Say Cheese: a snapshot of the massive DDoS attacks coming from IoT cameras

Over the last few weeks we've seen DDoS attacks hitting our systems that show that attackers have switched to new, large methods of bringing down web applications. They appear to come from the Mirai botnet (and relations) which were responsible for the large attacks against Brian Krebs.

Our automatic DDoS mitigation systems have been handling these attacks, but we thought it would be interesting to publish some of the details of what we are seeing. In this article we'll share data on two attacks, which are perfect examples of the new trends in DDoS.

CC BY 2.0 image by E Magnuson

In the past we've written extensively about volumetric DDoS attacks and how to mitigate them. The Mirai attacks are distinguished by their heavy use of L7 (i.e. HTTP) attacks as opposed to the more familiar SYN floods, ACK floods, and NTP and DNS reflection attacks.

Many DDoS mitigation systems are tuned to handle volumetric L3/4 attacks; in this instance attackers have switched to L7 attacks in an attempt to knock web applications offline.

Seeing the move towards L7 DDoS attacks we put in place a new system that recognizes and blocks these attacks as they happen. The Continue reading

5 Cisco CCIE Myths Debunked

Webscale Raises $12M for Multi-Cloud App Delivery

The company can also monitor apps using machine learning.

The Emergence Of The Full-Stack Engineer

Samsung discontinues Galaxy Note7 after battery debacle

Samsung Electronics has discontinued production of its Galaxy Note7 smartphone, which has been plagued since its introduction in August by battery problems that caused fires and even explosions.The company confirmed Tuesday that it is discontinuing production, a day after it said that it had advised carriers and retail partners worldwide not to sell or exchange the replacement Note7 phones that were intended to solve an issue of overheating batteries in the previous version.U.S. carriers including Verizon, AT&T and T-Mobile announced over the weekend that they would stop the exchange of the smartphone after reports of fires and explosions involving the replacement smartphones, including a report of a Note7 that caught fire on a Southwest Airlines flight. Samsung said last week it was investigating the reports.To read this article in full or to leave a comment, please click here

A breach alone means liability

Rich Santalesa, a programmer turned writer and lawyer, brought an interesting turn of events to my attention last week. We need to pay heed: A litigant can have standing in a U.S. Federal breach case where no personal fraud or identity theft has yet occurred.Usually, a litigant has to have suffered injury—a breech caused them identity theft or other fraudulent activity based upon information released in a security breach. This means if you’re cracked, you can be liable if personally identifiable information is released, exfiltrated, absconded, whatever. It also means that should you believe the axiom that currently most of us are hacked, we’re in for a litigious treat. To read this article in full or to leave a comment, please click here

A breach alone means liability

Rich Santalesa, a programmer turned writer and lawyer, brought an interesting turn of events to my attention last week. We need to pay heed: A litigant can have standing in a U.S. Federal breach case where no personal fraud or identity theft has yet occurred.Usually, a litigant has to have suffered injury—a breech caused them identity theft or other fraudulent activity based upon information released in a security breach. This means if you’re cracked, you can be liable if personally identifiable information is released, exfiltrated, absconded, whatever. It also means that should you believe the axiom that currently most of us are hacked, we’re in for a litigious treat. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Shining a light on LiFi in the enterprise

Even as we increase data rates and network capacity in Wi-Fi with 802.11ac, 11ad and then 11ax, it’s worth keeping an eye on other communication technologies that may become useful in the enterprise. Visible light communication (VLC) is making progress in the background, and while it is barely out of the lab, it may take off in a few years. The startups working with enterprise VLC are adopting the term “LiFi” (although it has—today—no connection with Wi-Fi). Like all new technologies, there are many possibilities—and the number of potential uses is impressive. Applications include vehicle-to-vehicle, underwater communications, streetlamps, aircraft cabins, and industrial uses where Wi-Fi cannot be used due to RF interference.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Shining a light on LiFi in the enterprise

Even as we increase data rates and network capacity in Wi-Fi with 802.11ac, 11ad and then 11ax, it’s worth keeping an eye on other communication technologies that may become useful in the enterprise. Visible light communication (VLC) is making progress in the background, and while it is barely out of the lab, it may take off in a few years. The startups working with enterprise VLC are adopting the term “LiFi” (although it has—today—no connection with Wi-Fi). Like all new technologies, there are many possibilities—and the number of potential uses is impressive. Applications include vehicle-to-vehicle, underwater communications, streetlamps, aircraft cabins, and industrial uses where Wi-Fi cannot be used due to RF interference.To read this article in full or to leave a comment, please click here

The Two Principles Of Troubleshooting

1. Never trust someone else’s configuration.
2. Don’t trust your own configuration.

But in all seriousness. If you’re migrating configuration, this would be a good place to start:

• Check all your IP addresses are consistent.
• Check your masks are consistent.
• Check your interfaces are correct.
• If you’re working with peers, check your IP addresses for the peers are correct.I mean all 4 octets. Not just the last one, or two, or three. ALL FOUR. If it’s v6, then FML. Bite the bullet and write a script.
• Is there a naming convention to follow? There’s a temptation when migrating to stick with the old name, but new devices may require a different convention is adhered to. Reasons for this range from the whimsical to the valid.

If you’re coming up with something new, and it involves addressing new interfaces then start with this:

• First check your IP allocations are correct. By this, I mean check if you have any hierarchy or ordering. For example, do you reserve addresses by site, geographic location or application? If you do, then make sure these are consistent with what you’ve planned.
• Is your addressing valid? i.e: Are the subnets and host addresses you’ve assigned correct? Continue reading

Check Out the Designing Active-Active and Disaster Recovery Data Centers Webinar

The featured webinar in October 2016 is the Designing Active-Active and Disaster Recovery Data Centers webinar, and the featured videos include the discussion of disaster avoidance challenges and the caveats you might encounter with long-distance vMotion. All ipSpace.net subscribers can view these videos, if you’re not one of them yet start with the trial subscription.

