Archive

Category Archives for "Russ White"

Live Training: Build Your Own Networking Lab

This Friday at 1pm ET, Bruce McDougall and I are teaching a live class on using Containerlab to build and automate network labs. From the course description:

This course will guide learners through the tools and techniques to build virtual labs either locally or on common cloud services, so you can become more proficient at understanding, designing, monitoring, and troubleshooting networks. The course begins with obtaining and starting the basic tools required to build and test network labs using open-source and freely available tools. The instructors will build a variety of network topologies, including data center and campus, to help learners understand how to test in different environments.

Register here.

Hedge 230: Preparing for Layoffs

You will probably be laid off at least once in your career–we no longer live a world of “permanent positions,” or even a world where people are in complete control of their “work destiny.” It’s important, then, to prepare to be laid off, made redundant, or impacted by a RIF, today. Mike Bushong joins Eyvonne Sharp, Tom Ammon, and Russ White in a wide-ranging discussion about preparing to be laid off.

 

 

download

Weekend Reads 060724


The US Securities and Exchange Commission (SEC) wants to clarify guidelines for public companies regarding the disclosure of ransomware and other cybersecurity incidents.


Technical report 69, or TR-069, which defines how people’s broadband routers and other customer-premises equipment can be remotely provisioned and managed by ISPs automatically, is turning 20 years old.


Google and many other organizations, such as NIST, IETF, and NSA, believe that migrating to post-quantum cryptography is important due to the large risk posed by a cryptographically-relevant quantum computer (CRQC).


IPng’s network is built up in two main layers, (1) an MPLS transport layer, which is disconnected from the Internet, and (2) a VPP overlay, which carries the Internet.


Elon Musk doesn’t want you to share links from Substack, the blogging and newsletter platform that has grown in popularity over the last two years and serves as the primary mode of expression for independent Internet writers.


Quantum computers are probably coming, though we don’t know when—and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms.


Domain name monitoring—that is, the detection of domains with names containing a brand-term (or other string) of interest—is a very well-established element of brand protection Continue reading

Rule 11 Academy 060324

New material at Rule 11 Academy this week:

Understanding Intra-AS BGP
Suboptimal BGP Route Reflection Lab

I’ve done a good bit of BGP to this point; I’m probably going to work on link state or some other part of the outline next week. I’m trying to make certain everyone who signs up for the first time gets the first six months for free; the membership plugin is being a bit squirrely, so you might see accounts expired, etc. I’m fixing these as I see them.

Weekend Reads 053124


In this episode of the RIPE Labs podcast, three Internet pioneers talk about how they helped grow the Internet out of its early infancy, back when its purpose – and much of the excitement around its development – lay in the promise of connecting researchers from around the world.


Meta, parent company of Facebook and Instagram, also now is in the AI-focused processor game. The company recently unveiled the next generation of custom-made chips to help power AI-driven rankings and recommendation ads on social media platforms.


Phishing threats have reached unprecedented levels of sophistication in the past year, driven by the proliferation of generative AI tools.


In recent news, more than 13,000 subdomains of brands were hijacked for a large spam campaign that “leverages the trust associated with these domains to circulate spam and malicious phishing emails by the millions each day, cunningly using their credibility and stolen resources to slip past security measures.”


Tenable Research has discovered a critical memory corruption vulnerability dubbed Linguistic Lumberjack in Fluent Bit, a core component in the monitoring infrastructure of many cloud services.


Pew Research Center conducted the analysis to examine how often online content that once existed becomes inaccessible. One part Continue reading

Weekend Reads 052424


The European Union’s new Digital Markets Act (DMA) is a complex, many-legged beast, but at root, it is a regulation that aims to make it easier for the public to control the technology they use and rely on.


When optimizing the write performance of GreptimeDB v0.7, we discovered through flame graphs that the CPU time spent parsing Prometheus write requests accounted for about 12% of the total.


We think that waferscale computing is an interesting and even an inevitable concept for certain kinds of compute and memory. But inevitably, the work you need to do goes beyond what a single wafer’s worth of cores can deliver, and then you have the same old network issues.


Evidence is mounting that tech companies’ policies demanding staff return to the office are only serving to drive out the talent that became accustomed to remote work.


ZTDNS integrates the Windows DNS client and the Windows Filtering Platform (WFP) to enable this domain-name-based lockdown. First, Windows is provisioned with a set of DoH or DoT capable Protective DNS servers; these are expected to only resolve allowed domain names.


