Network Troubleshooting From The User Perspective

Must-have devops tools for Windows admins

Without automation, there would be no devops. How organizations implement automation—from continuous delivery to automated testing to release pipelines—differs wildly, but the fundamental divergence in approaches begins at the operating system. When it comes to Windows vs. Linux, devops is a bit different.To read this article in full or to leave a comment, please click here(Insider Story)

Microsoft’s biggest wins, fails, and WTF moments of 2016

2016: A year to remember... maybe?Image by Microsoft2016 was a busy year for Microsoft wins and fails. From Windows phones to the Surface Studio, and Windows 10 to Minecraft, the company and its products dominated headlines in both hardware and software.To read this article in full or to leave a comment, please click here

Ransomware: at your service

RaaSImage by ThinkstockRansomware is on track to net organized cybercrime more than $1 billion in 2016, not taking downtime and other costs associated with it into account. And according to KnowBe4’s 2016 Ransomware Report, 93 percent of IT professionals surveyed are worried ransomware will continue to grow. To read this article in full or to leave a comment, please click here

Ransomware: at your service

RaaSImage by ThinkstockRansomware is on track to net organized cybercrime more than $1 billion in 2016, not taking downtime and other costs associated with it into account. And according to KnowBe4’s 2016 Ransomware Report, 93 percent of IT professionals surveyed are worried ransomware will continue to grow. To read this article in full or to leave a comment, please click here

Appeals against European Union’s €13 billion Apple tax ruling take shape

Apple will this week file its appeal of a European Commission decision that it owes Ireland billions in back taxes, while the country's Department of Finance has revealed details of its own appeal.European Commissioner for Competition Margrethe Vestager said on Aug. 30 that Apple must pay up to €13 billion ($13.6 billion) in back taxes, plus interest, because opinions given by the Irish tax authorities in 1991 and 2007 constituted illegal state aid. Her decision concluded a two-year investigation of the company's tax affairs stretching back to 2003.To read this article in full or to leave a comment, please click here

The Post-Hardware Footprint

Top Apple stories of 2016

The biggest Apple stories of 2016Image by AppleApple experienced many ups and downs during 2016. While the company pushed out several new products—from the iPhone 7 to the recently released MacBook Pro—it has been over the past 12 months pigeonholed as a company that has lost its ability to innovate.To read this article in full or to leave a comment, please click here

10 biggest hacks of user data in 2016

You take great pains to come up with a strong password when registering for an account on a website -- only to see your efforts go for naught when that site gets hacked. Several sites had their databases of user accounts not only breached but stolen this year, which include the necessary information for logins (i.e. username, password). The following sites are ranked starting at the fewest number of user accounts with passwords that were taken.To read this article in full or to leave a comment, please click here(Insider Story)

10 biggest hacks of user data in 2016

You take great pains to come up with a strong password when registering for an account on a website -- only to see your efforts go for naught when that site gets hacked. Several sites had their databases of user accounts not only breached but stolen this year, which include the necessary information for logins (i.e. username, password). The following sites are ranked starting at the fewest number of user accounts with passwords that were taken.Also, these hacks were reported to have been executed during 2016. So this list does not feature Myspace (427 million user accounts stolen) or Yahoo! (a cool billion). Both were hacked supposedly before 2016, but were only reported this year. This list also does not include reports of user records that were exposed due to poor security, but where there is no evidence they were actually stolen.To read this article in full or to leave a comment, please click here(Insider Story)

Review: Threat hunting turns the tables on attackers

Advanced Persistent Threats are able to slip past even the most cutting-edge security defenses thanks in large part to a diabolically clever strategy. The threat actors behind successful APTs research the employees, practices and defenses of the organizations they want to attack. They may try to breach the defenses hundreds or thousands of times, then learn from their mistakes, modify their behavior, and finally find a way to get in undetected.To read this article in full or to leave a comment, please click here(Insider Story)

Inside 3 top threat hunting tools

Taking down the threatImage by ThinkstockAdvanced Persistent Threats (APT) are able to slip past even the most cutting-edge security defenses thanks to a diabolically clever strategy. Hackers may try to breach your defenses thousands of times until they finally get in. Once a network is breached, most APTs go into stealth mode. They move slowly, laterally compromising other systems and inching toward their goals. But what if you could hunt down these active, but hidden threats before they can do real damage? For this review, we tested threat hunting systems from Sqrrl, Endgame and Infocyte. Read the full review as well.To read this article in full or to leave a comment, please click here

