0

Setting up secure wifi

If you don’t set a password on your wifi, then not only can anyone connect, but it’s not even encrypted. This means that even when an open network gives you a captive portal, that could actually be an attacker giving you a fake portal. Even if the portal is HTTPS, because you may be connected to https://evil-fake-portal.com.

That is solved in WPA3, where even open networks become encrypted.

Of course, the attacker can just set up a fake access point, and you’ll connect, none the wiser. Even if the network has a password, the attacker only needs to know that password in order to fake it.

Before WPA3, passwords can easily be brute forced offline. A few years ago I calculated that it would cost about $70 to crack the default generated 8 character random passwords used by a popular ISP here in London, using some GPUs in Google Cloud. I’m sure it’s cheaper now.

That’s potentially years of free use of your neighbours wifi, for just the cost of a couple of months of paying for your own.

But that’s illegal, of course. This post is about protecting you against these attacks, not performing them.

If you Continue reading

0

Tech Bytes: Addressing New Service Provider Routing Applications With Nokia’s FPcx Silicon (Sponsored)

Today's Tech Bytes podcast explores custom silicon with sponsor Nokia. Nokia has recently launched its new FPcx chip for Nokia routers. We’ll talk about the features and capabilities in the new silicon, and the value to service providers and enterprises that custom silicon can bring.

0

Tech Bytes: Addressing New Service Provider Routing Applications With Nokia’s FPcx Silicon (Sponsored)

Today's Tech Bytes podcast explores custom silicon with sponsor Nokia. Nokia has recently launched its new FPcx chip for Nokia routers. We’ll talk about the features and capabilities in the new silicon, and the value to service providers and enterprises that custom silicon can bring.

The post Tech Bytes: Addressing New Service Provider Routing Applications With Nokia’s FPcx Silicon (Sponsored) appeared first on Packet Pushers.

0

Numeric operations on Linux

Linux systems provide numerous ways to work with numbers on the command line – from doing calculations to using commands that generate a range of numbers. This post details some of the more helpful commands and how they work.The expr command One of the most commonly used commands for doing calculations on Linux is expr. This command lets you use your terminal window as a calculator and to write scripts that include calculations of various types. Here are some examples:$ expr 10 + 11 + 12 33 $ expr 99 - 102 -3 $ expr 7 \* 21 147 Notice that the multiplication symbol  * in the command above requires a backslash to ensure the symbol isn’t interpreted as a wildcard. Here are some more examples:To read this article in full, please click here

0

Numeric operations on Linux

Linux systems provide numerous ways to work with numbers on the command line – from doing calculations to using commands that generate a range of numbers. This post details some of the more helpful commands and how they work.The expr command One of the most commonly used commands for doing calculations on Linux is expr. This command lets you use your terminal window as a calculator and to write scripts that include calculations of various types. Here are some examples:$ expr 10 + 11 + 12 33 $ expr 99 - 102 -3 $ expr 7 \* 21 147 Notice that the multiplication symbol  * in the command above requires a backslash to ensure the symbol isn’t interpreted as a wildcard. Here are some more examples:To read this article in full, please click here

0

The Evolving Threat Landscape: What’s Next for Security?

In light of the evolving threat of credential abuse, a radical shift in how we view identity is a good step toward stopping attackers and solving cybersecurity challenges.

0

NB452: Cisco Makes You Feel Vulnerable; Broadcom 25.6Tbps Routing ASIC Targets Custom Silicon; China Mandates IPv6

This week's IT news podcast covers a serious Cisco exploit against IOS XE, new firewalls from Juniper, Broadcom's hopes to capture the routing market with merchant silicon, more movement on restoring net neutrality in the US, and more.

0

Network Break 452: Cisco Makes You Feel Vulnerable; Broadcom 25.6Tbps Routing ASIC Targets Custom Silicon; China Mandates IPv6

This week's IT news podcast covers a serious Cisco exploit against IOS XE, new firewalls from Juniper, Broadcom's hopes to capture the routing market with merchant silicon, more movement on restoring net neutrality in the US, and more.

The post Network Break 452: Cisco Makes You Feel Vulnerable; Broadcom 25.6Tbps Routing ASIC Targets Custom Silicon; China Mandates IPv6 appeared first on Packet Pushers.

