NetworkingNexus.net

Know your (cyber) enemy

Picture this: Your company's network is facing a DDoS attack, but you have no idea who is responsible or what their motivation might be. Without this knowledge, you can't tell if they want money in exchange for stopping the attack or if the attack is a diversion to occupy your security team while your network is being penetrated and commercial secrets are stolen.In the aftermath of a network breach it can also be incredibly useful to know some information about the likely attackers. That's because knowing who they were — or just where they were from — can help you carry out a more accurate damage assessment exercise. This knowledge can guide you where to look for signs of data compromise, and what other specifics (such as exploit kits or Trojans that may have been left behind) to search for.To read this article in full or to leave a comment, please click here

Adobe fixes actively exploited critical vulnerability in Flash Player

Adobe Systems has released security updates for several products, including one for Flash Player that fixes a critical vulnerability that's already known and exploited by attackers.The Flash Player update fixes 17 vulnerabilities, 16 of which are critical and can be exploited to execute malicious code on affected systems. One of those vulnerabilities, tracked as CVE-2016-7892 in the Common Vulnerabilities and Exposures (CVE) catalogue, is already being used by hackers."Adobe is aware of a report that an exploit for CVE-2016-7892 exists in the wild, and is being used in limited, targeted attacks against users running Internet Explorer (32-bit) on Windows," the company said in a security advisory.To read this article in full or to leave a comment, please click here

Adobe fixes actively exploited critical vulnerability in Flash Player

Manage Cloudflare records with Salt

We use Salt to manage our ever growing global fleet of machines. Salt is great for managing configurations and being the source of truth. We use it for remote command execution and for network automation tasks. It allows us to grow our infrastructure quickly with minimal human intervention.

Salt

CC-BY 2.0 image by Kevin Dooley

We got to thinking. Are DNS records not just a piece of the configuration? We concluded that they are and decided to manage our own records from Salt too.

We are strong believers in eating our own dog food, so we make our employees use the next version of our service before rolling it to everyone else. That way if there's a problem visiting one of the 5 million websites that use Cloudflare it'll get spotted quickly internally. This is also why we keep our own DNS records on Cloudflare itself.

Cloudflare has an API that allows you to manage your zones programmatically without ever logging into the dashboard. Until recently, we were using handcrafted scripts to manage our own DNS records via our API. These scripts were in exotic languages like PHP for historical reasons and had interesting behavior that not everybody enjoyed. Continue reading

More details about containerd, Docker’s core container runtime component

Today we announced that Docker is extracting a key component of its container platform, a part of the engine plumbing–containerd a core container runtime–and commits to donating it to an open foundation. containerd is designed to be less coupled, and easier to integrate with other tools sets. And it is being written and designed to address the requirements of the major cloud providers and container orchestration systems.

Because we know a lot of Docker fans want to know how the internals work, we thought we would share the current state of containerd and what we plan for version 1.0. Before that, it’s a good idea to look at what Docker has become over the last three and a half years.

The Docker platform isn’t a container runtime. It is in fact a set of integrated tools that allow you to build ship and run distributed applications. That means Docker handles networking, infrastructure, build, orchestration, authorization, security, and a variety of other services that cover the complete distributed application lifecycle.

Docker and containerd

The core container runtime, which is containerd, is a small but vital part of the platform. We started breaking out containerd from the rest of the engine in Docker 1.11, Continue reading

Let There Be Light: The Year in Silicon Photonics

Computing historians may look back on 2016 as the Year of Silicon Photonics. Not because the technology has become ubiquitous – that may yet be years away – but because the long-awaited silicon photonics offerings are now commercially available in networking hardware. While the advancements in networking provided by silicon photonics are indisputable, the real game changer is in the CPU.

