OpenVPN 2.3.17 on OpenBSD 6.0
On Jun 21, the OpenVPN team released an update for the 2.3.x and 2.4.x branches that resolved some newly discovered security vulnerabilities. The OpenVPN team recommends that users “upgrade to OpenVPN 2.4.3 or 2.3.17 as soon as possible“.
OpenBSD 6.0–which was released Sep 1 2016 and is still receiving security updates to the base system as per OpenBSD’s policy–shipped with a package for OpenVPN 2.3.11. Below you will find a patch and instructions for using the ports system to upgrade to version 2.3.11. Note that if you’re running OpenBSD 6.1, the ports tree has been updated to 2.4.3 so all you need to do is “cvs up” and “make install”.
Instructions:
- Follow the OpenBSD FAQ for instructions on how to download, verify, and extract the ports tree on your machine.
- Then:
% cd ports/net/openvpn
% patch < ~/openvpn-2.3.17p0.diff
% make installOriginal article: OpenVPN 2.3.17 on OpenBSD 6.0
Copyright © 2017 Joel Knight . All Rights Reserved.
Project Jengo: Explaining Challenges to Patent Validity (and a looming threat)
We’ve written a couple times about the problem of patent trolls, and what we are doing in response to the first case a troll filed against Cloudflare. We set a goal to find prior art on all 38 Blackbird Tech patents and applications and then obtain a legal determination that Blackbird Tech’s patents are invalid. Such a determination will end Blackbird’s ability to file or threaten to file abusive patent claims, against us or anyone else.
The patent system exists to reward inventors, so it is no surprise that a patent has to claim something new — an “invention.” Sometimes the United States Patent and Trademark Office (USPTO) — the agency that administers the patent system — mistakenly issues patents that do not claim anything particularly new. The patent examiner may not be aware that the proposed “invention” was already in use in the industry, and the patent applicant (the only party in the process) doesn’t have an incentive to share that information. Often, the USPTO issues patents that are too vague and can later be broadly interpreted by patent owners to cover different and subsequent technologies that could not otherwise Continue reading
Why The Network Is Critical To Digital Transformation
Without a fast network and services that securely deliver apps, digital transformation will grind to a halt.
Cisco Launches Catalyst 9300 series Switches
Today I am going to talk about the new launch of Cisco. Cisco Launches Catalyst switches in 9000 series and they are not Nexus. If you are confused that it is catalyst switches or Nexus Switches, well It is not Nexus Series it is pure Catalyst switches after Cisco Catalyst 6800 switches.
New Launch : Cisco 9300 series switches and these switches are not Nexus switches in case you are confused.
In addition to all the earlier switches, Cisco take a step ahead from other vendors by adding Cisco 9300, Cisco 9400 and Cisco 9500 Switches in their portfolio. These switches are excellent with the high end capabilities and has many new features added. With the help of these high end switches you can granularly expand your network at core, distribution and access layers and with these switches you will have a leverage of cloud based or Next generation solutions.
Cisco already have the following switches in their portfolio and these switches are
With the existing models as shown above, Cisco launches three new catalyst switches series Continue reading
New Launch : Cisco 9300 series switches and these switches are not Nexus switches in case you are confused.
In addition to all the earlier switches, Cisco take a step ahead from other vendors by adding Cisco 9300, Cisco 9400 and Cisco 9500 Switches in their portfolio. These switches are excellent with the high end capabilities and has many new features added. With the help of these high end switches you can granularly expand your network at core, distribution and access layers and with these switches you will have a leverage of cloud based or Next generation solutions.
Cisco already have the following switches in their portfolio and these switches are
- Cisco 2960 Series
- Cisco 3650 Series
- cisco 3750 Series
- Cisco 3850 Series
- Cisco 4500 Series
- Cisco catalyst 6500 series
- Cisco catalyst 6800 series
With the existing models as shown above, Cisco launches three new catalyst switches series Continue reading
Solutions Published for Wireshark Challenges
Johannes Weber published the solutions to his Wireshark challenges. How many did you solve?
Understanding DHCP Snooping and Basic Configurations : Cisco, Juniper and Huawei
Today I am going to talk about the DHCP Snooping concept in this article. There are lot of queries on DHCP Snooping where people want to understand why it has been used in the enterprise network. Some of the questions i will put here.
