Brocade VDX SNMP Changes

Brocade tightened up some SNMP settings with NOS 6.0.x. This improves security, but it also means that you will need to modify your configuration if you upgrade. If you don’t, SNMP won’t work, and you’ll get errors with BNA/Nagios/Cacti/etc. Here’s the changes, and how to get SNMP working with NOS 6.0.x. NB This applies to VDX Data Centre switches. Other product lines have different configuration.

5.x and earlier defaults

NOS 5.x and earlier had default SNMP settings that looked like this:

snmp-server contact "Field Support."
snmp-server location "End User Premise."
snmp-server sys-descr "Brocade VDX Switch."
snmp-server community ConvergedNetwork
snmp-server community OrigEquipMfr rw
snmp-server community "Secret C0de" rw
snmp-server community common
snmp-server community private rw
snmp-server community public
snmp-server user snmpadmin1 groupname snmpadmin
snmp-server user snmpadmin2 groupname snmpadmin
snmp-server user snmpadmin3 groupname snmpadmin
snmp-server user snmpuser1
snmp-server user snmpuser2
snmp-server user snmpuser3

Yeah. Pretty open. So if you’re lazy, and your NMS tried a default discovery string of Continue reading

Ransomware and scammy tech support sites team up for a vicious one-two punch

Symantec has seen a curious fusing of two pernicious online threats, which would cause a big headache if encountered by users.Some websites offering questionable tech support services are also dishing up ransomware, which locks up a users files until they pay a fee to decrypt them.The support scams involve trying to convince users they have a computer problem and then selling them overpriced software or support services to fix it. It's often done via a pop-up message that urges people to call a number or download software.To read this article in full or to leave a comment, please click here

Toy maker VTech says breach hit 6.4 million kids’ accounts

Educational toy maker VTech has said 11.6 million accounts were compromised in a cyberattack last month, including those of 6.4 million children.The total number of accounts affected is nearly double that reported last week by the security news site Motherboard, which interviewed a hacker who claimed credit for the breach.Most of the account holders were in the U.S., including 2.2 million parents and 2.8 million children, VTech said Wednesday in Hong King, where the company is based. France, the U.K., Germany and Canada round out the top five countries hit, VTech said in an updated FAQ.To read this article in full or to leave a comment, please click here

HPE Touts Composable Infrastructure With Synergy

It's not just converged or even hyperconverged. It's composable.

Windows 10 update didn’t remove spying utility, Microsoft just renamed it

One of the services at the heart of Windows 10's user information gathering (otherwise known as spying) that many thought was removed in the latest update to the operating system is, in fact, still there, doing what it always did.The Diagnostics Tracking Service, aka DiagTrack, was one of the main culprits in telemetry and other user activity gathering in Windows 10. It has been identified as a keylogger, although some people dispute that. Given the concerns around spying in Windows 10, just the accusation is damaging enough.See also: Windows 10 update deep dive: Big changes, minor tweaks, and common problems With the release of Build 10586, or Threshold 2, DiagTrack disappeared and there was much rejoicing. However, the white hat hackers at Tweakhound (and confirmed by BetaNews) have discovered that Microsoft merely renamed it to the Connected User Experiences and Telemetry service, which throws people off, along with all the utilities to turn off these services, like DoNotSpy10.To read this article in full or to leave a comment, please click here

Overture Adds an SDN Controller to Ensemble

The new controller is based on OpenDaylight.

Is the Network Virtualization Sector Headed for a Shakeup?

While network virtualization is a key technology, the vendor space is crowded.

HPE & Microsoft Azure Deepen Their Cloud Partnership

Satya Nadella makes an appearance at HPE Discover.

IDG Contributor Network: Why you should lawyer up before a cyberattack

Lawyers advise enterprises to establish preemptive legal protection before suffering a cyberattack. While one might expect lawyers to say that, there are some reasons to take this advice.Namely, a federal district court in Minnesota found in October that "certain documents created during Target's internal investigation of its 2013 payment card breach were protected by the attorney-client privilege and work product doctrine," according to the Cybersecurity Law Report.Investigation The court told Target that it didn't have to produce certain documents that the plaintiffs wanted to see. The reason: they were part of the investigation.To read this article in full or to leave a comment, please click here

Highlight: Get out of the way

The post Highlight: Get out of the way appeared first on 'net work.

AMD pushes Crimson driver fan speed hotfix after reports of overheating Radeon cards

AMD plans to roll out a hotfix on Monday, November 30 for its new Radeon Software Crimson after some users reported their graphics cards were too hot to handle—and not in a good way.A random assortment of AMD GPU users recently reported seeing the fans in their graphics cards locked to a maximum 20 percent speed limit regardless of the load they were under. Some users report their cards being physically damaged after heavy gameplay sessions as a result of the bug. Update: AMD has released a new driver to correct the issue, Crimson Beta 15.11.11. The release notes mention several other tweaks, including bug fixes in Just Cause 3, Call of Duty: Black Ops 3, and Star Wars Battlefront.To read this article in full or to leave a comment, please click here

UK intelligence service GCHQ is on trial for hacking

GCHQ, the British signals intelligence service, is in the dock accused of hacking computers without individual warrants in order to tap communications.The allegations, made by messaging providers and campaign groups GreenNet, RiseUp Networks, Chaos Computer Club and Privacy International, among others, concern the use by the U.K. Government Communications Headquarters of "thematic warrants" to hack computers. They began making their cases to the U.K.'s Investigatory Powers Tribunal in London on Tuesday, in hearings scheduled to run through Friday.GCHQ first admitted to hacking in February following Privacy International's initial legal challenge.To read this article in full or to leave a comment, please click here

