Archive

Category Archives for "Networking"

Nokia returns to smartphones at long last, but you can’t buy it (and probably don’t want to)

In December, Finland-based HMD Global announced to some fanfare that its first Nokia-branded Android handsets would be landing in early 2017. Less than 10 days into the new year, the first model has already arrived, but those in the U.S. looking to get their hands on the first Nokia phone in years will have to wait a little longer.If the Nokia 6, as HMD is calling it, is any indication of what’s to come from its licensing deal, there isn’t too much to get excited about. Squarely aimed at the budget market, the phone features a 5.5-inch LCD screen, 4GB of RAM, a 16MP camera, 64GB of storage, and a 3,000 mAh battery. Under the screen is a Snapdragon 430 processor, and while the phone does run Nougat, it remains to be seen what kind of skin HMD has applied to it. It will sell for around $250 in an exclusive deal with China’s Jingdong Mall online shop. The My Nokia Blog also also uncovered a commercial for the phone.To read this article in full or to leave a comment, please click here

Russia: US fueling ‘witch hunt’ with election hacking claims

Russia dismissed an intel report claiming that the Kremlin meddled with the U.S. presidential election, saying the accusations were "amateurishly emotional" and driving a "witch-hunt.""There was nothing in this report that deserved to be read in detail," said Kremlin spokesman Dmitry Peskov on Monday, according to the Russian news agency TASS.The U.S. intel report, published on Friday, accused Russian President Vladimir Putin of personally ordering a secret campaign meant to influence last year's presidential election.To read this article in full or to leave a comment, please click here

Russia: US fueling ‘witch hunt’ with election hacking claims

Russia dismissed an intel report claiming that the Kremlin meddled with the U.S. presidential election, saying the accusations were "amateurishly emotional" and driving a "witch-hunt.""There was nothing in this report that deserved to be read in detail," said Kremlin spokesman Dmitry Peskov on Monday, according to the Russian news agency TASS.The U.S. intel report, published on Friday, accused Russian President Vladimir Putin of personally ordering a secret campaign meant to influence last year's presidential election.To read this article in full or to leave a comment, please click here

Turks point to U.S. as source of cyberattacks, but don’t level blame

Figuring out who’s behind cyberattacks is always difficult, and responsible security analysts are reluctant to point fingers without a smoking gun, which seems to be the case with recent disruptions of the power system in Turkey.News sources here and here say the Turkish Energy Ministry blames storms and sabotage of underground power lines for outages around the country. It also says coordinated cyberattacks originating in the United States have been thwarted but also been keeping security teams busy. It doesn’t like the outages directly to the cyberattacks, the sources say.To read this article in full or to leave a comment, please click here

Turks point to U.S. as source of cyberattacks, but don’t level blame

Figuring out who’s behind cyberattacks is always difficult, and responsible security analysts are reluctant to point fingers without a smoking gun, which seems to be the case with recent disruptions of the power system in Turkey.News sources here and here say the Turkish Energy Ministry blames storms and sabotage of underground power lines for outages around the country. It also says coordinated cyberattacks originating in the United States have been thwarted but also been keeping security teams busy. It doesn’t like the outages directly to the cyberattacks, the sources say.To read this article in full or to leave a comment, please click here

Worth Reading: Why did we think anonymity was the problem?

Despite the experimental evidence, the misconception of online anonymity as a primary cause of social problems has stuck. Since the 1980s, anonymity has become an easy villain to blame for whatever fear people hold about social technology, even though lab experiments now point in a different direction. —The Coral Project

The post Worth Reading: Why did we think anonymity was the problem? appeared first on 'net work.

I discussed some IP Mobility solutions including LISP

Couple days ago I discussed some IP Mobility solutions, including LISP (Locator Identity Separation Protocol) with the CCDE students. Basically all IP Mobility solutions work in a similar way. New location of the host Address needs to be learned either via routing system or authoritative server. Host information is called identity and it can be MAC […]

The post I discussed some IP Mobility solutions including LISP appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Container Namespaces – Deep dive into container networking



Of late, there have been various Open source projects to manage networking for containers. Docker implemented "libnetwork". I've written in the past about using Calico with Docker containers. Debugging and low level tweaks to performance isn't easy without an in-depth understanding of how the network stack works for a container. This post tries to explain network namespaces and its role in container networking using default networking that comes out-of-box with docker.

As you probably already know containers use namespaces to isolate resources and rate limit their use. Linux's network namespaces are used to glue container processes and the host networking stack. Docker spawns a container in the containers own network namespace (use the CLONE_NEWNET flag defined in sched.h when calling the clone system call to create a new network namespace for the subprocess) and later on runs a veth pair (a cable with two ends) between the container namespace and the host network stack. If you are new to network namespaces this blog post by Scott gives a quick overview and serves as a good 101 refresher if you are already familiar with these concepts but haven't used them for a while.

