The Gearhead Toolbox, first opening, and look! Static web sites!

Welcome to the first opening of The Gearhead Toolbox. There are so many really amazing tools and services appearing these days I’m going to start regularly posting a selection from the Toolbox to make sure you know what’s hot. In this, the first installment, we focus on static web site generators and hosting.StaticGen, choosing a static web site generatorThere are lots of web publishing frameworks and a design that’s become extremely popular is static web sites. The rationale for sites built this way is that they are simple to host (there’s little or no server side configuration required) and compared to products like WordPress they present no attack surface making it trivially easy to secure your content from hackers. On top of that, without the overhead of running databases and tons of supporting backend code, static web sites are really fast so you’ll get better SEO ratings!To read this article in full or to leave a comment, please click here

Ansible For Networking Part 1

This is part one of a series on Anisble for network engineers. The series will concentrate on Ansible as a configuration management tool for networking and is aimed at those with a basic understanding of Ansible. If you are just starting out with Ansible, see my quick start guide here and...

A reader asks: How can I create an autoblog?

Long time reader and old friend, Jim Sterne, recently wrote to me with a question: Dear Gearhead,I'd like to start publishing a newsletter about a specific area of interest, using the latest in feeds, bots, scrapers and content management organizers to make things as automated as possible but still being able to keep my eye on what gets posted, emailed, tweeted and projected directly into the corneas of avid, would-be readers.What’s out there at the moment?Many thanks,Jim Sterne One more publisher on the InterWebsTo read this article in full or to leave a comment, please click here

MPLS Transport Profile (MPLS-TP) Basic Explanation and Key Points

MPLS Transport Profile (MPLS-TP) Multi-Protocol Label Switching Transport Profile (MPLS-TP) is a new technology developed jointly by the ITU-T and the IETF. The key motivation is to add OAM functionality to MPLS in order to monitor each packet and thus enable MPLS-TP to operate as a transport network protocol.   Motivations for MPLS Transport Profile  […]

The post MPLS Transport Profile (MPLS-TP) Basic Explanation and Key Points appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Quality of Service Best Practices

Quality of Service Best Practices What is best practice ? Below is a Wikipedia definition of best practice. This apply to education as well.   A best practice is a method or technique that has been generally accepted as superior to any alternatives because it produces results that are superior to those achieved by other […]

The post Quality of Service Best Practices appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Some confusing language in the 0day debate

As revealed in last week's CIA #Vault7 leaks, the CIA has some 0days. This has ignited the debate about whether organizations like the CIA should be disclosing these 0days so that vendors can fix them, rather than "stockpiling" them. There seems to be some confusion about language.


Stockpile

The word "stockpile" has multiple connotations, as shown below:


This distorts the debate. Using the word "stockpile" strongly implies "reserve for use" at some time in the future. This prejudices the debate. If the the 0day is sitting on a shelf somewhere not being used, then it apparently has little value for offense, and thus, should be disclosed/patch for defense.

The truth is that that government does not buy 0days to sit on the shelf. With few exceptions, it buys 0days because it plans to use them in an offensive operation. This was described in that recent RAND report:

It's the sellers who might keep 0days on the shelf, because the buyers have no immediate need. It's not the government buyers who are stockpiling.

Words like "stockpiling", "amassing", or "hoarding" also bring the connotation that the number is too big. Words like "hoarding" bring the connotation that the government is doing something Continue reading

The Internet’s Gilded Age

The rise of the Internet has heralded rapid changes in our society. The opportunities presented by a capable and ubiquitous communications system and a global transportation network have taken some corporations from the multinational to the status of truly global mega-corporation. There are a handful of large scale winners in this space and many losers. But this is not the first time we’ve witnessed a period of rapid technological and social change.

White Box Switches Have Grown Up

White box switches have come a long way. The recent activities in OCP validate the vision and progress of white box switches, and more importantly it is clear that this trend is progressing from data centers to enterprises. I remember when Zeus Kerravala wrote in his 2016 article, “White Box Switches are Now Ready for Prime Time,” he pointed out three important advantages:

– Cost and reliability
– Features and capabilities
– Network operations

As a NOS vendor, we see NOS is being adopted into production environments. Even though there are still challenges with white box switches going from data centers to other segments, there is no doubt the networking industry has moved onto the path toward white box switches.

