In Pursuit of the CCIE

Just a short post to let you know this blog is not dead. I have not written anything in several months. While I have several posts that are partially complete, I have not been able to finish them…..yet.

For the past several months, I have been busy studying for the CCIE Wireless lab exam. Prior to that, I was sort of working towards the CCIE Route/Switch written and lab exam. I wasn’t fully committed, so my studying was sporadic at best. My heart just wasn’t in forcing myself to learn more about IPv6, multicast, MPLS, and some of the other blueprint items.

Somewhere along the line it changed. Maybe it was having another co-worker who was serious in his pursuit of the CCIE Wireless. Maybe it was that my job working for a reseller had me doing more and more Cisco wireless work. Maybe I just liked the fact that wireless was hard. I’m not really sure. I just know that at some point, a switch flipped inside my head and I just decided to go all in on my studies. Honestly, I should have done this years ago, but the timing just didn’t seem right.

I’ve been studying Continue reading

Mellanox to Acquire EZchip, Making a Move Into Router Territory

Mellanox could broaden its data center ambitions with EZchip — and inherit customer deals with Cisco and Juniper.

DataTorrent Partners With Cisco ACI & Microsoft Azure

DataTorrent looks to improve Big Data processing and make adoption of Hadoop easier.

Startup NodePrime decloaks, wants to manage your whole data center

San Francisco-based startup NodePrime wants to be the proverbial single pane of glass that you use to manage your complicated, heavily virtualized data center, the company announced as it exited stealth today with a $7 million seed funding round in the books.The idea is to provide the type of infrastructure management that Google and Facebook use to manage their outsized data centers. But where Google and Facebook have to spend big on custom hardware and elite engineering talent, NodePrime wants to offer the same capabilities as a commodity.+ ALSO ON NETWORK WORLD: Hottest Enterprise Network & Computing Startups of 2015To read this article in full or to leave a comment, please click here

Security Startup Illumio Joins the Docker Parade

Illumio's ASP aims to cover all environments — which of course must include Docker containers.

Startup Radar: Datiphy Watches For Database Dangers

Datiphy monitors database transactions to look for potentially malicious behavior. It builds a baseline of normal activity, and alerts if it detects deviations.

The post Startup Radar: Datiphy Watches For Database Dangers appeared first on Packet Pushers.

Voice hackers can record your voice then use morpher to trick authentication systems

It's easy for someone with potentially malicious intentions to record your voice, as you leave traces of your voice when simply talking somewhere out in public, during mobile phone calls, in videos posted on social networking sites, or even when sending a recorded voice greeting card. Your voice is considered to be unique enough to serve as an authentication of your identity.But after studying the implications of commonplace voice leakage and developing voice impersonation attacks, researchers from the University of Alabama at Birmingham warned that an attacker, in possession of only a very limited number of your voice samples, with "just a few minutes worth of audio of a victim's voice," can clone your voice and could compromise your security, safety, and privacy.To read this article in full or to leave a comment, please click here

Microsoft’s Windows chief Myerson falls short of addressing Windows 10 spying concerns

After a month of stern accusations, including one from yours truly, the chief of Microsoft's Windows group addressed user concerns over privacy and information gathering in a blog post.Since its launch two months ago, Windows 10 has been dogged by a number of privacy concerns, ranging from machine IDs to keylogging to spying on your Cortana queries. Windows 7 and 8 were also drawn into the controversy, as Microsoft back-ported some of its telemetry gathering functions to the older operating systems, and the company was also found to be downloading the multigigabyte installation files to Windows 7 and Windows 8 machines without user permission.To read this article in full or to leave a comment, please click here

21 of the greatest computer quotes ever

He said itImage by Mark GibbsThe world of computers and programming isn’t just a world of algorithms, bits, and coding; it’s also a world of dark, sarcastic and or sardonic humor about the world of computers and programming, by which I mean it’s also recursive (see recursive). Here are arguably (and I’m sure you will argue) 21 of the greatest computer quotes ever. Let the wit begin!To read this article in full or to leave a comment, please click here

CENX Webinar Q&A + Video: NFV is Just the Beginning — Orchestrate the Full Services Lifecycle with LSO

CENX answers post-webinar questions on data services delivery and full services lifecycle orchestration through lifecycle services orchestration (LSO).

AT&T Enhances ‘Network on Demand’ with Juniper, Brocade & Cisco

AT&T spells out some specific vendor contributions, including vCPEs and virtual routers.

Is Apple’s walled garden showing signs of erosion?

