Killing idle TCP connections

Why

Let’s say you have some TCP connections to your local system that you want to kill. You could kill the process that handles the connection, but that may also kill other connections, so that’s not great. You could also put in a firewall rule that will cause the connection to be reset. But that won’t work on a connection that’s idle (also if one side is initiator then using this method the other side would not tear down its side of the connection). There’s tcpkill, but it needs to sniff the network to find the TCP sequence numbers, and again that won’t work for an idle connection.

Ideally for these long-running connections TCP keepalive would be enabled. But sometimes it’s not. (e.g. it’s not on by default for gRPC TCP connections, and they certainly can be long-running and idle).

You could also do this by attaching a debugger and calling shutdown(2) on the sockets, but having the daemon calling unexpected syscalls thus getting into an unexpected state doesn’t really make for a stable system. Also attaching a debugger hangs the daemon while you’re attached to it.

This post documents how to do this on a Debian system.

Continue reading

Wind River uses virtualization to turn M2M into IoT

Wind River, an IoT software division of Intel, wants to help industrial users bring their legacy machine-to-machine systems into the age of open source and cloud computing.On Tuesday, it introduced software to virtualize industrial applications at the edge of the network, letting enterprises gradually migrate from older M2M technology to modern systems that give them more flexibility.The platform, called Wind River Titanium Control, runs on commodity Xeon hardware and uses widely adopted cloud platforms such as OpenStack and KVM (Kernel-based Virtual Machine). The company has validated hardware systems from major manufacturers to run Titanium Control and pre-validated virtual network applications through its Titanium Cloud Ecosystem, begun in 2014. Titanium Control is targeted at industries like manufacturing, energy and health care.To read this article in full or to leave a comment, please click here

Apple downplays importance of CIA’s iPhone hacking capabilities

In a massive data dump last week, WikiLeaks released thousands upon thousands of highly secretive and sensitive CIA documents that detail the extent of the government agency's spying tools. Aside from interesting tidbits regarding the CIA attempting to eavesdrop on targets via Samsung HD-TVs, the leaked documents also reference the CIA's efforts to hack into iOS devices.In fact, the CIA even has a specialized team devoted entirely towards coming up with security exploits for iOS devices, in particular the iPhone. Even though the iPhone only accounts for less than 15 percent of global smartphone marketshare, Apple's iconic smartphone attracts a disproportionate amount of attention because it's proven to be quite popular among "social, political, diplomatic and business elites."To read this article in full or to leave a comment, please click here

Apple downplays importance of CIA’s iPhone hacking capabilities

In a massive data dump last week, Wikileaks released thousands upon thousands of highly secretive and sensitive CIA documents which detail the extent of the government agency's spying tools. Aside from interesting tidbits regarding the CIA attempting to eavesdrop on targets via Samsung HDTVs, the leaked documents also reference the CIA's efforts to hack into iOS devices.In fact, the CIA even has a specialized team devoted entirely towards coming up with security exploits for iOS devices, and in particular the iPhone. Even though the iPhone only accounts for less than 15% of global smartphone marketshare, Apple's iconic smartphone attracts a disproportionate amount of attention because it's proven to be quite popular among "social, political, diplomatic and business elites."To read this article in full or to leave a comment, please click here

Here’s how we celebrate Pi Day during a blizzard

Yes, the Blizzard of 2017 on the east coast did foil our plan to stream our inaugural Pi Day Challenge live on Facebook and YouTube (we recorded it on Monday instead), but it did not kill our creativity. I submit the Pi Day driveway snow art display. Bob Brown/NetworkWorld Pi Day snow art featuring artist exhausted from shovelingTo read this article in full or to leave a comment, please click here

Google Hangouts won’t disappear for consumers despite enterprise focus

While Google Hangouts is making a shift to serve enterprise users, it won’t be vanishing for consumers.Last week, the company announced that it would be splitting the chat and videoconferencing service into Hangouts Meet and Hangouts Chat, which raised questions about what would happen for those people who still use it in their personal lives.Consumers will still be able to access Hangouts using their personal Google accounts. Hangouts will still appear in the Gmail sidebar on the desktop, even after it splits into Chat and Meet, according to Scott Johnston, director of product management for Hangouts.To read this article in full or to leave a comment, please click here