From what we saw at OCP Summit, the overall reliability of white box switches is improving, and in many cases, they are more reliable than some brand-name hardware. We can now find dozens of vendors providing white box switches. These vendors come with different backgrounds and carry out different approaches in designing their hardware platforms. In OCP, we can see three clearly different types of vendors providing white box switches:

Microsoft updates Cortana for iOS with a fresh look

Microsoft gave its Cortana app for iOS a facelift Friday, replacing its old black and blue aesthetic with a new look that puts the assistant’s key features at users’ fingertips.The app now features Quick Actions, so that users can tap a couple buttons and get Cortana to create an alarm, set a reminder, or tell them a joke. That means users can get at key features without having to talk or type queries, and it also gives them a framework for what they can do with the app, without them having to discover it on their own.The virtual assistant market is a crowded one, between Cortana, Siri, Alexa and the Google Assistant all competing for users’ time and interest. Microsoft’s assistant is built deeply into PCs with Windows 10, but the company also needs to keep its apps for other mobile platforms up to date in order to meet users where they are.To read this article in full or to leave a comment, please click here

Cisco issues critical warning around Apache Struts2 vulnerability

Cisco's security team today called the weakness in Apache Struts “critical” and is evaluating many its products to assess the impact.The company said it will publish a list of vulnerable products here as it learns of them.Earlier this week Apache revealed a vulnerability in the Jakarta multipart parser used in Apache Struts2 that could let an attacker execute commands remotely on the targeted system using what’s known as acrafted Content-Type header value.-More on Network World: Cisco’s Jasper deal – one year, 18 million new IoT devices later, challenges remain+To read this article in full or to leave a comment, please click here

Cisco issues critical warning around Apache Struts2 vulnerability

Cisco's security team today called the weakness in Apache Struts “critical” and is evaluating many its products to assess the impact.The company said it will publish a list of vulnerable products here as it learns of them.Earlier this week Apache revealed a vulnerability in the Jakarta multipart parser used in Apache Struts2 that could let an attacker execute commands remotely on the targeted system using what’s known as acrafted Content-Type header value.-More on Network World: Cisco’s Jasper deal – one year, 18 million new IoT devices later, challenges remain+To read this article in full or to leave a comment, please click here

70% off PaperPort Professional 14 – Deal Alert

One thing for certain is that every year we have to file our taxes. Stuck between gathering all the correct documentation and making sure you have everything you need in one place, it can become a strenuous process. Take control of your documents and have instant access to them all. From scanning and converting, to editing and sharing files, with PaperPort Professional 14 simplify document management and spend less time thinking about missing files and more on getting work done. Nuance is currently offering PaperPort Professional 14 at the discounted price of $600, a good deal considering its $200 list price. Check this deal now on Nuance.To read this article in full or to leave a comment, please click here

Worth Reading: When your code has to work

Douglas Crockford famously declared browsers to be “the most hostile software engineering environment imaginable,” and that wasn’t hyperbole. Ensuring that our websites work across a myriad of different devices, screen sizes and browsers our users depend on to access the web is a tall order, but it’s necessary. If our websites don’t enable users to accomplish the key tasks they come to do, we’ve failed them. —Smashing Magazine

The post Worth Reading: When your code has to work appeared first on 'net work.

33% off YETI Hopper 20 Portable Cooler – Deal Alert

The YETI Hopper 20 ice-for-days portable cooler and is tough as nails so it can be hauled anywhere you want to take it.  It features a DryHide Shell and nearly indestructible straps will stand up to an abundance of abuse in the field.  It's HydroLok Zipper is completely leakproof, eliminating spills and locking in cold.  It can hold 18 cans, a limit of rainbow trout, or 20 pounds of ice.  The YETI Hopper 20 is currently selling at the discounted price of $199.99, a good deal considering its $299.95 list price. See this high-end portable cooler now on Amazon. To read this article in full or to leave a comment, please click here

IDG Contributor Network: Tech crime as a service escalates

Criminals are increasingly offered crime as a service (CaaS) and are using sharing-economy ride-sharing and accommodation services, too, a major law enforcement agency says.Europol, the European Union’s policing office says tech-oriented CaaS is being offered to swathes of the underbelly of Europe. Criminals gain an advantage because they can perform crimes better and more efficiently, and they can work at scales greater than their existing technical proficiency.+ Also on Network World: Anonymous hacker causes dark web to shrink by as much as 85% + An estimated 5,000 internationally operating crime gangs are currently being investigated in the trading bloc, according to Europol.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Tech crime as a service escalates

Criminals are increasingly offered crime as a service (CaaS) and are using sharing-economy ride-sharing and accommodation services, too, a major law enforcement agency says.Europol, the European Union’s policing office says tech-oriented CaaS is being offered to swathes of the underbelly of Europe. Criminals gain an advantage because they can perform crimes better and more efficiently, and they can work at scales greater than their existing technical proficiency.+ Also on Network World: Anonymous hacker causes dark web to shrink by as much as 85% + An estimated 5,000 internationally operating crime gangs are currently being investigated in the trading bloc, according to Europol.To read this article in full or to leave a comment, please click here

1 2,190 2,191 2,192 2,193 2,194 3,794