Archive

Category Archives for "Networking"

How to prevent your mobile app from getting hacked

Trivial matter?Image by Steve Traynor/IDGThe average user has around 26 to 55 applications downloaded to his smartphone device. Most likely, you have entertainment and gaming apps, a banking app, a few social media apps, fitness apps, and eCommerce apps to shop at your favorite stores.To read this article in full or to leave a comment, please click here

Trump to order wholesale H-1B reform

President Donald Trump will sign an executive order Tuesday dubbed "Buy American, Hire American" that calls for sweeping reform of the H-1B visa process.Its centerpiece is the replacement of the H-1B lottery with a system that distributes visas on the basis of wages, skills and education."We want to switch away from a random lottery system, in which it's weighted toward the lowest wage workers, towards a system that prioritizes higher skilled, higher paid workers," said a senior administration official, in a background briefing to reporters on the condition that officials not be identified.Such an H-1B reform "would make it much more difficult to use it to replace American workers," the administration official said.To read this article in full or to leave a comment, please click here

How to prevent your mobile app from getting hacked

Trivial matter?Image by Steve Traynor/IDGThe average user has around 26 to 55 applications downloaded to his smartphone device. Most likely, you have entertainment and gaming apps, a banking app, a few social media apps, fitness apps, and eCommerce apps to shop at your favorite stores.To read this article in full or to leave a comment, please click here

VMware NSX Unplugged: Networking Field Day (#NFD15)

Being a product of the 90’s, one of my favorite past times was MTV’s “Unplugged” series. Whether it was Pearl Jam, or 10,000 Maniacs, or Eric Clapton, there was something about the acoustic, raw, uncut nature of the show that drew me in and made me look at  my favorite bands in a new way.

This is much  the same experience we had recently here at VMware, as the folks from Gestalt IT brought Networking Field Day’s traveling band of  IT enthusiasts to our Palo Alto campus. What ensued was 4+ hours of insight, illumination, witty banter, and from time to time, downright theoretical disagreements about things as simple as semantics and nomenclature.

But out of it all came a great show – which just like with MTV Unplugged – was ultimately all that mattered.  So grab your favorite beverage and snack, put on your stereophonic headgear, and listen to the VMware Team as they walk through VMware’s networking strategy, demos and product direction.

VMware NSX Vision and Product Overview with Milin Desai

VMware NSX Technology Overview with Ray Budavari

VMware NSX Automation with Ray Budavari

VMware Security with NSX Micro-Segmentation with Wade Holmes

VMware Day 2 Operations with vRealize Network Insight Continue reading

How to protect against cross-site request forgery attacks

Cross-site request forgery (CSRF) attacks are becoming a more common attack method used by hackers. These attacks take advantage of the trust a website has for a user’s input and browser. The victim is tricked into performing a specific action they were not intending to do on a legitimate website; where they are authenticated to.CSRF attacks will use the identity and privileges that the victim has on the website to impersonate them and perform malicious activity or transactions. Attackers will attempt to take advantage of users who have login cookies stored in their browsers. Ecommerce sites that send cookies to store user authentication data are vulnerable to this attack.To read this article in full or to leave a comment, please click here

How to protect against cross-site request forgery attacks

Cross-site request forgery (CSRF) attacks are becoming a more common attack method used by hackers. These attacks take advantage of the trust a website has for a user’s input and browser. The victim is tricked into performing a specific action they were not intending to do on a legitimate website; where they are authenticated to.CSRF attacks will use the identity and privileges that the victim has on the website to impersonate them and perform malicious activity or transactions. Attackers will attempt to take advantage of users who have login cookies stored in their browsers. Ecommerce sites that send cookies to store user authentication data are vulnerable to this attack.To read this article in full or to leave a comment, please click here

5 Open Source companies to watch in 2017

As if getting venture funding themselves isn't exciting enough for open source-oriented startups, seeing an open source-focused company like Deis get snapped up by Microsoft must be a thrill as well.While it would be more thrilling, perhaps, if Microsoft disclosed how much it paid, I'm sure those in the startup world and their backers have ways of finding out that information. Not that the acquisition path is necessarily the exit route that all of these startups envision for themselves, but such money can obviously talk.To read this article in full or to leave a comment, please click here

Budapest (Hungary): Cloudflare Data Center #111

Hot on the heels of several recent data center additions in Yerevan, Quito, Rome, Kansas City, Belgrade, Curacao, Djibouti and Munich, we are delighted to announce our newest deployment in Budapest, making six million websites even faster and safer across Hungary.

Until today, Hungarian visitors to these Internet properties were principally served out of our Frankfurt data center 1,000 km away, or from Vienna. We are happy to further reduce their latency to over 8 million Internet users.


CC BY 2.0 image by Moyann Brenn

Beautiful Budapest

Budapest is one of the most beautiful cities in the world, with must-see sites such as Halászbástya (Fisherman's Bastion), Az Országház (House of the Nation - The Hungarian Parliament), and the Széchenyi Chain Bridge by the Danube. We love this aerial video with breathtaking views of the city created by Milan Heal (Drone Travel Guides).



We have new facilities in the works across five continents. Watch out for even more additions to our growing network.

