PQ 148: How To Monitor Cryptojacking With Paessler PRTG (Sponsored)

Today on Priority Queue, the Packet Pushers peer into the darker corners of network monitoring.

Monitoring gets you visibility. But when you can see what’s happening, you might not like what you find. That s the topic of today s sponsored show with Paessler AG, maker of PRTG network monitoring software.

Our guests are Greg Ross, Presales Systems Engineer at Paessler; and Troy Mursch, a security researcher who blogs at Bad Packets Report.

Troy discovered that cryptojacking malware called Coinhive had infected a popular Website. We’ll talk about how he used Paessler sensors to monitor the malware on the site, and to track down other infected systems.

We talk with Troy and Greg about how to use Paessler to monitor key metrics that could indicate malware. We also dig into Paessler’s capabilities for more typical network monitoring use cases.

And here’s a special offer for Packet Pushers listeners: Paessler is offering a free network security eBook. You can get it at go.paessler.com/packetpushers.

You can also get a free trail of PRTG here.

Show Links:

Free Network Security eBook – Paessler

Paessler PRTG Free Trial

Paessler on Twitter

Troy Mursch/Bad Packets Report on Twitter

Who and What Is Continue reading

Internet Society, LACNIC, and LAC-IX Partner to Strengthen IXPs in Latin America

Wednesday, 2 May 2018, the Internet Society signed a Memorandum of Understanding with the Association of Internet Exchange Points (LAC-IX) and the Latin American Registry for Internet Numbers (LACNIC) to create and strengthen Internet Exchange Points (IXPs) for a stable, secure, and open Internet and to maximise the impact of our activities across Latin America and the Caribbean.

Internet Society’s work on interconnection, traffic exchange, and IXPs not only improves local Internet service in developed regions, but also engages with the local communities that are instrumental in advancing the Internet Society’s mission. The IXP program helps develop Internet technical communities and network operators across the globe.

The Internet Society cooperates with regional organisations that lead IXP work in the field, supporting their work, promoting new IXPs where needed, and helping spread Internet Society work that is valuable to their communities.

LAC-IX and LACNIC have a unique role in promoting new IXPs, supporting existing communities, and, through them, providing the messages that contribute to a stable and scalable Internet.

This Memorandum of Understanding establishes a reference framework for cooperation mechanisms between the Parties. Plans include supporting capacity-building events, disseminating common initiatives and projects, and promoting good routing practices at traffic exchange Continue reading

Intel job posting hints at major overhaul to the processor core

A job listing on Intel’s official webpage for a senior CPU micro-architect and designer to build a revolutionary microprocessor core has fueled speculation that the company is finally going to redesign its Core-branded CPU architecture after more than 12 years.Intel introduced the Core architecture in 2006, and that was an iteration of the P6 microarchitecture first introduced with the Pentium Pro in 1995. So, in some ways, Intel in 2018 is running on a 1995 design. Even though its tick/tock model called for a new microarchitecture every other year, the new architecture was, in fact, just a tweak of the old one and not a clean sheet design.The job is based in the Intel's Hillsboro, Oregon, facility, where all of the major development work is done. It initially said “join the Ocean Cove team to deliver Intel’s next-generation core design in Hillsboro, Oregon.” That entry has since been removed from the posting.To read this article in full, please click here

Intel job posting hints at major overhaul to the processor core

A job listing on Intel’s official webpage for a senior CPU micro-architect and designer to build a revolutionary microprocessor core has fueled speculation that the company is finally going to redesign its Core-branded CPU architecture after more than 12 years.Intel introduced the Core architecture in 2006, and that was an iteration of the P6 microarchitecture first introduced with the Pentium Pro in 1995. So, in some ways, Intel in 2018 is running on a 1995 design. Even though its tick/tock model called for a new microarchitecture every other year, the new architecture was, in fact, just a tweak of the old one and not a clean sheet design.The job is based in the Intel's Hillsboro, Oregon, facility, where all of the major development work is done. It initially said “join the Ocean Cove team to deliver Intel’s next-generation core design in Hillsboro, Oregon.” That entry has since been removed from the posting.To read this article in full, please click here

Intel Teaches Quantum Computing 101

A team at Intel, in collaboration with QuTech in the Netherlands, is researching the possibilities of quantum computing to better understand how practical quantum computers can be programmed to impact our lives. Given the research nature and current limitations of quantum computers, particularly in terms of I/O, researchers are focusing on specific types of algorithms.