AWS follows Google with Reserved Instance flexibility changes

Customers who have Reserved Instance contracts with Amazon Web Services will be able to subdivide some of their Linux and Unix virtual machine instances while maintaining their capacity discounts, thanks to pricing changes announced Monday.Reserved Instances allow customers to lock themselves into paying AWS for a certain amount of compute capacity with the company's Elastic Compute Cloud (EC2) in exchange for a discount off its list price. To read this article in full or to leave a comment, please click here

Microsoft stays security bulletins’ termination

Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month's slate of vulnerabilities and accompanying patches.The bulletins' last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the "Security Updates Guide" or SUG.But just hours before February's security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing "a last-minute issue" that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.To read this article in full or to leave a comment, please click here

Microsoft stays security bulletins’ termination

Microsoft today postponed the retirement of the security bulletins that for nearly two decades have described in detail the month's slate of vulnerabilities and accompanying patches.The bulletins' last stand was originally scheduled for January, with a replacement process ready to step in Feb. 14. Rather than a set of bulletins, Microsoft was to provide a searchable database of support documents dubbed the "Security Updates Guide" or SUG.But just hours before February's security updates were to be released, Microsoft announced that it was postponing the entire collection to March 14, citing "a last-minute issue" that might impact some customers. The Redmond, Wash. company never spelled out exactly what led it to decide on the unprecedented delay.To read this article in full or to leave a comment, please click here

Thieves steal Petya ransomware then use it for free

Crooks are stealing code from the purveyors of Petya ransomware and using it to extort money from innocent victims, stiffing the creators of the malware out of the cut they are supposed to get.Rather than following the rules of licensing Petya, another criminal group is stealing and modifying the ransomware so they can use it without paying, according to the SecureList blog by researchers at Kaspersky Lab.+More on Network World: DARPA fortifies early warning system for power-grid cyber assault+To read this article in full or to leave a comment, please click here

Thieves steal Petya ransomware then use it for free

Crooks are stealing code from the purveyors of Petya ransomware and using it to extort money from innocent victims, stiffing the creators of the malware out of the cut they are supposed to get.Rather than following the rules of licensing Petya, another criminal group is stealing and modifying the ransomware so they can use it without paying, according to the SecureList blog by researchers at Kaspersky Lab.+More on Network World: DARPA fortifies early warning system for power-grid cyber assault+To read this article in full or to leave a comment, please click here

Video: “…You can either be a farmer, or join a politically motivated global hacking collective” – YouTube

Funny and insightful. Maybe.

Jake Davis, former Anonymous and LulzSec hacker, shares his hacker journey while exploring just what makes hackers tick…

“…You can either be a farmer, or join a politically motivated global hacking collective” – YouTube : https://www.youtube.com/watch?v=E0h_pNv1a98&app=desktop

The post Video: “…You can either be a farmer, or join a politically motivated global hacking collective” – YouTube appeared first on EtherealMind.

Worth Reading: Fearing Facebook

I used to greatly admire Mark Zuckerberg. Now, I fear him. Here’s why. Facebook is now a supranational company. It spans the globe with about 2 billion subscribers, its 2016 revenue reached $27.6B—54% more than in 2015; it’s immensely profitable (37% of revenue) and cash-rich with $29.56 “in the bank”. Decades ago, European Communists complained about “multinationals”, companies whose spread over multiple countries allowed them to escape full accountability in any one location. —Monday Note

The post Worth Reading: Fearing Facebook appeared first on 'net work.

DOJ: No, we won’t say how much the FBI paid to hack terrorist’s iPhone

The U.S. Department of Justice yesterday argued that it should not have to reveal the maker of a tool used last year to crack an alleged terrorist's iPhone or disclose how much it paid for the hacking job, court documents showed.That tool was used last year by the FBI to access a password-protected iPhone 5C previously owned by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., in December 2015. The two died in a shootout with police later that day. Authorities quickly labeled them terrorists.In March 2016, after weeks of wrangling with Apple, which balked at a court order compelling it to assist the FBI in unlocking the iPhone, the agency announced it had found a way to access the device without Apple's help. Although the FBI acknowledged it had paid an outside group to crack the iPhone, it refused to identify the firm or how much it paid.To read this article in full or to leave a comment, please click here

