The post Tier 1 Carriers Performance Report: January, 2022 appeared first on Noction.
One of my readers sent me an interesting pointer:
I just watched a YouTube video by a security researcher showing how a five line python script can be used to unilaterally configure a Cisco switch port connected to a host computer into a trunk port. It does this by forging a single virtual trunk protocol (VTP) packet. The host can then eavesdrop on broadcast traffic on all VLANs on the network, as well as prosecute man-in-the-middle of attacks.
I’d say that’s a “startling revelation” along the lines of “OMG, VXLAN is insecure” – a wonderful way for a security researcher to gain instant visibility. From a more pragmatic perspective, if you enable an insecure protocol on a user-facing port, you get the results you deserve1.
While I could end this blog post with the above flippant remark, it’s more fun considering two fundamental questions.
One of my readers sent me an interesting pointer:
I just watched a YouTube video by a security researcher showing how a five line python script can be used to unilaterally configure a Cisco switch port connected to a host computer into a trunk port. It does this by forging a single virtual trunk protocol (VTP) packet. The host can then eavesdrop on broadcast traffic on all VLANs on the network, as well as prosecute man-in-the-middle of attacks.
I’d say that’s a “startling revelation” along the lines of “OMG, VXLAN is insecure” – a wonderful way for a security researcher to gain instant visibility. From a more pragmatic perspective, if you enable an insecure protocol on a user-facing port, you get the results you deserve1.
While I could end this blog post with the above flippant remark, it’s more fun considering two fundamental questions.
GARP (Gratuitous ARP): Is an ARP message sent without request. Mainly used to notify other hosts in the network of a MAC address assignment change. When a host receives a GARP it either adds a new entry to the cache table or modifies an existing one. I will expand more about GARP in the next section, as it’s the one that concerns us most from a security point of view.
Gratuitous ARP
GARP messages
GARP Request: A regular ARP request that contains the source IP address as sender and target address, source MAC address as sender, and broadcast MAC address (ff:ff:ff:ff:ff:ff) as a target. There will be no reply to this request
GARP Reply: The source/destination IP addresses AND MAC addresses are set to the sender addresses. This message is sent to no request.
GARP Probe: When an interface goes up with a configured IP address, it sends a probe to make sure no other host is using the same IP; hence, preventing IP conflicts. A probe has the sender IP set to zeros (0.0.0.0), the target IP is the IP being probed, the sender MAC is the source MAC, and the target MAC address Continue reading
Pluribus is humbled and grateful to be named to the 2022 Futuriom 40, joining a group of companies that are all doing remarkable things in the cloud.
The post Pluribus named a Futuriom 40 Cloud Infrastructure and Communications Company appeared first on Pluribus Networks.
Scott Raynovich and the team at Futuriom have compiled their list of private companies that are making waves in cloud infrastructure. Futuriom knows this landscape and the customer trends thoroughly and recognizes companies that are innovating to stay ahead of the market, and delivering what customers need to achieve an agile cloud operating model across all of their distributed cloud locations.
Pluribus is humbled and grateful to be named to the 2022 Futuriom 40, joining a group of companies that are all doing remarkable things in the cloud. As Scott points out in the report and in this Forbes article, the market for cloud technology innovation will remain strong, as “…in many cases, traditional enterprise networking architectures aren’t useful for connecting to the cloud applications and platforms.” Pluribus is dedicated to simplifying cloud networking as organizations grapple with the new realities of the distributed cloud.
Of the top trends in the report, one of them is focused on networking across distributed clouds. Futuriom describes it as follows:
Distributed Cloud Infrastructure: Networking and connectivity platforms need to be engineered to connect cloud resources ranging from the edge to the public cloud. This has computer, networking, and storage elements, Continue reading