Introducing: Advanced Certificate Manager
In 2016, we launched Dedicated Certificates. Today, we are excited to announce that dedicated certs are getting an upgrade… and a new name… introducing Advanced Certificate Manager! Advanced Certificate Manager is a flexible and customizable way to manage your certificates on Cloudflare.
Certificates
TLS Certificates are the reason you can safely browse the Internet, securely transfer money online, and keep your passwords private. They do that by encrypting your sensitive messages using public-key cryptography that is cryptographically linked to the certificate itself. But beyond that, TLS certificates are used to make an assertion about identity — verifying that the server is who they claim to be. Server Certificates — used by every website — include the website's name on the certificate and is issued by a third-party certificate authority (CA) who verifies that the certificate's information is correct and accurate.
Browsers only let you visit a website when it's encrypted using TLS after it has successfully validated the certificate presented by the server — much like how security checks your ID to board a plane.
We are focusing on securing the Internet now more than ever. We want to make it as easy as possible for any customer to be Continue reading
Worth Reading: Network Automation ChatBot with Discord
It’s amazing how easy it is to create a chatbot that will send messages to a Discord channel… just follow John Capobianco’s step by step tutorial.
Planning for a Rural Broadband Breakout
The FCC’s RDOF has begun to award $20 billion to service providers. Winners are committed to broadband expansion to under and un-served areas nationwide.Is It Illegal To Be Called “Engineer” Without Having An Engineering Degree?
Some engineers are called engineers because they went through a rigorous process recognized in their industry. The stuff they do tends to affect lives, and so the title of engineer is not awarded until a bunch of other people agree it’s deserved. Engineers in those disciplines sometimes take exception to IT engineers being called such, as there is no industry-wide process one follows to become an IT engineer. So should we be disallowed from using the term?
The post Is It Illegal To Be Called “Engineer” Without Having An Engineering Degree? appeared first on Packet Pushers.
Heavy Networking 569: New Metro Architectures For 5G, IoT, And Low Latency Services (Sponsored)
5G, IoT, and low-latency virtualized edge services present a major opportunity for providers and enterprises to build and consume new services in the metro network. On today's Heavy Networking episode, sponsor Juniper Networks is here to share its vision of new metro architectures. Our guests are Amit Bhardwaj, Sr. Director Product Management; and Mats Nordlund, Sr. Director Product Management.
The post Heavy Networking 569: New Metro Architectures For 5G, IoT, And Low Latency Services (Sponsored) appeared first on Packet Pushers.
Heavy Networking 569: New Metro Architectures For 5G, IoT, And Low Latency Services (Sponsored)
5G, IoT, and low-latency virtualized edge services present a major opportunity for providers and enterprises to build and consume new services in the metro network. On today's Heavy Networking episode, sponsor Juniper Networks is here to share its vision of new metro architectures. Our guests are Amit Bhardwaj, Sr. Director Product Management; and Mats Nordlund, Sr. Director Product Management.You Can’t Think If You’re Always Thinking
On the March 25, 2021 edition of his Daily Check-In podcast, Ned Bellavance talks about feeling like he’s putting too many inputs into his brain, and not leaving enough time to hear his own thoughts. I have had similar concerns for myself.
I tend to have something going most of the time. Podcasts in the morning before settling into my office. Music during the day, typically something familiar or non-intrusive so that it’s not too distracting while I write and research. YouTube or a Boston Celtics basketball game in the evenings while I eat dinner and unwind from Zoomday. (Zoomday is everyday! 
) Before I go to bed, I read mentally engaging things. Books, a mix of fiction and non-fiction, currently Aldous Huxley’s Brave New World. Blogs like Astral Codex Ten plus a myriad of tech writers. When the sleepies finally hit, I turn off the glowing doom rectangle and hope my dreams aren’t unfathomable. Like the one two days ago where I was inside a commercial jet taxing rapidly through a city, the jet being chased by emergency vehicles that kept inexplicably bursting into flames. My dreams are fun. But I digress.