As you might expect, Intel Labs is focused on applications such as material science and quantum chemistry. Other possible algorithms include parameterized simulations and various combinatorial optimization problems that have a global optimum. It is also worth noting that this research may never come to

Intel Teaches Quantum Computing 101 was written by Timothy Prickett Morgan at The Next Platform.

Some Fake News Fighters Embrace AI, Others Seek the Human Touch

Fake news doesn’t seem to be going away anytime soon, and some entrepreneurs are targeting false news reports with new services designed to alert readers.

Some countries have pushed for new laws to criminalize the creation of fake news – raising questions about government censorship – but these new fake news fighters take a different approach, some using Artificial Intelligence, some using human power, and some using a combination of AI and humans.

Several high-profile fake news fighting services have launched in recent years, some of them driven by the amount of fake news generated during the 2016 U.S. election. These services generally focus on web content appearing to be legitimate news, as an alternative to traditional fact-checking services like Snopes – which takes a broad look at Web-based news and rumors – or PolitiFact – which addresses claims made by politicians and political groups.

The amount of fake news generated during the election campaign was the main reason FightHoax founder Valentinos Tzekas began working on his service two years ago. At the time, Tzekas was a first-year applied informatics student at a Greek university, but he is planning to leave school to work full time on FightHoax.

The 2016 Continue reading

Mobile data usage overtakes Wi-Fi, and CBRS threatens

Wi-Fi use has dropped in the United States. The reason: Consumers are shifting to cellular mobile networks that are providing new, unlimited data bundles. That’s according to mobile network performance analyst OpenSignal.The testing-firm, which publishes an annual Wi-Fi-versus-mobile crowdsourced study, says consumers are taking advantage of unlimited data plans being offered by the major mobile network operators (MNOs) in the U.S. No longer are folks worrying about generating large bills using mobile data for media or having to work around limited, included-data buckets.“Users are likely becoming more confident about consuming data over cellular networks,” writes Peter Boyland in a blog post on OpenSignal’s website.To read this article in full, please click here

Automating Compliance for Highly Regulated Industries with Docker Enterprise Edition and OSCAL

OSCAL Docker

Source: NIST.gov and C2 Labs 

Highly-regulated industries like financial services, insurance and government have their own set of complex and challenging regulatory IT requirements that must be constantly maintained. For this reason, the introduction of new technology can sometimes be difficult. Docker Enterprise Edition provides these types of organization with both a secure platform on which containers are the foundation for building compliant applications and a workflow for operational governance at scale.

The problem remains that even with the technology innovation of containers, cloud and other new tools, the area of IT compliance has remained relatively unchanged with security standards that lag far behind, creating mismatches of traditional controls to modern systems. Organizations are still dependent on the same mundane, paperwork-heavy audit and reporting processes of previous decades. The time and cost to build a PCI, FISMA or HIPAA compliant system is no small feat, even for large enterprises, due to the resources required to develop and maintain the documentation and artifacts that must be continuously audited by a third party.

To address these requirements, Docker has collaborated with the National Institute of Standards and Technology (NIST), and today, we are excited to announce that Docker is fully embracing Continue reading

Google could be getting serious about IoT with release of Android Things

Google I/O, the company's annual developer conference, grabs fewer headlines than it used to in ages past – the reveal of Google Glass was one for the record books, even the biggest Google detractor would have to admit. But Google's still planning to make some waves this year, particularly with what seems likely to be a full roll-out of Android Things 1.0, the variant Android OS designed for IoT.The idea behind Things is to provide a unified, one-size-fits-all software option for the developers of constrained devices like smart displays, kiosks and digital signage, among others. Device makers won’t be allowed to modify parts of Android Things’ code, specifically the parts that ensure Google can flash updates to all devices running the software at any time.To read this article in full, please click here

Google’s going to make some IoT news at I/O 2018

Google I/O, the company's annual developer conference, grabs fewer headlines than it used to in ages past – the reveal of Google Glass was one for the record books, even the biggest Google detractor would have to admit. But Google's still planning to make some waves this year, particularly with what seems likely to be a full roll-out of Android Things 1.0, the variant Android OS designed for IoT.The idea behind Things is to provide a unified, one-size-fits-all software option for the developers of constrained devices like smart displays, kiosks and digital signage, among others. Device makers won’t be allowed to modify parts of Android Things’ code, specifically the parts that ensure Google can flash updates to all devices running the software at any time.To read this article in full, please click here

