Jerikan+Ansible: a Configuration Management System
Vincent Bernat and his team open-sourced Jerikan, a production-grade network configuration management system.
It might not be immediately applicable to your network, but I’m positive you could find tons of good ideas in it.
Jerikan+Ansible: a Configuration Management System
Vincent Bernat and his team open-sourced Jerikan, a production-grade network configuration management system.
It might not be immediately applicable to your network, but I’m positive you could find tons of good ideas in it.
Proxmox Import Extrahop Appliances
In this post I will show you how to import the Extrahop Discovery Appliance (EDA) and the Extrahop Explore Appliance (EXA) into Proxmox. The following software was used as part of this post. Proxmox - 7.0-11 Extrahop Discovery Appliance 1100v - 8.6.2.1446 Extrahop Explore Appliance...continue reading
Proxmox Import Extrahop Appliances
In this post I will show you how to import the Extrahop Discovery Appliance (EDA) and the Extrahop Explore Appliance (EXA) into Proxmox. The following software was used as part of this post. Proxmox - 7.0-11 Extrahop Discovery Appliance 1100v - 8.6.2.1446 Extrahop Explore Appliance...continue reading
Proxmox Import Extrahop Appliances
In this post I will show you how to import the Extrahop Discovery Appliance (EDA) and the Extrahop Explore Appliance (EXA) into Proxmox. The following software was used as part of this post. Proxmox - 7.0-11 Extrahop Discovery Appliance 1100v - 8.6.2.1446 Extrahop Explore Appliance...continue reading
Cloudflare blocks an almost 2 Tbps multi-vector DDoS attack
Earlier this week, Cloudflare automatically detected and mitigated a DDoS attack that peaked just below 2 Tbps — the largest we’ve seen to date. This was a multi-vector attack combining DNS amplification attacks and UDP floods. The entire attack lasted just one minute. The attack was launched from approximately 15,000 bots running a variant of the original Mirai code on IoT devices and unpatched GitLab instances.
Network-layer DDoS attacks increased by 44%
Last quarter, we saw multiple terabit-strong DDoS attacks and this attack continues this trend of increased attack intensity. Another key finding from our Q3 DDoS Trends report was that network-layer DDoS attacks actually increased by 44% quarter-over-quarter. While the fourth quarter is not over yet, we have, again, seen multiple terabit-strong attacks that targeted Cloudflare customers.
How did Cloudflare mitigate this attack?
To begin with, our systems constantly analyze traffic samples “out-of-path” which allows us to asynchronously detect DDoS attacks without causing latency or impacting performance. Once the attack traffic was detected (within sub-seconds), our systems generated a real-time signature that surgically matched against the attack patterns to mitigate the attack without impacting Continue reading
Awesome: What’s Wrong with Bitcoin
I read tons of articles debunking the blockchain hype, and the stupidity of waisting CPU cycles and electricity on calculating meaningless hashes, but what Avery Pennarun did in his decade-old analysis is a masterpiece.
TL&DR: Bitcoin is a return to gold standard, and people who know more about economy than GPUs and hash functions have figured out that’s a bad idea long time ago.
Interesting: What’s Wrong with Bitcoin
I read tons of articles debunking the blockchain hype, and the stupidity of waisting CPU cycles and electricity on calculating meaningless hashes; here’s a totally different take on the subject by Avery Pennarun (an update written ten years later).
TL&DR: Bitcoin is a return to gold standard, and people who know more about economy than GPUs and hash functions have figured out that’s a bad idea long time ago.
Proxmox Import And Use Cloud Images
In this post I will cover the process to import and use cloud based images in Proxmox. Cloud based images are handy because they are configurable on boot via cloud-init. I will use the image created in this post in a future post on how to deploy VMs in Proxmox via Terraform. ...continue reading
Proxmox Configure Open vSwitch
Proxmox has two kinds of virtual switches that can be utilised. Linux bridges (the default) and Open vSwitch (OVS). Linux Bridges are generally fine unless you want to configure a lot of VLANs and/or do port mirroring. I have a use-case for both, so in this post, I will show you how...continue reading
Arista Adds New Hyperscale, Enterprise Switches To Its 400G Portfolio
Arista Networks announced four new switches in its 400G portfolio. Two are aimed at the hyperscale/cloud crowd, and two are intended for enterprise data centers. The new switches promise greater port density than previous generations, and better power efficiency. The hyperscale switches are built around Broadcom’s Tomahawk-4 silicon, which delivers 25.6Tbps of throughput. They include […]
The post Arista Adds New Hyperscale, Enterprise Switches To Its 400G Portfolio appeared first on Packet Pushers.
Fixing Recent Validation Vulnerabilities in OctoRPKI
A number of vulnerabilities in Resource Public Key Infrastructure (RPKI) validation software were disclosed in a recent NCSC advisory, discovered by researchers from the University of Twente. These attacks abuse a set of assumptions that are common across multiple RPKI implementations, and some of these issues were discovered within OctoRPKI. More details about the disclosed vulnerabilities can be found in this RIPE labs article written by one of the researchers. In response, we published a new release of OctoRPKI, v1.4.0, to address and remediate these vulnerabilities.
Cloudflare customers do not have to take any action to protect themselves from these newly discovered vulnerabilities, and no Cloudflare customer data was ever at risk.
We have not seen any attempted exploitation of these vulnerabilities described in the advisory. We use OctoRPKI to perform Border Gateway Protocol (BGP) route validation so that our routers know where to direct IP packets at Layer 3 of the TCP/IP stack. TLS provides additional security at the TCP layer to ensure the integrity and confidentiality of customer data going over the Internet in the event of BGP hijacking.
RPKI and the discovered vulnerabilities
Resource Public Key Infrastructure (RPKI) is a cryptographic method of Continue reading
Heavy Networking 606: Dealing With DNS And Domain Name Abuse
The DNS Abuse Institute is a community effort to develop solutions to DNS-related problems including malware, botnets, phishing, pharming, and spam. On today's show we speak with its Director, Graeme Bunton, about the institute and its work, and the challenges of dealing with malicious actors that exploit DNS and domain names.
The post Heavy Networking 606: Dealing With DNS And Domain Name Abuse appeared first on Packet Pushers.