0

Cyber attacks in the Israel-Hamas war

On October 7, 2023, at 03:30 GMT (06:30 AM local time), Hamas attacked Israeli cities and fired thousands of rockets toward populous locations in southern and central Israel, including Tel Aviv and Jerusalem. Air raid sirens began sounding, instructing civilians to take cover.

Approximately twelve minutes later, Cloudflare systems automatically detected and mitigated DDoS attacks that targeted websites that provide critical information and alerts to civilians on rocket attacks. The initial attack peaked at 100k requests per second (rps) and lasted ten minutes. Forty-five minutes later, a second much larger attack struck and peaked at 1M rps. It lasted six minutes. Additional smaller DDoS attacks continued hitting the websites in the next hours.

Not just DDoS attacks

Multiple Israeli websites and mobile apps have become targets of various pro-Palestinian hacktivist groups. According to Cybernews, one of those groups, AnonGhost, exploited a vulnerability in a mobile app that alerts Israeli civilians of incoming rockets, “Red Alert: Israel”. The exploit allowed them to intercept requests, expose servers and APIs, and send fake alerts to some app users, including a message that a “nuclear bomb is coming Continue reading

0

NEW!!! Getting started landing page for Ansible Automation Platform on Azure

This blog is co-authored by Tomas Znamenacek and Hicham (he-sham) Mourad

 

Introduction

We’re so excited to introduce you to the newest addition to Red Hat Ansible Automation Platform on Microsoft Azure – The new landing page! Now with new deployments, a single web page that consolidates all you need to know about Ansible Automation Platform on Azure, how to get started, as well as links to the Ansible Automation Platform applications, is now accessible.

Upon arriving at this getting started landing page, you will see three tiles on the overview page. You have the ability to launch each of the following Ansible applications from the tiles: automation controller, private automation hub, and automation analytics, as well as a direct link to the managed Azure product documentation.

The bottom portion of the overview page sets you up for success by providing links to all the enablement content you need. It specifically provides links to Ansible Automation Platform on Azure Knowledge Base articles, documentation, and how to contact and request support.  

Another important area is the “Managed Azure Maintenance and Feature Updates” that provides the link to the maintenance updates and feature releases to Ansible Automation Platform on Azure. Stay Continue reading

0

Video: History of BGP Route Leaks

I’ll be talking about Internet routing security at the Deep conference in a few days, and just in case you won’t be able to make it¹ ;) here’s the first bit of my talk: a very brief history of BGP route leaks².

Note: you’ll find more Network Security Fallacies videos in the How Networks Really Work webinar.

0

Video: History of BGP Route Leaks

I’ll be talking about Internet routing security at the Deep conference in a few days, and just in case you won’t be able to make it¹ ;) here’s the first bit of my talk: a very brief history of BGP route leaks².

Note: you’ll find more Network Security Fallacies videos in the How Networks Really Work webinar.

0

VPP IXP Gateway – Part 1

About this series

Ever since I first saw VPP - the Vector Packet Processor - I have been deeply impressed with its performance and versatility. For those of us who have used Cisco IOS/XR devices, like the classic ASR (aggregation service router), VPP will look and feel quite familiar as many of the approaches are shared between the two.

There’s some really fantastic features in VPP, some of which are lesser well known, and not always very well documented. In this article, I will describe a unique usecase in which I think VPP will excel, notably acting as a gateway for Internet Exchange Points.

In this first article, I’ll take a closer look at three things that would make such a gateway possible: bridge domains, MAC address filtering and traffic shaping.

Introduction

Internet Exchanges are typically L2 (ethernet) switch platforms that allow their connected members to exchange traffic amongst themselves. Not all members share physical locations with the Internet Exchange itself, for example the IXP may be at NTT Zurich, but the member may be present in Interxion Zurich. For smaller clubs, like IPng Networks, it’s not always financially feasible (or desirable) to order a dark fiber between two adjacent Continue reading

0

How Cloudflare mitigated yet another Okta compromise

On Wednesday, October 18, 2023, we discovered attacks on our system that we were able to trace back to Okta – threat actors were able to leverage an authentication token compromised at Okta to pivot into Cloudflare’s Okta instance. While this was a troubling security incident, our Security Incident Response Team’s (SIRT) real-time detection and prompt response enabled containment and minimized the impact to Cloudflare systems and data. We have verified that no Cloudflare customer information or systems were impacted by this event because of our rapid response. Okta has now released a public statement about this incident.

