NetworkingNexus.net

Kubernetes networking 101 – (Basic) External access into the cluster

In our last post we talked about an important Kubernetes networking construct – the service. Services provide a means for pods running within the cluster to find other pods and also provide rudimentary load balancing capabilities. We saw that services can create DNS entries within Kube-DNS which makes the service accessible by name as well. So now that we know how you can use services to access pods within the cluster it seems prudent to talk about how things outside of the cluster can access these same services. It might make sense to use the same service construct to provide this functionality, but recall that the services are assigned IP addresses that are only known to the cluster. In reality, the service CIDR isnt actually routed anywhere but the Kubernetes nodes know how to interact with service IPs because of the netfilter rules programmed by the kube-proxy. The service network just needs to be unique so that the containers running in the pod will follow their default route out to the host where the netfilter rules will come into play. So really the service network is sort of non-existent from a routing perspective as it’s only locally significant to each host. Continue reading

Russian hackers use OAuth, fake Google apps to phish users

The Russian hacking group blamed for targeting U.S. and European elections has been breaking into email accounts, not only by tricking victims into giving up passwords, but by stealing access tokens too. It's sneaky hack that's particularly worrisome, because it can circumvent Google's 2-step verification, according to security firm Trend Micro. The group, known as Fancy Bear or Pawn Storm, has been carrying out the attack with its favored tactic of sending out phishing emails, Trend Micro said in a report Tuesday. To read this article in full or to leave a comment, please click here

Russian hackers use OAuth, fake Google apps to phish users

Big News About the Full Stack Journey Podcast

If you’ve been following the Full Stack Journey podcast, you know that the podcast has been silent for a few months. Some of that was due to some adverse situations in life (it happens to all of us from time to time), but some of it was due to the coordination of a major transition in the podcast. And that’s the big news I’m here to share—read on for the full details!

If you’ve been in the IT industry for any reasonable length of time, especially in the networking space, you’ve probably heard of the Packet Pushers Podcast. It’s a hugely popular podcast created by Greg Ferro and Ethan Banks. In recent years, Packet Pushers has expanded from the “main show” to include other shows, including the Datanauts podcast (led by Chris Wahl and Ethan Banks). They’ve also been looking to expand their stable of podcasts to include additional relevant content.

This brings me to the big news: the Full Stack Journey podcast is joining the Packet Pushers network of podcasts! That’s right—the Full Stack Journey will be part of Packet Pushers’ growing network of podcasts. In talking with Greg and Ethan and the rest of the Packet Pushers team, Continue reading

Palantir to pay $1.7 million to settle racial hiring bias claim

Data analytics company Palantir will pay US$1.7 million in back pay and stock options to settle charges that it routinely discriminated against Asian job applicants. In addition, it must also hire eight people from among those it allegedly discriminated against.The charges go back to September last year, when the Department of Labor accused Palantir of rejecting Asian software engineers for jobs even though they were as qualified as white applicants. Palantir also maintained a discriminatory employee referral system, the Labor Dept. alleged.Tuesday's deal ends a threat to Palantir's government contracting business. Under federal law, companies that work for the government are obliged to ensure their hiring practices and policies are free of all forms of discrimination.To read this article in full or to leave a comment, please click here

Old Windows Server machines can still fend off hacks. Here’s how

If you're running a Windows Server 2003 machine, you have a problem. Your already-vulnerable computer is now at severe risk of being hacked.That's due to the internet release earlier this month of a batch of updates that paint a bulls-eye on computers running Windows Server 2003, according to security researchers.“I can teach my mom how to use some of these exploits,” said Jake Williams, founder of Rendition Infosec, a security provider. “They are not very complicated at all.”Experts are urging affected businesses to upgrade to the latest Windows OSes, which offer security patches that can address the threat.To read this article in full or to leave a comment, please click here

Old Windows Server machines can still fend off hacks. Here’s how

Huawei, Google supercharge Android with new Raspberry Pi-like board

Prepare to run Android at blazing fast speeds on a new Raspberry Pi-like computer developed by Huawei.Huawei's HiKey 960 computer board is priced at US$239 but has some of the latest CPU and GPU technologies. Google, ARM, Huawei, Archermind, and LeMaker all played roles in developing the board.The HiKey 960 is meant to be a go-to PC for Android or a tool to develop software and drivers for the OS. The board development was backed by Linaro, an organization that develops software packages for the Android OS and ARM architecture.Linaro CEO George Grey recently said it was sad that Android developers had to write code on x86 chips. He encouraged the organization's members to build a superfast computer so developers could build ARM software on ARM architecture. Intel has scaled back Android support on x86 PCs and isn't making smartphone chips.To read this article in full or to leave a comment, please click here

Discounted CleanMyMac 3 with Gemini 2 Space Saving Bundle – Deal Alert

CleanMyMac 3 with Gemini 2 in tow is like a professional cleaning team for your Mac. The all-new CleanMyMac 3 will clean, optimize, and maintain your Mac. It scans every inch of your system, removes gigabytes of junk in just two clicks, and monitors the health of your Mac. Gemini 2 finds duplicate files and wipes them away. It's smart, laser accurate, and recovers tons of space on your Mac. Right now, when purchased together, the bundle will be discounted 10%. See this deal now on MacPaw (see under "Space Saving Bundle"). Alternatively, if you're looking to purchase just one, you can access CleanMyMac 3 here, and Gemini 2 right here.To read this article in full or to leave a comment, please click here

