Archive

Category Archives for "Networking"

Webcast: Hardening Microservices Security

Microservices is one of the buzz words of the moment. Beyond the buzz, microservices architecture offers a great opportunity for developers to rethink how they design, develop, and secure applications.

On Wednesday, September 21st, 2016 at 10am PT/1pm ET join SANS Technology Institute instructor and courseware author, David Holzer, as well as CloudFlare Solutions Engineer, Matthew Silverlock, as they discuss best practices for adopting and deploying microservices securely. During the session they will cover:

  • How microservices differ from SOA or monolithic architectures
  • Best practices for adopting and deploying secure microservices for production use
  • Avoiding continuous delivery of new vulnerabilities
  • Limiting attack vectors on a growing number of API endpoints
  • Protecting Internet-facing services from resource exhaustion

Don't miss this chance to learn from the pros. Register now!

FBI faces lawsuit because it’s stayed mum on iPhone 5c hack

The FBI’s refusal to reveal how it accessed an iPhone 5c from a San Bernardino mass shooter will face scrutiny in court. USA Today’s parent company and two other news groups have filed a lawsuit against the agency, demanding it turn over the details.In March, the FBI unlocked the passcode-protected iPhone through an unknown third party, for a reportedly large sum that the agency hasn’t officially disclosed.The lack of details prompted USA Today to submit a Freedom of Information Act request to the FBI, regarding the costs paid to the third-party contractor. But in June, the FBI denied the request, claiming that the disclosure could interfere with law enforcement.To read this article in full or to leave a comment, please click here

Tech jobs that will get you the biggest raise next year

The biggest raises in 2017 will go to data scientists, who can expect a 6.4% boost in pay next year. That’s well above the average 3.8% increase that’s predicted for tech workers, according to new data from Robert Half Technology. The recruiting and staffing specialist recently released its annual guide to U.S. tech salaries, which finds IT workers will be getting slightly bigger pay bumps than many other professionals. Across all fields, U.S. starting salaries for professional occupations are projected to increase 3.6% in 2017. The largest gains will occur in tech – where starting salaries for newly hired IT workers are forecast to climb 3.8%.To read this article in full or to leave a comment, please click here

Remote Safe Mode attack defeats Windows 10 pass-the-hash defenses

Microsoft tries to protect user account credentials from theft in Windows 10 Enterprise, and security products detect attempts to pilfer user passwords. But all those efforts can be undone by Safe Mode, according to security researchers.The Safe Mode is an OS diagnostic mode of operation that has existed since Windows 95. It can be activated at boot time and only loads the minimal set of services and drivers that Windows requires to run.This means that most third-party software, including security products, don't start in Safe Mode, negating the protection they otherwise offer. In addition, there are also Windows optional features like the Virtual Secure Module (VSM), which don't run in this mode.To read this article in full or to leave a comment, please click here

Integrating SRX in Svc Provider Network (Routing and Multi-tenancy Considerations)

Service Providers networks are always have complex requirements of multi-tenancy, routing & security and pose challenges to network architects.  In this blog I will write about SRX integration in Svc Provider Network while highlighting methodologies how to handle challenges of implementing security features with multi-tenancy and routing consideration.srx-in-sp

                                                                               REFERENCE TOPOLOGY

Devices have been classified into following segments based on their role:-

  •  Remote Customer Network (consist of Customer PCs connected to Provide Edge through Customer Edge).
  • Provider Network (Consist of Provider Edge Routers and Provider Back Bone Rout
  • Data Center Network (Consist of Internet Firewall and Server inside Data Center directly connected with Internet Firewall).
  •   Internet Edge (Consist of Internet Router connected with Internet Firewall hence providing internet access to Customer Networks connected with Data Center through provider network).

Traffic flow and security requirements are as under:-

  • Customer 1 Network (PC-1) requires access to Server-1 installed in Data Center and to Public DNS Server reachable via Internet Edge Router.
  • Continue reading

FBI urges ransomware victims to step forward

The FBI has issued a plea for those who have been hit by ransomware to report this to federal law enforcement so that the country can get a better sense of just how bad this problem really is.Ransomware refers to malware that encrypts files on computers or locks users out of their computers, and requests ransom be paid to set files free or allow users to regain access. Such malware, often going by spooky names like Cryptolocker or TeslaCrypt, can be activated by clicking on a web link or even visiting a compromised website, or opening an file in email. One nasty variant even takes your money and still deletes your files.To read this article in full or to leave a comment, please click here

DevOps and the Infrastructure Dumpster Fire

dumpsterfire2

We had a rousing discussion about DevOps at Cloud Field Day this week. The delegates talked about how DevOps was totally a thing and it was the way to go. Being the infrastructure guy, I had to take a bit of umbrage at their conclusions and go on a bit of a crusade myself to defend infrastructure from the predations of developers.

Stable, Boy

DevOps folks want to talk about continuous improvement and continuous development (CI/CD) all the time. They want the freedom to make changes as needed to increase bandwidth, provision ports, and rearrange things to fit development timelines and such. It’s great that they have they thoughts and feelings about how responsive the network should be to their whims, but the truth of infrastructure today is that it’s on the verge of collapse every day of the week.

Networking is often a “best effort” type of configuration. We monkey around with something until it works, then roll it into production and hope it holds. As we keep building more patches on to of patches or try to implement new features that require something to be disabled or bypassed, that creates a house of cards that is only as Continue reading

US bans using Galaxy Note7 phones on planes

The U.S. Department of Transportation has ordered that Samsung Galaxy Note7 smartphones can only be carried by crew and passengers on planes if the phones are switched off and are not connected to charging equipment.The order follows an official recall announced Thursday of 1 million Note7 smartphones by the U.S. Consumer Product Safety Commission, following concerns about faulty batteries in the devices which could overheat and even explode.People can now travel with the smartphones on aircraft only if they disable all applications like alarm clocks that could accidentally activate the phone, protect the power switch to prevent the phone from being inadvertently activated or turned on, and store the device in carry-on baggage or on their person, and not in checked baggage.To read this article in full or to leave a comment, please click here

Buying an iPhone 7 or iPhone 7 Plus may be impossible today

The iPhone 7 is already off to a booming start. Shortly after pre-orders began, Apple's carrier partners were blown away by unprecedented demand. Most notably, T-Mobile said that pre-orders were up 400% relative to the iPhone 6. Just yesterday, T-Mobile CEO John Legere added that the iPhone 7 is now the most pre-ordered device in T-Mobile history. On top of that, Sprint relayed that iPhone 7 pre-orders this year are up an astonishing 375% compared to last year. Suffice it to say, the iPhone 7 may very well set a new weekend sales record, though as we covered earlier, Apple won't be releasing specific sales figures this year.Speaking to the popularity of the iPhone 7, most prospective buyers hoping to walk into an Apple retail store and pick up the iPhone 7 model of their choice may be in for a rude awakening. According to a statement from Apple, all in-store stock of the iPhone 7 Plus and the Jet Black iPhone 7 are already sold out.To read this article in full or to leave a comment, please click here