Archive

Category Archives for "Networking"

Understanding Linux file system types

You may not spend much time contemplating the characteristics of the file systems on your Linux system, but the differences between the various file system types can be both interesting and highly relevant. This article explains commands that you can use to verify your file system types and describes their differences.Commands that report file system types There are a number of Linux commands that will display file system types along with the file system names, mount points and such. Some will also display sizes and available disk space.Using df -Th The df command with the "T" (show file system type) and "h" (use human-friendly sizes) options provides a very useful look at the file systems on a Linux system. Here's an example:To read this article in full, please click here

Network Identity Redefined for Zero Trust Enterprises

Network Identity Redefined for Zero Trust Enterprises

The perimeter of networks is changing and collapsing. In a zero trust network, no one and no thing is trusted from inside or outside of the enterprise network without verification or network access control (NAC). However, for years, organizations have been saddled with bolt-on NAC  technologies that deliver cost complexity while failing to be effective. Instead, security-conscious organizations are shifting to a “microperimeter” enterprise that embeds security into the network infrastructure as the proactive way to defend today’s wider attack surface.

Intel seeks momentum two years into Gelsinger’s turnaround effort

When Pat Gelsinger returned to Intel as its CEO in February 2021, he took over a company that had been battered by mismanagement and weakened by competition.Intel had lost significant ground in process-node development to Taiwanese chipmaker TSMC. While TSMC was making transistors at 7nm, Intel was struggling to get 10nm. AMD was besting Intel in both client and server performance and taking more market share with each passing quarter. Nvidia was on its steady march of domination in the GPU market and gaining mindshare as the ultimate AI processing vendor.To read this article in full, please click here

Intel seeks momentum two years into Gelsinger’s turnaround effort

When Pat Gelsinger returned to Intel as its CEO in February 2021, he took over a company that had been battered by mismanagement and weakened by competition.Intel had lost significant ground in process-node development to Taiwanese chipmaker TSMC. While TSMC was making transistors at 7nm, Intel was struggling to get 10nm. AMD was besting Intel in both client and server performance and taking more market share with each passing quarter. Nvidia was on its steady march of domination in the GPU market and gaining mindshare as the ultimate AI processing vendor.To read this article in full, please click here

Use Existing Device Configurations in netlab

Anne Baretta decided to use netlab to test a proposed DMVPN topology. As netlab doesn’t support DMVPN (and probably never will), he decided to use netlab capabilities to start the lab topology and perform initial configuration, adding DMVPN configuration commands as custom configurations. Here’s how he described the process:

In this case I used netlab as a quick way to get a topology up and running, and then add the DMVPN configuration by hand.

Read more …

Counting current live readers

Once upon a time it was popular to put a counter on your web page, to show how many people had visited the site before you. I thought it be more fun, and less bragging about how long the page has existed, if it just showed who’s reading it now.

As I mentioned in a previous post, I’m learning Rust. My teaching project has been to make this web widget that shows the current number of browsers that that have the page open.

You see this counter here on the blog in the top right.

The idea is pretty simple. Have some javascript open a websocket to a server, and stream down messages with the current count, as it changes. When a client connects or disconnects, inform all other clients of the new total.

This does mean that it needs to keep one TCP connection open per client, which may be too costly for some sites. Especially since I’m putting it behind an nginx, so the machine needs to keep 3x the state.

I’m not logging anything to disk, nor sharing anything between the clients except for the current count. It’s just an amusing publicly visible presence counter.

Actually, because Continue reading

Linking statically, and glibc breaking userspace for fun

glibc is annoyingly eager to break userspace. You can’t just build something that only depends on libc and expect it to work on all linux systems of that architecture.

I don’t know why Linus Torvalds keeps insisting “we do not break userspace” as a policy for the kernel when libc seems to make that exact thing a hobby. And either way the userspace programs break.

Compiling static (including libc) is frowed upon, and has even had known breakages left unaddressed.

E.g. setlocale() had a strange bug where for new threads you had to first set the locale to the wrong locale, and then call it again to set it to the right one. Otherwise the new thread would be in a weird state where the local is wrong, but it thought it’s right, so won’t allow you to change it to what it thought it already was.

