Where to start with Cisco & SourceFire

Since Cisco announced EoX for both it’s traditional IPS and it’s CX-Modules it’s been time to start looking at the new SourceFire modules, however that can be quite an undertaking since SourceFire is a completely different beast from its predecessors. Which raises the question where do you start to begin getting familiar with this new system. […]

Good Enough

catalog-rack
Looking at my desk in the late 1990’s, that little haven where I came in early in the morning, and left ealry’ish in the afternoon, you’d see a catalog rack. Only it wasn’t full of catalogs, it contained a full set of the latest Cisco IOS documentation. We whined when a new version of the docs came out that wouldn’t fit in the catalog racks we already owned, and ordered another one. There was a bookcase on the side which contained the documentation from the last two or three versions of the IOS code, and then every hardware manual I could find. Another stack of books would be lying in a corner, the “quick reference” stuff that wouldn’t fit in one of the catalog racks. All over the walls were pieces of paper, carefully crafted shortcut sheets, shared around the TAC, pinned up. Given the nature of cubicle walls, we either bought special cubicle clips, or we made to do with various sorts of push pins. Just a few years later, the ISO auditors came along and made us throw it all away. Every last scrap. The dumpsters were filled to the max. Extra dumpsters were brought in, and we Continue reading

Worth Reading: NOG World

At the core of every network — the Internet is no exception — there are people getting things done. And where there are people, there are relationships. These people and relationships are formed and cemented through user organizations.

The post Worth Reading: NOG World appeared first on 'net work.

Worth Reading: The Temptation of Data Cake

Yes, we’ve crossed the line from “I might get hacked one day” to “I will absolutely be hacked in the next 24 months”.

via Networking Nerd

The post Worth Reading: The Temptation of Data Cake appeared first on 'net work.

30 – VxLAN/EVPN and Integrated Routing Bridging

VxLAN/EVPN and Integrated Routing Bridging

Summary

As I mentioned in the post 28 – Is VxLAN Control Plane a DCI solution for LAN extension, VxLAN/EVPN is taking a big step forward with its Control Plane and could be used potentially for extending Layer 2 segments across multiple sites. However it is still crucial that we keep in mind some weaknesses and lacks related to DCI purposes.

DCI is not just a layer 2 extension between two or multiple sites. DCI/LAN extension is aiming to offer business continuity and elasticity for the cloud (hybrid cloud). It offers disaster recovery and disaster avoidances services for Enterprise business applications, consequently it must be very robust and efficient. As it concerns on Layer 2 broadcast domain, it is really important to understand the requirement for a solid DCI/LAN extension and how we can leverage the right tools and network services to address some of the shortcomings that rely on the current implementation of VxLAN/EVPN offering a solid DCI solution.

In this article we will examine the integrated anycast L3 gateway available with VxLAN/EVPN MP-BGP control plane, which is one of the key DCI requirements.

Integrated Routing and Bridging

One of the needs for an efficient DCI deployment is the Continue reading

Most Android phones can be hacked with a simple MMS message or multimedia file

The vast majority of Android phones can be hacked by sending them a specially crafted multimedia message (MMS), a security researcher has found.The scary exploit, which only requires knowing the victim’s phone number, was developed by Joshua Drake, vice president of platform research and exploitation at mobile security firm Zimperium.Drake found multiple vulnerabilities in a core Android component called Stagefright that’s used to process, play and record multimedia files. Some of the flaws allow for remote code execution and can be triggered when receiving an MMS message, downloading a specially crafted video file through the browser or opening a Web page with embedded multimedia content.To read this article in full or to leave a comment, please click here

Predicting winners and losers in the EMV rollout

We're just a couple months shy of the big EMV liability shift. That’s when companies that don't accept chip-enabled debit and credit cards take on financial responsibility for hacks and fraud.But who's ready? Who's not? And who will come out ahead when that October 1 deadline rolls around?"We operate a very large, diversified, complex payments ecosystem in the U.S.," says Randy Vanderhoof, director of the EMV Migration Forum. "We have thousands of issuers of payment cards. We have millions of merchant retailers and tens of millions of point of sale devices that all need to be upgraded and changed to support EMV."To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Monday, July 27

Facebook prevails in shareholder lawsuit over IPOYou have to own stock to participate in a shareholder class action lawsuit, an appeals court has ruled, confirming an earlier Manhattan district court ruling. The case brought by Facebook shareholders accused the company of withholding key financial information from the public until after its IPO. Circuit Judge Dennis Jacobs said that because the shareholders weren’t owners of Facebook stock at the time the sales information wasn’t disclosed, they had no legal standing to sue.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Monday, July 27

Broadcom Adds Another 25G/50G Piece for the Data Center

The 50G data center is within reach, Broadcom says.

