War Stories: Always Check Your Inputs

The extremely irregular War Stories series returns, with an anecdote from 15 years ago, investigating a problem with a web app that only seemed to crash when one particular person used it. Ultimately a simple problem, but it took me a while to track it down. I blame Perl.

ISPY With my Little Eye

“ispy” was our custom-built system that archived SMS logs from all our SMSCs, aggregating them to one server for analysis. Message contents were kept for a short period, with CDRs stored for longer (i.e. details of sending and receiving numbers, and timestamps, but no content).

The system had a web interface that support staff could use to investigate customer reports of SMS issues. They could enter source and/or destination MSISDNs, and see when messages were sent, and potentially contents. Access to contents was restricted, and was typically only used for things like abuse investigations.

This system worked well, usually.

Except when it didn’t.

Every few weeks, we’d get reports that L2 support couldn’t access the system. We’d login, see that one process was using up 99% CPU, kill it, and it would be OK for a while. Normally the system was I/O bound, so we Continue reading

War Stories: Always Check Your Inputs

ISPY With my Little Eye

This system worked well, usually.

Except when it didn’t.

Ultimate Go, Ardanlabs, Training Course Writeup

After being in the IT industry for a while, courses generally don’t impress or engage you for very long. If it’s something you’re interested in, you stand a better chance of hanging on in there, but even then, someone talking at you is always difficult. Those that attend conferences regularly will appreciate the shift to ‘brown bag’ lightening talks where a nervous energy fuelled speaker delivers the interesting snippets of a topic with the knowledge to guide question asking talk goers to the right info if they have beyond surface level curiosity.

Therefore, many of us don’t attend classroom based training anymore. Short webinars and self-lead courses are generally the way forward for those of us not in college or university. I need to add here, technology itself is changing too. Gone are the days where Microsoft, Oracle and Cisco lead the world. Sorry folks, they truly are gone. Technology now is ‘passing through’. I have a transformed view of technology akin to cattle herding; rope it, guide it to the right place to feed, then shoot it, eat it and make some handbags. Technology is more and more transient. It’s not about being an expert, it’s about the techniques Continue reading

How to track that annoying pop-up

In a recent update to their Office suite on Windows, Microsoft made a mistake where every hour, for a fraction of a second, a black window pops up on the screen. This leads many to fear their system has been infected by a virus. I thought I'd document how to track this down.

The short answer is to use Mark Russinovich's "sysinternals.com" tools. He's Windows internals guru at Microsoft and has been maintaining a suite of tools that are critical for Windows system maintenance and security. Copy all the tools from "https://live.sysinternals.com". Also, you can copy with Microsoft Windows Networking (SMB).

Of these tools, what we want is something that looks at "processes". There are several tools that do this, but focus on processes that are currently running. What we want is something that monitors process creation.

The tool for that is "sysmon.exe". It can monitor not only process creation, but a large number of other system events that a techy can use to see what the system has been doing, and if you are infected with a virus.

Sysmon has a fairly complicated configuration file, and if you enabled everything, you'd soon be Continue reading

Open Networking for Large Scale Networks

The post Open Networking for Large Scale Networks appeared first on rule 11 reader.

Intel’s new chip puts a teraflop in your desktop. Here’s what that means

It’s as fast as a turn-of-the-century supercomputer. Intel’s Core i9 Extreme Edition processor costs about $2,000. Intel Corporation Earlier this week in Taipei, Intel announced the most powerful desktop chip for consumers that it has ever sold. With 18 cores and a price tag of $1,999, the processor is known as a teraflop chip, meaning …

Continue reading "Intel’s new chip puts a teraflop in your desktop. Here’s what that means"

CCNA Wireless – CCNA Wireless Notes Chapter 5

Types of Wireless Networks

Wireless LANs are not the only type of wireless networks that exist.

Wireless Personal Area Network (WPAN)

WPAN uses low-powered transmitters to create a very short range network, usually 7 to 10 meters. Based on the 802.15 standard and includes technologies such as Bluetooth and ZigBee although ZigBee can have greater range. Unlicensed ISM frequencies are used including the 2.4 GHz band.

Wireless Local Area Network (WLAN)

Wireless service connecting multiple devices using IEEE 802.11 standard over medium-sized range, usually up to 100 meters. Uses unlicensed frequencies in 2.4 GHz and 5 GHz band.

Wireless Metropolitan Area Network (WMAN)

Wireless service over a large geographic area, such as all or portion of a city. One technology used is WiMAX, which is based on the 802.16 standard. Most commonly uses licensed frequencies.

Wireless Wide Area Network (WWAN)

Wireless data service for mobile phones offered over a very large geographic area, such as regional, national or even global by telecommunication carriers. Licensed frequencies are used.

Wireless LAN Topologies

Likelihood of interference increases as the number of wireless devices grows. Wireless devices use half duplex to avoid colliding with other Continue reading

Don’t Miss out on These 5 Spotlights on Security at vForum Online Summer 2017

You’ve likely heard it before: “All businesses are now digital businesses.” But since the business has expanded into digital space, shouldn’t something as critical as business security digitally expand too? That’s where the VMware ubiquitous software layer comes into play — sitting across the application infrastructure and endpoints, no matter where they are.

Now more than ever, it’s clear that security expertise is a must-have for IT. To further enhance your own security knowledge, make sure to join us at vForum Online on June 28th — right from your own desk. As our largest virtual conference, vForum Online is a must-attend event for IT professionals, and especially for those looking to improve their approach to security.

For returning attendees, you may notice we’ve made some alterations to the structure of vForum Online: Now, the conference is divided into several goal-oriented tracks, to ensure we’re aligned to your IT aims.