As a trial subscriber you can also use this month's featured webinar discount to purchase the webinar.

Supreme Court will hear Samsung, Apple damages dispute on Tuesday

The U.S. Supreme Court is to hear arguments Tuesday in a closely-watched dispute between Samsung Electronics and Apple on the procedure for calculation of damages for the infringement of design patents.In general terms, a design patent protects the way an article looks, while utility patents address the way an article is used and works, according to the U.S. Patent and Trademark Office. Some older Samsung smartphones were found by a jury in 2012 to have infringed three design patents related to the look of the iPhone, including its face and rounded bezel design, and the icon layout on the home screen.To read this article in full or to leave a comment, please click here

Apple shares rise as Samsung’s Galaxy Note 7 woes continue

At the end of the trading day on Monday, shares of Apple were up nearly 1.75% before ultimately closing at $116.05 per share. All told, Apple stock is now trading at levels not seen since December of 2015.Part of the recent upswing in Apple shares can of course be attributed to better than anticipated iPhone 7 demand. Though the iPhone 7 was initially pegged as a lackluster upgrade, consumers on the whole appear to be impressed with the device's new camera and blazing fast hardware. Recall, pre-orders for the iPhone 7 set new records at both Sprint and T-Mobile.Additionally, analyst reports in recent weeks have suggested that many iPhone buyers are opting for the more margin-friendly iPhone 7 Plus, further padding Apple's bottom line in the process.To read this article in full or to leave a comment, please click here

WikiLeaks dumps another trove of email, allegedly from Clinton aide

U.S. accusations that WikiLeaks is helping Russian hackers influence the upcoming election hasn't stopped the controversial website from dumping emails allegedly stolen from a Hillary Clinton aide.On Monday, WikiLeaks released an additional batch of 2,000 emails stolen from Clinton's campaign chairman, John Podesta, which could fuel negative press coverage of her candidacy.This came after the site dumped the first batch of emails last Friday, the same day U.S. intelligence agencies publicly blamed the Russian government for hacking the emails of U.S. officials and political groups earlier this year.To read this article in full or to leave a comment, please click here

WikiLeaks dumps another trove of email, allegedly from Clinton aide

U.S. accusations that WikiLeaks is helping Russian hackers influence the upcoming election hasn't stopped the controversial website from dumping emails allegedly stolen from a Hillary Clinton aide.On Monday, WikiLeaks released an additional batch of 2,000 emails stolen from Clinton's campaign chairman, John Podesta, which could fuel negative press coverage of her candidacy.This came after the site dumped the first batch of emails last Friday, the same day U.S. intelligence agencies publicly blamed the Russian government for hacking the emails of U.S. officials and political groups earlier this year.To read this article in full or to leave a comment, please click here

Potential Apple Watch snooping: a not-so-paranoid cyberespionage risk

It may sound paranoid, but the next time you enter a highly confidential meeting, leave your smart watch behind. It's possible the device could be spying on you.That's what ministers in the U.K. are reportedly being told. They've recently been banned from wearing Apple Watches during cabinet meetings on fears that the devices could be hacked by Russian cyberspies, according to The Telegraph.Mobile phones have already been prohibited from cabinet meetings, but the U.K. government has reportedly taken the extra step of also banning smart watches.To read this article in full or to leave a comment, please click here

Potential Apple Watch snooping: a not-so-paranoid cyberespionage risk

It may sound paranoid, but the next time you enter a highly confidential meeting, leave your smart watch behind. It's possible the device could be spying on you.That's what ministers in the U.K. are reportedly being told. They've recently been banned from wearing Apple Watches during cabinet meetings on fears that the devices could be hacked by Russian cyberspies, according to The Telegraph.Mobile phones have already been prohibited from cabinet meetings, but the U.K. government has reportedly taken the extra step of also banning smart watches.To read this article in full or to leave a comment, please click here

Netcracker Offers an NFV Marketplace and Integration Service

It takes some of the risk out of NFV for service providers.

Worth Reading: Why Google Gadgets are so Cheap

With its newest gadgets, Google will be able to serve up ads that are more personal and even more relevant to everything its users are doing, as it learns more about them with the voice queries made via Google’s answer to Apple’s Siri, Google Assistant. The more it knows you and your habits, the better to pitch its advertising services to the brands that want your dollars and are willing to pay Alphabet to get them. That’s why Google is able to price all its new hardware below or at parity with its rivals. —Market Watch

The post Worth Reading: Why Google Gadgets are so Cheap appeared first on 'net work.

snaproute Go BGP Code Dive (12): Moving to Established

In last week’s post, the new BGP peer we’re tracing through the snaproute BGP code moved from open to openconfirmed by receiving, and processing, the open message. In processing the open message, the list of AFIs this peer will support was built, the hold timer set, and the hold timer started. The next step is to move to established. RFC 4271, around page 70, describes the process as—

If the local system receives a KEEPALIVE message (KeepAliveMsg (Event 26)), the local system:
 - restarts the HoldTimer and
 - changes its state to Established.

In response to any other event (Events 9, 12-13, 20, 27-28), the local system:
 - sends a NOTIFICATION with a code of Finite State Machine Error,
 - sets the ConnectRetryTimer to zero,
 - releases all BGP resources,
 - drops the TCP connection,
 - increments the ConnectRetryCounter by 1,
 - (optionally) performs peer oscillation damping if the DampPeerOscillations attribute is set to TRUE, and
 - changes its state to Idle.

For a bit of review (because this is running so long, you might forget how the state machine works), the way the snaproute code is written is as a state machine. The way the state machine works is Continue reading