BiB 069: Plixer’s FlowPro Shines A Light On Network Darkness

Plixer has announced the FlowPro network probe to shine some light on sections of the network with limited flow export capability. Available both as hardware and virtual appliances, FlowPro observes network packets via SPAN or ERSPAN and can, based on its observations, create and export flow records to Scrutinizer. But that’s not all that FlowPro can do. There’s a bunch of analytical capability baked into the tool with both APM and security use cases.

The post BiB 069: Plixer’s FlowPro Shines A Light On Network Darkness appeared first on Packet Pushers.

DNS Flag Day

The 1st of February was DNS Flag Day, which is an initiative of several DNS vendors and operators to address the problems of DNS name server implementations that are not in compliance with long-established DNS standards. This is causing the DNS to not only be unnecessarily slow and inefficient, but prevent operators from deploying new functionality including mechanisms to protect against DDoS attacks.

DNSSEC and other extended features of the DNS require EDNS0 (Extension Mechanisms for DNS – RFC 6891), and properly implemented name servers should either reply with an EDNS0 compliant response, or provide a regular DNS response if they don’t understand.

However, a lot of name server software is not implemented properly which has meant resolvers have had to incorporate workarounds when name servers don’t respond correctly. These cause unnecessary retries, delays, and prevent the newer features of the DNS being used.

As a result, the vendors of the most commonly used DNS software (BIND, Ubound, PowerDNS and Knot) will no longer be supporting these workarounds in new versions of their software, whilst a number of public DNS resolver operators (CleanBrowsing, Cloudflare, Google and Quad9) will no longer resolve hostnames served by broken name server implementations.

This may mean Continue reading

Software-defined connectivity planned for colocation data centers

Gartner predicts that by 2025, 80 percent of enterprises will migrate entirely away from their on-premises data centers. Instead they’ll follow the current trend of moving workloads to colocation, hosting and the cloud, leading them to shut down their traditional data centers.I’m sure that colocation centers look forward to the growth in business, but the growth also means the colocation data centers need to become more agile, scalable, and flexible. This is absolutely critical to their business model viability, but the challenge to get there is greater than ever.[ Also read: How to plan a software-defined data-center network and Efficient container use requires data-center software networking ] Colocation providers have long benefitted from offering cross-connect and IT services, as well as Layer 2 WAN connectivity. However, these traditional offerings really aren't meeting the emerging demands from enterprise tenants who want more integrated, more secure and more automated networking solutions. As workloads move across different environments, such as SaaS and public clouds, there are management and operational challenges for colocation providers who are now being asked to support a more diverse portfolio of connectivity solutions.To read this article in full, please click here

Software-defined connectivity planned for colocation data centers

Gartner predicts that by 2025, 80 percent of enterprises will migrate entirely away from their on-premises data centers. Instead they’ll follow the current trend of moving workloads to colocation, hosting and the cloud, leading them to shut down their traditional data centers.I’m sure that colocation centers look forward to the growth in business, but the growth also means the colocation data centers need to become more agile, scalable, and flexible. This is absolutely critical to their business model viability, but the challenge to get there is greater than ever.[ Also read: How to plan a software-defined data-center network and Efficient container use requires data-center software networking ] Colocation providers have long benefitted from offering cross-connect and IT services, as well as Layer 2 WAN connectivity. However, these traditional offerings really aren't meeting the emerging demands from enterprise tenants who want more integrated, more secure and more automated networking solutions. As workloads move across different environments, such as SaaS and public clouds, there are management and operational challenges for colocation providers who are now being asked to support a more diverse portfolio of connectivity solutions.To read this article in full, please click here

Software-defined connectivity planned for colocation data centers

Gartner predicts that by 2025, 80 percent of enterprises will migrate entirely away from their on-premises data centers. Instead they’ll follow the current trend of moving workloads to colocation, hosting and the cloud, leading them to shut down their traditional data centers.I’m sure that colocation centers look forward to the growth in business, but the growth also means the colocation data centers need to become more agile, scalable, and flexible. This is absolutely critical to their business model viability, but the challenge to get there is greater than ever.[ Also read: How to plan a software-defined data-center network and Efficient container use requires data-center software networking ] Colocation providers have long benefitted from offering cross-connect and IT services, as well as Layer 2 WAN connectivity. However, these traditional offerings really aren't meeting the emerging demands from enterprise tenants who want more integrated, more secure and more automated networking solutions. As workloads move across different environments, such as SaaS and public clouds, there are management and operational challenges for colocation providers who are now being asked to support a more diverse portfolio of connectivity solutions.To read this article in full, please click here

How Bezo’s dick pics might’ve been exposed

In the news, the National Enquirer has extorted Amazon CEO Jeff Bezos by threatening to publish the sext-messages/dick-pics he sent to his mistress. How did the National Enquirer get them? There are rumors that maybe Trump's government agents or the "deep state" were involved in this sordid mess. The more likely explanation is that it was a simple hack. Teenage hackers regularly do such hacks -- they aren't hard.

This post is a description of how such hacks might've been done.


To start with, from which end were they stolen? As a billionaire, I'm guessing Bezos himself has pretty good security, so I'm going to assume it was the recipient, his girlfriend, who was hacked.

The hack starts by finding the email address she uses. People use the same email address for both public and private purposes. There are lots of "people finder" services on the Internet that you can use to track this information down. These services are partly scams, using "dark patterns" to get you to spend tons of money on them without realizing it, so be careful.