The use of Machine Learning and Deep Learning models allows us to understand the intention of Continue reading

Upcoming Training: How the Internet Really Works

The 29th of May, in 7 days, I’m teaching a four-hour webinar/class on Safari Books Online:

From technologists to business leaders, few have a “big picture” understanding of how the Internet is put together. Often this is because the Internet is composed of so many different systems, each of which is deeply complex, so it is easy to specialize in “one part of the Internet,” and it is hard to learn about the other parts without diving into many details. This class de-mystifies the overall structure and “moving parts” of the global Internet. The class begins with a user connecting to a web site, and the process of translating the name of the service the user is seeking to a logical location (a server) where the service is actually located. From there, the path of the packets between the user and the server is traced, exposing each of the different kinds of providers that carry the packet along the way.

This class isn’t just for network engineers, it’s for anyone interested in how the Internet works. You don’t need prior network engineering experience or knowledge to understand the content–so feel free to forward along to anyone you think might be Continue reading

Hedge 227: Provider Consolidation and Competition

Europe and the United States are completely different landscapes of Internet service providers. Which provides better service for customers, and which direction should these different markets go? Luke Kehoe joins Tom Ammon, Eyvonne Sharp, and Russ White to discuss the European market specifically, and why the European market needs consolidation.

Luke’s article on this topic is here.

download

Weekend Reads 051724


The FCC lawfully fined U.S. facilities-based wireless carriers nearly $200 million for selling highly intrusive location data about subscribers without their “opt-in” consent.


Geoff Huston explores the performance of the BBR and Cubic flow control algorithms on the Starlink network through comprehensive measurements.


An instruction set is a lingua franca between compilers and microarchitecture. As such, it has a lot in common with compiler intermediate languages, a subject on which Fred Chow has written an excellent overview


A new malware called Cuttlefish is targeting small office and home office (SOHO) routers with the goal of stealthily monitoring all traffic through the devices and gather authentication data from HTTP GET and POST requests.


But one need not know anything about aeronautics to understand that things are not going well for Boeing, and that the company’s approach is clearly broken. That much was made clear in a new Ars Technica piece from Eric Berger, walking readers through the race between Boeing and SpaceX to develop an astronaut capsule for space travel.


“Legal basis” requirements for data processing, justifying data processing activities and transfers, and adhering to data minimization principles began hitting organizations’ radars with the EU General Data Protection Regulation.


Given Continue reading

Rule 11 Academy is (Somewhat) Live

The Academy does not replace this blog, the Hedge, etc. Instead, it’s a place for me to recreate all the training materials I’ve taught in the past, put them in one place, and adding new training material besides. It’s light right now, but I plan to post about once or twice a week.

Note this is a subscription site with paid content and two memberships–six months and yearly.

Get six months free using the coupon code BEAG2DRUP0TORNSKUT.

https://rule11.ac/

Hedge 225: The CCNA

The CCNA has a long history as an important certification for network engineers. While the CCST has been created by Cisco “below” the CCNA, or as a different starting point, many network engineers begin their career with the CCNA. Join Jason Gooley, Wendell Odom, Tom, and Russ as we discuss the most recent updates to the CCNA, the way updates to the program are changing, and Jason’s and Wendell’s updated book on the CCNA.

download

Weekend Reads 050424


Quantum sensing is poised to revolutionize virtually every aspect of our world. Quantum sensing’s distinctive ability to detect magnetic signatures is already aiding in navigation for countless fuel tankers worldwide, providing otherwise unachievable medical scans, and keeping all of our computer clocks in sync.


Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit edge-case vulnerabilities.


A growing number of data center operators and equipment vendors are anticipating the proliferation of direct liquid cooling systems (DLC) over the next few years. As far as projections go, Uptime Institute’s surveys agree: the industry consensus for the mainstream adoption of liquid-cooled IT converges on the latter half of the 2020s.


The recent discovery of a backdoor in XZ Utils (CVE-2024-3094), a data compression utility used by a wide array of various open-source, Linux-based computer applications, underscores the importance of open-source software security.


The IETF has had a long tradition of doing its technical work through a consensus process, taking into account the different views among IETF participants and coming to (at least rough) consensus on technical matters.


This is where Two-Factor Authentication (2FA) steps in as a powerful tool to bolster security. Let’s delve into Continue reading

1 2 3 4 5 164