Archive

Category Archives for "Networking"

FBI faces lawsuit because it’s stayed mum on iPhone 5c hack

The FBI’s refusal to reveal how it accessed an iPhone 5c from a San Bernardino mass shooter will face scrutiny in court. USA Today’s parent company and two other news groups have filed a lawsuit against the agency, demanding it turn over the details.In March, the FBI unlocked the passcode-protected iPhone through an unknown third party, for a reportedly large sum that the agency hasn’t officially disclosed.The lack of details prompted USA Today to submit a Freedom of Information Act request to the FBI, regarding the costs paid to the third-party contractor. But in June, the FBI denied the request, claiming that the disclosure could interfere with law enforcement.To read this article in full or to leave a comment, please click here

Tech jobs that will get you the biggest raise next year

The biggest raises in 2017 will go to data scientists, who can expect a 6.4% boost in pay next year. That’s well above the average 3.8% increase that’s predicted for tech workers, according to new data from Robert Half Technology. The recruiting and staffing specialist recently released its annual guide to U.S. tech salaries, which finds IT workers will be getting slightly bigger pay bumps than many other professionals. Across all fields, U.S. starting salaries for professional occupations are projected to increase 3.6% in 2017. The largest gains will occur in tech – where starting salaries for newly hired IT workers are forecast to climb 3.8%.To read this article in full or to leave a comment, please click here

Remote Safe Mode attack defeats Windows 10 pass-the-hash defenses

Microsoft tries to protect user account credentials from theft in Windows 10 Enterprise, and security products detect attempts to pilfer user passwords. But all those efforts can be undone by Safe Mode, according to security researchers.The Safe Mode is an OS diagnostic mode of operation that has existed since Windows 95. It can be activated at boot time and only loads the minimal set of services and drivers that Windows requires to run.This means that most third-party software, including security products, don't start in Safe Mode, negating the protection they otherwise offer. In addition, there are also Windows optional features like the Virtual Secure Module (VSM), which don't run in this mode.To read this article in full or to leave a comment, please click here

Worth Reading: Joining forces against mass collection

Some of the world’s biggest companies and organizations joined forces with Microsoft to fend off the U.S. government’s habitual practice of demanding access to customers’ personal information. Microsoft filed a lawsuit against the U.S. Department of Justice (DOJ) in April, arguing it is unconstitutional to seize computer data from third parties and subsequently issue gag orders so companies cannot notify customers. Now a motley crew of institutions, organizations, and businesses — like Apple, Google, Delta Air Lines, Mozilla, The Washington Post, Fox News, the American Civil Liberties Union, the U.S. Chamber of Commerce — have joined the cause by signing and submitting an amicus brief. —The Stream

LinkedInTwitterGoogle+Facebook

The post Worth Reading: Joining forces against mass collection appeared first on 'net work.

Integrating SRX in Svc Provider Network (Routing and Multi-tenancy Considerations)

Service Providers networks are always have complex requirements of multi-tenancy, routing & security and pose challenges to network architects.  In this blog I will write about SRX integration in Svc Provider Network while highlighting methodologies how to handle challenges of implementing security features with multi-tenancy and routing consideration.srx-in-sp

                                                                               REFERENCE TOPOLOGY

Devices have been classified into following segments based on their role:-

  •  Remote Customer Network (consist of Customer PCs connected to Provide Edge through Customer Edge).
  • Provider Network (Consist of Provider Edge Routers and Provider Back Bone Rout
  • Data Center Network (Consist of Internet Firewall and Server inside Data Center directly connected with Internet Firewall).
  •   Internet Edge (Consist of Internet Router connected with Internet Firewall hence providing internet access to Customer Networks connected with Data Center through provider network).

Traffic flow and security requirements are as under:-

  • Customer 1 Network (PC-1) requires access to Server-1 installed in Data Center and to Public DNS Server reachable via Internet Edge Router.
  • Continue reading

FBI urges ransomware victims to step forward

The FBI has issued a plea for those who have been hit by ransomware to report this to federal law enforcement so that the country can get a better sense of just how bad this problem really is.Ransomware refers to malware that encrypts files on computers or locks users out of their computers, and requests ransom be paid to set files free or allow users to regain access. Such malware, often going by spooky names like Cryptolocker or TeslaCrypt, can be activated by clicking on a web link or even visiting a compromised website, or opening an file in email. One nasty variant even takes your money and still deletes your files.To read this article in full or to leave a comment, please click here

DevOps and the Infrastructure Dumpster Fire

dumpsterfire2

We had a rousing discussion about DevOps at Cloud Field Day this week. The delegates talked about how DevOps was totally a thing and it was the way to go. Being the infrastructure guy, I had to take a bit of umbrage at their conclusions and go on a bit of a crusade myself to defend infrastructure from the predations of developers.

