Archive

Category Archives for "Networking"

Red Hat kicks off annual Summit by leaning dev-wards

Red Hat’s annual summit opened today with the announcement of three new products aimed with uncharacteristic directness at developers, rather than the company’s usual target of IT operations staff.Openshift.io is the company’s free SaaS development environment, specifically designed for cloud-native apps, that lets geographically far-flung teams work together and automatically containerizes code for easy deployment. The environment builds on open source projects like Kubernetes-focused development platform fabric8, IDE Eclipse Che, and automation server Jenkins.+ALSO ON NETWORK WORLD: Red Hat CEO: Open-source innovation is always user-led + Which Linux distros should newbies use?To read this article in full or to leave a comment, please click here

StackStorm: Ghost2logger Pack

Coinciding (roughly) with the version 2.2 release of StackStorm, the Ghost2logger pack has been released.

This pack provides in essence a “Syslog sensor” that provides the user a tuple match on a Syslog entry, tuples in this case being:

  • Syslog Message (Actual syslog message)
    MANDATORY AND
  • Syslog Source (IPv4 address)

The actions can then be anything you so desire, either triggering a sinlge action or full blown workflow with Mistral or Cloudslang.

Getting Started

In terms of using the pack, all that is required from the user is the creation of rules and pointing your syslog source to the Ghost2logger location. Most of the time Ghost2logger will live on the same install as StackStorm, so point it at the IP address StackStorm resides. Worried abut StackStorm load? Don’t be. Syslogs aren’t actually processed by StackStorm, but are processed by the Ghost2logger binary. Only matched entries dispatch triggers. There is some inception going on here. Prepare yourself for this: “Rules will only match what the rules have created the match conditions for”. If you understand this hypothesis correctly, you will understand that this is simple feedback from the rules base back to Ghost2logger.

The pack itself consists of a number Continue reading

Review: More sleep-related devices to help you get more ZZZs

The month of May has been dedicated “Better Sleep Month” by the Better Sleep Council. If you don’t like that group and you prefer to follow the guidelines of the National Sleep Foundation, you just celebrated Sleep Awareness Week (April 23-29, 2017). Either way, there’s no better time to look at some new products that want to help you get a better night’s sleep.I’ve previously written about two other devices – the ASTI Sound+Sleep SE sound machine, which provides 64 different sounds to help provide a white-noise-like effect; and the LIVE sensor by EarlySense, which tracks your heartbeat, breathing, stress levels and sleep stages to give you data about how much (or how little) you’re sleeping.To read this article in full or to leave a comment, please click here

IoT Security Anti-Patterns

IoT Security Anti-Patterns

From security cameras to traffic lights, an increasing amount of appliances we interact with on a daily basis are internet connected. A device can be considered IoT-enabled when the functionality offered by its Embedded System is exposed through an internet connected API.

Internet-of-Things technologies inherit many attack vectors that appear in other internet connected devices, however low-powered hardware-centric nature of embedded systems presents them with unique security threats. Engineers building Internet-of-Things devices must take additional precautions to ensure they do not implement security anti-patterns when addressing new problems, this blog post will investigate four such anti-patterns that have been used by real Internet-of-Things devices.

IoT Security Anti-PatternsAtmel ATMEGA8 Microcontroller Wikimedia Commons - CC BY-SA 3.0

HTTP Pub/Sub

Every time your IoT-enabled alarm clock sounds, you may want it to tell your coffee machine to brew some coffee. In order to do this, your coffee machine may subscribe to messages published by your alarm clock. One such way of doing this is to implement the Publish/Subscribe Pattern within the API of the IoT devices, for this example let's assume our alarm clock and coffee machine communicate through HTTP.

In order to subscribe to messages from the alarm clock, the coffee machine sends Continue reading

Using the Collaborative Security Approach to Address Internet of Things Security Challenges

Two years ago, our “Collaborative Security Approach” proposed a way of tackling Internet security issues based on the fundamental properties of the Internet and the voluntary cooperation and collaboration that’s been prominent throughout the Internet's history. In this post, let us look at each of the five key Collaborative Security characteristics as they apply to security of the Internet of Things (IoT).

