TLS 1.3 is going to save us all, and other reasons why IoT is still insecure

TLS 1.3 is going to save us all, and other reasons why IoT is still insecure

As I’m writing this, four DDoS attacks are ongoing and being automatically mitigated by Gatebot. Cloudflare’s job is to get attacked. Our network gets attacked constantly.

Around the fall of 2016, we started seeing DDoS attacks that looked a little different than usual. One attack we saw around that time had traffic coming from 52,467 unique IP addresses. The clients weren’t servers or desktop computers; when we tried to connect to the clients over port 80, we got the login pages to CCTV cameras.

Obviously it’s important to lock down IoT devices so that they can’t be co-opted into evil botnet armies, but when we talk to some IoT developers, we hear a few concerning security patterns. We’ll dive into two problematic areas and their solutions: software updates and TLS.

The Trouble With Updates

With PCs, the end user is ultimately responsible for securing their devices. People understand that they need to update their computers and phones. Just 4 months after Apple released iOS 10, it was installed on 76% of active devices.

People just don’t know that they are supposed to update IoT things like they are supposed to update their computers because they’ve never had to update things Continue reading

TLS 1.3 is going to save us all, and other reasons why IoT is still insecure

TLS 1.3 is going to save us all, and other reasons why IoT is still insecure

As I’m writing this, four DDoS attacks are ongoing and being automatically mitigated by Gatebot. Cloudflare’s job is to get attacked. Our network gets attacked constantly.

Around the fall of 2016, we started seeing DDoS attacks that looked a little different than usual. One attack we saw around that time had traffic coming from 52,467 unique IP addresses. The clients weren’t servers or desktop computers; when we tried to connect to the clients over port 80, we got the login pages to CCTV cameras.

Obviously it’s important to lock down IoT devices so that they can’t be co-opted into evil botnet armies, but when we talk to some IoT developers, we hear a few concerning security patterns. We’ll dive into two problematic areas and their solutions: software updates and TLS.

The Trouble With Updates

With PCs, the end user is ultimately responsible for securing their devices. People understand that they need to update their computers and phones. Just 4 months after Apple released iOS 10, it was installed on 76% of active devices.

People just don’t know that they are supposed to update IoT things like they are supposed to update their computers because they’ve never had to update things Continue reading

Introduction to Uni-Directional Link Detection (UDLD) Protocol

Today I am going to talk about another protocol named as UDLD Uni-Directional Link Detection protocol in details with the different modes used in UDLD.

Before I will start with the UDLD protocol, I would like to tell you guys that we have our own youtube channel for various network videos that can further help you guys to study further. I will going to add many more videos soon on the channel, Please subscribe to the channel for the study network related videos.

Subscribe us on Youtube: http://y2u.be/-5cF6JaNO68 


Thanks for your huge support to our Youtube Channel and the Twitter account. Now let's talk about the UDLD protocol in details now.

Fig 1.1- UDLD Protocol Tx and Rx
What is the UDLD protocol and where we are using this protocol ?
UDLD is a Layer 2 protocol that works with the Layer 1 protocols to determine the physical status of a link. In Layer 1, auto negotiation takes care of physical signalling and fault detection. UDLD performs tasks that auto negotiation cannot perform, such as detecting the identities of neighbors and shutting down misconnected LAN ports. 

Fig 1.2- UDLD Protocol

Switching Basics : STP Root Bridge Election Procedure

Today I am going to talk about the STP (Spanning tree) Root bridge selection procedure. It is one of the most important topic in the Switching and you guys should know about it. I am taking the case where we have three different switches with the MAC addresses and i will talk about how these switches communicate with each other to finally get the root bridge.

Before I will start with the Root bridge in the STP switched network, I would like to tell you guys that we have our own youtube channel for various network videos that can further help you guys to study further. I will going to add many more videos soon on the channel, Please subscribe to the channel for the study network related videos.

Subscribe us on Youtube: http://y2u.be/-5cF6JaNO68 

What is the purpose of the Root Bridge ?
The idea is to have all the communication from source to destination from the root bridge so that we can avoid the loop in the switched LAN network. So before starting the communication in the switched network we need to setup a root bridge.

