Code reuse exposes over 120 D-Link devices models to hacking

A recently discovered vulnerability in a D-Link network camera that allows attackers to remotely take over the device also exists in more than 120 other D-Link products.The vulnerability was initially discovered a month ago by researchers from security start-up firm Senrio in D-Link DCS-930L, a Wi-Fi enabled camera that can be controlled remotely through a smartphone app.The flaw, a stack overflow, is located in a firmware service called dcp, which listens to commands on port 5978. Attackers can trigger the overflow by sending specifically crafted commands and then can execute rogue code on the system.To read this article in full or to leave a comment, please click here

Code reuse exposes over 120 D-Link devices models to hacking

A recently discovered vulnerability in a D-Link network camera that allows attackers to remotely take over the device also exists in more than 120 other D-Link products.The vulnerability was initially discovered a month ago by researchers from security start-up firm Senrio in D-Link DCS-930L, a Wi-Fi enabled camera that can be controlled remotely through a smartphone app.The flaw, a stack overflow, is located in a firmware service called dcp, which listens to commands on port 5978. Attackers can trigger the overflow by sending specifically crafted commands and then can execute rogue code on the system.To read this article in full or to leave a comment, please click here

PQ Show 85: FD.IO & VPP Open Virtual Switch

Todays Priority Queue episode dives into the FD.IO project and the VPP open virtual switch/router. FD.IO is a Linux Foundation project, with VPP code contributed by Cisco. Ciscos Dave Ward, Dave Barach, and Macek Constantovich join us to get into the all the details. The post PQ Show 85: FD.IO & VPP Open Virtual Switch appeared first on Packet Pushers.

IDG Contributor Network: LoRa-based IoT service helps farm co-ops cultivate more land

Farming is difficult. Farming outside the power grid is close to impossible.For many electric utilities, it’s hard to justify the investment needed to extend the power grid to remote farms. Cellular providers also prefer to build cell towers where there are many customers. On top of that, farmers have little purchasing power individually, making it hard for them to negotiate power and coverage from large utilities and cellular providers.The power of cooperatives Farmers strengthen their bargaining power by forming cooperatives. This enables them to negotiate for more services and better prices. Cooperatives are businesses-owned and controlled by the people who use them—not shareholders. There are nearly 3,000 farmer cooperatives in the U.S. owned by a million farmers and ranchers.To read this article in full or to leave a comment, please click here

IDG Contributor Network: LoRa-based IoT service helps farm co-ops cultivate more land

Farming is difficult. Farming outside the power grid is close to impossible.For many electric utilities, it’s hard to justify the investment needed to extend the power grid to remote farms. Cellular providers also prefer to build cell towers where there are many customers. On top of that, farmers have little purchasing power individually, making it hard for them to negotiate power and coverage from large utilities and cellular providers.The power of cooperatives Farmers strengthen their bargaining power by forming cooperatives. This enables them to negotiate for more services and better prices. Cooperatives are businesses-owned and controlled by the people who use them—not shareholders. There are nearly 3,000 farmer cooperatives in the U.S. owned by a million farmers and ranchers.To read this article in full or to leave a comment, please click here

New Open-Source IPAM + DCIM Tool

My friend Jeremy Stretch wrote an IPAM+DCIM tool for Digital Ocean and open-sourced it. As the tool was designed by networking engineers to manage data center networks (more in Jeremy’s blog post), it might be a better fit than other tools out there. In any case, check it out and let me know how it works.

Boston is nation’s top tech-talent exporter

The San Francisco Bay Area added 120,500 tech jobs in the last five years, for a growth rate of 61.5% percent. Major U.S. cities, generally, all saw double-digit growth in tech employment, according to a new report.There is a fair chance that good number of San Francisco's tech workers came from the Boston area, according this study, 2016 Scoring Tech Talent by CBRE, a real estate services firm.INSIDER 12 habits of successful tech CEO This report puts the nation's tech population at 4.8 million, and says tech employment has grown by about 1 million over the last five years. Of this total, 37% work for tech companies such as Microsoft, Google and Apple. The balance is made up of people employed outside the tech sector, in industries such as banking and healthcare.To read this article in full or to leave a comment, please click here

Antivirus merger: Avast offers $1.3 billion for AVG

Antivirus vendor Avast Software has agreed to buy rival AVG Technologies for US$1.3 billion in cash.The deal will give Avast access to over 400 million "endpoints," or devices running its and AVG's software, 160 million of them phones or tablets, the company said Tuesday.Avast hopes the deal will make the combined company more efficient, as well as allowing it to take advantage of new growth opportunities such as securing the internet of things."This combination is great for our users. We will have over 250 million PC/Mac users enabling us to gather even more threat data to improve the protection to our users," Avast CEO Vincent Stickler wrote on the company blog.To read this article in full or to leave a comment, please click here

Antivirus merger: Avast offers $1.3 billion for AVG

Antivirus vendor Avast Software has agreed to buy rival AVG Technologies for US$1.3 billion in cash.The deal will give Avast access to over 400 million "endpoints," or devices running its and AVG's software, 160 million of them phones or tablets, the company said Tuesday.Avast hopes the deal will make the combined company more efficient, as well as allowing it to take advantage of new growth opportunities such as securing the internet of things."This combination is great for our users. We will have over 250 million PC/Mac users enabling us to gather even more threat data to improve the protection to our users," Avast CEO Vincent Stickler wrote on the company blog.To read this article in full or to leave a comment, please click here

Security Sessions: The state of cloud security

In this episode of Security Sessions, CSO Editor-in-Chief Joan Goodchild chats with Jim Reavis, CEO of the Cloud Security Alliance, about whether enterprises have finally trusted cloud services for their corporate data, and how the Internet of Things could affect cloud security in the future.