The Evolving WAN Architecture

Emerging software-defined WAN technologies overcome the limitations of traditional WAN design.

New products of the week 07.27.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.CudaLaunchKey features – CudaLaunch is designed for both mobile workers and IT administrators, with simple end-user features for productivity and easy-to-use management features for administrators. More info. To read this article in full or to leave a comment, please click here

How much do CIOs really make? Pay packages of 25 Fortune 500 execs revealed

Inside CIO paychecksCIO salaries in the U.S. average between $157,000 and $262,500, according to Robert Half Technology. But salary is just the beginning. Cash bonuses and equity awards can propel pay packages into the millions. To find out how much CIOs at giant global companies really earn, we scoured the proxy statements of the 500 largest U.S. companies (according to Fortune's ranking) and found 25 that disclosed CIO pay. Here are the details on their pay packages, organized from lowest to highest paid. If available, compensation for these individuals in prior years is included.To read this article in full or to leave a comment, please click here

Published: New SDN and NFV Materials

Last week I published slide decks for Network Function Virtualization, BGP-Based SDN Solutions and SDN Use Cases webinars – they’re available to subscribers and attendees registered for individual webinars.

Content from all three webinars is part of my SDN workshop – if you’d like to hear a live explanation, register for one of them.

Security – Just Another Risk

I made a conscious decision to move away from full-time information security work. I retain an interest, and try to keep up with developments, but I don’t want to be “the security guy.” There are several reasons for it, but a large part is due to the hype, the bullshit, and general inability for the security industry to act like grown-ups.

The most frustrating part was the inability to properly classify risk. Robert Graham put this eloquently here:

Infosec isn’t a real profession. Among the things missing is proper “risk analysis”. Instead of quantifying risk, we treat it as an absolute. Risk is binary, either there is risk or there isn’t. We respond to risk emotionally rather than rationally, claiming all risk needs to be removed. This is why nobody listens to us. Business leaders quantify and prioritize risk, but we don’t, so our useless advice is ignored.

Security folk often forget that they are just another risk. Yes, it’s a risk shipping the product with that bug. But not shipping at all might be a larger risk to the business. Even complete data breach may or may not be catastrophic to the business – RSA is still Continue reading

US Census Bureau says breach didn’t expose household data

The U.S. Census Bureau said a data breach early last week did not expose survey data it collects on households and businesses.The leak came from a database belonging to the Federal Audit Clearinghouse, which collects audit reports from government agencies and other organizations spending federal grants, wrote John H. Thompson, the Census Bureau’s director, on Friday.The exposed information included the names of people who submitted information, addresses, phone numbers, user names and other data, he wrote.A group calling itself Anonymous Operations posted a link on Twitter leading to four files. The cyberattack was allegedly in protest of the Trans-Pacific Partnership and the Transatlantic Trade and Investment Partnership, two pending trade agreements that have been widely criticized.To read this article in full or to leave a comment, please click here

Security holes in the 3 most popular smart home hubs and Honeywell Tuxedo Touch

At the 2015 Intelligent Defense European Technical Research Conference in June, Tripwire security researcher Craig Young presented Smart Home Invasion and revealed zero-day flaws in the “brains” of Internet of Things platform hubs such as SmartThings hubs, Wink hubs and MiOS Vera. The Wink and Vera products “contained critical remotely exploitable flaws.” Young warned that “if not addressed, smart home flaws can give rise to a new type of ‘smart criminal' able to case victims without being seen. Once a target is chosen, it is possible to unlock doors and disable security monitoring.”To read this article in full or to leave a comment, please click here

Citizens of Tech 011 – Prosthetic Phone Diving

In today’s show, we acknowledge our software overlords, let the cars do the driving, investigate Lego prosthetics, deep dive on diving, and more.

The post Citizens of Tech 011 – Prosthetic Phone Diving appeared first on Packet Pushers.

Citizens of Tech 011 – Prosthetic Phone Diving

In today’s show, we acknowledge our software overlords, let the cars do the driving, investigate Lego prosthetics, deep dive on diving, and more.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks

The post Citizens of Tech 011 – Prosthetic Phone Diving appeared first on Packet Pushers Podcast and was written by Ethan Banks.

[Ubuntu] New Repository for Wireshark

Hi everyone, I'm glad to announce that all the most recent features required to run Wireshark have been built for Ubuntu and are

« Previous 1 … 3,007 3,008 3,009 3,010 3,011 … 3,443 Next »

Archive

VxLAN/EVPN and Integrated Routing Bridging

Summary

Integrated Routing and Bridging

Author information