The complexity of password complexity

Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users' passwords will all have twelve or more characters. Let's stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.First, if you haven't done this already, install the password quality checking library with this command:apt-get -y install libpam-pwquality The files that contain most of the settings we're going to look at will be:To read this article in full, please click here

The complexity of password complexity

Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users' passwords will all have twelve or more characters. Let's stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.First, if you haven't done this already, install the password quality checking library with this command:apt-get -y install libpam-pwquality The files that contain most of the settings we're going to look at will be:To read this article in full or to leave a comment, please click here

The complexity of password complexity

Deploying password quality checking on your Debian-base Linux servers can help to ensure that your users assign reasonable passwords on their accounts, but the settings themselves can be a bit misleading. For example, setting a minimum password length of 12 characters does not mean that your users' passwords will all have twelve or more characters. Let's stroll down Complexity Boulevard and see how the settings work and examine some settings worth considering.First, if you haven't done this already, install the password quality checking library with this command:apt-get -y install libpam-pwquality The files that contain most of the settings we're going to look at will be:To read this article in full or to leave a comment, please click here

Network analysis can find malware before it strikes

Network traffic analysis should be used more in the fight against malware. That’s because pointers show up on the network “weeks and even months” in advance of new malicious software being uncovered, scientists from the Georgia Institute of Technology explain in an article on the school’s website.The researchers, who have been studying historic network traffic patterns, say the latest malware tracking should take advantage of inherent network-supplied barometers and stop simply focusing on trying to identify malware code already on networks and machines. By analyzing already-available, suspicious network traffic created by the hackers over a period of time, administrators will be able to pounce and render malware harmless before it can perform damage.To read this article in full or to leave a comment, please click here

Network analysis can find malware before it strikes

Network traffic analysis should be used more in the fight against malware. That’s because pointers show up on the network “weeks and even months” in advance of new malicious software being uncovered, scientists from the Georgia Institute of Technology explain in an article on the school’s website.The researchers, who have been studying historic network traffic patterns, say the latest malware tracking should take advantage of inherent network-supplied barometers and stop simply focusing on trying to identify malware code already on networks and machines. By analyzing already-available, suspicious network traffic created by the hackers over a period of time, administrators will be able to pounce and render malware harmless before it can perform damage.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Network analysis can find malware before it strikes

Network traffic analysis should be used more in the fight against malware. That’s because pointers show up on the network “weeks and even months” in advance of new malicious software being uncovered, scientists from the Georgia Institute of Technology explain in an article on the school’s website.The researchers, who have been studying historic network traffic patterns, say the latest malware tracking should take advantage of inherent network-supplied barometers and stop simply focusing on trying to identify malware code already on networks and machines. By analyzing already-available, suspicious network traffic created by the hackers over a period of time, administrators will be able to pounce and render malware harmless before it can perform damage.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Network analysis can find malware before it strikes

Network traffic analysis should be used more in the fight against malware. That’s because pointers show up on the network “weeks and even months” in advance of new malicious software being uncovered, scientists from the Georgia Institute of Technology explain in an article on the school’s website.The researchers, who have been studying historic network traffic patterns, say the latest malware tracking should take advantage of inherent network-supplied barometers and stop simply focusing on trying to identify malware code already on networks and machines. By analyzing already-available, suspicious network traffic created by the hackers over a period of time, administrators will be able to pounce and render malware harmless before it can perform damage.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Network analysis can find malware before it strikes

Network traffic analysis should be used more in the fight against malware. That’s because pointers show up on the network “weeks and even months” in advance of new malicious software being uncovered, scientists from the Georgia Institute of Technology explain in an article on the school’s website.The researchers, who have been studying historic network traffic patterns, say the latest malware tracking should take advantage of inherent network-supplied barometers and stop simply focusing on trying to identify malware code already on networks and machines. By analyzing already-available, suspicious network traffic created by the hackers over a period of time, administrators will be able to pounce and render malware harmless before it can perform damage.To read this article in full or to leave a comment, please click here

One Month to Cisco Live Las Vegas

We’re down to just a month before it’s time for Cisco Live in Las Vegas 2017. I’m really looking forward to meeting with a lot of people and attending some great sessions. This will also be my first event as a Cisco Netvet ? I have a few focus areas for this year’s event.