DOJ: No, we won’t say how much the FBI paid to hack terrorist’s iPhone

The U.S. Department of Justice yesterday argued that it should not have to reveal the maker of a tool used last year to crack an alleged terrorist's iPhone or disclose how much it paid for the hacking job, court documents showed.That tool was used last year by the FBI to access a password-protected iPhone 5C previously owned by Syed Rizwan Farook, who along with his wife, Tafsheen Malik, killed 14 in San Bernardino, Calif., in December 2015. The two died in a shootout with police later that day. Authorities quickly labeled them terrorists.In March 2016, after weeks of wrangling with Apple, which balked at a court order compelling it to assist the FBI in unlocking the iPhone, the agency announced it had found a way to access the device without Apple's help. Although the FBI acknowledged it had paid an outside group to crack the iPhone, it refused to identify the firm or how much it paid.To read this article in full or to leave a comment, please click here

3D Stacking Could Boost GPU Machine Learning

Nvidia has staked its growth in the datacenter on machine learning. Over the past few years, the company has rolled out features in its GPUs aimed neural networks and related processing, notably with the “Pascal” generation GPUs with features explicitly designed for the space, such as 16-bit half precision math.

The company is preparing its upcoming “Volta” GPU architecture, which promises to offer significant gains in capabilities. More details on the Volta chip are expected at Nvidia’s annual conference in May. CEO Jen-Hsun Huang late last year spoke to The Next Platform about what he called the upcoming “hyper-Moore’s Law” …

3D Stacking Could Boost GPU Machine Learning was written by Jeffrey Burt at The Next Platform.

FAQ: What in the wireless world is CBRS?

First off, CBRS is an acronym for Citizens Broadband Radio Service, and the upshot for enterprise IT pros is that it could result in improved LTE services from service providers as well as enable enterprises to build their own private LTE networks (See also: "The big CBRS promise: Private LTE networks"). Here’s a primer on CBRS — because you are going to want to know about this.Citizens Band/CB, as in CB radio?No, good buddy, this has nothing to do with the Citizens’ Band radio service used by truckers for two-way voice communications and that lives in the 27 MHz spectrum band in the U.S.  CBRS lives in the 3.5 GHz band.To read this article in full or to leave a comment, please click here

FAQ: What in the wireless world is CBRS?

First off, CBRS is an acronym for Citizens Broadband Radio Service, and the upshot for enterprise IT pros is that it could result in improved LTE services from service providers as well as enable enterprises to build their own private LTE networks (See also: "The big CBRS promise: Private LTE networks"). Here’s a primer on CBRS — because you are going to want to know about this.Citizens Band/CB, as in CB radio?No, good buddy, this has nothing to do with the Citizens’ Band radio service used by truckers for two-way voice communications and that lives in the 27 MHz spectrum band in the U.S.  CBRS lives in the 3.5 GHz band.To read this article in full or to leave a comment, please click here

Microsoft releases 18 security bulletins, 9 rated critical, many bugs disclosed/exploited

Be prepared for restarts and big day of patching after Microsoft skipped Patch Tuesday in February. For March, Microsoft released 18 security bulletins split into nine critical and nine important security updates.Rated criticalMS17-006 patches 12 security issues in Internet Explorer. One of three information disclosure flaws has been publicly disclosed but is not being exploited, one of the three memory corruption bugs has been publicly disclosed but is not being exploited, and one of them has not been publicly disclosed but is being exploited. Both of the browser spoofing vulnerabilities have been publicly disclosed as has the Internet Explorer elevation of privilege flaw. The patch also addresses a scripting engine information disclosure bug and two scripting engine memory corruption flaws.To read this article in full or to leave a comment, please click here

Microsoft releases 18 security bulletins, 9 rated critical, many bugs disclosed/exploited

Be prepared for restarts and big day of patching after Microsoft skipped Patch Tuesday in February. For March, Microsoft released 18 security bulletins split into nine critical and nine important security updates.Rated criticalMS17-006 patches 12 security issues in Internet Explorer. One of three information disclosure flaws has been publicly disclosed but is not being exploited, one of the three memory corruption bugs has been publicly disclosed but is not being exploited, and one of them has not been publicly disclosed but is being exploited. Both of the browser spoofing vulnerabilities have been publicly disclosed as has the Internet Explorer elevation of privilege flaw. The patch also addresses a scripting engine information disclosure bug and two scripting engine memory corruption flaws.To read this article in full or to leave a comment, please click here