Inside 3 top threat hunting tools

Taking down the threatImage by ThinkstockAdvanced Persistent Threats (APT) are able to slip past even the most cutting-edge security defenses thanks to a diabolically clever strategy. Hackers may try to breach your defenses thousands of times until they finally get in. Once a network is breached, most APTs go into stealth mode. They move slowly, laterally compromising other systems and inching toward their goals. But what if you could hunt down these active, but hidden threats before they can do real damage? For this review, we tested threat hunting systems from Sqrrl, Endgame and Infocyte. Read the full review as well.To read this article in full or to leave a comment, please click here

Review: Threat hunting turns the tables on attackers

Advanced Persistent Threats are able to slip past even the most cutting-edge security defenses thanks in large part to a diabolically clever strategy. The threat actors behind successful APTs research the employees, practices and defenses of the organizations they want to attack. They may try to breach the defenses hundreds or thousands of times, then learn from their mistakes, modify their behavior, and finally find a way to get in undetected.Once a network is breached, most APTs go into a stealth mode. They move slowly, laterally compromising other systems and inching toward their goals. Post-mortems from successful attacks often show that the time an APT breached a system to the time it was detected could be anywhere from six months to a year or more. And, they are often only detected after making that final big move where there is a huge exfiltration of critical data.To read this article in full or to leave a comment, please click here(Insider Story)

5 enterprise technologies that will shake things up in 2017

You think you have your hands full as an IT pro now? Just wait until blockchain, IoT, augmented and virtual reality, and these other technologies really start to take hold in 2017. Thinkstock The Internet of Things – for real Yes, yes, we know – it’s one of those long-standing tech industry jokes, like “the year of the Linux desktop” and “Java security.” But 2017 really could be the year that all the hub-bub and hype around the Internet of Things comes home to roost.To read this article in full or to leave a comment, please click here

5 enterprise technologies that will shake things up in 2017

You think you have your hands full as an IT pro now? Just wait until blockchain, IoT, augmented and virtual reality, and these other technologies really start to take hold in 2017. Thinkstock The Internet of Things – for real Yes, yes, we know – it’s one of those long-standing tech industry jokes, like “the year of the Linux desktop” and “Java security.” But 2017 really could be the year that all the hub-bub and hype around the Internet of Things comes home to roost.To read this article in full or to leave a comment, please click here

Network Automation Labs with Ansible in a Virtual Machine

Most network automation tutorials out there assume you’re running Ansible on your workstation and accessing virtual machines via SSH ports mapped by Vagrant. That’s great if you’re an experienced Ansible/Python user; for a clunky beginner like myself it’s safer to run Ansible within a VM that can be destroyed and recreated in seconds.

LinkedIn skill learning unit Lynda.com hit by database breach

Lynda.com, the online learning unit of LinkedIn, has reset passwords for some of its users after it discovered recently that an unauthorized external party had accessed a database containing user data.The passwords of close to 55,000 affected users were reset as a precautionary measure and they have been notified of the issue, LinkedIn said in a statement over the weekend.The professional network is also notifying about 9.5 million Lynda.com users who “had learner data, but no protected password information,” in the breached database. “We have no evidence that any of this data has been made publicly available and we have taken additional steps to secure Lynda.com accounts,” according to the statement.To read this article in full or to leave a comment, please click here

LinkedIn skill learning unit Lynda.com hit by database breach

Lynda.com, the online learning unit of LinkedIn, has reset passwords for some of its users after it discovered recently that an unauthorized external party had accessed a database containing user data.The passwords of close to 55,000 affected users were reset as a precautionary measure and they have been notified of the issue, LinkedIn said in a statement over the weekend.The professional network is also notifying about 9.5 million Lynda.com users who “had learner data, but no protected password information,” in the breached database. “We have no evidence that any of this data has been made publicly available and we have taken additional steps to secure Lynda.com accounts,” according to the statement.To read this article in full or to leave a comment, please click here

Connecting VIRL to the Outside World

I’ve been leveraging VIRL for some time to build and test self-contained labs. I’ve always known that there was some ability to connect to the world outside of this environment. Recently, I decided to configure this functionality and I wanted to take just a moment to share what I found.

First and foremost, this isn’t anything difficult or time consuming. So if you have a need to leverage physical devices with your VIRL deployment, don’t hesitate before building it out.

There are two mechanisms for outside connectivity. The first mechanism is called SNAT. This method basically builds static NAT in and out of the environment. I get how this could be beneficial, but I would typically prefer to keep any NAT configuration contained to an environment that I am very familiar with (possibly an ASA or IOS instance outside the lab when an additional NAT layer is required).

The second method, and configuration we will be testing is called FLAT. In this configuration, VIRL connects a L2 broadcast domain between a lab device and an Ethernet interface. In my example I am running the VIRL components in a VM environment on ESXi. So this is a virtual interface that needs Continue reading