MKS Instruments falls victim to ransomware attack

The semiconductor equipment maker reported the ransomware incident just a day after national cybersecurity agencies and security experts around the world warned about a global ransomware attack that hit thousands of servers running on VMware ESxi.

Improve BGP Startup Time on Cisco IOS

I like using Cisco IOS for my routing protocol virtual labs¹. It uses a trivial amount of memory² and boots relatively fast. There was just one thing that kept annoying me: Cisco IOS release 15.x takes forever to install local routes in the BGP table and even longer to select the best routes and propagate them³.

I finally found the culprit: bgp update-delay nerd knob. Here’s what the documentation has to say about it:

Improve BGP Startup Time on Cisco IOS

I like using Cisco IOS for my routing protocol virtual labs¹. It uses a trivial amount of memory² and boots relatively fast. There was just one thing that kept annoying me: Cisco IOS release 15.x takes forever to install local routes in the BGP table and even longer to select the best routes and propagate them³.

I finally found the culprit: bgp update-delay nerd knob. Here’s what the documentation has to say about it:

Network Break 416: Ericsson Flogs 5G Network Slicing For Laptops; Microsoft Loads Work Drudgery Onto ChatGPT

On this week's Network Break we examine Ericsson's push for 5G network slicing on laptops, Microsoft injecting ChatGPT into Teams to do the grunt work, financial results from Juniper and Amazon, and more tech news.

The post Network Break 416: Ericsson Flogs 5G Network Slicing For Laptops; Microsoft Loads Work Drudgery Onto ChatGPT appeared first on Packet Pushers.

Network Break 416: Ericsson Flogs 5G Network Slicing For Laptops; Microsoft Loads Work Drudgery Onto ChatGPT

Massive ransomware attack targets VMware ESXi servers worldwide

Cybersecurity agencies globally — including in Italy, France, the US and Singapore — have issued alerts about a ransomware attack targeting the VMware ESXi hypervisor.

Massive ransomware attack targets VMware ESXi servers worldwide

Cybersecurity agencies globally, including in Italy, France, the US and Singapore have issued alerts about a ransomware attack targeting the VMware ESXi hypervisor.Aourva

How Video Telematics Can Help Trucking Industry Overcome Covid, Supply Chain, and Inflation Challenges

IBM denies suggestion that AIX being deprioritized

IBM disputes a report that it has de-emphasized development of its Unix-based AIX operating system by moving development to India and said that it remains committed to the venerable OS.Commentary in The Register said AIX development had been transferred to India with a sub-headline not to expect "any more big AIX news." IBM’s response is that there has always been AIX development in India, and U.S.-based talent remains at work on the Power platform, which runs AIX.“For this transition, every single person that was on my US team on the day that we announced this was mapped to a new role where we needed them to help us next,” said Mark Figley, vice president of IBM Power development. To read this article in full, please click here

IBM denies suggestion that AIX being deprioritized

IBM disputes a report that it has de-emphasized development of its Unix-based AIX operating system by moving development to India and said that it remains committed to the venerable OS.Commentary in The Register said AIX development had been transferred to India with a sub-headline not to expect "any more big AIX news." IBM’s response is that there has always been AIX development in India, and U.S.-based talent remains at work on the Power platform, which runs AIX.“For this transition, every single person that was on my US team on the day that we announced this was mapped to a new role where we needed them to help us next,” said Mark Figley, vice president of IBM Power development. To read this article in full, please click here

Fortinet unveils custom ASIC to boost firewall performance, efficiency

Fortinet is introducing a new ASIC that promises to meld the security and network functions of its core family of FortiGate firewalls more efficiently and powerfully.The custom chip is 7-nanometer package, called fifth-generation security processing system or FortiSP5, that promises a number of performance improvements for the FortiGate system. It enables 17x faster firewall performance and 32x faster encryption processes while using 88% less power compared to standard CPUs, according to John Maddison, executive vice president of products and CMO at Fortinet. With FortiSP5, Fortinet's firewalls will be able to handle higher levels of traffic inspection to block threats and boost protection, according to the vendor.To read this article in full, please click here

Fortinet unveils custom ASIC to boost firewall performance, efficiency

Fortinet is introducing a new ASIC that promises to meld the security and network functions of its core family of FortiGate firewalls more efficiently and powerfully.The custom chip is 7-nanometer package, called fifth-generation security processing system or FortiSP5, that promises a number of performance improvements for the FortiGate system. It enables 17x faster firewall performance and 32x faster encryption processes while using 88% less power compared to standard CPUs, according to John Maddison, executive vice president of products and CMO at Fortinet. With FortiSP5, Fortinet's firewalls will be able to handle higher levels of traffic inspection to block threats and boost protection, according to the vendor.To read this article in full, please click here

