0

Field Engineering and COVID19

First posted in Human Infrastructure Magazine in April 2020 – a free email newsletter from the Packet Pushers. Subscribe here. How does business operate when the pandemic lockdown ‘ends’ and how does it impact you ? COVID19 won’t be gone,  its gonna be months before a new ‘normal’ emerges. Getting back to work means close […]

The post Field Engineering and COVID19 appeared first on EtherealMind.

0

SuzieQ with Dinesh Dutt and Justin Pietsch on Software Gone Wild

In early May 2020 I wrote a blog post introducing SuzieQ, a network observability platform Dinesh Dutt worked on for the last few years. If that blog post made you look for more details, you might like the Episode 111 of Software Gone Wild in which we went deeper and covered these topics:

• How does SuzieQ collect data
• What data is it collecting from network devices
• What can you do with that data
• How can you customize and extend SuzieQ

0

Kubernetes Security: Lateral Movement Detection and Defense

What is Lateral Movement?

Lateral movement refers to the techniques that a cyber-attacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement techniques are widely used in sophisticated cyber-attacks such as advanced persistent threats (APTs). An adversary uses these techniques to access other hosts from a compromised system and get access to sensitive resources, such as mail systems, shared folders, and legitimate credentials, ultimately gaining access to the identified target. Lateral movement techniques enable a threat actor to avoid detection and retain access over an extended dwell time of weeks, or even months, after the initial breach.

What are the Stages of Lateral Movement?

There are three primary stages of lateral movement: reconnaissance, credential/privilege gathering, and gaining access to other resources in the network.

How Does an Adversary Gain Unauthorized Access to a Kubernetes Cluster?

In a Kubernetes cluster, an attacker will gain initial access by compromising a pod. Once the pod is compromised, there are three main areas where the attacker can begin reconnaissance and move through the lateral movement stages to learn more about the cluster: the cloud provider metadata service, the pod networking and Continue reading

0

GitLab Acquires Peach Tech and Fuzzit to Expand its DevSecOps Offering

GitLab has acquired Peach Tech, a security software firm specializing in protocol fuzz testing and...

Read More »

0

SD-WAN an Enterprise Favorite for Securing the Cloud

Of those surveyed, 74% reported had deployed or plan to deploy SD-WAN to secure cloud workloads.

0

Cradlepoint Partners With Rigado to Deliver a Safe Workplace Solution Using NetCloud Edge Containers and Built on Microsoft Azure

Cradlepoint announced that Rigado joined its Technology Alliance Partner program to build a Safe...

Read More »

0

How to backup essential data but not the garbage

Something as simple as how you tell your backup product which files and databases to backup can have a massive impact on your recoverability. Proper backup selection is essentially a balance between ensuring that everything that should be backed up is indeed backed up, while also trying not to backup worthless data.Physical server inclusion Virtually all backup products require some initial installation and configuration at the level of a physical server. This means that for any of the tactics mentioned in this article to work, one must first install the appropriate software and authorization on each physical server in the data center. This means every VMware or Hyper-V server (not to be confused with each VM on those servers), every physical UNIX or Windows server, and any cloud services that are being backed up. Someone must make that initial connection and authentication before the backup system can perform its magic.To read this article in full, please click here

0

Daily Roundup: Amazon Won’t Sell Facial Recognition to Police

Amazon said it wouldn't sell facial recognition to police; Nokia mellowed its 5G outlook for 2020;...

Read More »

0

Microsoft Joins Amazon, IBM With Facial Recognition Ban

Company President Brad Smith said it does not sell that technology today and is in favor of a...

Read More »

0

Juniper CTO Dishes Edge Cloud Strategy

Open RAN and the rise of 5G presents an opportunity for Juniper to play in a market it hasn’t...

Read More »

0

Google Taps Telefónica for Telco Cloud Edge Expansion

The deal includes Google opening a new cloud region in Spain and Telefónica using Google Cloud’s...

Read More »

0

SonicWall Adds SD-Branch Functionality, Switches

The SD-branch capabilities will enable customers to remotely provision and manage branch...

Read More »

0

Amazon Stops Selling Police Its Facial Recognition Tech

“We’ve advocated that governments should put in place stronger regulations to govern the...