With this free, half-day event just a few weeks away, we’re counting down the days — and counting up all the reasons you should attend. Get a preview of these five security spotlights you can expect at the conference:

A Modern Approach to IT Security

In our “Transform Security — Reduce Continue reading

Bringing Internet to Nepal’s Remote, Mountainous Villages

In 1997, we finally got the Internet in Nepal. Unfortunately, it was only available in the capital, Kathmandu, which is very far from my village of Nangi. But almost immediately, I started thinking of ways we could get Nangi online. I was already familiar with the Internet from studying in the United States, and I had a lot of ideas about how being online could improve life in Nangi.

For the next four years, I talked to a lot of people about how we could get connected, but nothing seemed feasible. Nangi is in a remote, mountainous part of the country, so we didn’t have wireline phone service. That meant the traditional methods of connecting to the Internet were out, and satellite Internet was prohibitively expensive.

Mahabir Pun

Worth Reading: Bill would surveil Americans for life

The bill requires sharing of private student data among various federal agencies, including the U.S. Department of Education’s Office of Federal Student Aid, the Department of Treasury, the Department of Defense, the Department of Veterans Affairs, the Social Security Administration, and the Bureau of the Census (this is a non-exclusive list). So an individual’s personally identifiable student-loan data can be linked to his tax information and his military information and his Social Security records and everything the census knows about him, which if he filled out the long form is pretty much everything about his life. There are no limits on the purposes for which this data-matching can take place. The only limits will exist in bureaucrats’ imagination. —The Federalist

The post Worth Reading: Bill would surveil Americans for life appeared first on rule 11 reader.

Hybrid-Cloud Strategy, SaaS Boost VMware Revenue 9% in Q1

Partnerships with Google, Microsoft, AWS, and Oracle pay off.

Flight

Birds in flight over a small atol at Hilton Head, South Carolina

The post Flight appeared first on rule 11 reader.

Arista Scores Another Win in Cisco Patent Dispute

Not surprisingly, Cisco is unhappy with the ruling and says it will appeal the decision.

AT&T Buys Brocade’s Vyatta Assets, Including the vRouter

The deal expands AT&T’s white box capabilities.

SDxCentral Weekly News Roundup — June 2, 2017

Verizon reportedly makes a bid for Charter; Toyota runs an open source Linux platform.

Packet Pushers – Weekly Show Show 342: Big Ideas About Networking

Todays show is a conversation on some big ideas about networking and IT, including outsourcing, automation & SD-WAN. Our guest is Mike Bushong, who works for Juniper but isnt speaking for the company in this episode. The post Show 342: Big Ideas About Networking appeared first on Packet Pushers.

Docker for AWS and Azure: Secure By Default Container Platform

Docker for AWS and Docker for Azure are much more than a simple way to setup Docker in the cloud. In fact they provision by default an infrastructure with security in mind to give you a secure platform to build, ship and run Docker apps in the cloud. Available for free in Community Edition and as a subscription with support and integrated management in Enterprise Edition, Docker for AWS and Docker for Azure allow you to leverage pre-configured security features for your apps today – without having to be a cloud infrastructure expert.

You don’t have to take our word for it – in February 2017, we engaged NCC Group, an independent security firm, to conduct a security assessment of Docker for AWS and Docker for Azure. Included in this assessment is Docker for AWS and Docker for Azure Community Edition and Enterprise Edition Basic. This assessment took place from February 6-17. NCC Group was tasked with assessing whether these Docker Editions not only provisioned secure infrastructure with sensible defaults, but also leveraged and integrated the best security features of each cloud. We’d like to openly share their findings with you today.

NCC Group evaluated our security model and defaults, including:

Cloud-specific Continue reading

Epic Evaluation: Ubiquiti ERPro-8 vs Play-Doh

It’s the bake off you’ve been waiting for; a five-month real life test of a Ubiquiti ERPro-8 (EdgeRouter Pro) and a tub of Play-Doh™! Over a period of five months I carefully evaluated these two very useful items and discovered their good and bad points. But after five months, which will I choose as the ultimate winner?

The Rules

Each of the two competing items will be utilized over a period of five months for the purpose for which they were intended.
At the end of the five month test period, the performance of both items will be evaluated, and a winner chosen entirely subjectively based on:
- Suitability for intended purpose during the test
- Condition at the end of the test
- Performance of intended purpose at the end of the test

The Tub of Play-Doh™

Product Specifications

The first item to be evaluated is the tub of Play-Doh™. I didn’t skimp on quality, and bought genuine Play-Doh™ as part of a set which included tubs of both light blue and red. Accessories in the box included a roller, a plastic cutting knife, four shaped cutters and an extruder with four built-in shapes as well as four interchangeable extrusion heads.

The entire kit Continue reading

There is No Perimeter in IoT Security

The Internet of Things (IoT) is not just a device connected to the Internet - it is a complex, rapidly evolving system. To understand the implications, analyse risks, and come up with effective security solutions we need to look ahead and take into account other components, such as Big Data and Artificial Intelligence (AI).

Andrei Robachevsky

Worth Reading: We are all groot

If you venture forth on becoming a programmer after reaching any kind of reasonable adulthood — i.e., gotten through college, survived the military, worked a “real” job or two — you’re used to feeling reasonably successful. Which is one of the perks of being a so-called grownup. Starting new at the very bottom of a new major life area with zero knowledge or experience is something we all did at some point — when you think about it, that is pretty much what childhood is all about. But your typical kid has lots of energy, no mortgage/rent or car payments to worry about, and — most importantly — is developmentally wired to learn a whole bunch of stuff all at once with their nice fresh, flexible brain. —Free Code Camp

The post Worth Reading: We are all groot appeared first on rule 11 reader.

« Previous 1 … 1,987 1,988 1,989 1,990 1,991 … 3,794 Next »