Using one of these sites, I quickly found a couple of a email accounts she's used, one at HotMail, another Continue reading

Coming soon: On-premises 5G gear for enterprises

With all major mobile carriers expected to offer 5G this year, enterprises that want to take advantage of this next-gen mobile data service need to start thinking about how to support it on site.Anticipation is keen for 5G, given that it promises to deliver faster speeds and lower latency than the current premium wireless technology, 4G LTE. Ideally, 5G networks could deliver fast internet to areas of the country where wired broadband is unavailable, and more reliable connections to a variety of devices including not only computers and smartphones but also appliances, automobiles and security systems. But to use these services as a WAN option, businesses need hardware that can connect it to their existing wired and wireless LANs.To read this article in full, please click here

Coming soon: On-premises 5G gear for enterprises

With all major mobile carriers expected to offer 5G this year, enterprises that want to take advantage of this next-gen mobile data service need to start thinking about how to support it on site.Anticipation is keen for 5G, given that it promises to deliver faster speeds and lower latency than the current premium wireless technology, 4G LTE. Ideally, 5G networks could deliver fast internet to areas of the country where wired broadband is unavailable, and more reliable connections to a variety of devices including not only computers and smartphones but also appliances, automobiles and security systems. But to use these services as a WAN option, businesses need hardware that can connect it to their existing wired and wireless LANs.To read this article in full, please click here

SD-WAN creates new security challenges

SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet’s executive vice president of products and solutions, John Maddison, who sets the company’s product strategy, making him well versed in both SD-WAN and security.To read this article in full, please click here

SD-WAN creates new security challenges

SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet’s executive vice president of products and solutions, John Maddison, who sets the company’s product strategy, making him well versed in both SD-WAN and security.To read this article in full, please click here

SD-WAN creates new security challenges

SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet’s executive vice president of products and solutions, John Maddison, who sets the company’s product strategy, making him well versed in both SD-WAN and security.To read this article in full, please click here

SD-WAN creates new security challenges

SD-WAN products have been available for the better part of five years. Early adopters of the technology focused primarily on transport-related issues such as replacing or augmenting MPLS with broadband. As any technology matures and moves out of the early adopter phase, the buying criteria changes — and SD-WAN is no different.In 2018, a ZK Research survey asked respondents to rank SD-WAN buying criteria, and security came out as the top response, well ahead of technology innovation and price. (Note: I am employee of ZK Research.) To better understand this trend and what it means to network professionals, I sat down with Fortinet’s executive vice president of products and solutions, John Maddison, who sets the company’s product strategy, making him well versed in both SD-WAN and security.To read this article in full, please click here

Graph neural networks: a review of methods and applications

Graph neural networks: a review of methods and applications Zhou et al., arXiv 2019

It’s another graph neural networks survey paper today! Cue the obligatory bus joke. Clearly, this covers much of the same territory as we looked at earlier in the week, but when we’re lucky enough to get two surveys published in short succession it can add a lot to compare the two different perspectives and sense of what’s important. In particular here, Zhou et al., have a different formulation for describing the core GNN problem, and a nice approach to splitting out the various components. Rather than make this a standalone write-up, I’m going to lean heavily on the Graph neural network survey we looked at on Wednesday and try to enrich my understanding starting from there.

An abstract GNN model

For this survey, the GNN problem is framed based on the formulation in the original GNN paper, ‘The graph neural network model,’ Scarselli 2009.

Associated with each node is an s-dimensional state vector.

The target of GNN is to learn a state embedding \mathbf{h}_v \in \mathbb{R}^s which contains the information of the neighbourhood for each node.

Given the state embedding we can produce a node-level Continue reading

Dell EMC speeds up backups and restores in its storage appliances

Dell EMC has introduced new software for its Data Domain and Integrated Data Protection Appliance (IPDA) products that it claims will improve backup and restore performance from anywhere from 2.5 times to four times the previous version.Data Domain is Dell EMC’s purpose-built data deduplicating backup appliance, originally purchased by EMC long before the merger of the two companies. The IPDA is a converged solution that offers complete backup, replication, recovery, deduplication, with cloud extensibility.Performance is the key feature Dell is touting with Data Domain OS 6.2 and IDPA 2.3 software. Dell says Data Domain on-premises restores are up to 2.5 times faster than prior versions, while data restoration from the Amazon Web Services (AWS) public cloud to an on-premises Data Domain appliance can be up to four times faster.To read this article in full, please click here

Dell EMC speeds up backups and restores in its storage appliances

Dell EMC has introduced new software for its Data Domain and Integrated Data Protection Appliance (IPDA) products that it claims will improve backup and restore performance from anywhere from 2.5 times to four times the previous version.Data Domain is Dell EMC’s purpose-built data deduplicating backup appliance, originally purchased by EMC long before the merger of the two companies. The IPDA is a converged solution that offers complete backup, replication, recovery, deduplication, with cloud extensibility.Performance is the key feature Dell is touting with Data Domain OS 6.2 and IDPA 2.3 software. Dell says Data Domain on-premises restores are up to 2.5 times faster than prior versions, while data restoration from the Amazon Web Services (AWS) public cloud to an on-premises Data Domain appliance can be up to four times faster.To read this article in full, please click here

1 1,277 1,278 1,279 1,280 1,281 3,797