Stable, Boy

DevOps folks want to talk about continuous improvement and continuous development (CI/CD) all the time. They want the freedom to make changes as needed to increase bandwidth, provision ports, and rearrange things to fit development timelines and such. It’s great that they have they thoughts and feelings about how responsive the network should be to their whims, but the truth of infrastructure today is that it’s on the verge of collapse every day of the week.

Networking is often a “best effort” type of configuration. We monkey around with something until it works, then roll it into production and hope it holds. As we keep building more patches on to of patches or try to implement new features that require something to be disabled or bypassed, that creates a house of cards that is only as Continue reading

US bans using Galaxy Note7 phones on planes

The U.S. Department of Transportation has ordered that Samsung Galaxy Note7 smartphones can only be carried by crew and passengers on planes if the phones are switched off and are not connected to charging equipment.The order follows an official recall announced Thursday of 1 million Note7 smartphones by the U.S. Consumer Product Safety Commission, following concerns about faulty batteries in the devices which could overheat and even explode.People can now travel with the smartphones on aircraft only if they disable all applications like alarm clocks that could accidentally activate the phone, protect the power switch to prevent the phone from being inadvertently activated or turned on, and store the device in carry-on baggage or on their person, and not in checked baggage.To read this article in full or to leave a comment, please click here

Buying an iPhone 7 or iPhone 7 Plus may be impossible today

The iPhone 7 is already off to a booming start. Shortly after pre-orders began, Apple's carrier partners were blown away by unprecedented demand. Most notably, T-Mobile said that pre-orders were up 400% relative to the iPhone 6. Just yesterday, T-Mobile CEO John Legere added that the iPhone 7 is now the most pre-ordered device in T-Mobile history. On top of that, Sprint relayed that iPhone 7 pre-orders this year are up an astonishing 375% compared to last year. Suffice it to say, the iPhone 7 may very well set a new weekend sales record, though as we covered earlier, Apple won't be releasing specific sales figures this year.Speaking to the popularity of the iPhone 7, most prospective buyers hoping to walk into an Apple retail store and pick up the iPhone 7 model of their choice may be in for a rude awakening. According to a statement from Apple, all in-store stock of the iPhone 7 Plus and the Jet Black iPhone 7 are already sold out.To read this article in full or to leave a comment, please click here

Don’t pardon Snowden, lawmakers tell Obama

U.S. lawmakers are trying to stifle any hope that National Security Agency leaker Edward Snowden will receive a pardon. On Thursday, the House intelligence committee sent a letter to President Obama urging him to treat Snowden as a criminal.“Mr. Snowden is not a patriot. He is not a whistleblower,” the letter said.The letter was sent amid calls from tech leaders and liberal activists for Obama to pardon Snowden. The campaign, supported by Apple co-founder Steve Wozniak and celebrities including actor Daniel Radcliffe, argues that Snowden sparked an important debate about government mass surveillance.To read this article in full or to leave a comment, please click here

Don’t pardon Snowden, lawmakers tell Obama

U.S. lawmakers are trying to stifle any hope that National Security Agency leaker Edward Snowden will receive a pardon. On Thursday, the House intelligence committee sent a letter to President Obama urging him to treat Snowden as a criminal.“Mr. Snowden is not a patriot. He is not a whistleblower,” the letter said.The letter was sent amid calls from tech leaders and liberal activists for Obama to pardon Snowden. The campaign, supported by Apple co-founder Steve Wozniak and celebrities including actor Daniel Radcliffe, argues that Snowden sparked an important debate about government mass surveillance.To read this article in full or to leave a comment, please click here

Multi-Chassis-Link Aggregation (MC-LAG)

In my earlier blog (Junos High Availability Design Guide) it was discussed how to make use of redundant routing engines by configuring features like (GRES, NSR, NSB)  for reduction of downtime to minimum possible level.

The real problem is that one RE is active at one time and all PFEs must be connected with active RE . In case of failure of primary Routing Engine (RE) the backup RE will take over  and all PFEs now, needs to connect to new primary RE. This scenario can cause momentary disruption of services.

MC-LAG (Active-Active) is correct solution to above described problem as it offers 2 active REs in 2 different devices/ chassis. Important concepts for MC-LAG proper configuration / functionality  are as under:-

  • Inter Chassis Control Protocol. The MC-LAG peers use the Inter-Chassis Control Protocol (ICCP) to exchange control information and coordinate with each other to ensure that data traffic is forwarded properly. ICCP replicates control traffic and forwarding states across the MC-LAG peers and communicates the operational state of the MC-LAG members. It uses TCP as a transport protocol and requires Bidirectional Forwarding Detection (BFD) for fast convergence. Because ICCP uses TCP/IP to communicate between the peers, the two peers must be connected to Continue reading
1 2,338 2,339 2,340 2,341 2,342 3,443