Andrei Robachevsky

US bill aims to quash Open Internet Order, prevent its return

A bill introduced Monday by some U.S. senators aims to repeal net neutrality rules under the Federal Communications Commission’s 2015 Open Internet Order, and ban the agency from issuing similar regulations in the future.The legislation aims to give some permanence to recent moves by the Republican-dominated FCC to repeal provisions of the 2015 order. There are concerns that if the FCC at some point comes under the control of Democrats, it will promptly restore the rules under the 2015 Open Internet Order.The Restoring Internet Freedom Act was introduced by Senator Mike Lee, a Republican from Utah, and is cosponsored by eight other Republicans including Ted Cruz, senator for Texas, and Rand Paul, senator for Kentucky.To read this article in full or to leave a comment, please click here

Infosys to hire 10,000 in the US as Trump focuses on local hires

Indian outsourcer Infosys is hiring 10,000 American workers over the next two years, in the wake of a review of U.S. visa rules and an emphasis on local hires by the administration of President Donald Trump.Infosys said Monday it will open four new “Technology and Innovation Hubs” in the U.S., focusing on cutting-edge technologies such as artificial intelligence, machine learning, user experience, emerging digital technologies, cloud, and big data.The first such center is coming up in Indiana in August and is expected to create 2,000 jobs by 2021 for American workers, besides boosting the state economy.The company plans to hire both experienced technology professionals and recent graduates from major universities, and local and community colleges, besides setting up training programs in areas such as user experience, cloud, artificial intelligence, big data and digital offerings, and core technology and computer science skills.To read this article in full or to leave a comment, please click here

Is IT having an identity crisis?

In 2007, Michael Spears became CIO of the National Council on Compensation Insurance. It wasn't the usual promotion. Spears had spent two years as the NCCI's chief data officer, and he kept that role when be became CIO. In his dual capacity, he oversees both the IT department and the data resources division, though they operate as separate entities. Over the years, he says, the CIO and CDO roles have sometimes been held by different people and sometimes by the same person.Spears has taken some ribbing for his CIO role from his colleagues in the data analytics world. "I was just at a data conference where people were making fun of me for being in both roles. They said, 'You can't get lumped in with IT — it's just bits and bytes. You won't be respected for the knowledge you have about data.' But it doesn't have to be that way. It depends where the value is coming from, the skill sets of the leaders, and what's important to the company at that time."To read this article in full or to leave a comment, please click here

SMBs continue to be a target of cybercriminals

Because they don’t see themselves as targets, small-to-midsize businesses (SMB) have for a long time believed that their security programs are good enough. They have a firewall, antivirus, maybe they even use two-factor authentication.The mistake is believing that this is enough because they have nothing of value to an attacker. While they may have a smaller attack surface, they are no less vulnerable than a major enterprise.Not only are small businesses growing as the favored targets for ransomware attacks, they are also the most impacted, with 60 percent shutting down within six months of a breach, according to the US National Cyber Security Alliance.To read this article in full or to leave a comment, please click here

SMBs continue to be a target of cybercriminals

Because they don’t see themselves as targets, small-to-midsize businesses (SMB) have for a long time believed that their security programs are good enough. They have a firewall, antivirus, maybe they even use two-factor authentication.The mistake is believing that this is enough because they have nothing of value to an attacker. While they may have a smaller attack surface, they are no less vulnerable than a major enterprise.Not only are small businesses growing as the favored targets for ransomware attacks, they are also the most impacted, with 60 percent shutting down within six months of a breach, according to the US National Cyber Security Alliance.To read this article in full or to leave a comment, please click here

Red Hat and IBM raise objections to Java 9 modularization

Modularization is slated to be the key feature in Java SE (Standard Edition) 9, due in late July. But Java participants Red Hat and IBM have raised concerns that the base module plan could lead to incompatibilities with applications and enterprise Java.In a recent bulletin, Scott Stark, vice president of architecture for Red Hat’s JBoss group, outlined a litany of issues Red Hat and other Java Executive Committee members have with JSR (Java Specification Request) 376, pertaining to the Java Platform Modular System, a central component of the Project Jigsaw module Java effort.To read this article in full or to leave a comment, please click here

