CenturyLink will acquire Level 3 Communications in $34B deal

CenturyLink plans to acquire internet backbone company Level 3 Communications in a US$34 billion cash and stock deal that aims to consolidate the networks and customers of the two companies.The combined company, operating in more than 60 countries, will be able to offer CenturyLink's larger enterprise customers the benefits of a larger global presence, and will also be positioned to further invest in the reach and speed of its broadband infrastructure for small businesses and consumers, the companies said.CenturyLink is currently focused on global communications, hosting, cloud, and IT services, offering both network and data systems management with more than 55 data centers in North America, Europe, and Asia. It provides broadband, voice, video, data, and managed services over a 250,000-mile U.S. fiber network and a 300,000-mile international transport network.To read this article in full or to leave a comment, please click here

CenturyLink will acquire Level 3 Communications in $34B deal

CenturyLink plans to acquire internet backbone company Level 3 Communications in a US$34 billion cash and stock deal that aims to consolidate the networks and customers of the two companies.The combined company, operating in more than 60 countries, will be able to offer CenturyLink's larger enterprise customers the benefits of a larger global presence, and will also be positioned to further invest in the reach and speed of its broadband infrastructure for small businesses and consumers, the companies said.CenturyLink is currently focused on global communications, hosting, cloud, and IT services, offering both network and data systems management with more than 55 data centers in North America, Europe, and Asia. It provides broadband, voice, video, data, and managed services over a 250,000-mile U.S. fiber network and a 300,000-mile international transport network.To read this article in full or to leave a comment, please click here

Joomla websites attacked en masse using recently patched exploits

Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week.The flaws allow the creation of accounts with elevated privileges on websites built with the popular Joomla content management system, even if account registration is disabled. They were patched in Joomla 3.6.4, released Tuesday.Hackers didn't waste any time reverse engineering the patches to understand how the two vulnerabilities can be exploited to compromise websites, according to researchers from Web security firm Sucuri.To read this article in full or to leave a comment, please click here

Joomla websites attacked en masse using recently patched exploits

Attackers are aggressively attacking Joomla-based websites by exploiting two critical vulnerabilities patched last week.The flaws allow the creation of accounts with elevated privileges on websites built with the popular Joomla content management system, even if account registration is disabled. They were patched in Joomla 3.6.4, released Tuesday.Hackers didn't waste any time reverse engineering the patches to understand how the two vulnerabilities can be exploited to compromise websites, according to researchers from Web security firm Sucuri.To read this article in full or to leave a comment, please click here

How DNS Works: A Primer

If Linux never was: Imagining an alternate reality without Linux

Ever read a story so depressing, so utterly devoid of happiness, that you wonder why on Earth any fool would take the time to write it down? Just solid sadness beginning to end.This, right here, is one of those stories.This dismal little tale also makes use of what is quite possibly the most over-used (and over-rated) plot device in the history of mankind: the butterfly effect. You know: the notion that a simple little thing can have extreme consequences. A butterfly flaps its wings in Sheboygan, and two days later, a hurricane hits Walla Walla. Because—the butterfly effect. Just a dreadful crutch used by hack writers to move forward a story when they can’t come up with any original ideas.To read this article in full or to leave a comment, please click here

What Haunts IT Pros?

The paranoid user’s guide to Windows 10 privacy

Since its release, a major point of controversy with Windows 10 has been the many ways that it can track your personal activity and gather other data about you. Many people don’t mind sharing personal information in exchange for enabling or enhancing a helpful app or service.To read this article in full or to leave a comment, please click here(Insider Story)

IDG Contributor Network: IT departments becoming ‘obsolete’

Online services and workers choosing the tools they want to work with, rather than employees being dictated to by in-house IT experts, means the IT department’s functions are now primarily redundant, says Japan-based Brother.The printer maker refers to IT departments’ control over technology as “dark days” in its web-based advertorial feature in the British national newspaper the Telegraph in September.To read this article in full or to leave a comment, please click here

IDG Contributor Network: IT departments becoming ‘obsolete’

Online services and workers choosing the tools they want to work with, rather than employees being dictated to by in-house IT experts, means the IT department’s functions are now primarily redundant, says Japan-based Brother.The printer maker refers to IT departments’ control over technology as “dark days” in its web-based advertorial feature in the British national newspaper the Telegraph in September.To read this article in full or to leave a comment, please click here

Beat the bad guys at their own game with SafeBreach’s simulated cyberattacks

The best way to get experience with most jobs or tasks is to do them. It’s difficult to learn how to drive a car without getting behind the wheel. Soldiers need to face the enemy in order to gain combat experience. And IT administrators have to experience and mitigate attacks to learn how to best defend their networks. The problem with these scenarios is that they involve a degree of risk. It’s not all that helpful to learn how to counter a cyberattack if the first one you experience puts your company out of business. That’s where the SafeBreach continuous security validation platform comes in. Deployed as a service, through the cloud or internally, it can show cybersecurity teams exactly where the network vulnerabilities are and how to plug those holes. It can even run wargames so that IT teams can learn the best ways to respond to attacks on their actual networks.To read this article in full or to leave a comment, please click here(Insider Story)

Beat the bad guys at their own game with SafeBreach’s simulated cyberattacks

The best way to get experience with most jobs or tasks is to do them. It’s difficult to learn how to drive a car without getting behind the wheel. Soldiers need to face the enemy in order to gain combat experience. And IT administrators have to experience and mitigate attacks to learn how to best defend their networks.To read this article in full or to leave a comment, please click here(Insider Story)