Read More »

0

IPv6 Buzz 053: Applications And IPv6

In this week's IPv6 Buzz episode, Scott and Tom discuss applications and IPv6 with Dan York. They also talk to Dan about his role at the Internet Society and pro-IPv6 ISOC programs such as Deploy360 and Open Standards Everywhere.

0

IPv6 Buzz 053: Applications And IPv6

In this week's IPv6 Buzz episode, Scott and Tom discuss applications and IPv6 with Dan York. They also talk to Dan about his role at the Internet Society and pro-IPv6 ISOC programs such as Deploy360 and Open Standards Everywhere.

The post IPv6 Buzz 053: Applications And IPv6 appeared first on Packet Pushers.

0

Tech Bytes: Solving Common Network Issues With Apstra’s Intent-Based Networking (Sponsored)

Today's Tech Byte episode, sponsored by Apstra, delves into solving common network problems with Intent-Based Networking (IBN), including how a customer used Apstra AOS to troubleshoot an EVPN issue. Our Apstra guests are Sean Hafeez, VP of Product Management; and Jeff Tantsura, Head of Networking Strategy.

The post Tech Bytes: Solving Common Network Issues With Apstra’s Intent-Based Networking (Sponsored) appeared first on Packet Pushers.

0

Tech Bytes: Solving Common Network Issues With Apstra’s Intent-Based Networking (Sponsored)

Today's Tech Byte episode, sponsored by Apstra, delves into solving common network problems with Intent-Based Networking (IBN), including how a customer used Apstra AOS to troubleshoot an EVPN issue. Our Apstra guests are Sean Hafeez, VP of Product Management; and Jeff Tantsura, Head of Networking Strategy.

0

Project Galileo’s 6th year Anniversary: The Impact of COVID-19 on the most vulnerable groups on the Internet

Consistent with our mission to “help build a better Internet,” Cloudflare believes that one of the most important roles for the Internet is to empower marginalized voices that may not be heard, or bring together oppressed groups of people that may otherwise find themselves isolated and alone. Six years ago, Cloudflare started Project Galileo to provide free services to vulnerable nonprofits, journalism and independent media voices online who might otherwise be in danger of being silenced by cyberattacks. Much has changed in the past couple of months as the COVID-19 pandemic has transformed the world while the United States faces a wave of protests addressing racial violence and inequality. These events have put further strain on vulnerable groups working in these spaces, and we have seen many organizations step up to ensure that those who are most affected by these circumstances are protected. At Cloudflare, we believe that protecting these groups from attack is essential to helping build a better Internet.

We are excited to mark the 6th anniversary of the project this month, and it is a good time for us to reflect, talk to participants, and see how the Project has grown and changed over the course of Continue reading

0

Example: Fully-Automated AWS Network Infrastructure Deployment

Regular readers of my blog probably remember the detailed explanations Erik Auerswald creates while solving hands-on exercises from our Networking in Public Cloud Deployments online course (previous ones: create a virtual network, deploy a web server).

This time he documented the process he went through to develop a Terraform configuration file that deploys full-blown AWS networking infrastructure (VPC, subnets, Internet gateway, route tables, security groups) and multiple servers include an SSH bastion host. You’ll also see what he found out when he used Elastic Network Interfaces (spoiler: routing on multi-interface hosts is tough).

0

Listen to the Hedge Podcast 39 to Learn about the Open Standards Everywhere Project

What is our Open Standards Everywhere (OSE) project all about? How did it get started? What are the project goals? What are some of the challenges web server operators face? How can we work together to make web servers more secure and available?

Recently Russ White and his team interviewed me on The Hedge Podcast Episode 39 to discuss all these questions and much more. I’ve known Russ for a good number of years and it was fun to talk with him and his co-hosts Eyvonne Sharp and Tom Ammon about all things related to the OSE project. I hope you enjoy listening to the episode as much as we enjoyed having the conversation!

I would encourage you to listen to some of the other Hedge podcast episodes, too, as they have some great content. A few I personally enjoyed included: episode 37 about DNS privacy; episode 31 about network operator groups (NOGs); and episode 30 with Ethan Banks from the Packet Pushers Network about why understanding the fundamentals of networking is so important.

Thank you to Russ, Eyvonne, and Tom for having me on the show!

Want to be more involved Continue reading