-The Cloudflare Team

The Cloudflare network today

Simulating latency and packet loss on a Linux host

Every once and a great while there is a need to simulate bad network behavior.  Simulating things like packet loss and high latency are often harder to do than you’d expect.  However – if you’re dealing with a Linux host – there’s a simple solution.  The ‘tc’ command which comes along with the ‘iproute2’ toolset can help you simulate symptoms of a bad network quite easily.

The tc command offers a lot of functionality but in this post we’re just going to walk through a couple of quick examples of using it in conjunction with the netem (network emulator) included in the Linux kernal .  To do this, we’ll use just use two hosts…

To start with – let’s make sure that ‘tc’ is installed and that it’s working…

user@ubuntu-1:~$ sudo tc qdisc show dev ens32
qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap  1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1
user@ubuntu-1:~$

So what did we just do here? Well we used the tc command to return the current qdisc configuration for our servers physical network interface named ‘ens32’.  So what’s a qdisc?  Qdisc is shorthand for ‘Queue discipline’ and defines the queuing Continue reading

DockerCon 2017 Black Belt Session: Cilium for Network and Application Security

This is a liveblog of the DockerCon 2017 Black Belt session led by Thomas Graf on Cilium, a new startup that focuses on using eBPF and XDP for network and application security.

Graf starts by talking about how BPF (specifically, extended BPF or eBPF) can be used to rethink how the Linux kernel handles network traffic. Graf points out that there is another session by Brendan Gregg on using BPF to do analysis performance and profiling.

Why is it necessary to rethink how networking and security is handled? A lot of it has not evolved as application deployments have evolved from low complexity/low deployment frequency to high complexity/high deployment frequency. Further, the age of unique protocol ports (like SMTP on port 25 or SSH on port 22) is coming to a close, as now many different applications or services simply run over HTTP. This leads to “overloading” the HTTP port and a loss of visibility into which applications are talking over that port. Opening TCP port 80 in a situation like this means potentially exposing more privileges than desired (the example to use other HTTP verbs, like PUT or POST instead of just GET).

Graf quickly moves into a Continue reading

‘Find My iPhone’ foils pickpocket who swiped 100 devices: police

You might think that a pickpocket skilled enough to steal 100 cellphones, pictured above, would also be savvy enough to know that at least the iPhones in that haul carry a means to foil his caper.Then again, you might be giving the crook too much credit.From a story on the website of a Boston television station: A New York man was arrested at the Coachella music festival in Southern California after he was found with more than 100 stolen cellphones, according to Indio police.During the concert festival on Friday, several people noticed their phones were missing and immediately activated the "Find My Phone" feature on their mobile devices.To read this article in full or to leave a comment, please click here

‘Find My iPhone’ foils pickpocket who swiped 100 devices: police

You might think that a pickpocket skilled enough to steal 100 cellphones, pictured above, would also be savvy enough to know that at least the iPhones in that haul carry a means to foil his caper.Then again, you might be giving the crook too much credit.From a story on the website of a Boston television station: A New York man was arrested at the Coachella music festival in Southern California after he was found with more than 100 stolen cellphones, according to Indio police.During the concert festival on Friday, several people noticed their phones were missing and immediately activated the "Find My Phone" feature on their mobile devices.To read this article in full or to leave a comment, please click here

Intel scraps annual IDF event as it looks beyond PCs

After 20 years, Intel is scrapping its marquee annual Intel Developer Forum event, where tech enthusiasts gathered to load up on the chipmaker's news and technologies.IDF started off in 1997 as a small event in Palm Springs, California. The show was later moved to San Francisco and vastly expanded during a boom in the PC market.But with the PC market slowing down, the attraction of IDF has also dwindled. Intel's future isn't tied to PCs but instead to areas like data centers, autonomous cars, modems, the internet of things, and manufacturing. Last year, IDF events were held in San Francisco and Beijing, and neither will happen this year. An event was scheduled this year from Aug. 15 to 17 in San Francisco, according to a calendar for Moscone Convention Center, but it has been canceled.To read this article in full or to leave a comment, please click here

IoT malware clashes in a botnet territory battle

Mirai -- a notorious malware that's been enslaving IoT devices -- has competition.A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things products, with a resiliency that surpasses Mirai, according to security researchers."You can almost call it Mirai on steroids," said Marshal Webb, CTO at BackConnect, a provider of services to protect against distributed denial-of-service (DDoS) attacks.Security researchers have dubbed the rival IoT malware Hajime, and since it was discovered more than six months ago, it's been spreading unabated and creating a botnet. Webb estimates it's infected about 100,000 devices across the globe.    To read this article in full or to leave a comment, please click here

IoT malware clashes in a botnet territory battle

Mirai -- a notorious malware that's been enslaving IoT devices -- has competition.A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things products, with a resiliency that surpasses Mirai, according to security researchers."You can almost call it Mirai on steroids," said Marshal Webb, CTO at BackConnect, a provider of services to protect against distributed denial-of-service (DDoS) attacks.Security researchers have dubbed the rival IoT malware Hajime, and since it was discovered more than six months ago, it's been spreading unabated and creating a botnet. Webb estimates it's infected about 100,000 devices across the globe.    To read this article in full or to leave a comment, please click here