For over half a century, Moore’s Law has been the name of the game. The transistor density on chips has been remarkably cooperative in doubling on schedule since Gordon Moore first made his observation in 1965. But Moore’s Law …

Let There Be Light: The Year in Silicon Photonics was written by Nicole Hemsoth at The Next Platform.

containerd – a core container runtime project for the industry

Today Docker is spinning out its core container runtime functionality into a standalone component, incorporating it into a separate project called containerd, and will be donating it to a neutral foundation early next year. This is the latest chapter in a multi-year effort to break up the Docker platform into a more modular architecture of loosely coupled components.

Over the past 3 years, as Docker adoption skyrocketed, it grew into a complete platform to build, ship and run distributed applications, covering many functional areas from infrastructure to orchestration, the core container runtime being just a piece of it. For millions of developers and IT pros, a complete platform is exactly what they need. But many platform builders and operators are looking for “boring infrastructure”: a basic component that provides the robust primitives for running containers on their system, bundled in a stable interface, and nothing else. A component that they can customize, extend and swap out as needed, without unnecessary abstraction getting in their way. containerd is built to provide exactly that.

chart-c

What Docker does best is provide developers and operators with great tools which make them more productive. Those tools come from integrating many different components into a Continue reading

Agility and Automation Never Go Out of Style

After having attended my fourth Gartner I&O show in a row, one thing is for certain, agility and automation never...

Review: Google Home invades my home

OK Google, you’re now inside my home, paying attention to my requests (at least when I say “OK Google” or “Hey Google”), learning even more about me. Let’s just make sure that you don’t learn too much.As part of my testing of the Google Wifi wireless mesh system, Google also sent me the $129 Google Home device, which acts as a voice-controlled personal assistant. Much like the Google app on your smartphone, you can ask the Google Home questions and it will try to either give you an answer or perform a task (depending on other things connected to your network).To read this article in full or to leave a comment, please click here

How to Setup HA for RHV-M pt3

Hi Folks.. the last time I left off, we had just finished setting up the initial pieces for hosted engine (RHEL configuration) in order to provide HA for RHV-M. Today we’re going to add an additional host and test things out.

Let’s get going!Once hosted engine is setup, adding another RHEL host to the configuration is almost identical to a standard configuration. There is only 1 additional step that involves ensuring that the HA pieces specific to hosted engine get installed along with the RHV packages.

The workflow itself is simple:

Deploy a RHEL host, subscribe it to Red Hat CDN or Satellite and update it
Add the Cockpit package and enable it (we won’t highlight that here, but you can see it in the previous post)
Log into RHV-M, go to the “Hosts” tab, select “New”, fill in the relevant information, be sure to visit the “Hosted Engine” tab and select the “deploy” radio button.
Once it finishes installing, give everything a minute or so to sync up, then test!

As usual, I recorded a walk through so that things are more clear. I sped things up significantly as my home lab is ~very~ slow.. Maybe I’ll get Continue reading

Why Microsoft added 6 years to Windows Server support

Microsoft will extend support for the Windows Server and SQL Server product lines to keep customers, and ultimately convince them to move their workloads into the cloud, an analyst said today.Last week, Microsoft unveiled "Premium Assurance," which will add up to six more years to the support lifespan of Windows Server 2008 and later, and SQL Server 2008 and later. Enterprises with existing Software Assurance agreements will be able to purchase the additional support starting in March 2017.To read this article in full or to leave a comment, please click here

Rick Perry, climate change skeptic, soon to oversee U.S. supercomputing

President-elect Donald Trump’s nominee for energy secretary, former Texas Gov. Rick Perry, will also have charge of the nation’s largest supercomputers. These systems are used to investigate “national challenges,” which includes climate change. But Perry is a climate change skeptic, as is Trump, and believes the science is unsettled.Perry’s skepticism about the science of climate change may be a problem for the department he's been tapped to run; the Department of Energy (DOE) considers climate a major research focus.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers “DOE plays an important role in climate change research -- a very large role,” said Cliff Mass, a professor of meteorology at the University of Washington.To read this article in full or to leave a comment, please click here

