Developing good BGP neighbour relationships @ APRICOT 2019

Routing Security is featuring heavily on the APRICOT 2019 programme, which is being held on 23-28 February 2019 in Daejeon, South Korea. This helps build on the MANRS initiative being supported by the Internet Society,

On Wednesday, 27 February (09.30-13.00 UTC+9) there will be a Routing Security session that will discuss the latest problems, developments, and how routing security measures can be implemented. Speakers include Job Snijders (NTT) who’ll be discussing changes to BGP in the coming 18 months; Töma Gavrichenkov (Qrator Labs) on how BGP hijacks can be used to compromise the digital certificates used to secure online transactions; and from Anurag Bhatia (Hurricane Electric) who’ll analyse the top misused ASNs.

During the second part of the session, Tashi Puntsho (APNIC) will cover the practical issues and implications of deploying your own RPKI Certificate Authority; Tim Bruijnzeels (NLnet Labs) will discuss the use of route servers at Internet Exchange Points; whilst Ed Lewis (ICANN) will discuss the issues with using the RIR Whois databases.

Following on from this, our colleague Andrei Robachevsky will be raising awareness of the MANRS Initiative during the FIRST Technical Colloquium (16.30-18.00 UTC+9).

FIRST is the global organisation of Computer Security Continue reading

How to identify shell builtins, aliases and executable files on Linux systems

Shell builtins are commands that are loaded into memory when a shell — such as bash, sh, or zsh — is invoked. The reason for this is that keeping these commands in memory helps ensure that these commands will be run very efficiently whenever someone uses them. They run faster because they don't have to first be loaded into memory. They're "built in."Determining whether commands that you use are builtins, aliases, or executable files on your system that are loaded as needed requires the use of several interesting commands. These include type, which, and compgen. So, let's take a look at how these commands work and what they can tell us.To read this article in full, please click here

How to identify shell builtins, aliases and executable files on Linux systems

Shell builtins are commands that are loaded into memory when a shell — such as bash, sh, or zsh — is invoked. The reason for this is that keeping these commands in memory helps ensure that these commands will be run very efficiently whenever someone uses them. They run faster because they don't have to first be loaded into memory. They're "built in."Determining whether commands that you use are builtins, aliases, or executable files on your system that are loaded as needed requires the use of several interesting commands. These include type, which, and compgen. So, let's take a look at how these commands work and what they can tell us.To read this article in full, please click here

BGP: What is it, how can it break, and can Linux BGP fix it?

Border Gateway Protocol (BGP) is one of the most important protocols on the internet. At the same time, when it breaks, it is one of the most potentially catastrophic.

As the internet grows ever larger and becomes ever more complex, having a well-configured BGP is crucial to keeping everything running smoothly. Unfortunately, when a BGP is not configured correctly, there can be disastrous consequences.

This blog will provide a brief explanation of what BGP is, and then dive into some of the common protocol issues and pitfalls. We cannot go too deep into the intricacies of BGP – those can (and do) fill entire books. However, we can provide an overview of how Linux (which has a standardized BGP protocol set and in-depth monitoring, analysis, and control tools) can be used to alleviate some of these common issues.

What is BGP?

BGP is a routing protocol that relies on TCP, designed for providing routing information in and between autonomous systems (ASes). In large networks, BGP is responsible for informing all hosts that need to know of the ways a packet can travel from site A to site B – and, if a site or router goes down, how to reroute the packet so Continue reading

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

Cisco warns on HyperFlex security vulnerabilities

Cisco this week identified two “High” security vulnerabilities in its HyperFlex data-center package that could let attackers gain control of the system.  HyperFlex is Cisco’s hyperconverged infrastructure that offers computing, networking and storage resources in a single system. More about edge networking How edge networking and IoT will reshape data centers Edge computing best practices How edge computing can help secure the IoT The more critical of the two warnings – an 8.8 on Cisco’s severity scale of 1-10 – is a command-injection vulnerability in the cluster service manager of Cisco HyperFlex Software that could let an unauthenticated, attacker execute commands as the root user.To read this article in full, please click here

No!

What part of "no" doesn't the DNS understand? We look at over-query rates in the DNS when we try to resolve a non-existent name.
1 1,306 1,307 1,308 1,309 1,310 3,841