Now lets see how to Continue reading

This tool can help weed out hard-coded keys from software projects

A security researcher has developed a tool that can automatically detect sensitive access keys that have been hard-coded inside software projects.The Truffle Hog tool was created by U.S.-based researcher Dylan Ayrey and is written in Python. It searches for hard-coded access keys by scanning deep inside git code repositories for strings that are 20 or more characters and which have a high entropy. A high Shannon entropy, named after American mathematician Claude E. Shannon, would suggest a level of randomness that makes it a candidate for a cryptographic secret, like an access token.Hard-coding access tokens for various services in software projects is considered a security risk because those tokens can be extracted without much effort by hackers. Unfortunately this practice is very common.To read this article in full or to leave a comment, please click here

This tool can help weed out hard-coded keys from software projects

A security researcher has developed a tool that can automatically detect sensitive access keys that have been hard-coded inside software projects.The Truffle Hog tool was created by U.S.-based researcher Dylan Ayrey and is written in Python. It searches for hard-coded access keys by scanning deep inside git code repositories for strings that are 20 or more characters and which have a high entropy. A high Shannon entropy, named after American mathematician Claude E. Shannon, would suggest a level of randomness that makes it a candidate for a cryptographic secret, like an access token.Hard-coding access tokens for various services in software projects is considered a security risk because those tokens can be extracted without much effort by hackers. Unfortunately this practice is very common.To read this article in full or to leave a comment, please click here

Atlassian acquires team-management software vendor Trello

Atlassian, the company behind HipChat and the JIRA software development tool, plans to acquire Trello, a vendor of the eponymous collaborative project management software.The deal will give Atlassian users new ways to organize, discuss and complete their work, Mike Cannon-Brookes, Atlassian's co-founder and co-CEO, wrote in a blog post Monday.  "By adding Trello to the Atlassian family, we're giving teams more choice in the tools they use to support the way that they want to work," he said. Trello will offer "a fun new way for teams to organize the often messy range of information that feeds into great teamwork."To read this article in full or to leave a comment, please click here

Huge spike in ransomed MongoDB installs, doubled to over 27,000 in a day

In the span of a day, the number of MongoDB installations that were erased and replaced with ransom notes has more than doubled, spiking to 27,000 as more cyber thugs jump on the ransom bandwagon. Niall Merrigan It started last week when security researcher Victor Gevers discovered that about 200 MongoDB databases had been erased and held for ransom. By Tuesday, 2,000 databases were effected; the number climbed to 10,500 by Friday and kept climbing. Then the ransomed databases jumped from 12,000 to 27,000, according to security researcher Niall Merrigan.To read this article in full or to leave a comment, please click here

Huge spike in ransomed MongoDB installs, doubled to over 27,000 in a day

In the span of a day, the number of MongoDB installations that were erased and replaced with ransom notes has more than doubled, spiking to 27,000 as more cyber thugs jump on the ransom bandwagon. Niall Merrigan It started last week when security researcher Victor Gevers discovered that about 200 MongoDB databases had been erased and held for ransom. By Tuesday, 2,000 databases were effected; the number climbed to 10,500 by Friday and kept climbing. Then the ransomed databases jumped from 12,000 to 27,000, according to security researcher Niall Merrigan.To read this article in full or to leave a comment, please click here

28% off DryGuy Travel Dry DX Boot and Shoe Dryer – Deal Alert

The DryGuy Travel Dry DX Portable Boot Dryer and Shoe Dryer combines traditional convection drying with forced air to create a hybrid system that dries boots and shoes in less time than it takes most other portable dryers, to help prevent bacteria, fungus, and mildew that causes odors and eventually leads to deterioration. An integrated fan at the front of the DX helps draw fresh air over the thermal heating elements, venting warm air throughout the toe box and removing any moisture. The DryGuy Travel DX features an AC/DC power adaptor which means it works in the home or from the car. It will not damage fragile materials. The DryGuy Travel Dry DX Portable Boot Dryer and Shoe Dryer weighs just 1.25 pounds and fits easily into carry-on luggage. Its typical list price of $32 has been reduced to just $23. See it on Amazon.To read this article in full or to leave a comment, please click here

42% off Mr. Beams Motion-Sensing Stick-Anywhere Nightlight, 3-Pack – Deal Alert

Stick these bright battery-powered lights anywhere indoors or out (they're weather-proof). They'll light up when motion is detected within 15-feet, and shut themselves off after 30 seconds of inactivity. Currently a best-seller on Amazon with 4.5 out of 5 stars from over 4,000 reviewers (read recent reviews). Its typical list price of $26.55 has been slashed 42% down to just $15.49 for a set of three, its lowest price. See the discounted Mr. Beams nightlights at their rock-bottom price on Amazon.To read this article in full or to leave a comment, please click here

The Porcupine Attack: investigating millions of junk requests

We extensively monitor our network and use multiple systems that give us visibility including external monitoring and internal alerts when things go wrong. One of the most useful systems is Grafana that allows us to quickly create arbitrary dashboards. And a heavy user of Grafana we are: at last count we had 645 different Grafana dashboards configured in our system!

grafana=> select count(1) from dashboard;  
 count
-------
   645
(1 row)

This post is not about our Grafana systems though. It's about something we noticed a few days ago, while looking at one of those dashboards. We noticed this:

This chart shows the number of HTTP requests per second handled by our systems globally. You can clearly see multiple spikes, and this chart most definitely should not look like a porcupine! The spikes were large in scale - 500k to 1M HTTP requests per second. Something very strange was going on.

Tracing the spikes1

Our intuition indicated an attack - but our attack mitigation systems didn't confirm it. We'd seen no major HTTP attacks at those times.

It would be bad if we were under such heavy HTTP attack and our mitigation systems didn't notice it. Without more ideas, we Continue reading

1 2,144 2,145 2,146 2,147 2,148 3,493