New products of the week 10.31.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Atlantis Workspace Infrastructure integrated with CitrixKey features: Atlantis integrated workspace infrastructure into the Citrix management suite. The combination of applications, management and infrastructure into a single PaaS solution will lower cost and complexity for managing virtual workspaces. More info.To read this article in full or to leave a comment, please click here

New products of the week 10.31.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Atlantis Workspace Infrastructure integrated with CitrixKey features: Atlantis integrated workspace infrastructure into the Citrix management suite. The combination of applications, management and infrastructure into a single PaaS solution will lower cost and complexity for managing virtual workspaces. More info.To read this article in full or to leave a comment, please click here

GRE over IPSec Tunnel and NAT Between Cisco and VyOS

The goal of this tutorial is to provide a configuration for Cisco and VyOS network devices with configured PAT (Port Address Translation) that connect two remote sides A and B through point-to-point GRE tunnel encapsulated into a IPsec tunnel. In a previous tutorial we proved that GRE tunnels in conjunction with IPsec tunnels transmit multicast traffic while data integrity, authentication and confidentiality was in place. I also provided a simple configuration of GRE, IPsec tunnel and OSPF routing protocol on the Cisco and VyOS routers. In this tutorial I will go further and provide full configuration of  the all network devices including PAT and access-lists.  

Picture 1 - Network Topology

Topology Description - Side A

Each side has a Layer 2 Cisco switch located in a LAN network. A switch connects hosts to its switchports. Each switchport is assigned to a particular VLAN. For instance, a host PC1 is connected to the switch SW1 and the switchport is assigned to a VLAN 100. Hosts in VLAN 100 (subnet 192.168.1.0/24) have guaranteed access to a remote subnet 192.168.2.0/24 via GRE/IPsec tunnel. A NAT access-list configured on a router R1 ensures that IP address of the host in VLAN 100 is not translated by PAT when a destination address is Continue reading

Black Friday isn’t dead in 2016

The Black Friday 2016 headlines are dire:   ”Is Black Friday dead?”  “Black Friday: Is the commercial holiday dying?” ”Black Friday is Dead, Long Live Black Friday” But no, Black Friday isn’t really dead and oodles of computers, smartphones, video game consoles and TVs will be snapped up at bargain prices on Friday, Nov. 25 itself, as well as pre-Thanksgiving, on Thanksgiving Day and on the Saturdays leading up to Christmas. Oh, yeah, even Cyber Monday will grab stragglers on Nov. 28.To read this article in full or to leave a comment, please click here

FBI doesn’t have a warrant to review new emails linked to Clinton investigation

After seeing reports that the Justice Department is “furious” at FBI Director Comey for telling Congress about new emails potentially related to Hillary Clinton’s private email server and if she disclosed classified information, the Clinton campaign “made it personal” and accused Comey of a smear campaign. Comey, ironically the same FBI guy who recommended no criminal charges for Clinton, is now being treated like her enemy.“It is pretty strange to put something like that out with such little information right before an election,” Clinton said during a rally at Daytona Beach on Saturday. “In fact, it’s not just strange; it’s unprecedented and deeply troubling.” She added, “So we’ve called on Directory Comey to explain everything right away, put it all out on the table.”To read this article in full or to leave a comment, please click here

FBI doesn’t have a warrant to review new emails linked to Clinton investigation

After seeing reports that the Justice Department is “furious” at FBI Director Comey for telling Congress about new emails potentially related to Hillary Clinton’s private email server and if she disclosed classified information, the Clinton campaign “made it personal” and accused Comey of a smear campaign. Comey, ironically the same FBI guy who recommended no criminal charges for Clinton, is now being treated like her enemy.“It is pretty strange to put something like that out with such little information right before an election,” Clinton said during a rally at Daytona Beach on Saturday. “In fact, it’s not just strange; it’s unprecedented and deeply troubling.” She added, “So we’ve called on Directory Comey to explain everything right away, put it all out on the table.”To read this article in full or to leave a comment, please click here

It’s time to rein in social media services

If you run a social networking service then the one thing you don’t want to be considered to be is a publisher. As a publisher, you become responsible for whatever your users care to post which means when they post something that’s illegal in any way, you are as liable as the poster to be prosecuted. On the other hand, as a “platform”, where no editorial control is exercised, a social media service is only obliged to act on content when they received a court order or a DMCA takedown notice. Pixabay This distinction between being a publisher and a platform is crucial to the major social media services because the cost of vetting and policing user-generated content would be prohibitively expensive even if it were possible (every minute, Twitter generates 350,000 tweets while in the same window 510 comments are posted, 293,000 statuses are updated, and 136,000 photos are uploaded to Facebook).To read this article in full or to leave a comment, please click here

Hacking forum cuts section allegedly linked to DDoS attacks

An online hackers' forum has deleted a section that allegedly offered paid distributed denial-of-service attacks, following last Friday's massive internet disruption. HackForums.net will be shutting down the "Server Stress Testing" section, the site's admin Jesse "Omniscient" LaBrocca said in a Friday posting. "I do need to make sure that we continue to exist and given the recent events I think it's more important that the section be permanently shut down," he wrote. The section was designed to let members offer so-called stress testing services for websites as a way to check their resiliency. However, security firms claim Hack Forums was actually promoting DDoS-for-hire services that anyone can use to launch cyber attacks.To read this article in full or to leave a comment, please click here