The Agile Virtual Platform offers NFV as a service.
Last week multiple vulnerabilities were made public in the popular image manipulation software, ImageMagick. These were quickly named ImageTragick. Although a vulnerability in image manipulation software might not seem like a problem for web site owners it is in fact a genuine security concern.
CloudFlare quickly rolled out a WAF rule to protect our customers from this vulnerability. It was automatically deployed for all customers with the WAF enabled. We know that it takes time for customers to upgrade their web server software and so the WAF protects them in the interim.
Many websites allow users to upload images and the websites themselves often manipulate these images using software like ImageMagick. For example, if you upload a picture of yourself to use as an avatar, it will very likely be resized by the website. ImageMagick is very popular and there are plugins that make it easy to use with PHP, Ruby, Node.js and other languages so it is common for websites to use it for image resizing or cropping.
Unfortunately, researchers discovered that it was possible to execute arbitrary code (CVE-2016-3714) by hiding it inside image files that a user uploads. That means an attacker can make Continue reading
The routing protocol has well-known security issues. Here are some ways to mitigate the risk.
Switch ASICs must be opened up to provide real networking flexibility.
On March 9, 章亦春, known to most of us as agentzh, organized the first Bay Area OpenResty Meetup at CloudFlare's San Francisco office.
CloudFlare is a big user of Lua, LuaJIT, NGINX and OpenResty and happy to be able to sponsor Yichun's work on this fast, flexible platform.
The slides and videos from the meetup are now available for viewing by people who were unable to be there in person.
The slides are here.
The slides can be found here
Yichun's slides are here
If you are interested in being present at the next OpenResty Meetup by sure to follow the meetup itself.
One of my ExpertExpress engagements focused on BGP route maps and setting BGP attributes based on BGP communities, so I wanted to brush up my RouteMapFoo before the online session.
Here are a few (not-so-unexpected) results gathered from IOSv release 15.5(3)M.
Read more ...