Human weakness enabling financial cybercrime

It may be time for a revision of, “the customer is always right,” at least in the financial sector.That, Boston Police Detective Steven Blair told an audience of bankers at the Boston Fed’s 2017 Cybersecurity Conference on Monday, is because too many banking “customers” are fraudsters, who take advantage of the generally laudable desire of front-line employees to provide good customer service.Attendees had heard Kenneth Montgomery, first vice president and COO of the Boston Fed, say earlier that cybersecurity is now, “the number-one operational and enterprise issue” for the financial sector. He said the worldwide costs of cybercrime are estimated at $3 trillion annually now, and expected to double by 2021.To read this article in full or to leave a comment, please click here

Human weakness enabling financial cybercrime

It may be time for a revision of, “the customer is always right,” at least in the financial sector.That, Boston Police Detective Steven Blair told an audience of bankers at the Boston Fed’s 2017 Cybersecurity Conference on Monday, is because too many banking “customers” are fraudsters, who take advantage of the generally laudable desire of front-line employees to provide good customer service.Attendees had heard Kenneth Montgomery, first vice president and COO of the Boston Fed, say earlier that cybersecurity is now, “the number-one operational and enterprise issue” for the financial sector. He said the worldwide costs of cybercrime are estimated at $3 trillion annually now, and expected to double by 2021.To read this article in full or to leave a comment, please click here

What is VxRail?

One of my readers was considering Dell/EMC hyperconverged solutions and sent me this question:

Just wondering if you have a chance to check out VxRail.

I read the data sheet and spec sheet, but have never seen anyone using it (any real-life experience highly welcome – please write a comment).

Read more ...

Learning Python: Week2 (Printing, Numbers, and Lists) -Part 2

As discussed in last post  ( https://crazyrouters.wordpress.com/2017/02/25/learning-python-kirk-byers-python-course/  ) , i will be sharing the my learning on weekly basis as course continues. This will not only motivate me but also help others who are in phase of learning python 3. Now its time to go for the exercise , already shared the notes related to […]

Vulnerability hits Intel enterprise PCs going back 10 years

Intel is reporting a firmware vulnerability that could let attackers take over remote management functions on computers built over nearly the past decade.The vulnerability, disclosed on Monday, affects features in Intel firmware that are designed for enterprise IT management.  Enterprises using Intel Active Management Technology, Intel Small Business Technology and Intel Standard Manageability on their systems should patch them as soon as possible, the company says.The vulnerable firmware features can be found in some current Core processors and all the way back to Intel's first-generation Core, called Nehalem, which shipped in 2008. They're part of versions 6.0 through 11.6 of Intel's manageability firmware.To read this article in full or to leave a comment, please click here

Vulnerability hits Intel enterprise PCs going back 10 years

Intel is reporting a firmware vulnerability that could let attackers take over remote management functions on computers built over nearly the past decade.The vulnerability, disclosed on Monday, affects features in Intel firmware that are designed for enterprise IT management.  Enterprises using Intel Active Management Technology, Intel Small Business Technology and Intel Standard Manageability on their systems should patch them as soon as possible, the company says.The vulnerable firmware features can be found in some current Core processors and all the way back to Intel's first-generation Core, called Nehalem, which shipped in 2008. They're part of versions 6.0 through 11.6 of Intel's manageability firmware.To read this article in full or to leave a comment, please click here

AMD shares timing for Ryzen 3, mobile chips and Vega GPUs

AMD's Ryzen chips are off to a strong start in desktops, and more chips are coming in the second half of this year.New chips for desktops, called Ryzen 3, will come in the earlier part of the second half, while Ryzen mobile chips -- code-named Raven Ridge -- will come out around the end-of-year holiday season.AMD CEO Lisa Su shared the release schedule during a first-quarter earnings call on Monday. She also said top PC makers will launch desktops with the already shipping Ryzen 5 and 7 chips later this quarter.The Ryzen 3 is expected to be for low-end desktops, while the Ryzen 5 and 7 chips are faster. Late last week, Acer announced its Aspire GX desktop with Ryzen chip options.To read this article in full or to leave a comment, please click here

1 1,794 1,795 1,796 1,797 1,798 3,432