Cisco Jasper package manages everything enterprise mobile

Cisco today announced an enterprise management package designed to help users monitor and control the data usage operation of the tons of mobile devices in their networks.Cisco Jasper’s Control Center for Mobile Enterprise is an extension of Jasper’s overarching Control Center IoT service platform, now directed at letting enterprise customers turn up services more quickly, and since it ultimately will be integrated directly into service provider networks will allow for real-time usage data, automated cost control and what Jasper calls “enterprise-grade self-serve management of mobile services and assets.”Like Control Center for IoT, Cisco Jasper’s Mobile Enterprise features are delivered through a service provider and in for now only Canadian telco Telus offers the plan. Cisco Jasper says others will soon follow, but a timetable remains open. The company has 50 service providers offering Control Center services worldwide.To read this article in full or to leave a comment, please click here

Specs of Microsoft’s purported CloudBook leaked

Over the past few weeks there have been rumors of a new version of Windows 10, called Windows 10 Cloud, that sounded like a reimagined Windows RT and would only load apps from the Windows Store and do everything online. Along with the new OS have been rumors of a new piece of hardware, dubbed the CloudBook, which would be targeted at the popular Chromebooks created by Google and its OEM partners. Chromebooks are basically modern-day netbooks, in that they are aimed at internet use, have very long battery life and are below cost. To read this article in full or to leave a comment, please click here

This is the closest thing Intel has built to a discrete GPU

Intel doesn't make its own discrete GPU but has built something that specializes in processing 4K graphics. But that product isn't powerful enough to run Crysis, if you were wondering.The chipmaker showed off its Intel Visual Compute Accelerator 2 at the NAB show in Las Vegas this week. It has the build of a GPU but is designed for server applications and not for PCs.The VCA 2 is aimed at cloud streaming 4K video, graphics, and virtual reality content. Servers with the graphics accelerator installed could be used to stream video or broadcast content.The VCA 2 uses the 4K-capable Iris Pro Graphics P580 graphics chip and three Intel Xeon E3-1500 v5 processors. The P580 is also used in Intel's mini-PC called Skull Canyon, which is designed for gaming.To read this article in full or to leave a comment, please click here

This is the closest thing Intel has built to a discrete GPU

Worth Reading: Password and security recommendations

Rather than just regurgitate the usual unworkable advice (make each password 14 different random characters, change them every week, and never write them down) we tried to look at the real threats on the current Internet and offer advice that makes sense today. The password advice does recommend strong passwords or pass phrases, but then mostly talks about operational issues: do encrypt channels where passwords are sent via HTTPS or the like, do use multiple factors where possible, do use federated authentication to minimize the number of passwords people have to use, do make users change default passwords before using a new account, and don’t do hard account lockouts after password failures (an easy way to harass your enemies.) While it does say to make it easy for users to change passwords when they want, it doesn’t recommend required password changes, since that is counterproductive–people use a pattern like password1, password2, password3, write them down, or most likely both. —CircleID

The post Worth Reading: Password and security recommendations appeared first on rule 11 reader.

Ixia goes native to build its cloud visibility solution

Earlier this month Ixia announced an update to its CloudLens product where it could now provide visibility into public clouds. Ixia wasn’t the first packet broker vendors to roll out a solution that extends the visibility infrastructure to the cloud. That honor goes to Gigamon, which announced the general availability of its visibility platform for Amazon Web Services.Over the past few years, the packet broker space has heated up, as customers are feeling the pain of running distributed environments and have brought in more network management and security tools. Packet brokers effectively create a middleware layer that sits between the network and tools and makes it significantly easier to deploy best-of-breed tools. Now that IT departments are aggressively expanding to the cloud, it makes sense that the visibility tier would need to as well.To read this article in full or to leave a comment, please click here

Security certificates gone wrong

Security certificates are designed to authenticate hosts. Browsers have become pretty good about understanding chains of authorities, and making users accept the risk when websites can’t prove the chain of authorities needed to verify they are who they say they are.Sites masquerading as legitimate sites, however, employ sad little tricks, such as “punycode”—URL links embedded in otherwise official-looking phishing emails. These tricks are malicious. There are also sites that should be well-administrated but are not.Then there are sites, important sites, that botch their own security with certificates ostensibly granted by places such as the U.S. Department of Homeland Security (DHS).To read this article in full or to leave a comment, please click here

Security certificates gone wrong

Escher Erases Batching Lines for Efficient FPGA Deep Learning

Aside from the massive parallelism available in modern FPGAs, there are other two other key reasons why reconfigurable hardware is finding a fit in neural network processing in both training and inference.

First is the energy efficiency of these devices relative to performance, and second is the flexibility of an architecture that can be recast to the framework at hand. In the past we’ve described how FPGAs can fit over GPUs as well as custom ASICs in some cases, and what the future might hold for novel architectures based on reconfigurable hardware for these workloads. But there is still …

Escher Erases Batching Lines for Efficient FPGA Deep Learning was written by Nicole Hemsoth at The Next Platform.

Box revises platform pricing to ease developer adoption

Box is trying to give developers who want to use its platform more pricing consistency with a new announced Tuesday.Customers will now pay on the basis of how much active use they're getting out of the Box Platform, which offers cloud storage and content management capabilities for third-party applications. Companies can purchase packages from Box that include a set number of active users, API calls, bandwidth, and storage use.The first package costs US$500 per month and includes 100 monthly active users, 175,000 Box API calls, 125GB of bandwidth, and 125GB of storage in Box's cloud. The more packages companies purchase, the less they have to pay per package. For developers just getting started with the platform, there's a free tier that allows 10 monthly active users, 15,000 API calls, 10GB of bandwidth, and 10GB of storage.To read this article in full or to leave a comment, please click here

9 Easy Ways to Break a Cisco Network

Every day operation of a Cisco router is likely to cause failure.

The post 9 Easy Ways to Break a Cisco Network appeared first on EtherealMind.

« Previous 1 … 2,110 2,111 2,112 2,113 2,114 … 3,834 Next »