Archive

Category Archives for "Networking"

The weirdest, wackiest and coolest sci/tech stories of 2015

WackyImage by Reuters/ Toby MelvilleIt’s that time of year again when we take a look at some of the most interesting and sometimes silly sci/tech stories of the year. This year we have flame-throwing drones, wicked cool pictures of Pluto and quantum computing advancements to name just a few topics. Take a look.To read this article in full or to leave a comment, please click here

Microsoft extends SmartScreen browsing protection to foil malvertising and exploit kits

Microsoft SmartScreen, the phishing and malware filtering technology built into Internet Explorer, Edge and Windows, has now been updated to block Web-based attacks that silently exploit software vulnerabilities to infect computers.Such attacks are known as drive-by downloads, because they don't require user interaction aside from browsing to a malicious website or a legitimate one that has been compromised.To launch such attacks, hackers use tools known as exploit kits that take advantage of vulnerabilities in the OS, the browser, or popular software like Flash Player, Silverlight and Java.While exploit kits typically target vulnerabilities after they have been patched by software vendors, there have been cases when they've exploited previously unknown flaws that are known in the security industry as zero-days. In addition, the time window between when patches are released and when attackers start targeting the fixed flaws has significantly shrunk in recent years, giving users less time to update.To read this article in full or to leave a comment, please click here

Worth Reading: Troubleshooting video applications

Maybe it’s another sign of experience, aging, cynicism, and/or ego. Lately, I seem to be doing a lot of troubleshooting of application performance problems. “What on earth was the developer thinking?” is becoming a recurrent refrain, at least in my head. This is (I hope) not ego, just a real question about what appears to be a sub-optimal approach. via network computing

The post Worth Reading: Troubleshooting video applications appeared first on 'net work.

IDG Enterprise editors predict IT trends for 2016

As 2015 winds down and we start to focus on 2016, one thing can be predicted quite easily. Analysts, editors and others will start making their own predictions about what we can expect in the upcoming year. We’re no different here at IDG Enterprise – we asked some of the top editors from the IDG enterprise brands (Computerworld, Network World, CIO.com, CSO) to take a few minutes out of their busy day to predict a few trends for enterprise IT in 2016. The video above shows their final predictions, which includes trends in cloud computing, security, the Internet of Things, wireless, big data/analytics, and mobile devices. We even have one prediction about the 2016 presidential election (a campaign issue, not a prediction of who will win).To read this article in full or to leave a comment, please click here

Creating a Cybersecurity Center of Excellence

I’ve been writing about the cybersecurity skills shortage for many years and, unfortunately, things seem to be getting worse. Here are a few data points: According to ESG research, 28% of organizations claim that they have a “problematic shortage” of IT security skills (disclosure: I am an ESG employee).  Job market analytics vendor Burning Glass states that cybersecurity job postings grew 74% from 2007 to 2013, more than twice the growth rate of all IT jobs. Prospective employers posted more than 50,000 jobs requesting Certified Information Systems Security Professional (CISSP) certification. Unfortunately, there are only about 65,000 CISSPs in the world, and many are gainfully employed.  ISC2, the organization that certifies CISSPs believes that there will be a deficit of 1.5 million cybersecurity professionals by 2020. The UK House of Lords is even more bearish, predicting a shortage of 2 million cybersecurity professionals by 2017.  A 2015 report from the Information Systems Audit and Control Association (ISACA) states that 86% of business and IT professionals globally believe there is a shortage of cyber security professionals. In this case, perception is reality.  A Raytheon/National Cyber Security Alliance report indicates that 64% of high school Continue reading

Partial kernel bypass merged into netmap master

In a previous post we described our work on a new netmap mode called single-rx-queue.

After submitting the pull request, the netmap maintainers told us that the patch was interesting, but they would prefer something more configurable instead of a tailored custom mode.

After an exchange of ideas and some more work, our patch just got merged to mainline netmap.

Meet the new netmap

Before our patch netmap used to be an all-or-nothing deal. That is: there was no way to put a network adapter partially in netmap mode. All of the queues would have to be detached from the host network stack. Even a netmap mode called “single ring pair” didn't help.

Our final patch is extended and more generic, while still supporting the simple functionality of our original single-rx-queue mode.

First we modified netmap to leave queues that are not explicitly requested to be in netmap mode attached to the host stack. In this way, if a user requests a pair of rings (for example using nm_open(“netmap:eth0-4”)) it will actually get a reference to both the number 4 RX and TX rings, while keeping the other rings attached to the kernel stack.