I can’t find the bug now (I ran into this around 2004-2005), but the official response was basically “well don’t compile statically, then”.

And DNS can be broken with static glibc. “a statically linked glibc can’t use NSS (Name Service Switch) modules from a different glibc version, so if you statically link Continue reading

Controversial Reads 042223


Tech companies are embedding these deeply flawed models into all sorts of products, from programs that generate code to virtual assistants that sift through our emails and calendars.


On the morning of October 14, 2020, I caught a firsthand glimpse of what it’s like for a traditional media outlet to go up against the vast agglomeration of economic and digital power known as Big Tech—and to do so without the benefit of what economist John Kenneth Galbraith defined as countervailing power.


Former Google CEO Eric Schmidt said that artificial intelligence could hurt American politics and needs to be reined in.


The National Assembly’s decision to greenlight the bill followed months of debate about one section in particular — Article 7 — which permits the use of AI-assisted video surveillance technology by law enforcement during and up to six months after the Games.


Calling a business, civic organization, or even school a family may be well-intended but comes with unintended consequences that do an injustice to the necessary commitments that should be made to our actual families.


If normal means mass layoffs, empty office buildings, confusing return-to-office policies, AI panic, and the whiplash-y feeling that just when employees were Continue reading

Weekend Reads 042123

A new report from analyst firm Omdia suggests operators’ best chance of growth in the consumer market comes from partnering with Big Tech.


In a 2023 survey of cybersecurity leaders, 51% said they believe an AI-based tool like ChatGPT will be used in a successful data breach within the next year.


When folks ask me for an estimate of the cost of building aerial fiber, I always say that the cost is dependent upon the amount of required make-ready needed. Make-ready is well-named – it’s any work that must be done on poles to be ready to string the new fiber.


On 10 February 2023, Reddit announced it suffered a security incident where a phishing campaign led an employee to a website that imitated the network’s intranet gateway.


This video looks at various Kubernetes vulnerabilities and their severity scores to help you understand how to evaluate CVEs so you can prioritize remediation. It also shows different options and sources of CVEs.


It is almost 25 years since the Internet was privatized by the U.S. government. ICANN was formed by Esther Dyson and Jon Postel as a California-based non-profit with the responsibility to administer the Internet.


The series glamourized Continue reading

Heavy Networking 675: Enabling Self-Service Automation & NetDevOps With Itential (Sponsored)

Today’s Heavy Networking podcast explores the concept of NetDevOps with sponsor Itential. The idea behind NetDevOps is to advance your network to the point where it’s self-service; that is, the network you operate can be consumed the way public cloud services are consumed. Our guest is Itential co-founder & CTO Chris Wade.

The post Heavy Networking 675: Enabling Self-Service Automation & NetDevOps With Itential (Sponsored) appeared first on Packet Pushers.

Why I joined Cloudflare as Chief Security Officer

Why I joined Cloudflare as Chief Security Officer
Why I joined Cloudflare as Chief Security Officer

I am absolutely thrilled and feel incredibly blessed to have joined Cloudflare as Chief Security Officer (CSO). Cybersecurity has always been my passion and focus of my career. I am grateful to join such a dynamic and innovative team. Cloudflare is a cybersecurity industry leader and offers unmatched technology that is second to none.

A little about me

I have been a CSO for over 20 years in the financial and private sectors with SVB, HSBC, McAfee, Ameren, and Scottrade. I have been privileged to lead the security teams of some of the world's largest, most complex, and most innovative companies; however, my greatest honor has been working with and collaborating among some of the world's most amazing people. I have learned my dedication, expertise, and passion from my leaders, peers, and teams, which have taught me how to build and lead world-class security programs that protect organizations from the most sophisticated threats. Because security is constantly evolving, the key is, and always will be, to build an active, diverse community of highly empathetic people that will successfully protect the organization.

My charter

As I step into my new role as CSO at Cloudflare, I am excited to take on Continue reading

1 167 168 169 170 171 3,347