Cisco IWAN

I have a few IWAN projects I’m working on and I’m going to deep dive into IWAN during CLUS. My plans here are to attend the techtorial on Sunday and meet with some of the prominent people behind IWAN. Those contacts are invaluable to have when you are working on complex scenarios. I also want to see what’s on the roadmap and if I can find out anything about how the acquisition of Viptela will affect IWAN, if at all. I also want to see if APIC-EM has matured to be more useful in brownfield scenarios. Another interesting thing I will try to learn more about is how to best do monitoring in an IWAN network.

Cisco ACI

We have a lot of customers moving to ACI right now. Many of them have “legacy” data centers based on the Catalyst 6500. Moving to a vendor Continue reading

Container Deployment Demos from Interop ITX

At Interop ITX 2017 in Las Vegas, I had the privilege to lead a half-day workshop on options for deploying containers to cloud providers. As part of that workshop, I gave four live demos of using different deployment options. Those demos—along with the slides I used for my presentation along the way—are now available to anyone who might like to try them on their own.

The slides and all the resources for the demos are available in this GitHub repository. The four demos are:

  1. Docker Swarm on EC2: This demo leverages Terraform and Ansible to stand up and configure a Docker Swarm cluster on AWS.

  2. Amazon EC2 Container Service (ECS): This demo uses AWS CloudFormation to create an EC2 Container Service cluster with 3 instances and an Amazon RDS instance for backend database storage.

  3. Kubernetes on AWS using kops: Using the kops CLI tool, this demo turns up a Kubernetes cluster on AWS to show how to deploy containerized applications on Kubernetes.

  4. Google Container Engine: The final demo shows using Google Container Engine—which is Kubernetes—to deploy an application.

In the coming weeks, I plan to recreate the demos, record them, and publish them via YouTube, so that Continue reading

Container Deployment Demos from Interop ITX

At Interop ITX 2017 in Las Vegas, I had the privilege to lead a half-day workshop on options for deploying containers to cloud providers. As part of that workshop, I gave four live demos of using different deployment options. Those demos—along with the slides I used for my presentation along the way—are now available to anyone who might like to try them on their own.

The slides and all the resources for the demos are available in this GitHub repository. The four demos are:

  1. Docker Swarm on EC2: This demo leverages Terraform and Ansible to stand up and configure a Docker Swarm cluster on AWS.

  2. Amazon EC2 Container Service (ECS): This demo uses AWS CloudFormation to create an EC2 Container Service cluster with 3 instances and an Amazon RDS instance for backend database storage.

  3. Kubernetes on AWS using kops: Using the kops CLI tool, this demo turns up a Kubernetes cluster on AWS to show how to deploy containerized applications on Kubernetes.

  4. Google Container Engine: The final demo shows using Google Container Engine—which is Kubernetes—to deploy an application.

In the coming weeks, I plan to recreate the demos, record them, and publish them via YouTube, so that Continue reading

Container Deployment Demos from Interop ITX

At Interop ITX 2017 in Las Vegas, I had the privilege to lead a half-day workshop on options for deploying containers to cloud providers. As part of that workshop, I gave four live demos of using different deployment options. Those demos—along with the slides I used for my presentation along the way—are now available to anyone who might like to try them on their own.

The slides and all the resources for the demos are available in this GitHub repository. The four demos are:

  1. Docker Swarm on EC2: This demo leverages Terraform and Ansible to stand up and configure a Docker Swarm cluster on AWS.

  2. Amazon EC2 Container Service (ECS): This demo uses AWS CloudFormation to create an EC2 Container Service cluster with 3 instances and an Amazon RDS instance for backend database storage.