Manipulating text with awk, gawk and sed

The awk, gawk and sed commands on Linux are extremely versatile tools for manipulating text, rearranging columns, generating reports and modifying file content.Using awk and gawk To select portions of command output using gawk, you can try commands like those below. The first displays the first field in the output of the date command. The second displays the last field. Since NF represents the number of fields in the command output, $NF represents the value of the last field.$ date | awk '{print $1}' Sat $ date | awk '{print $NF}' 2023 Note that on Linux systems today, awk is usually a symbolic link to gawk, so you can type either command and get the same result. Here's what you'll probably see when you do a long listing of the awk executable:To read this article in full, please click here

Manipulating text with awk, gawk and sed

The awk, gawk and sed commands on Linux are extremely versatile tools for manipulating text, rearranging columns, generating reports and modifying file content.Using awk and gawk To select portions of command output using gawk, you can try commands like those below. The first displays the first field in the output of the date command. The second displays the last field. Since NF represents the number of fields in the command output, $NF represents the value of the last field.$ date | awk '{print $1}' Sat $ date | awk '{print $NF}' 2023 Note that on Linux systems today, awk is usually a symbolic link to gawk, so you can type either command and get the same result. Here's what you'll probably see when you do a long listing of the awk executable:To read this article in full, please click here

Tech Bytes: Enabling Smart Cloud Migration With VMware And Expedient (Sponsored)

Today on the Tech Bytes podcast we’re talking about cloud migration and operating in a multi-cloud environment. We’re sponsored by VMware and we’re speaking with Expedient, a VMware partner. Expedient is also a cloud service provider and runs 14 data centers across the US. Our guest is Bryan Smith, CEO at Expedient.

The post Tech Bytes: Enabling Smart Cloud Migration With VMware And Expedient (Sponsored) appeared first on Packet Pushers.

Tech Bytes: Enabling Smart Cloud Migration With VMware And Expedient (Sponsored)

BrandPost: Can Network as a Service (NaaS) Have Multiple Definitions?

By: Cathy Won, Consultant with eTeam, HPE Aruba Contributor.NaaS is the acronym for Network as a Service. NaaS can have different definitions, depending on whom you ask. At the highest level, NaaS is defined as network infrastructure hardware, software, services, management, and licensing components consumed in a subscription-based or flexible consumption model. NaaS is different from other traditional as a service models that take advantage of cloud and virtualization capabilities because a significant amount of on-premises cabling and distributed networking equipment are required for network connectivity operations. Additionally, organizations may still require WAN interconnections to the cloud which may or may not be included in a NaaS offering. So, is NaaS different than other cloud as a service offerings, like compute and storage?  Are there different NaaS solutions and does the definition vary by implementation? Does NaaS mean completely outsourcing your network infrastructure to a managed service partner?To read this article in full, please click here

OPSWAT mobile hardware offers infrastructure security for the air gap

A new, tablet-sized media scanner boasts a wide range of capabilities for critical infrastructure defense.

OPSWAT mobile hardware offers infrastructure security for the air gap

A new, tablet-sized media scanner boasts a wide range of capabilities for critical infrastructure defense.

Fast and dynamic encoding of Protocol Buffers in Go

Protocol Buffers are a popular choice for serializing structured data due to their compact size, fast processing speed, language independence, and compatibility. There exist other alternatives, including Cap’n Proto, CBOR, and Avro.

Usually, data structures are described in a proto definition file (.proto). The protoc compiler and a language-specific plugin convert it into code:

$ head flow-4.proto
syntax = "proto3";
package decoder;
option go_package = "akvorado/inlet/flow/decoder";

message FlowMessagev4 {

  uint64 TimeReceived = 2;
  uint32 SequenceNum = 3;
  uint64 SamplingRate = 4;
  uint32 FlowDirection = 5;
$ protoc -I=. --plugin=protoc-gen-go --go_out=module=akvorado:. flow-4.proto
$ head inlet/flow/decoder/flow-4.pb.go
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
//      protoc-gen-go v1.28.0
//      protoc        v3.21.12
// source: inlet/flow/data/schemas/flow-4.proto

package decoder

import (
        protoreflect "google.golang.org/protobuf/reflect/protoreflect"

Akvorado collects network flows using IPFIX or sFlow, decodes them with GoFlow2, encodes them to Protocol Buffers, and sends them to Kafka to be stored in a ClickHouse database. Collecting a new field, such as source and destination MAC addresses, requires modifications in multiple places, including the proto definition file and the ClickHouse migration code. Moreover, Continue reading