Apple has long benefitted from a perception that its devices and the software that powers them are more safe and secure than the competition, but last year's high-profile iCloud hack and a recent large-scale malware attack bring Apple security into question. Earlier this month, Apple suffered a potentially catastrophic security lapse when malicious code injected into a counterfeit version of Xcode, the company's app development toolset, made its way into hundreds (and perhaps thousands) of apps from Chinese developers. The malware affected hugely popular apps, including WeChat, which was eventually pulled from the App Store. Apple failed to detect and stop the malware from entering its "walled garden" and gaining access to an untold number of customers' iOS devices.To read this article in full or to leave a comment, please click here

Breaking free of legacy tech

Rotary Club members who donate $1,000 or more to the Rotary Foundation get a lot of special attention. They are named Paul Harris Fellows in honor of the organization's founder. They receive a certificate and an elegant lapel pin. It's an important award in the Rotary world, and one that has been around since 1957. But recently it had become the source of a lot of unhappiness.When Discover Financial Services set out to expand its offerings beginning in 2007, the company's legacy technology was an obvious impediment, according to executive vice president and CIO Glenn Schneider. "As with many others who've been around for years and have multiple generations of technology in their data centers, the question was, how do we leverage that?" he says. The company's move into the banking business, with IRAs, CDs and many other types of accounts, made its banking platform an obvious choice for an update. "Our mission is to be the leading direct bank and payments platform," Schneider says. "We are all online, so to create competitive differentiation, we felt the necessity to start at the foundation level itself and create a new platform."To read this article in full or Continue reading

2015’s most dangerous celebrity web searches

DJ Armin van BuurenImage by Jorge Mejía PeraltaElectronic Dance Music (EDM) DJ Armin van Buuren replaces comedian and talk show host Jimmy Kimmel as Intel Security’s most dangerous celebrity to search for online. For the ninth year in a row, Intel Security researched popular culture’s most famous people to reveal which of them generates the most dangerous search results.To read this article in full or to leave a comment, please click here

Network security weaknesses plague federal agencies

In the shadow of the recent Office of Personnel Management break-in it likely comes as little surprise to many that the federal government needs to pick up its security game in a big way.This challenge is perhaps reflected best in report this week by watchdogs at the Government Accountability Office that shows despite years of recommendations and billions of dollars spent, most federal agencies remain frighteningly weak when it comes to cybersecurity.To read this article in full or to leave a comment, please click here

Teridion Raises $15M Series B for Cloud Routers on Demand

The startup uses public clouds and virtual routers to speed Internet traffic.

Verisign introduces free, privacy-focused public DNS

When it comes to domain name systems (DNS), there are a lot of choices available. Yesterday, Verisign introduced a free, public Domain Name System (DNS) service that respects users' privacy.I think we're all aware now that much of the information we put into websites is often sold and used for good and bad purposes. We search for certain restaurants and all of sudden we're being pushed coupons for it. We update our LinkedIn profile and now we're being approached about jobs at competing companies. When we purchase an item online with a credit card, the number may be stolen. Even though there are risks, we still do those activities because they make our lives more convenient, and for that we're willing to deal with the consequences.To read this article in full or to leave a comment, please click here

Verifying SSL Certificate Chains

Found this link very useful doing this:

http://www.herongyang.com/Cryptography/OpenSSL-Certificate-Path-Validation-Tests.html

Some useful commands:
Display a certificate:
openssl x509 -in test-cert-top.pem -noout -text

Verify a certificate chain with 2 certificates:
openssl verify -CAfile test-cert-bottom.pem test-cert-middle.pem

Dyreza malware steals IT supply chain credentials

Cyber-criminals using the Dyreza computer trojan appear to be shifting gears from online banking and moving into the industrial supply chain.New versions of Dyreza are configured to steal credentials for order fulfillment, warehousing, inventory management, e-commerce and other IT and supply chain services. This represents a deliberate strategy on the part of attackers to target new industries at all points across the supply chain, researchers from security firm Proofpoint said in a blog post."We suspect a financial motivation," they said. "Once an attacker has obtained login credentials for their targeted systems, the potential to harvest payment information, make fraudulent financial transfers, and even divert physical shipments is immense."To read this article in full or to leave a comment, please click here

Cisco acquires security consultancy

Cisco this week said it intends to purchase Portcullis, a privately held cybersecurity consultancy based in the United Kingdom.Terms of the deal were not disclosed.+MORE ON NETWORK WORLD: Cisco security chief: 4 things CISOs need to survive+ Cisco James Mobley, Cisco vice president of security solutionsTo read this article in full or to leave a comment, please click here