An introduction to JavaScript-based DDoS
CloudFlare protects millions of websites from online threats. One of the oldest and most pervasive attacks launched against websites is the Distributed Denial of Service (DDoS) attack. In a typical DDoS attack, an attacker causes a large number of computers to send data to a server, overwhelming its capacity and preventing legitimate users from accessing it.
In recent years, DDoS techniques have become more diversified: attackers are tricking unsuspecting computers into participating in attacks in new and interesting ways. Last year, we saw what was likely the largest attack in history (>400Gbps) performed using NTP reflection. In this attack, the unsuspecting participants were misconfigured NTP servers worldwide. This year, we’re seeing a disturbing new trend: attackers are using malicious JavaScript to trick unsuspecting web users into participating in DDoS attacks.
The total damage that can be caused by a NTP or DNS reflection attack is limited by the number of vulnerable servers. Over time, this number decreases as networks patch their servers, and the maximum size of the attack is capped at the outbound capacity of all the vulnerable servers. For JavaScript-based DDoS, any computer with a browser can be enrolled in the attack, making the potential attack volume nearly Continue reading
PF_RING Deep Dive with Luca Deri on Software Gone Wild
Whenever software switching nerds get together and start discussing the challenges of high-speed x86-based switching, someone inevitably mentions PF_RING, an open-source library that gives you blazingly fast packet processing performance on a Linux server.
I started recording a podcast with Luca Deri, the author of PF_RING, but we diverted into discussing ntopng, Luca’s network monitoring software. We quickly fixed that and recorded another podcast – this time, it’s all about PF_RING, and we discussed these topics:
Read more ...Why numbering should start at zero?
How does Internet work - We know what is networking
Please note: This has nothing to do with networking in particular! Not if you look from only one perspective. If you look from totally different perspective, with Cisco ACI and all other SDN solutions, you will probably meet with Python programming language (because you will) and then, somewhere in beginning of Python exploration this is the first question that will cross your mind. Of course, if you think like me! Although not directly related to networking, the question bothered me for some time now and the answer is not only really logical when you read it but it is also
VCDX-NV Interview: Jason Nash On The Network Virtualization Career Path
Jason Nash is CTO of Varrow, a VMware Partner based out of the Carolinas. Previous to Varrow he was an enterprise architect for Wachovia’s investment bank. Jason has been in enterprise IT almost 20 years and originally started as a network admin working with Cisco gear. He maintains his Cisco CCNA and CCNP certifications. He is one of only a handful of double VCDX professionals, having completed his VCDX-NV last year.
When did you first start looking at network virtualization?
I started looking at network virtualization three to four years ago. I think before that, when it was just purely Nicira and some of those types of companies and projects, network virtualization was really the domain of the PayPals, the eBays, the Googles. Those types of companies. When VMware acquired Nicira, when Cisco did their Insieme spin-in, we started to see that commercial and traditional enterprise customers were going to have some very good options around network virtualization. We started to weigh our options and we really started to get serious about it over the last 18 months. Network virtualization ramps up right alongside our automation or orchestration practices and projects. So we believe that to do those properly, you Continue reading
Docker Machine Provisioning on AWS
Next up in the docker machine series of integration posts is spinning up some cloud resources on Amazon EC2. The model is the same as previous docker machine posts, boot a VM running as a Docker host, add your cloud credentials for the provider and use your regular docker client commands on the remote Docker host in Amazon. The docker ... The post Docker Machine Provisioning on AWS appeared first on NetworkStatic | Brent Salisbury's Blog....
Using Docker Machine to Provision on Microsoft Azure
Microsoft has done a pretty amazing job with Azure over the years. It has been really cool seeing Microsoft embrace Docker and open source in general like they recently have. This post is a continuation of the series on docker machine provisioning to dev hypervisors, DC infra and cloud providers. If you are new to Azure or don’t have an ... The post Using Docker Machine to Provision on Microsoft Azure appeared first on NetworkStatic | Brent Salisbury's Blog....
Normalizing the Cloud with Docker Machine
Docker machine creates a virtual machine running Docker located in an array of locations that I can then create containers and ship workloads to. The locations and types you can provision to range from the who is who of cloud computing, workstation resources and traditional on prem local resources sitting in the average enterprise DC. What I get from using ... The post Normalizing the Cloud with Docker Machine appeared first on NetworkStatic | Brent Salisbury's Blog....
SDxCentral to Carry Free Live Stream of Inaugural NFV World Congress, May 5-8
The first NFV World Congress kicks off next week! SDxCentral will be streaming live from the event so you can learn all about the latest NFV developments, technologies, and real-world applications.