Arista Adds New Hyperscale, Enterprise Switches To Its 400G Portfolio
Arista Networks announced four new switches in its 400G portfolio. Two are aimed at the hyperscale/cloud crowd, and two are intended for enterprise data centers. The new switches promise greater port density than previous generations, and better power efficiency. The hyperscale switches are built around Broadcom’s Tomahawk-4 silicon, which delivers 25.6Tbps of throughput. They include […]
The post Arista Adds New Hyperscale, Enterprise Switches To Its 400G Portfolio appeared first on Packet Pushers.
Fixing Recent Validation Vulnerabilities in OctoRPKI
A number of vulnerabilities in Resource Public Key Infrastructure (RPKI) validation software were disclosed in a recent NCSC advisory, discovered by researchers from the University of Twente. These attacks abuse a set of assumptions that are common across multiple RPKI implementations, and some of these issues were discovered within OctoRPKI. More details about the disclosed vulnerabilities can be found in this RIPE labs article written by one of the researchers. In response, we published a new release of OctoRPKI, v1.4.0, to address and remediate these vulnerabilities.
Cloudflare customers do not have to take any action to protect themselves from these newly discovered vulnerabilities, and no Cloudflare customer data was ever at risk.
We have not seen any attempted exploitation of these vulnerabilities described in the advisory. We use OctoRPKI to perform Border Gateway Protocol (BGP) route validation so that our routers know where to direct IP packets at Layer 3 of the TCP/IP stack. TLS provides additional security at the TCP layer to ensure the integrity and confidentiality of customer data going over the Internet in the event of BGP hijacking.
RPKI and the discovered vulnerabilities
Resource Public Key Infrastructure (RPKI) is a cryptographic method of Continue reading
Heavy Networking 606: Dealing With DNS And Domain Name Abuse
The DNS Abuse Institute is a community effort to develop solutions to DNS-related problems including malware, botnets, phishing, pharming, and spam. On today's show we speak with its Director, Graeme Bunton, about the institute and its work, and the challenges of dealing with malicious actors that exploit DNS and domain names.Heavy Networking 606: Dealing With DNS And Domain Name Abuse
The DNS Abuse Institute is a community effort to develop solutions to DNS-related problems including malware, botnets, phishing, pharming, and spam. On today's show we speak with its Director, Graeme Bunton, about the institute and its work, and the challenges of dealing with malicious actors that exploit DNS and domain names.
The post Heavy Networking 606: Dealing With DNS And Domain Name Abuse appeared first on Packet Pushers.
The IT Talent Crisis: 2 Ways to Hire and Retain
IT workers are in high demand, especially those in cybersecurity, DevOps, and analytics. Harvey Nash and CompTIA have recommendations on how to hire and retain talent in this tight labor market.
The Process Will Save You
I had the opportunity to chat with my friend Chris Marget (@ChrisMarget) this week for the first time in a long while. It was good to catch up with all the things that have been going on and reminisce about the good old days. One of the topics that came up during our conversation was around working inside big organizations and the way that change processes are built.
I worked at IBM as an intern 20 years ago and the process to change things even back then was arduous. My experience with it was the deployment procedures to set up a new laptop. When I arrived the task took an hour and required something like five reboots. By the time I left we had changed that process and gotten it down to half an hour and only two reboots. However, before we could get the new directions approved as the procedure I had to test it and make sure that it was faster and produced the same result. I was frustrated but ultimately learned a lot about the glacial pace of improvements in big organizations.
Slow and Steady Finishes the Race
Change processes work to slow down the Continue reading
Five Great (free!) Ways to Get Started With Cloudflare
I joined Cloudflare a few weeks ago, and as someone new to the company, there’s a ton of information to absorb. I have always learned best by doing, so I decided to use Cloudflare like a brand-new user. Cloudflare customers range from individuals with a simple website to companies in the Fortune 100. I’m currently exploring Cloudflare from the perspective of the individual, so I signed up for a free account and logged into the dashboard. Just like getting into a new car, I want to turn all the dials and push all the buttons. I looked for things that would be fun and easy to do and would deliver some immediate value. Now I want to share the best ones with you.
Here are my five ways to get started with Cloudflare. These should be easy for anyone, and they’re free. You’ll likely even save some money and improve your privacy and security in the process. Let’s go!
1. Transfer or register a domain with Cloudflare Registrar
If you’re like me, you’ve acquired a few (dozen) Internet domains for things like personalizing your email address, a web page for your nature photography hobby, or maybe a side business. You Continue reading
Ubuntu: Extend your default LVM space
POV: You’re a sysadmin who set up a one-off Linux machine for an app you needed, and now it’s out of disk space. You originally spun up a VM, installed a recent Ubuntu OS, and just hit Next, Next, Finish through the guided install. Linux is not your bread-and-butter, you usually deal in Windows, and […]
The post Ubuntu: Extend your default LVM space appeared first on Packet Pushers.
NANOG 83
The network operations community is cautiously heading back into a mode of in-person meetings and the NANOG meeting at the start of November was a hybrid affair with a mix of in-person and virtual participation, both by the presenters and the attendees. I was one of the virtual mob, and these are my notes from the presentations I found to be of personal interest.Research Recap: How To Automate Malware Campaign Detection With Telemetry Peak Analyzer
Contributors: Jason Zhang, Stefano Ortolani, Giovanni Vigna
Cyber security threats have been growing significantly in both volume and sophistication over the past decade with no sign of a slowdown. Naturally, this has also been accompanied by an increased collection of threat telemetry data, ranging from detonation timelines to IDS/IPS detections. Telemetry data, typically represented by enriched time series, often contains underlying peak signals which in turn correspond to a few informative events: occurrences of malware campaigns, heavily used malware delivery vectors, commonly affected verticals, and even anomalies possibly revealing the presence of false positives. While all this information clearly holds tremendous value, mining these data sets can be expensive and complex. As a result, organizations often find it challenging to gain further insights of the underlying threat landscape even though they have access to the data.
Recently at VirusBulletin Threat Intelligence Practitioners’ Summit (TIPs) 2021, we presented our latest research aiming to tackle the challenges discussed above: Telemetry Peak Analyzer is a statistical approach to detect malware campaigns as they happen by relying on telemetry data in an efficient and scalable manner.
Read on to get the key insights of the presentation. We’ll provide an overview of the characteristics Continue reading
Hedge 108: In Defense of Boring Technology with Andrew Wertkin
Engineers (and marketing folks) love new technology. Watching an engineer learn or unwrap some new technology is like watching a dog chase a squirrel—the point is not to catch the squirrel, it’s just that the chase is really fun. Join Andrew Wertkin (from BlueCat Networks), Tom Ammon, and Russ White as we discuss the importance of simple, boring technologies, and moderating our love of the new.