Research: Tail Attacks on Web Applications

When you think of a Distributed Denial of Service (DDoS) attack, you probably think about an attack which overflows the bandwidth available on a single link; or overflowing the number of half open TCP sessions a device can have open at once, preventing the device from accepting more sessions. In all cases, a DoS or DDoS attack will involve a lot of traffic being pushed at a single device, or across a single link.

TL;DR
  • Denial of service attacks do not always require high volumes of traffic
  • An intelligent attacker can exploit the long tail of service queues deep in a web application to bring the service down
  • These kinds of attacks would be very difficult to detect

 

But if you look at an entire system, there are a lot of places where resources are scarce, and hence are places where resources could be consumed in a way that prevents services from operating correctly. Such attacks would not need to be distributed, because they could take much less traffic than is traditionally required to deny a service. These kinds of attacks are called tail attacks, because they attack the long tail of resource pools, where these pools are much Continue reading

IDG Contributor Network: Cutting complexity at the edge

The edge is top-of-mind for many IT and OT professionals across a wide range of industries and sectors. This interest is driven by the need to use data more effectively to maintain operations, optimize performance and increase uptime.Existing IT and OT infrastructures typically don’t collect, store and analyze data at the edge. They instead either send this data to the cloud or to enterprise-level computing systems for storage and analysis, the domain of IT personnel.A better solution, specifically for applications where access to data needs to happen quickly, is to perform data collection, storage and analysis at the edge using technologies designed to perform these specific tasks. The benefits of this approach include reduced latency, improved data security and more efficient use of bandwidth.To read this article in full, please click here

IDG Contributor Network: Cutting complexity at the edge

The edge is top-of-mind for many IT and OT professionals across a wide range of industries and sectors. This interest is driven by the need to use data more effectively to maintain operations, optimize performance and increase uptime.Existing IT and OT infrastructures typically don’t collect, store and analyze data at the edge. They instead either send this data to the cloud or to enterprise-level computing systems for storage and analysis, the domain of IT personnel.A better solution, specifically for applications where access to data needs to happen quickly, is to perform data collection, storage and analysis at the edge using technologies designed to perform these specific tasks. The benefits of this approach include reduced latency, improved data security and more efficient use of bandwidth.To read this article in full, please click here

6G will achieve terabits-per-second speeds

The first of the upcoming 5G network technologies won’t provide significant reliability gains over existing wireless, such as 4G LTE, according to a developer involved in 5G.Additionally, the millisecond levels of latency that the new 5G wireless will attempt to offer—when some of it is commercially launched, possibly later this year—isn’t going to be enough of an advantage for a society that’s now completely data-driven and needs near-instant, microsecond connectivity.“Ultra-reliability will be basically not there,” Ari Pouttu, professor for Dependable Wireless at the University of Oulu, told me during a visit to the university in Finland. 5G’s principal benefits over current wireless platforms are touted as latency reduction and improved reliability by marketers who are pitching the still-to-be-released technology.To read this article in full, please click here

6G will achieve terabits-per-second speeds

The first of the upcoming 5G network technologies won’t provide significant reliability gains over existing wireless, such as 4G LTE, according to a developer involved in 5G.Additionally, the millisecond levels of latency that the new 5G wireless will attempt to offer—when some of it is commercially launched, possibly later this year—isn’t going to be enough of an advantage for a society that’s now completely data-driven and needs near-instant, microsecond connectivity.“Ultra-reliability will be basically not there,” Ari Pouttu, professor for Dependable Wireless at the University of Oulu, told me during a visit to the university in Finland. 5G’s principal benefits over current wireless platforms are touted as latency reduction and improved reliability by marketers who are pitching the still-to-be-released technology.To read this article in full, please click here

Norfolk and Richmond, Virginia: Cloudflare’s 152nd and 153rd cities

Norfolk and Richmond, Virginia: Cloudflare's 152nd and 153rd cities
Norfolk and Richmond, Virginia: Cloudflare's 152nd and 153rd cities

Virginia has a very important place in Internet history, as well as the history of Cloudflare’s network.

Northern Virginia, in the area around Ashburn VA, has for a long time been core to Internet infrastructure. In the early 1990’s, MAE-East (Metropolitan-Area-Exchange East) , an Internet Exchange Point (IXP) was established. MAE-East and West were some of the earliest IXPs. Internet Exchange Points are crucial interconnection points for ISPs and other Internet Networks to interconnect and exchange traffic. Eco-systems have grown around these through new data center offerings and new Internet platforms. Like many pieces of the Internet, MAE-East had a humble beginning, though not many humble beginnings grew to handle around 50% of Internet traffic exchange.

Cloudflare’s second Data Center, and one that still plays a critical component in our Global Network was Ashburn, Virginia. Similarly across many organizations, the Northern Virginia area has become a Data Center mecca. Many of the largest Clouds have a substantial amount of their footprint in Northern Virginia. Although MAE-East no longer exists, other Internet Exchange Points have come and grown in its place.