Rick Perry, climate change skeptic, soon to oversee U.S. supercomputing

List of remotely exploitable Netgear routers grows as beta firmware fix is released

Netgear stepped up by publishing a list of routers which are vulnerable to attack as well as releasing beta firmware to patch some of those models.The company confirmed the existence of the flaw which US-CERT believed was dangerous enough to advise users to stop using vulnerable routers. In addition to the originally announced vulnerable Netgear routers models R6400, R7000, R8000, Netgear warned that nine other router models are also vulnerable.To read this article in full or to leave a comment, please click here

List of remotely exploitable Netgear routers grows as beta firmware fix is released

IBM goes to Trump Tower pledging 25,000 US hires

IBM will hire 25,000 workers in the U.S. over the next four years, the company's CEO said Tuesday on the eve of a meeting between technology industry leaders and President-Elect Donald Trump. The pledge comes just over a month after Trump criticized IBM for moving some jobs out of the country, an allegation IBM denied.Domestic job creation is likely to be a major topic at the meeting. Trump has called for U.S. corporations to keep jobs in the country and last month asked Apple CEO Tim Cook to build iPhones in the U.S.To read this article in full or to leave a comment, please click here

The top 2016 drones to zoom across our radar

What does it take to fly high in the world of drones? Is it convenience, safety, beauty, or adaptability? Our picks for the coolest drones of 2016 have it all.DHL's Parcelcopter and Rakuten's delivery drone will distribute goods to the most remote regions, while Altus Intelligence's drones will sail to safety on a parachute.And bumping into things? That's so last year thanks to obstacle avoidance systems developed by Intel and DJI. Intel's Shooting Star drones take the fire out of fireworks. Plus a drone that operates on land and water. What a year! To read this article in full or to leave a comment, please click here

Microsoft: We will democratize AI

Is artificial intelligence and conversational computing the next great frontier in IT? Microsoft believes so; the company is bullish on AI and is doubling down on opportunities it sees for the technology.At an event in San Francisco, Microsoft paraded a multitude of technologies focusing on bots, the Cortana personal digital assistant, and application development in these realms. "Our goal here is democratizing AI so that we make AI available for everyone," including developers, consumers, and businesses, said Harry Shum, executive vice president in Microsoft's AI and Research Group.[ The InfoWorld review: TensorFlow shines a light on deep learning. | Start here with TensorFlow. | Get a digest of the day's top tech stories in the InfoWorld Daily newsletter. ] The company officially introduced its Zo chatbot, an AI-driven, English-speaking conversation partner that is a follow-up to Tay, which had been contorted into misuse and abuse. More than 115,000 people have already been using Zo, according to Microsoft.To read this article in full or to leave a comment, please click here

MXNet review: Amazon’s scalable deep learning

Deep learning, which is basically neural network machine learning with multiple hidden layers, is all the rage—both for problems that justify the complexity and high computational cost of deep learning, such as image recognition and natural language parsing, and for problems that might be better served by careful data preparation and simple algorithms, such as forecasting the next quarter’s sales. If you actually need deep learning, there are many packages that could serve your needs: Google TensorFlow, Microsoft Cognitive Toolkit, Caffe, Theano, Torch, and MXNet, for starters.To read this article in full or to leave a comment, please click here(Insider Story)

Tech Forecast 2017: 5 key technologies to double down on now

With digital transformation dominating the business agenda, IT pros are under pressure to create a modern-day tech foundation sturdy enough to drive that change as they head into 2017. What milestones are they aiming for in the year ahead? Where should they direct their limited resources?According to Computerworld's Forecast 2017 survey, IT professionals will prioritize security, analytics, XaaS or "as a service" technology, virtualization and mobile apps in the coming year. If you're thinking of adding those technologies to your own 2017 to-do list, read on for findings from our survey, along with real-world advice from other IT leaders.To read this article in full or to leave a comment, please click here

« Previous 1 … 2,309 2,310 2,311 2,312 2,313 … 3,696 Next »