Like Ned outlined in his podcast, Continue reading
Servant Leadership and Standing Out
My son is fifteen and he’s the typical teenager that either thinks he’s being asked to do way too much or he’s not getting recognized for what he’s accomplished. That last part is hard for him because he’s a bit humble and doesn’t like to tout his own work. I once told him that he didn’t need to do that because he stands out to the people that matter. He did the typical teenager thing where he fought me and said that no one noticed anything he did. I told him that if you do things the way they’re supposed to be done and don’t spend your whole day crowing about what you’re doing that the right people will most assuredly notice.
The worry that your work is going unnoticed isn’t unfounded among teenagers or adults. How many times have we asked ourselves in our daily work roles if we matter? It takes about two weeks worth of meetings in a typical IT department for you to see how things go. There are those that coast by with the knowledge they obtained years ago that have their niche and they intend to fill it. Their entire purpose is to avoid Continue reading
Introducing Super Bot Fight Mode
Almost half of the Internet’s traffic is powered by bots. Bots have scoured the net for years, relentlessly hacking into bank accounts, scooping up Bruno Mars tickets, and scraping websites for data. The problem is so widespread that we launched Bot Fight Mode in 2019 to fight back. Since then, over 150,000 individuals and small businesses have used the product, and we’ve received countless requests for more functionality. More analytics, more detections, and more controls.
Introducing Super Bot Fight Mode.
Beginning immediately, any Cloudflare user with a Pro or Business site can take new action against bots. We’ve added advanced features in the dashboard and some exciting updates to analytics. Free customers will retain all the benefits they've enjoyed with Bot Fight Mode, and our Enterprise Bot Management product will continue to push the needle on innovation.
In the Dashboard
Our bot solutions have a new home. The features we discuss in this blog post go beyond a single toggle, so we created a hub for bot protection. Head to the Firewall app and select the “Bots” subtab to get started.
The new hub is live for all users, including those with Enterprise Bot Management.
Pro Plan Features
First up: Continue reading
Mitigating Bot Attacks against Cloudflare
The word “bots” on the Internet is a fairly loaded one. My earliest ‘bot’ experience was on IRC, where bots were quite helpful in making sure your favorite channel didn’t get taken over by malicious users and allowed for fun games of trivia. Around five years ago, “bots” were often referencing text chats in combination with AI and messaging platforms/apps as a new way to interact with customers. Today most of the connotations around bots on the Internet, particularly in the security space, are negative and we have a number of vendors offering new ways to detect and block bots.
In its most simple form, a bot is an automated piece of software that replaces human interaction. In the examples above, this is done so we can scale a process to be faster or more extensive than a single manual action. Search Engine bots exist because it is impossible (or at the very least, impractical) to crawl the Internet one curl at a time. The benefit of scale can be used for both good and for bad, by attacking a property on the Internet. Bots are used for attacks at scale — they can be deployed to attack an Continue reading
Announcing API Abuse Detection
APIs are incredibly important. Throughout the 2000s, they formed the backbone of popular web services, helping the Internet become more useful and accessible. In the 2010s, APIs played a larger role in our lives, allowing personal devices to communicate with the digital world. Many of our daily activities, like using rideshare services and paying for lattes, are dependent on this form of modern communication. Now we are approaching a post-pandemic world in which APIs will be more important than ever.
Unfortunately, as any technology grows, so does its surface area for abuse. APIs are no exception. Competing rideshare services might monitor each other’s prices via API, spawning a price war and a waste of digital resources. Or a coffee drinker might manipulate an API for a latte discount. Some companies have thousands of APIs — including ones that they don’t even know about. Cloudflare can help solve these problems.
Today, we are announcing early access to API Discovery and API Abuse Detection.
Background
Before going further, it’s important to explain why we need a solution for APIs. Traditional security tools, including Rate Limiting and DDoS Protection, can be wonderfully useful. But these approaches were not built to act Continue reading
Interview: Will AI Replace the Networking Engineers?
In the second half of my chat with David Bombal we focused on automation and AI in networking. Even though we discussed many things, including the dangers of doing a repeatable job, and how to make yourself unique, David chose a nice click-bait headline Will AI Replace the Networking Engineers?. According to Betteridge’s law of headlines the answer is still NO, but it’s obvious AI will replace the low-level easy-to-automate jobs (as textile workers found out almost 200 years ago).