Cloudflare’s network has grown beyond what was traditional Interconnection points, like Ashburn/Northern VA, to a new Edge of the Continue reading

Dell EMC puts big data as a service on premises

To get up and running on a self-service, big-data analytics platform efficiently, many data-center and network managers these days would likely think about using a cloud service. But not so fast – there is some debate about whether the public cloud is the way to go for certain big-data analytics.For some big-data applications, the public cloud may be more expensive in the long run, and because of latency issues, slower than on-site private cloud solutions. In addition, having data storage reside on premises often makes sense due to regulatory and security considerations. [ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] With all this in mind, Dell EMC has teamed up with BlueData, the provider of a container-based software platform for AI and big-data workloads, to offer Ready Solutions for Big Data, a big data as a service (BDaaS) package for on-premises data centers. The offering brings together Dell EMC servers, storage, networking and services along with BlueData software, all optimized for big-data analytics. To read this article in full, please click here

Dell EMC puts big data as a service on premises

To get up and running on a self-service, big-data analytics platform efficiently, many data-center and network managers these days would likely think about using a cloud service. But not so fast – there is some debate about whether the public cloud is the way to go for certain big-data analytics.For some big-data applications, the public cloud may be more expensive in the long run, and because of latency issues, slower than on-site private cloud solutions. In addition, having data storage reside on premises often makes sense due to regulatory and security considerations. [ Also see How to plan a software-defined data-center network and Efficient container use requires data-center software networking.] With all this in mind, Dell EMC has teamed up with BlueData, the provider of a container-based software platform for AI and big-data workloads, to offer Ready Solutions for Big Data, a big data as a service (BDaaS) package for on-premises data centers. The offering brings together Dell EMC servers, storage, networking and services along with BlueData software, all optimized for big-data analytics. To read this article in full, please click here

IDG Contributor Network: Network engineers are from Mars, application engineers are from Venus

Application and network engineers see the world differently. Unfortunately, these differences often result in resentment, with each party keeping score. Recently, application engineers have encroached on networking in a much bigger way. Sadly, if technical history repeats itself, we will revisit many of the long-ago problems again as application engineers rediscover the wisdom held by networking engineers.There are many areas of network engineering and application engineering where there is no overlap or contention. However, the number of overlapping areas is increasing as the roles of network and application engineers expand and evolve.Application engineers will try to do anything they can with code. I’ve spoken to many network engineers who struggle to support multi-cast. When I ask them why they are using multi-cast, they nearly always say, “the application engineers chose it, because it's in the Unix Network Programming book.” The Berkley Socket programming interface permits using multi-cast. The application engineers then provide lost packet recovery techniques to deliver files and real-time media using unicast and multicast. The Berkeley Socket does not easily support VLANs. Thus VLANs have always been the sole property of the network engineer. Linux kernel network programming capabilities in recent years become much more Continue reading

IDG Contributor Network: Network engineers are from Mars, application engineers are from Venus

Application and network engineers see the world differently. Unfortunately, these differences often result in resentment, with each party keeping score. Recently, application engineers have encroached on networking in a much bigger way. Sadly, if technical history repeats itself, we will revisit many of the long-ago problems again as application engineers rediscover the wisdom held by networking engineers.There are many areas of network engineering and application engineering where there is no overlap or contention. However, the number of overlapping areas is increasing as the roles of network and application engineers expand and evolve.Application engineers will try to do anything they can with code. I’ve spoken to many network engineers who struggle to support multi-cast. When I ask them why they are using multi-cast, they nearly always say, “the application engineers chose it, because it's in the Unix Network Programming book.” The Berkley Socket programming interface permits using multi-cast. The application engineers then provide lost packet recovery techniques to deliver files and real-time media using unicast and multicast. The Berkeley Socket does not easily support VLANs. Thus VLANs have always been the sole property of the network engineer. Linux kernel network programming capabilities in recent years become much more Continue reading

History Of Networking – Mike Sullenberger – DMVPN

In this History of Networking episode, Mike Sullenberger joins Network Collective to talk about the history of DMVPN.
Mike Sullenberger
Guest
Russ White
Host
Eyvonne Sharp
Host

Outro Music:
Danger Storm Kevin MacLeod (incompetech.com)
Licensed under Creative Commons: By Attribution 3.0 License
http://creativecommons.org/licenses/by/3.0/

The post History Of Networking – Mike Sullenberger – DMVPN appeared first on Network Collective.

Ansible Tower 3.3 Available Now

RedHat-Tower-3-3-Social-A

We're happy to announce that Red Hat Ansible Tower 3.3 is now generally available. In this release, there are a number of enhancements that can help improve the automation in any organization. The team has been hard at work adding functionality with Red Hat OpenShift Container Platform, more granular permissions, scheduler improvements, support for multiple Ansible environments, and many other features.

Here are a few we are excited about!

Ansible Tower + OpenShift Container Platform

Push-button Ansible Tower deployment for Red Hat OpenShift Container Platform users is now here! Ansible Tower 3.3 is now a supported offering on Red Hat OpenShift Container Platform. The new Ansible Tower pod service in Red Hat OpenShift makes it easy to add capacity to Ansible Tower by adding additional pods. This enables users to scale at runtime as needed. Best of all, Ansible Tower is configurable directly from Red Hat OpenShift Container Platform.

  • Scale Ansible Tower up and down at runtime as needed
  • Add capacity to Ansible Tower by adding additional pods

All configurable directly from the Red Hat OpenShift Container Platform UI, CLI, and API.

More Granular Control

Ansible Tower now allows for even easier configuration of jobs for use Continue reading

Alternatives to Nmap: from simple to advanced network scanning

This month marks the 20th anniversary of Nmap, the open-source network mapping tool that became the standard used by many IT professionals, but that can be a bit much if you only need to do general network maintenance and are intimidated by its command-line interface.There are alternatives – not many – that range in technical sophistication from tools with GUIs that can ease you into performing the essentials of network maintenance to more advanced software that is similar to Nmap itself.[ Also see reviews of Icinga, Observium, Nagios and Zabbix network-monitoring software.] Like Nmap, all these network tools are free.To read this article in full, please click here

1 1,422 1,423 1,424 1,425 1,426 3,793