Spanning-tree election occurs when a switch Continue reading

Displaying Pi Output on an LCD

A few weeks ago, I shared an article about leveraging the Meraki API and a Raspberry Pi to create a Dummy Light for My Network. Today’s article expands on this slightly by adding a 16×2 LCD Display for additional output flexibility. For the sake of demonstration, we will continue to use the Meraki API as the source of what will be displayed. An example of what I have built is shown immediately below in this short video.

TL;DR

To accomplish this, I added the HD44780 to my Raspberry Pi (Pi 2 Model B) using the following pinout.

#connect LCD Pin 1 (VSS) to Ground
#connect LCD Pin 2 (VDD) to 5v rail
#connect LCD Pin 3 (VO) to potentiometer
#connect LCD Pin 4 (RS) to 37
#connect LCD Pin 5 (RW) to Ground
#connect LCD Pin 6 (E) to 35
#connect LCD Pin 12
#connect LCD Pin 13
#connect LCD Pin 14
#connect LCD Pin 15
#connect LCD andode (a) to 5v rail (Phy Pin 2)  with resistance
#connect LCD cathode (k) to Ground Rail (Phy Pin 6)
#connect potentiometer to 5v and ground rails

Next, I wrote the following Python Script.

import requests
import json
import RPi.GPIO as GPIO
import  Continue reading

Displaying Pi Output on an LCD

A few weeks ago, I shared an article about leveraging the Meraki API and a Raspberry Pi to create a Dummy Light for My Network. Today’s article expands on this slightly by adding a 16×2 LCD Display for additional output flexibility. For the sake of demonstration, we will continue to use the Meraki API as the source of what will be displayed. An example of what I have built is shown immediately below in this short video.

TL;DR

To accomplish this, I added the HD44780 to my Raspberry Pi (Pi 2 Model B) using the following pinout.

#connect LCD Pin 1 (VSS) to Ground
#connect LCD Pin 2 (VDD) to 5v rail
#connect LCD Pin 3 (VO) to potentiometer
#connect LCD Pin 4 (RS) to 37
#connect LCD Pin 5 (RW) to Ground
#connect LCD Pin 6 (E) to 35
#connect LCD Pin 12
#connect LCD Pin 13
#connect LCD Pin 14
#connect LCD Pin 15
#connect LCD andode (a) to 5v rail (Phy Pin 2)  with resistance
#connect LCD cathode (k) to Ground Rail (Phy Pin 6)
#connect potentiometer to 5v and ground rails

Next, I wrote the following Python Script.

import requests
import json
import RPi.GPIO as GPIO
import  Continue reading

Displaying Pi Output on an LCD

A few weeks ago, I shared an article about leveraging the Meraki API and a Raspberry Pi to create a Dummy Light for My Network. Today’s article expands on this slightly by adding a 16×2 LCD Display for additional output flexibility. For the sake of demonstration, we will continue to use the Meraki API as the source of what will be displayed. An example of what I have built is shown immediately below in this short video.

TL;DR

To accomplish this, I added the HD44780 to my Raspberry Pi (Pi 2 Model B) using the following pinout.

#connect LCD Pin 1 (VSS) to Ground
#connect LCD Pin 2 (VDD) to 5v rail
#connect LCD Pin 3 (VO) to potentiometer
#connect LCD Pin 4 (RS) to 37
#connect LCD Pin 5 (RW) to Ground
#connect LCD Pin 6 (E) to 35
#connect LCD Pin 12
#connect LCD Pin 13
#connect LCD Pin 14
#connect LCD Pin 15
#connect LCD andode (a) to 5v rail (Phy Pin 2)  with resistance
#connect LCD cathode (k) to Ground Rail (Phy Pin 6)
#connect potentiometer to 5v and ground rails

Next, I wrote the following Python Script.

import requests
import json
import RPi.GPIO as GPIO
import  Continue reading

Let’s Make the Internet Safe for All

Imagine you’re at the starting line of a race, excited about the opportunity that awaits you when you complete the course. The starting pistol is fired and you try to take off, but instead of soaring with the other runners, you stumble. You look down to see that someone has slashed your shoelaces. As you crouch down to try to fix them, you see the others gain distance ahead of you.

This is the reality for many women who use the Internet. The technology is the same and its potential is the same for men and women. But when women go online, there are barriers to access and safety that men do not experience. While men might worry about identity theft or a virus, women – along with trans and non-binary users – are navigating a minefield of sexualized harassment, whether they’re on a dating site, gaming, or using social media. The sexual violence women are exposed to in the physical world translates to the online space.