  3. Kubernetes on AWS using kops: Using the kops CLI tool, this demo turns up a Kubernetes cluster on AWS to show how to deploy containerized applications on Kubernetes.

  4. Google Container Engine: The final demo shows using Google Container Engine—which is Kubernetes—to deploy an application.

In the coming weeks, I plan to recreate the demos, record them, and publish them via YouTube, so that Continue reading

How John Deere developed one of the best GPS locators in the world

One of the most accurate GPS-based location systems in the world isn’t a hyper-secret military technology or a top-of-the-line scientific device – it’s John Deere’s RTK network, a dual-band GPS system that lets farmers track their planting, harvesting and more to an accuracy of less than an inch.“It’s one of the most difficult and exciting programs that Deere’s ever done,” according to Terry Pickett, manager of advanced engineering at the company’s Intelligent Solutions Group.+ALSO ON NETWORK WORLD: How Lyft gets a lift from Amazon’s cloud + Google’s machine-learning cloud pipeline explainedTo read this article in full or to leave a comment, please click here

74% off Omaker M4 Portable Bluetooth Shower and Outdoor Speaker with 12 Hour Playtime – Deal Alert

The M4 speaker from Omaker is IP54 rated, so its rugged splash, shock and dustproof design makes it ideal for shower and outdoor use. The latest Bluetooth 4.0 technology helps it pair quickly with your device (tap-to-pair with NFC capable devices) and maintain a long 33-foot connection range. Crystal clear sound quality and robust bass is realized through a 3W audio driver and passive subwoofer. The M4 is capable of producing 12 hours of music at 80% volume, up to three times longer than similar-sized portable speakers. It  fully recharges in just 3 hours using an included Micro USB cable. The unit averages 4.5 out of 5 stars from over 5,000 people on Amazon (read reviews), many of which report sound quality that rivals more expensive speakers. Amazon indicates that its list price has been reduced significantly to just $22.99. See the discounted Omaker M4 speaker now on Amazon.To read this article in full or to leave a comment, please click here

Gravityscan, keeping WordPress sites safe

If your website, in common with roughly 25% of all websites, is running WordPress then it's pretty much certain that it's being constantly attacked. WordPress is to hackers what raw meat is to jackals because unless sites are assiduously maintained, they quickly become vulnerable to a huge number of exploits.The root cause of this vulnerability is WordPress' ecosystem of complex core software augmented by thousands of third party developers whose themes and plugins are often buggy and not quickly (or often, never) updated to fend off known security problems. Add to that many site owners being slow to update their core WordPress installation and you have an enormous and easily discovered collection of irresistible hacking targets.To read this article in full, please click here

Gravityscan, keeping WordPress sites safe

If your website, in common with roughly 25% of all websites, is running WordPress then it's pretty much certain that it's being constantly attacked. WordPress is to hackers what raw meat is to jackals because unless sites are assiduously maintained, they quickly become vulnerable to a huge number of exploits.The root cause of this vulnerability is WordPress' ecosystem of complex core software augmented by thousands of third party developers whose themes and plugins are often buggy and not quickly (or often, never) updated to fend off known security problems. Add to that many site owners being slow to update their core WordPress installation and you have an enormous and easily discovered collection of irresistible hacking targets.To read this article in full or to leave a comment, please click here

Gravityscan, keeping WordPress sites safe

If your website, in common with roughly 25% of all websites, is running WordPress then it's pretty much certain that it's being constantly attacked. WordPress is to hackers what raw meat is to jackals because unless sites are assiduously maintained, they quickly become vulnerable to a huge number of exploits.The root cause of this vulnerability is WordPress' ecosystem of complex core software augmented by thousands of third party developers whose themes and plugins are often buggy and not quickly (or often, never) updated to fend off known security problems. Add to that many site owners being slow to update their core WordPress installation and you have an enormous and easily discovered collection of irresistible hacking targets.To read this article in full or to leave a comment, please click here

1 2,000 2,001 2,002 2,003 2,004 3,795