The New Strange Behavior for OSPF ‘Redistribute Subnets’

In older IOS Code, there was a specific requirement for redistributing OSPF Subnets. In almost every case, the keyword “subnets” had to be added to the redistribute command.

Older Code Example–

//notice the warning when 'subnets' is omitted
R1(config)#router ospf 1
R1(config-router)#redistribute eigrp 1
% Only classful networks will be redistributed

//and the configuration is stored exactly as it was typed
R1(config-router)#do show run | sec router
router ospf 1
 log-adjacency-changes
 redistribute eigrp 1

//we can change the behavior by adding 'subnets'
R1(config-router)#redistribute eigrp 1 subnets

//after adding, it is stored as one would expect
R1(config-router)#do show run | sec router
router ospf 1
 log-adjacency-changes
 redistribute eigrp 1 subnets

When I tested this in VIRL running 15.6(1S) running inside of IOS XE 3.17, the warning goes away. The question I had is whether it is still relevant or not.

Current Code Example–

//without the 'subnets' keyword
csr1000v-2(config)#router ospf 1
csr1000v-2(config-router)#redistribute eigrp 1
csr1000v-2(config-router)#do show run | sec router
router ospf 1
 redistribute eigrp 1

//with the 'subnets' keyword
csr1000v-2(config-router)#redistribute eigrp 1 subnets
csr1000v-2(config-router)#do show run | sec router
router ospf 1
 redistribute eigrp 1 subnets

I initially spent some time experimenting with this and thought that ‘subnets‘ had Continue reading

Why we use the Linux kernel’s TCP stack

A recent blog post posed the question Why do we use the Linux kernel's TCP stack?. It triggered a very interesting discussion on Hacker News.

I've also thought about this question while working at CloudFlare. My experience mostly comes from working with thousands of production machines here and I can try to answer the question from that perspective.

CC BY 2.0 image by John Vetterli

Let's start with a broader question - what is the point of running an operating system at all? If you planned on running a single application, having to use a kernel consisting of multiple million lines of code may sound like a burden.

But in fact most of us decide to run some kind of OS and we do that for two reasons. Firstly, the OS layer adds hardware independence and easy to use APIs. With these we can focus on writing the code for any machine - not only the specialized hardware we have at the moment. Secondly, the OS adds a time sharing layer. This allows us to run more than one application at a time. Whether it's a second HTTP server or just a bash session, this ability to share resources Continue reading

Building A Network Of Trusted Advisors

A MU-MIMO Reality Check

Overlay Tunneling with Open vSwitch – GRETAP, VXLAN, Geneve, GREoIPsec

Building overlay networks using tunnels was always done to achieve connectivity between isolated networks that needed to share the same policies, VLANs or security domains. In particular, they represent a strong use-case in the data center, where tunnels are created between the hypervisors in different locations allowing virtual machines to be provisioned independently from the physical network.

3 ways to fast-track your journey to the cloud (with podcast and video)

When David Bray arrived in 2013 to lead IT at the Federal Communications Commission, he found a department in a certain amount of disarray.To read this article in full or to leave a comment, please click here(Insider Story)

What cloud security challenges keep CISOs up at night?

Wide awakeImage by Flickr/ Alyssa L. MillerThe cloud is now a mainstream IT platform. Through its unlimited economies of scale and its ability to deliver IT resources dynamically whenever users need them, the cloud’s popularity permeates through businesses of all sizes and industries.To read this article in full or to leave a comment, please click here

Investigation into Hillary Clinton’s personal email system closed without charges

An investigation into the use of a personal email system for official communications by Hillary Clinton, while she was U.S. secretary of state, has been closed with no charges filed, U.S. Attorney General Loretta E. Lynch said Wednesday.The move comes after FBI Director James Comey on Tuesday said he did not recommend bringing charges against her although he described as “extremely careless” the use by her and her aides of unsecured email networks for distribution of  very sensitive, highly classified information.To read this article in full or to leave a comment, please click here

Investigation into Hillary Clinton’s personal email system closed without charges

An investigation into the use of a personal email system for official communications by Hillary Clinton, while she was U.S. secretary of state, has been closed with no charges filed, U.S. Attorney General Loretta E. Lynch said Wednesday.The move comes after FBI Director James Comey on Tuesday said he did not recommend bringing charges against her although he described as “extremely careless” the use by her and her aides of unsecured email networks for distribution of  very sensitive, highly classified information.To read this article in full or to leave a comment, please click here

Kubernetes Extends Its Reach Across Multiple Clouds

The open source project also reaches out to rkt.