Feds drive toward high-tech criminal tracking system standard

Electronic monitoring technologies are not the panacea for tracking criminals many believe they are.The main issue – and it’s a big one – is that such the packages also known as offender tracking systems (OTS) operate and perform with no underlying industry standards for communications or software causing a myriad of problems for law enforcement agencies.+More on Network World: Gartner: Get onboard the algorithm train!An OTS typically consists of hardware, such as an ankle bracelet, used for collecting Global Positioning System (GPS) signals to determine an individual's location, and software for analyzing data collected from the hardware device.To read this article in full or to leave a comment, please click here

Worth Reading: IPv6 Performance

Every so often I hear the claim that some service or other does not support IPv6 not because of some technical issue, or some cost or business issue, but simply because the service operator is of the view that IPv6 offers an inferior level service as compared to IPv4, and by offering the service over IPv6 they would be exposing their clients to an inferior level of performance of the service. via potaroo.net

The post Worth Reading: IPv6 Performance appeared first on 'net work.

Judge strips redactions from NSL, showing info FBI gets without a warrant

A federal judge lifted an 11-year gag order the FBI had imposed on Nicholas Merrill and removed redactions of a National Security Letter (NSL) so Americans can see the overly broad "types of electronic communications transaction records" that the FBI has sought and continues to seek through NSLs.The FBI served the NSL back in 2004 when Nicholas Merrill owned and operated Calyx Internet Access, a small ISP with about 200 customers. After the judge found in favor of Merrill and not the government, Merrill said, "For more than a decade, the FBI has fought tooth and nail in order to prevent me from speaking freely about the NSL I received. Judge Marrero’s decision vindicates the public’s right to know how the FBI uses warrantless surveillance to peer into our digital lives. I hope today’s victory will finally allow Americans to engage in an informed debate about proper the scope [sic] of the government’s warrantless surveillance powers."To read this article in full or to leave a comment, please click here

Security ‘net: Google, Watson, and other thoughts

Encryption, security, and privacy are at the top of our list, it seems. The question is — who really cares about your privacy? Is Google a champion of freedom, or a threat to national sovereignty?

Google is unique in its leadership, plans, and global marketpower to accelerate the majority of all global Web traffic “going dark,” i.e. encrypted by default. Google’s “going dark” leadership seriously threatens to neuter sovereign nations’ law-enforcement and intelligence capabilities to investigate and prevent terrorism and crime going forward.

Or has Google just figured out that encryption is the best way to funnel all the world’s information through their servers so it can be properly indexed and used to its maximum commercial value?

But the truth about where the giants of tech stand on user privacy is another matter entirely. No organizations on earth have exploited users more than Google (GOOGL) and Facebook (FB) have in their zealous quest to boost ad revenues by providing users’ personal data – demographics, searches, email and location, among others – to an ever-growing list of digital advertisers.

Russ’ take: The truth is probably out there someplace, but I doubt it’s as clean cut as either of these articles Continue reading

The Marriage of the Ecosystem

A recent discussion with Greg Ferro (@EtherealMind) of Packet Pushers and Nigel Poulton (@NigelPoulton) of In Tech We Trust got me thinking about product ecosystems. Nigel was talking about his new favorite topic of Docker and containers. He mentioned to us that it had him excited because it felt like the good old days of VMware when they were doing great things with the technology. That’s when I realized that ecosystems aren’t all they are cracked up to be.

Courting Technology

Technology is a huge driver for innovation. New ideas are formed into code that runs to accomplish a task. That code is then disseminated to teams and built upon to create toolsets to accomplish even more tasks. That’s how programs happen. Almost every successful shift in technology starts with the courtship of focused code designed to accomplish a simple task or solve a quick problem.

The courtship evolves over time to include other aspects of technology. Development work extends the codebase to accept things like plugins to provide additional functionality. Not core functions though. The separation comes when people want to add additional pieces without compromising the original program. Bolting additional non-core pieces on Continue reading

VMware NSX Secures Armor’s Customers with Micro-Segmentation

VMware NSX equips Armor with the ability to orchestrate each customer in a cloud-like environment while giving them a threat-tight security wrapper via micro-segmentation from day one. Continue reading

OSPF vs EIGRP for DMVPN

In this post I’m going to look at the characteristics of OSPF and EIGRP when used in a Dynamic Multipoint VPN (DMVPN). I will do my best not to play favorites and instead stick to the facts (yes, I do have a preference :-). To that end I will back everything up with data from my lab. The focus areas of the comparison will be:

• Scalability of the hub router’s control plane
• Overall control plane stability
• Traffic engineering

This post won’t go into any background on how DMVPN works. If you’re not yet familiar with DMVPN, I recommend watching these introductory videos by Brian McGahan. This post also does not do a deep dive on OSPF or EIGRP. I’m making the assumption that you’re already familiar with the different LSA types in OSPF and general functions of EIGRP.

After reading this post you should be able to describe the pros and cons of OSPF and EIGRP in the three areas listed above and incorporate this knowlege into a DMVPN design.

Continue reading

No letup seen in Chinese cyber spying

A deal announced two months ago between China and the U.S. was pitched as bringing an end to economic espionage.But if any business leader thinks that means their organizations are no longer a target, they haven’t been paying attention.That is the unanimous conclusion of a number of experts who have been tracking cyber attacks from China in the two months since Chinese President Xi Jinping and U.S. President Barack Obama announced that, “neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property (IP), including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”To read this article in full or to leave a comment, please click here