You don’t need printer security

So there's this tweet:



What it's probably refering to is this:


This is an obviously bad idea.

Well, not so "obvious", so some people have ask me to clarify the situation. After all, without "security", couldn't a printer just be added to a botnet of IoT devices?

The answer is this:
Fixing insecurity is almost always better than adding a layer of security.
Adding security is notoriously problematic, for three reasons

  1. Hackers are active attackers. When presented with a barrier in front of an insecurity, they'll often find ways around that barrier. It's a common problem with "web application firewalls", for example.
  2. The security software itself can become a source of vulnerabilities hackers can attack, which has happened frequently in anti-virus and intrusion prevention systems.
  3. Security features are usually snake-oil, sounding great on paper, with with no details, and no independent evaluation, provided to the public.

It's the last one that's most important. HP markets features, but there's no guarantee they work. In particular, similar features in Continue reading

Netool network port configuration analyzer – good concept, needs polish

When you get involved in the actual wiring of networks, one of the things you find yourself checking over and over is whether Ethernet ports are actually live along with do they connect to DHCP, is the Internet visible, and so on. Typically you’ll grab your laptop, plug it in and run a few tests but while this works, you might describe it as “sub-optimal” because how often have you tried to do exactly this in a ceiling void? In a cramped comms cupboard? Somewhere in the bowels of a rack? In every one of those situations it’s just time consuming and annoying to have to fiddle around and juggle with your laptop. The Netool network port analyzer aims to be a better tool for doing exactly this.To read this article in full or to leave a comment, please click here

Netool network port configuration analyzer – good concept, needs polish

When you get involved in the actual wiring of networks, one of the things you find yourself checking over and over is whether Ethernet ports are actually live along with do they connect to DHCP, is the Internet visible, and so on. Typically you’ll grab your laptop, plug it in and run a few tests but while this works, you might describe it as “sub-optimal” because how often have you tried to do exactly this in a ceiling void? In a cramped comms cupboard? Somewhere in the bowels of a rack? In every one of those situations it’s just time consuming and annoying to have to fiddle around and juggle with your laptop. The Netool network port analyzer aims to be a better tool for doing exactly this.To read this article in full or to leave a comment, please click here

Netool network port configuration analyzer – good concept, needs polish

When you get involved in the actual wiring of networks, one of the things you find yourself checking over and over is whether Ethernet ports are actually live along with do they connect to DHCP, is the Internet visible, and so on. Typically you’ll grab your laptop, plug it in and run a few tests but while this works, you might describe it as “sub-optimal” because how often have you tried to do exactly this in a ceiling void? In a cramped comms cupboard? Somewhere in the bowels of a rack? In every one of those situations it’s just time consuming and annoying to have to fiddle around and juggle with your laptop. The Netool network port analyzer aims to be a better tool for doing exactly this.To read this article in full or to leave a comment, please click here

Python – Kirk Byers Course Week 3 Part 1

This post will describe the exercises and solutions for week three of Kirk Byers Python for Network Engineers.

The first exercise of the week is the following:

I. Create an IP address converter (dotted decimal to binary).  This will be similar to what we did in class2 except:

    A. Make the IP address a command-line argument instead of prompting the user for it.
        ./binary_converter.py 10.88.17.23

    B. Simplify the script logic by using the flow-control statements that we learned in this class.

    C. Zero-pad the digits such that the binary output is always 8-binary digits long.  Strip off the leading '0b' characters.  For example,

        OLD:     0b1010
        NEW:    00001010

    D. Print to standard output using a dotted binary format.  For example,

        IP address          Binary
      10.88.17.23        00001010.01011000.00010001.00010111


    Note, you might need to use a 'while' loop and a 'break' statement for part C.
        while True:
            ...
            break       # on some condition (exit the while loop)

    Python will execute this loop again and again until the 'break' is encountered.

The first thing we want to do is to import the module sys because we are going to be working with command line arguments.

import sys

Continue reading

OpenSwitch Network Operating System

The Open Network Install Environment (ONIE) is an open source install environment that gives a switch user a choice to download ONIE compliant Network Operation System (NOS) to bare metal network switches. The OpenSwitch is community based, open source NOS that runs on hardware based on ONIE.

