The currency miners were relying on a Docker runC vulnerability discovered in early February (later...
The increasingly complex array of cloud environments used by businesses provides bad actors with...
The operator also unveiled its second annual Mobile Security Index, which found that more companies...
The Finnish carrier is working with Nokia on the fixed wireless network equipment and is looking to...
Historically, engineers and practitioners have had a hard time communicating IT’s value to business leadership. This gap between IT and the business will present even greater challenges as businesses grow to depend on their networks and systems for even more strategic advantage. In this episode we explore some of the reasons why this gap exists and discuss some potential things you can do to help bridge the gap between IT engineering and business leadership.
We would like to thank Cumulus Networks for sponsoring this episode of Network Collective. Cumulus Networks makes networking software for the open, modern data center. It’s the only open networking software that allows you to affordably build and efficiently operate your network like the worlds largest data center operators. Cumulus also just launched a brand new certification program offering free resources, on-demand modules, live training, and a certifications exam. If you would like to learn more you can head on over to https://cumulusnetworks.com/certified
Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/
The post Episode 46 Continue reading
Loggly offers a free 14 day evaluation, so you can try this example at no cost.ICMP unreachable describes how monitoring ICMP destination unreachable messages can help identify misconfigured hosts and scanning behavior. The article uses the sFlow-RT real-time analytics software to process the raw sFlow and report on unreachable messages.
var token = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx';Some notes on the script:
var url = 'https://logs-01.loggly.com/inputs/'+token+'/tag/http/';
var keys = [
'icmpunreachablenet',
'icmpunreachablehost',
'icmpunreachableprotocol',
'icmpunreachableport'
];
for (var i = 0; i < keys.length; i++) {
var key = keys[i];
setFlow(key, {
keys:'macsource,ipsource,macdestination,ipdestination,' + key,
value:'frames',
log:true,
flowStart:true
});
}
setFlowHandler(function(rec) {
var keys = rec.flowKeys.split(',');
var msg = {
flow_type:rec.name,
src_mac:keys[0],
src_ip:keys[1],
dst_mac:keys[2],
dst_ip:keys[3],
unreachable:keys[4]
};
try { http(url,'post','application/json',JSON.stringify(msg)); }
catch(e) { logWarning(e); };
}, keys);
Founded by former Yahoo security officer Jeremiah Grossman, WhiteHat takes a DevSecOpps approach to...
The post SSH Compromise Detection Using Flow Data appeared first on Noction.
One of my subscribers sent me this question after watching the latest batch of Data Center Fabrics videos:
You haven’t mentioned Intel's Omni-Path at all. Should I be surprised?
While Omni-Path looks like a cool technology (at least at the whitepaper level), nobody ever mentioned it (or Intel) in any data center switching discussion I was involved in.
Read more ...One of the ways that Citrix has bolstered its security and automation is through an integration...
On the 20th February 2019, Drupal announced that they had discovered a severe vulnerability and that they would be releasing a patch for it the next day. Drupal is a Content Management System used by many of our customers, which made it important that our WAF protect against the vulnerability as quickly as possible.
As soon as Drupal released their patch, we analysed it to establish what kind of payloads could be used against it and created rules to mitigate these. By analysing the patch we were able to put together WAF rules to protect cloudflare customers running Drupal.
We identified the type of vulnerability we were dealing within 15 minutes. From here, we were able to deploy rules to block the exploit well before any real attacks were seen.
As Drupal's release announcement explains, a site is affected if:
From looking at the patch we very quickly realised the exploit would be based on deserialization. The option ['allowed_classes' Continue reading
The security landscape is essentially AI versus AI. May the best man, err, machine win.
Cumulus Networks is proud to announce CRN®, a brand of The Channel Company, has named us to its 2019 Data Center 50 list.
This annual list identifies technology suppliers that offer the right management tools to help businesses and solution providers ensure data centers run with maximum performance and efficiency. We couldn’t be more thrilled! This accomplishment really solidifies our vision — to build the modern data center networks for applications of the future.
It’s been a while since we updated our blog community with our evolved vision for the modern data center, so we thought this would be a great opportunity to review a little bit about what Cumulus has been doing lately and how our products have evolved.
We pride ourselves on providing networking software to design, run and operate modern data centers that are simple, open, resilient, scalable and operationally efficient.
Our network operating system, Cumulus Linux, is a powerful, open network operating system that allows you to automate, customize and scale using web-scale principles like the world’s largest data centers.
When it comes to data center networks, traditional network solutions are unable keep up with the pace of Continue reading