Cisco’s Wide And Deep Embrace Of Kubernetes

As enterprises continue to spread their workloads around – keeping some in their core datacenters while placing others in either private clouds or sprinkling them among disparate public clouds – the portability, visibility and management of those applications becomes an issue. There is no standardization among public cloud providers like Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform, among others, and applications that run well in an on-premises datacenter may hit some rough patches when they migrate to the cloud. Developers also are finding challenges when moving applications into production, either in the datacenter or cloud, also

Cisco’s Wide And Deep Embrace Of Kubernetes was written by Jeffrey Burt at The Next Platform.

Hackathon at Africa Internet Summit Focuses on Time, Vehicular Communications, and Network Programmability

We are pleased to announce the 2nd Hackathon@AIS will be held in Dakar, Senegal, on 9-10 May, alongside the Africa Internet Summit. Participants from 14 countries have confirmed their participation and will work on activities centered around three main topics:

  • The Network Time Protocol (or NTP)
  • Wireless communication in vehicular environments – based on Intelligent Transportation Systems
  • Network Programmability

Working on open Internet standards involves a collaborative effort whereby individuals from different backgrounds provide input and expertise to improve the Internet. Work is focused on common objectives with set timelines. This work is mostly done by people in different geographical locations using the Internet (and online tools) to collaborate on the work. In some cases, short technical events called hackathons place experts in one physical location to work collaboratively to solve a problem or develop a new product or output in a short period of time.

Last year, the Internet Society’s African Regional Bureau, together with AFRINIC, organized a hackathon in Kenya, during the 2017 Africa Internet Summit. In Africa, work on open Internet standards development is low, with only a handful of Request For Comments (RFCs) known to have been published by experts from the region. One of Continue reading

A Secure Supply Chain for Kubernetes

With KubeCon EU happening in Copenhaguen, we looked back at the most popular posts with our readers on Docker and Kubernetes. For those of you that have yet to try Docker EE 2.0, this blog highlights how Docker EE 2.0 provides a secure supply chain for Kubernetes.

The GA release of the Docker Enterprise Edition (Docker EE) container platform last month integrates Kubernetes orchestration, running alongside Swarm, to provide a single container platform that supports both legacy and new applications running on-premises or in the cloud. For organizations that are exploring Kubernetes or deploying it in production, Docker EE offers integrated security for the entire lifecycle of a containerized application, providing an additional layer of security before the workload is deployed by Kubernetes and continuing to secure the application while it is running.

Mike Coleman previously discussed access controls for Kubernetes. This week we’ll begin discussing how Docker EE secures the Kubernetes supply chain.

What is a Software Supply Chain?

When you purchase something from a retail store, there is an entire supply chain that gets the product from raw materials to the manufacturer to you. Similarly, there is a software supply chain that takes an application from Continue reading

Automation Win: Zero-Touch Provisioning

Listening to the networking vendors it seems that zero-touch provisioning is a no-brainer … until you try to get it working in real life, and the device you want to auto-configure supports only IP address assignment via DHCP, configuration download via TFTP, and a DHCP option that points to the configuration file.

As Hans Verkerk discovered when he tried to implement zero-touch provisioning with Ansible while attending the Building Network Automation Solutions course you have to:

Read more ...

Stateless datacenter load-balancing with Beamer

Stateless datacenter load-balancing with Beamer Olteanu et al., NSDI’18

We’ve spent the last couple of days looking at datacenter network infrastructure, but we didn’t touch on the topic of load balancing. For a single TCP connection, you want all of the packets to end up at the same destination. Logically, a load balancer (a.k.a. ‘mux’) needs to keep some state somewhere to remember the mapping.

Existing load balancer solutions can load balance TCP and UDP traffic at datacenter scale at different price points. However, they all keep per-flow state; after a load balancer decides which server should handle a connection, that decision is “remembered” locally and used to handle future packets of the same connection. Keeping per-flow state should ensure that ongoing connections do not break when servers and muxes come or go…

There are two issues with keeping this state though. Firstly , it can sometimes end up incomplete or out of date (especially under periods of rapid network change, such as during scale out and scale in). Secondly, there’s only a finite amount of resource to back that state, which opens the door to denial of service attacks such as SYN flood attacks.

Beamer is Continue reading

1 1,576 1,577 1,578 1,579 1,580 3,795