The goal of this article is to show how to build OpenSwitch Virtual Machine appliance, describe its capabilities and to introduce three methods for managing OpenSwitch. The OpenSwitch VM appliance was created by OpenSwitch project for training and testing purpose. It uses software data plane to forward the packets but it is not intended to be used as a virtual switch for connecting virtual machines. OpenSwitch supports many L2, L3 protocols such as STP, LACP, LLDP, OSPF, BGP, DHCP, TFTP, NTP, SSH, SNMP and others. These protocols run as separate daemons and they were integrated from another open-source projects.

For instance Quagga project provides L3 functionality to Openswitch. Quagga modules ops-ospf and ops-bgp update active routes in OpenvSwitch database (OVSDB). The module ops-zebra reads routes from OVSDB and install them to the kernel. Static routes are also stored in OVSDB, read by ops-zebra module and installed to the kernel. In order to use Continue reading

Users take the cheese to solve data breaches

Cheese Movers International’s restructuring resulted in some employees being unhappy with either their new role or the new management. And unhappy employees, especially those who know the system well and have access, can become major problems for companies.Verizon’s RISK Team was called in because the multinational company had heard rumblings among the disgruntled employees and found some negative comments online. While there was no evidence of a data breach, Cheese Movers' upper management was concerned something was coming.This is just one case found in Verizon’s recently released annual breach report, which examines some of the cases where the RISK Team was called in to hunt down culprits. The “ride–along edition” of Verizon’s report provides a first-person perspective of the company that calls in the heavy hitters to find out why the network has slowed, who defaced a website or where a leak is coming from. With all the accounts, the names of the companies have been changed to protect the brand from public ridicule.To read this article in full or to leave a comment, please click here

Users take the cheese to solve data breaches

Cheese Movers International’s restructuring resulted in some employees being unhappy with either their new role or the new management. And unhappy employees, especially those who know the system well and have access, can become major problems for companies.Verizon’s RISK Team was called in because the multinational company had heard rumblings among the disgruntled employees and found some negative comments online. While there was no evidence of a data breach, Cheese Movers' upper management was concerned something was coming.This is just one case found in Verizon’s recently released annual breach report, which examines some of the cases where the RISK Team was called in to hunt down culprits. The “ride–along edition” of Verizon’s report provides a first-person perspective of the company that calls in the heavy hitters to find out why the network has slowed, who defaced a website or where a leak is coming from. With all the accounts, the names of the companies have been changed to protect the brand from public ridicule.To read this article in full or to leave a comment, please click here

Ride along to solve these data breaches

Riding alongImage by Daimler AGVerizon’s recently released annual breach report that examines some of its cases where the RISK Team was called in to hunt down culprits. The “ride –along edition” of Verizon’s report gets a first-person perspective of the company that calls in the heavy hitters to find out why the network has slowed or where a leak is. With all the accounts, the names of the companies have been changed to protect the brand from public ridicule.To read this article in full or to leave a comment, please click here(Insider Story)

6 senators say U.S. firms are hiding their offshoring

Publicly traded companies are required by law to disclose only their global headcount, and that's all the information many of them provide. That keeps certain information a secret. These companies may be shrinking their U.S. headcount as they grow their overseas workforces. Six U.S. senators want to change that.These senators -- all Democrats -- are co-sponsoring legislation, introduced Thursday, that would require publicly traded companies to disclose their numbers of employees by location, by state, and by country."It's hard to hold companies accountable for gaming the system and shipping jobs overseas when it's not even known where their employees are located," said Sen. Gary Peters (D-Mich.), in a statement. One of the key reasons this bill, called the Outsourcing Accountability Act, was introduced is because it is difficult to find information about the number of jobs that are moved offshore.To read this article in full or to leave a comment, please click here

What’s new at DockerCon 2017

970x250_Dockercon17_op3.png

If you’ve attended multiple DockerCons, you should know that the DockerCon team is always looking for new and exciting programs to improve on the previous editions. Last year, we introduced a ton of new DockerCon programs including a new Black Belt Track, a DockerCon scholarships, Workshops, etc. This year we’re excited to introduce more DockerCon goodness!

Using Docker and Docker Deep Dive Tracks

In the past editions, we received great attendee feedback requesting to split the Docker, Docker, Docker track into two separate tracks. We’ve heard you and as a result are happy to introduce the Using Docker and Docker Deep Dive tracks.