What is DHCP Snooping?
What is the different between Trusted and un-trusted hosts, Servers and Ports ?
How DHCP Snooping works ?
These are the basic questions on DHCP Snooping, let me take you guys through it.
What is DHCP Snooping?
What is the different between Trusted and un-trusted hosts, Servers and Ports ?
How DHCP Snooping works ?
These are the basic questions on DHCP Snooping, let me take you guys through it.
DHCP Snooping is a feature which told you about the traffic sources and that can be trusted traffic sources or untrusted traffic sources. DHCP snooping ensures that DHCP clients obtain IP addresses from authorised DHCP servers and records mappings between IP addresses and MAC addresses of DHCP clients, preventing DHCP attacks on the network.Trusted sources can be the sources which you already allow in your network but untrusted sources will be an attack. To prevent such types of attacks in the network you can have the DHCP snooping feature which will filters messages and rate-limits traffic from untrusted sources.
If you have a network which includes switches, routers and firewalls all these sources are trusted source as they are Continue reading
More Specifics in BGP
The number of more specific advertisements in the IPv4 Internet is more than 50% of all advertisements, and the comparable picture in IPv6 has more specific advertisements approaching 40% of all network advertisements. It is tempting to label this use of more specifics as part of the trashing of the Internet commons. Individual networks optimise their position by large scale advertising of more specifics, which in turn, creates an incremental cost on all other networks in terms of increased BGP table size and increased overhead of processing BGP updates. The question I’d like to look at here is whether these more specific advertisements represent a significant imposition on everyone else, or whether they are simply unavoidable.General – My Packing List for CLUS and Advice for International First Timers
It’s almost time for Cisco Live in Las Vegas. It’s Friday morning here and I have 95% of the packing done and I leave on Saturday. If this is your first time going to CLUS or even going to the US it can be challenging to know what to pack and if you need to bring cash etc. Here are some of my recommendations for packing. Make a list so that you don’t forget to pack things.
Essentials
Make sure to pack your passport. This is pretty obvious. Hopefully you already made sure that the passport is up to date as well.
I bring a copy of my approved ESTA. This is not mandatory but it’s nice having it there in case a security officer asks you. Depending where you are from you might not be part of the ESTA program.
I always print a copy of my booking for the flight and hotel etc. While not something you need when you have electronic check-in etc. I still like to keep a copy so that I have all of the info about my flight and hotel in case I can’t get on my phone.
Electronic Devices
Bring a power bank. Continue reading
Episode 6 – What I Wish I Had Known
In this episode of Network Collective, the panel takes some time to acknowledge some of the lessons they have learned along the way, and share what from them they wish they had known when they were starting out. Topics range from mentorship, study, technical specialization, job selection, and more. Guest for this episode are Daniel Dib, Denise Donohue, Lindsay Hill, and Mathew Norwood.
Denise Donohue
Guest
Matthew Norwood
Guest
Lindsay Hill
Guest
Daniel Dib
Guest
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post Episode 6 – What I Wish I Had Known appeared first on Network Collective.
Episode 6 – What I Wish I Had Known
In this episode of Network Collective, the panel takes some time to acknowledge some of the lessons they have learned along the way, and share what from them they wish they had known when they were starting out. Topics range from mentorship, study, technical specialization, job selection, and more. Guest for this episode are Daniel Dib, Denise Donohue, Lindsay Hill, and Mathew Norwood.
Denise Donohue
Guest
Matthew Norwood
Guest
Lindsay Hill
Guest
Daniel Dib
Guest
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post Episode 6 – What I Wish I Had Known appeared first on Network Collective.
OpenVPN 2.3.17 on OpenBSD 6.0
On Jun 21, the OpenVPN team released an update for the 2.3.x and 2.4.x branches that resolved some newly discovered security vulnerabilities. The OpenVPN team recommends that users “upgrade to OpenVPN 2.4.3 or 2.3.17 as soon as possible". OpenBSD 6.0-which was released Sep 1 2016 and is still receiving security updates to the base system as per OpenBSD's policy-shipped with a package for OpenVPN 2.3.11. Below you will find a patch and instructions for using the ports system to upgrade to version 2.Nuage Wins SDN and SD-WAN Business with Italian Service Provider
Nuage uses the same SDN controller for both data center and WAN sites.