This is the second time Cloudflare has been impacted by a breach of Okta’s systems. In March 2022, we blogged about our investigation on how a breach of Okta affected Cloudflare. In that incident, we concluded that there was no access from the threat actor to any of our systems or data – Cloudflare’s use of hard keys for multi-factor authentication stopped this attack.  

The key to mitigating this week’s incident was our team’s early detection and immediate response. In fact, we contacted Okta about the breach of their systems before they had notified us. The attacker used an open Continue reading

0

Gartner: IT spending to climb 8% to $5.1 trillion in 2024

Driven primarily by cloud and cybersecurity investments, worldwide IT spending is projected to total $5.1 trillion in 2024, an increase of 8% from 2023, according to the latest forecast from Gartner.The software and IT services segments will see double-digit growth in 2024, largely driven by cloud spending, according to Gartner.Global spending on public cloud services is forecast to increase 20.4% in 2024. The source of growth will be a combination of cloud vendors' price increases and increased utilization, just as it was in 2023, wrote John-David Lovelock, a distinguished vice president analyst at Gartner.Cybersecurity spending is also driving growth in the software segment. Roughly 80% of CIOs reported that they plan to increase spending on cyber/information security in 2024, according to Gartner's 2024 CIO and Technology Executive Survey.To read this article in full, please click here

0

Gartner: IT spending to climb 8% to $5.1 trillion in 2024

Driven primarily by cloud and cybersecurity investments, worldwide IT spending is projected to total $5.1 trillion in 2024, an increase of 8% from 2023, according to the latest forecast from Gartner.The software and IT services segments will see double-digit growth in 2024, largely driven by cloud spending, according to Gartner.Global spending on public cloud services is forecast to increase 20.4% in 2024. The source of growth will be a combination of cloud vendors' price increases and increased utilization, just as it was in 2023, wrote John-David Lovelock, a distinguished vice president analyst at Gartner.Cybersecurity spending is also driving growth in the software segment. Roughly 80% of CIOs reported that they plan to increase spending on cyber/information security in 2024, according to Gartner's 2024 CIO and Technology Executive Survey.To read this article in full, please click here

0

DigiCert Study Finds That Quantum Interest is High, But Security Concerns Exist

The survey of 1,426 global IT experts found that 61 percent of organizations are highly concerned about being unprepared for post-quantum computing (PQC) security risks.

0

Heavy Networking 706: The GitNops Approach To Collaborative Network Automation

Today’s Heavy Networking is about collaborative automation via GitNops, which applies DevOps principles to networking. That means things like version control, working with sources of truth, operating infrastructure as code, and collaborating on network on changes and updates. GitNops benefits include automation, repeatability, and scalability. We'll dive into GitNops with guest Tom McGonagle.

0

Heavy Networking 706: The GitNops Approach To Collaborative Network Automation

Today’s Heavy Networking is about collaborative automation via GitNops, which applies DevOps principles to networking. That means things like version control, working with sources of truth, operating infrastructure as code, and collaborating on network on changes and updates. GitNops benefits include automation, repeatability, and scalability. We'll dive into GitNops with guest Tom McGonagle.

The post Heavy Networking 706: The GitNops Approach To Collaborative Network Automation appeared first on Packet Pushers.

0

Empowering our partners with the new Tenant Platform dashboard

Itching to get started? Apply to the Self Serve Partner Beta or Enterprise partner programs now.

Cloudflare has always worked closely with partners to help build a better Internet. From our earliest Hosting Partners, to our latest Cloudflare One program and Authorized Service Delivery partners, we are dedicated to supporting our peers across the networking and cybersecurity ecosystem to secure Enterprise networks, mission-critical applications, and remote employees. As part of that commitment, we are proud to announce the general availability of our first dashboard for our Tenant Platform, providing an intuitive user interface for agencies and partners to manage their client accounts.

Tenant Platform introduction

The first version of the Tenant Platform was created in 2018 to support one of our large integration partners, IBM Cloud. They needed a secure way to independently provision accounts for their clients, spin up custom subscriptions, invite service users within each new account, and begin to configure the service. This platform, although API only, worked extremely well with our OEM and integration partners that were including our solution within their current platform to support their customers.

User interface overview

As Cloudflare has expanded the type of partners and customers it works Continue reading