The Using Docker track is for everyone who’s getting started with Docker or wants to better implement Docker in their workflow. Whether you’re a .NET, Java or Node.js  developer looking to modernizing your applications, or an IT Pro who wants to learn about Docker orchestration and application troubleshooting, this track will have specific sessions for you to get up to speed with Docker.

The Docker Deep Dive track focuses on the technical details associated with the different components of the Docker platform: advanced orchestration, networking, security, storage, management and plug-ins. The Docker engineering leads will walk Continue reading

30% off Logitech G502 Proteus Spectrum RGB Tunable Gaming Mouse – Deal Alert

The G502 features the most advanced optical sensor for maximum tracking accuracy. Customize RGB lighting or sync it with other Logitech G products, set up custom profiles for your games, adjust sensitivity from 200 up to 12,000 DPI and position five 3.6g weights for just the right balance and feel. The G502 averages 4.5 out of 5 stars from over 1,000 people on Amazon, where its typical list price of $80 has been reduced to $56. See it now on Amazon.To read this article in full or to leave a comment, please click here

28% off Logitech G502 Proteus Spectrum RGB Tunable Gaming Mouse – Deal Alert

The G502 features the most advanced optical sensor for maximum tracking accuracy. Customize RGB lighting or sync it with other Logitech G products, set up custom profiles for your games, adjust sensitivity from 200 up to 12,000 DPI and position five 3.6g weights for just the right balance and feel. The G502 averages 4.5 out of 5 stars from over 1,000 people on Amazon, where its typical list price of $80 has been reduced to $58. See it now on Amazon.To read this article in full or to leave a comment, please click here

No Sound In Exported Video – Final Cut Pro X 10.3.2

Ran into an issue today where audio was working normally in Final Cut Pro X 10.3.2, but the exported video had no sound. The video and sound were originally recorded using a Canon G7X Mark II.

The fix was to delete Final Cut Pro X preferences, as detailed by Apple here. In short…

  1. Quit FCPX.
  2. Press Command-Option when re-launching FCPX. You’ll be given an option to delete your FCPX preferences.
  3. Delete your preferences.

That will definitely result in some interface trauma for you, as FCPX won’t remember where your libraries are. I’m not sure what other settings you’d invested in that might also be forgotten — probably a lot of things. I’m still relatively new to FCPX, so the hit wasn’t too hard to handle. But still. Yuck.

Yuck or not, that worked. Once I pointed FCPX at my libraries and built a new project for my simple video, exporting rendered not just video, but audio too. And all was right with the world.

Ethan Banks writes & podcasts about IT, new media, and personal tech.
about | subscribe | @ecbanks

Here’s how the US government can bolster cybersecurity

Almost 20 years ago, Chris Wysopal was among a group of hackers who testified before U.S. Congress, warning it about the dangers of the internet.Unfortunately, the U.S. government is still struggling to act, he said. "You’re just going to keep ending up with the status quo," he said, pointing to the U.S. government's failure to regulate the tech industry or incentivize any change.It’s a feeling that was shared by the experts who attended this week’s RSA cybersecurity show. Clearly, the U.S. government needs to do more on cybersecurity, but what?  Public and Private sector Perhaps, the need for U.S. action hasn't been more urgent. In last year's election, Russia was accused of hacking U.S. political groups and figures in an effort to influence the outcome.To read this article in full or to leave a comment, please click here

Here’s how the US government can bolster cybersecurity

Almost 20 years ago, Chris Wysopal was among a group of hackers who testified before U.S. Congress, warning it about the dangers of the internet.Unfortunately, the U.S. government is still struggling to act, he said. "You’re just going to keep ending up with the status quo," he said, pointing to the U.S. government's failure to regulate the tech industry or incentivize any change.It’s a feeling that was shared by the experts who attended this week’s RSA cybersecurity show. Clearly, the U.S. government needs to do more on cybersecurity, but what?  Public and Private sector Perhaps, the need for U.S. action hasn't been more urgent. In last year's election, Russia was accused of hacking U.S. political groups and figures in an effort to influence the outcome.To read this article in full or to leave a comment, please click here

1 2,312 2,313 2,314 2,315 2,316 3,858