While pondering that statement, keep in mind that AI is more than just machine learning (the overhyped stuff). According to one loose definition, “Artificial intelligence (AI) refers to the simulation of human intelligence in machines that are programmed to think like humans and mimic their actions”
Full disclosure: the web site with this definition had and ad for Lego Friends set next to it, making it extra-trusty. I couldn’t find a similarly oversimplified definition on Wikipedia… probably for a good reason.
Finding the Right Balance of On-Site and At-Home IT Workers
Some IT staffers don't want to come back to the office, while others can't wait to return. Here's how IT leaders can plan for a split workforce in a post-pandemic workplace.How to Find Reviews on Amazon?
Amazon, the company that formerly started as an online book store, has become one of the most influential companies around the globe. Over the last decade, the company has managed to expand its dealership by stepping into different sectors. Today, Amazon is recognized, as one of the leading e-commerce stores that have outshined Walmart, thus taking away its title as Americas most valued retailer. From creating a mega e-market to boosting digital streaming and AI, it has positioned itself as one of the most prominent profit-making megacorps, followed by Facebook and Google.
The speedy delivery system and product credibility are two factors that have won amazon roughly around hundred million followers universally. With the advancement in technology and high availability of online marketplaces, people find it convenient to order stuff online than buying it physically. In this case, Amazon has become the most preferred and trusted e-commerce site among the masses.
How to Find My Reviews on Amazon?
To have full access on the website, like any other user you must have created an Amazon account to make your purchases. Also, upon quick package delivery and blue ribbon product quality, it is a common practice to do the five-star rating. Continue reading
In Yucatán, Mexico, IXSY Gets Its Watershed Moment
Despite being the second-most populated country in Latin America, with significant Internet consumption, by the end of 2019 Mexico only had one established Internet exchange point (IXP) – CITI, in three locations (Mexico City, Querétaro, and Tultitlán). In comparison, Argentina and Brazil have more than 30 points each.
In Mexico’s southeastern region – which has the country’s highest poverty rates and lowest connectivity – there were none. This prompted a committed group of people in the State of Yucatán to set out to create an IXP in 2014.
Their efforts intensified in April 2018, with the signing of the founding act for the Internet Exchange Services Yucatán (IXSY), a nonprofit association to administer the node in Yucatán.
In May 2018, the First National IXP Forum was organized. There, IXSY gained the support of Yucatan’s state government. But in July, that government lost the state elections, putting the project on pause.
Still, the new government didn’t take long to see the project’s relevance, says Carmen Denis Polanco, director of the IXSY. “It is beautiful and valuable that it did not become a political issue, but something that was important for the state. A new team of people was formed that could Continue reading
Memory Forensics for Virtualized Hosts
Detecting In-Memory Malware Threats
Memory analysis plays a key role in identifying sophisticated malware in both user space and kernel space, as modern threats are often file-less, operating without creating a file system artifact.
The most effective approach to the detection of these sophisticated malware components is to install on the protected operating system an agent that continuously monitors the OS memory for signs of compromise. However, this approach has a number of drawbacks. First, the agent introduces a constant overhead in the monitored OS — caused by both the resources used by the agent process (e.g., CPU, memory) and the instrumentation used to capture relevant events (e.g., API hooking). Second, a malware sample can detect the presence of an agent and attempt to either disable the agent or evade detection. Third, depending on how it is deployed, the agent not have access to specific portions of the user-space and kernel-space memory, and, as a consequence, may miss important evidence of a compromise. Finally, deploying, maintaining, and updating agents on every endpoint can be challenging, especially in heterogeneous deployments where multiple versions of different operating systems and architectures coexist.
A complementary approach to the detection of Continue reading
IPv6 Buzz 072: NIST And Testing IPv6 Interoperability
Today's IPv6 Buzz guest, Doug Montgomery, is manager of Internet and scalable systems research at the National Institute of Standards and Technology (NIST), which has been critical in helping standardize IPv6 interoperability standards and testing.
The post IPv6 Buzz 072: NIST And Testing IPv6 Interoperability appeared first on Packet Pushers.