Company is accelerating its $10 billion cost restructuring plan.
Cable Networks Seem Pretty Darn Hard to Virtualize
Cable operators frown upon questions about a conflict between CCAP and Remote PHY.
Latest Canonical Ubuntu Release Taps Kubernetes 1.8, Hints at More
The next serious update will include AI and edge computing support.
Performing & Preventing SSL Stripping: A Plain-English Primer
Over the past few days we learnt about a new attack that posed a serious weakness in the encryption protocol used to secure all modern Wi-Fi networks. The KRACK Attack effectively allows interception of traffic on wireless networks secured by the WPA2 protocol. Whilst it is possible to backward patch implementations to mitigate this vulnerability, security updates are rarely installed universally.
Prior to this vulnerability, there were no shortage of wireless networks that were vulnerable to interception attacks. Some wireless networks continue to use a dated security protocol (called WEP) that is demonstrably "totally insecure" 1; other wireless networks, such as those in coffee shops and airports, remain completely open and do not authenticate users. Once an attacker gains access to a network, they can act as a Man-in-the-Middle to intercept connections over the network (using tactics known as ARP Cache Poisoning and DNS Hijacking). And yes, these interception tactics can easily be deployed against wired networks where someone gains access to an ethernet port.
With all this known, it is beyond doubt that it is simply not secure to blindly trust the medium that connects your users to the internet. HTTPS was created to allow HTTP traffic to Continue reading
Introduction to Symantec Web Application Firewalls
Before we are starting with the Symantec Web Application Firewalls, first we need to understand
What and why we need WAF or so called Web Application Firewalls ?
What and why we need WAF or so called Web Application Firewalls ?
If you are talking about the Web servers, they are often targeted by attackers to help them host and deliver malware. In the Verizon’s 2015 Data Breach Investigation Report it was found that the attacks on web applications were one of the most common threats enterprises faced.
How to mitigate these kinds of risks ?
To mitigate the risks a compromise poses to their reputation and ongoing operations, enterprises are implementing Web Application Firewalls (WAF) to protect their web properties and enforce the security and privacy of their web applications. To ensure the security they implement does not adversely affect the performance of the web. So for avoiding the various attacks from the outside world enterprises need WAF kind of services and there are lot of providers in the WAF.
Now in this case we required WAF or so called Web Application Firewalls, Now let's talk about the Symantec Web Security Application Firewalls in details with features and the purpose. I will try to put another article on Cisco WAF as well as Continue reading
Firewall Standard Zones and Configurations
Lets talk about the security Zone in the enterprise network or you can say that implementing the Security Zone in the university that approach to firewall configuration and deployment. These “Security Zones” are implemented as rule-sets on University firewalls.
 |
| Fig 1.1- Standard Firewall Zones |
Each firewall will provide multiple “Security Zones” to implement specific security controls for each zone. Default sets of “Security Zones” are created during the implementation of each University firewall as follows:
- Workstation Zone
- Server Zone
- DMZ Zone
CSSD defines these “Security Zones” to be implemented for each firewall as follows:
- Workstation Zone – The Workstation zone is designed to protect a University Unit’s workstations, network printers, and other local network devices (inside the firewall) from all other zones. Access to this zone from all other zones is restricted and controlled
- Server Zone – The Server zone is designed to protect a University Unit’s critical infrastructure such as domain controllers, file, print, intranet (internal web applications), application, and database servers. Access to this zone is limited to the Unit’s Workstation Zone.
- DMZ Zone– The DMZ zone is designed to protect any server that is accessed by a broad audience. An example Continue reading
How Governments Can Be Smart about Artificial Intelligence
The French MP and Fields medal award winner, Cédric Villani, officially auditioned Constance Bommelaer de Leusse, the Internet Society’s Senior Director, Global Internet Policy, last Monday on national strategies for the future of artificial intelligence (AI). In addition, the Internet Society was asked to send written comments, which are reprinted here.
|
“Practical AI successes, computational programs that actually achieved intelligent behavior, were soon assimilated into whatever application domain they were found to be useful […] Once in use, successful AI systems were simply considered valuable automatic helpers.” Pamela McCorduck, Machines Who Think: A Personal Inquiry into the History and Prospects of Artificial Intelligence |
AI is not new, nor is it magic. It’s about algorithms.
“Intelligent” technology is already everywhere – such as spam filters or systems used by banks to monitor unusual activity and detect fraud – and it has been for some time. What is new and creating a lot of interest from governments stems from recent successes in a subfield of AI known as “machine learning,” which has spurred the rapid deployment of AI into new fields and applications. It is the result of a potent mix of data availability, increased computer power and algorithmic innovation that, if Continue reading
Cisco to Scoop Up Perspica, Gain More App Smarts
This acquisition adds real-time streaming view to application intelligence Cisco gained with AppDynamics buy.
Cisco to Scoop Up Perspica, Gain More App Smarts
This acquisition adds real-time streaming view to application intelligence Cisco gained with AppDynamics buy.
Worth Reading: Stealing Passwords by Asking
The post Worth Reading: Stealing Passwords by Asking appeared first on rule 11 reader.
Updating to JDK 1.8 or 1.9 on Ubuntu
Trying to install OpenDaylight Nitrogen needs JDK 1.8 or later.
Needless to say, I’ve not go the right version on my Ubuntu 16.04 server – it reports 1.7. Also needless to say, installing it isn’t a simple matter of adding the software through apt-get because the repository appears to be broken or empty (at the time of writing). I was hoping to get away with doing this:
sudo add-apt-repository ppa:webupd8team/java
sudo apt-get update
sudo apt-get install oracle-java9-installer
Anyway, the last part failed with:
Connecting to download.oracle.com (download.oracle.com)|104.86.110.251|:80... connected. HTTP request sent, awaiting response... 404 Not Found 2017-10-20 14:05:08 ERROR 404: Not Found.download failed Oracle JDK 9 is NOT installed. dpkg: error processing package oracle-java9-installer (--configure): subprocess installed post-installation script returned error exit status 1 E: Sub-process /usr/bin/dpkg returned an error code (1)
So instead I downloaded it from here: http://www.oracle.com/technetwork/java/javase/downloads/jdk9-downloads-3848520.html
Unpacked the tarball with this:
cd /opt tar -xvzf jdk-9.0.1_linux-x64_bin.tar.gz
Finally updated my environment variables to tell it where the JDK is:
export JAVA_HOME=/opt/jdk-9.0.1/ Continue reading