But since the NIC is Continue reading

Open source unleashes blockchain’s enterprise potential

Blockchain technology makes cryptocurrency like bitcoin possible, but it has a lot of potential beyond tracking currency transactions. The Linux Foundation wants to tap into that potential and is spearheading a collaborative effort to develop an enterprise-grade open source distributed ledger called Hyperledger.At its core, blockchain is a record-keeping system running across a global network of independent computers. The distributed ledger, which records and verifies transactions, is write-only -- that is, transactions cannot be tampered with or modified after the fact, so virtually anything of value can be tracked and traded using this system.To read this article in full or to leave a comment, please click here

Experience matters

The end of the year always brings about thoughts of what changes should occur in the coming year. If a change of job is in your thoughts, security executives say they look  at prospective employees’ experience before they even take a step through the door. “Certifications are a good shorthand for acquired knowledge, but experience is critical,” said Geoff Webb, vice president of solution strategy for NetIQ, the security portfolio of Micro Focus.  According to Dice’s latest hiring survey, finding highly-skilled tech talent will be a top hiring priority for companies in 2016. A record 78 percent of hiring managers anticipate more hiring in the first half of 2016 compared to the second half of 2015, Dice notes.To read this article in full or to leave a comment, please click here(Insider Story)

All the Best in 2016!

The number of visits to my web site is slowly going down – you’re giving me a very clear signal that it’s time to stop blogging.

I hope you’ll manage to catch at least a few quiet days with your loved ones and I wish you all the best in 2016!

More in 3 weeks or so ;)

Environmental metrics with Cumulus Linux

Custom metrics with Cumulus Linux describes how to extend the set of metrics exported by the sFlow agent and used the export of BGP metrics as an example. This article demonstrates how environmental metrics (power supplies, temperatures, fan speeds etc.) can be exported.

The smonctl command can be used to dump sensor data as JSON formatted text:
cumulus@cumulus$ smonctl -j
[
    {
        "pwm_path": "/sys/devices/soc.0/ffe03100.i2c/i2c-1/1-004d", 
        "all_ok": "1", 
        "driver_hwmon": [
            "fan1"
        ], 
        "min": 2500, 
        "cpld_path": "/sys/devices/ffe05000.localbus/ffb00000.CPLD", 
        "state": "OK", 
        "prev_state": "OK", 
        "msg": null, 
        "input": 8998, 
        "type": "fan", 
        "pwm1": 121, 
        "description": "Fan1", 
        "max": 29000, 
        "start_time": 1450228330, 
        "var": 15, 
        "pwm1_enable": 0, 
        "prev_msg": null, 
        "log_time": 1450228330, 
        "present": "1", 
        "target": 0, 
        "name": "Fan1", 
        "fault": "0", 
        "pwm_hwmon": [
            "pwm1"
        ], 
        "driver_path": "/sys/devices/soc.0/ffe03100.i2c/i2c-1/1-004d", 
        "div": "4", 
        "cpld_hwmon": [
            "fan1"
        ]
    },
    ...
The following Python script, smon_sflow.py, invokes the command, parses the output, and posts a set of custom sFlow metrics: 
#!/usr/bin/env python
import json
import socket
from subprocess import check_output

res = check_output(["/usr/sbin/smonctl","-j"])
smon = json.loads(res)
fan_maxpc = 0
fan_down = 0
fan_up = 0
psu_down = 0
psu_up = 0
temp_maxpc = 0
temp_up = 0
temp_down = 0
for s in smon:
  type = s["type"]
  if(type ==  Continue reading

IoT startup Afero goes end to end for security

Internet of Things startup Afero says it can secure small and large IoT devices with a Bluetooth radio module and a cloud service.Afero's platform is just the latest approach to building an infrastructure that ties together a variety of connected devices. The company says its system can be applied to both the home and enterprise realms of IoT and encrypts data all the way from devices to the cloud.The Internet of Things is widely expected to blossom into billions of devices for consumers, cities and businesses in the next few years. Along with those connected objects in the field, software, networks and analytics will be critical components of IoT. Bringing all those components together may pose a steep challenge for consumer electronics makers, as well as for enterprises that want to reap benefits in efficiency, savings and profits.To read this article in full or to leave a comment, please click here

Over 650 terabytes of data up for grabs due to publicly exposed MongoDB databases

There are at least 35,000 publicly accessible and insecure MongoDB databases on the Internet, and their number appears to be growing. Combined they expose 684.8 terabytes of data to potential theft.This is the result of a scan performed over the past few days by John Matherly, the creator of the Shodan search engine for Internet-connected devices.Matherly originally sounded the alarm about this issue back in July, when he found nearly 30,000 unauthenticated MongoDB instances. He decided to revisit the issue after a security researcher named Chris Vickery recently found information exposed in such databases that was associated with 25 million user accounts from various apps and services, including 13 million users of the controversial OS X optimization program MacKeeper.To read this article in full or to leave a comment, please click here

1 2,889 2,890 2,891 2,892 2,893 3,484