According to a 2017 survey from Pew Research Center, women and men experience and view online harassment very differently. The survey found that, while 41 percent of Americans have experienced online harassment, Continue reading

Recent Russian Routing Leak was Largely Preventable

Last week, the IP address space belonging to several high-profile companies, including Google, Facebook and Apple, was briefly announced out of Russia, as was first reported by BGPmon.

Following the incident, Job Snijders of NTT wrote in a post entitled, “What to do about BGP hijacks”.  He stated that, given the inherent security weaknesses in BGP, things will only improve “the moment it becomes socially unacceptable to operate an Internet network without adequate protections in place” and thus customers would stop buying transit from providers that operate without proper route filtering.

Since Job has presented at NANOG about the various filtering methods employed by NTT, I decided to look into how well NTT (AS2914) did in this particular incident.  While a handful of the 80 misdirected routes were ultimately carried on by AS2914 to the greater internet, NTT didn’t contribute to the leaking of any of the major internet companies, such as Facebook, Google, Apple, etc.  In fact, when one analyzes the propagation of every one of these leaked routes, a pattern begins to emerge.

Route Leaks by AS39523

On 12 December 2017, AS39523 announced 80 prefixes (only one of which was theirs) for two different 3-4 Continue reading

Weekend Reads 122217

Because this is the last “weekend reads” of the year, I’m supersizing it, and including a few articles at the end on culture I found interesting. The majority of the other stories relate to security, as always.

San Diego, Calif., Dec. 12, 2017 — Computer scientists have built and successfully tested a tool designed to detect when websites are hacked by monitoring the activity of email accounts associated with them. The researchers were surprised to find that almost 1 percent of the websites they tested had suffered a data breach during their 18-month study period, regardless of how big the companies’ reach and audience are. “No one is above this—companies or nation states— it’s going to happen; it’s just a question of when,” said Alex C. Snoeren, the paper’s senior author and a professor of computer science at the Jacobs School of Engineering at the University of California San Diego. —UC San Diego

GPS has become such an ingrained part of our culture that many of us don’t even think about it anymore. If you want to go check out a new restaurant but don’t know where it is, search for it in Google Maps. Want to map your Continue reading

IDG Contributor Network: How interconnection can set the pace as holiday shopping gets more digital

The arrival of the holiday shopping season always brings sharp focus onto ecommerce, which just keeps disrupting how retailers and consumers shop. But it’s striking just how much running room remains in front of this trend, which already has a couple decades of Christmases under its big black Santa belt.According to eMarketer, ecommerce sales will grow more than 23 percent in 2017 – and still only account for a tenth of retail sales globally. Opportunities remain huge in the online shopping sector, but only if companies can continue to keep the digital payments at the heart of it simple, fast and secure for consumers and retailers alike. That’s a perpetual challenge.To read this article in full, please click here

IDG Contributor Network: How interconnection can set the pace as holiday shopping gets more digital

The arrival of the holiday shopping season always brings sharp focus onto ecommerce, which just keeps disrupting how retailers and consumers shop. But it’s striking just how much running room remains in front of this trend, which already has a couple decades of Christmases under its big black Santa belt.According to eMarketer, ecommerce sales will grow more than 23 percent in 2017 – and still only account for a tenth of retail sales globally. Opportunities remain huge in the online shopping sector, but only if companies can continue to keep the digital payments at the heart of it simple, fast and secure for consumers and retailers alike. That’s a perpetual challenge.To read this article in full, please click here

IDG Contributor Network: How interconnection can set the pace as holiday shopping gets more digital

The arrival of the holiday shopping season always brings sharp focus onto ecommerce, which just keeps disrupting how retailers and consumers shop. But it’s striking just how much running room remains in front of this trend, which already has a couple decades of Christmases under its big black Santa belt.According to eMarketer, ecommerce sales will grow more than 23 percent in 2017 – and still only account for a tenth of retail sales globally. Opportunities remain huge in the online shopping sector, but only if companies can continue to keep the digital payments at the heart of it simple, fast and secure for consumers and retailers alike. That’s a perpetual challenge.To read this article in full, please click here

1 1,780 1,781 1,782 1,783 1,784 3,841