TIP: How To Do MD5 and SHA1 File Checksum Validation

It’s always a good idea to calculate an MD5 or SHA1 file checksum to validate file integrity after download or transfer, especially when dealing with firmware binaries. While most modern systems are smart enough to validate images before attempting an installation, not all are so wise, and I’m sure I’m not the only one to have seen a device bricked (or stuck in ROMMON or a similar bootloader or equivalent) after a bad image was uploaded.

File Checksum

Here’s a quick reference guide to creating file checksums on Macos (OSX), Windows and Linux.

File Checksum Validation

There are various ways to check md5/sha1 checksums depending on your preferred platform. Vendors tend to publish the MD5 or SHA1 checksums (or both) for downloadable files, so it’s silly not to do checksum validation and confirm that the file has downloaded completely and uncorrupted. I try to validate after each time I transfer a file so that I don’t waste time sending a corrupted file on to the next hop. For example:

  • Download image file from Cisco’s website
  • — View the checksum and compare
  • SCP the file to a target jump server
  • — View the checksum and compare
  • SCP the file to the end device

Continue reading

Data, Analytics, Probabilities and the Super Bowl

Data is quickly becoming the coin of the realm in most aspects of the business world, and analytics the best way for organizations to cash in on it. It’s easy to be taken in by the systems and devices – much of the discussion around the Internet of Things tends to be around the things themselves, whether small sensors, mobile devices, self-driving cars or huge manufacturing systems. But the real value is in the data generated by these machines, and the ability to extract that data, analyze it and make decisions based on it in as close to real-time as

Data, Analytics, Probabilities and the Super Bowl was written by Nicole Hemsoth at The Next Platform.

Worth Reading: Quantum safe glossary

The Cloud Security Alliance’s Quantum-Safe Security (QSS) Working Group announces their latest release with the Quantum-Safe Security Glossary. The QSS Working Group was formed to address key generation and transmission methods and to help the industry understand quantum-safe methods for protecting networks and data. The working group is focused on long-term data protection amidst a climate of rising cryptanalysis capabilities. As the working group continues to produce documents to address concerns in a quantum world, the opportunity to share terms to provide a starting point to learn more about quantum-safe security. —Cloud Security Alliance

The post Worth Reading: Quantum safe glossary appeared first on 'net work.

Mozilla zaps residue of Firefox OS as it shutters IoT group

Mozilla confirmed that it is shuttering a group tasked with creating an operating system for connected devices, the category pegged as the "Internet of things," or IoT.It was the second defeat in 14 months for Mozilla projects aimed at producing commercial hardware products."We have shifted our internal approach to the IoT opportunity to step back from a focus on launching and scaling commercial products to one focused on research and advanced development," a Mozilla spokesman said in an email reply to questions. The open-source developer will dissolve its connected devices project, and will instead "incorporate our IoT explorations into an increased focus on emerging technologies."To read this article in full or to leave a comment, please click here

Lawsuit claims Apple broke FaceTime to force iOS 6 users to upgrade

Did Apple purposefully break iOS 6, rendering old iPhones unusable before their time? That’s the question at the heart of a new class-action lawsuit against the Cupertino company, which claims that Apple killed FaceTime in iOS 6 to avoid paying hefty licensing fees.The basis of the lawsuit, first reported by AppleInsider, comes from details that emerged last year in VirnetX’s patent infringement suit against the company. VirnetX licenses patents to technology companies, and one of those patents covers peer-to-peer audio and video transfer; Apple used peer-to-peer transfer to power FaceTime. When VirnetX, which has been described as a “patent troll,” came after Apple, the company switched to another relay method for FaceTime, using the third-party server Akami. That’s where things get tricky. Apple had to pay Akamai for that server usage to the tune of millions and millions of dollars. Faced with VirnetX’s patent infringement court win and mounting Akamai bills, Apple created a new peer-to-peer protocol for FaceTime in iOS 7.To read this article in full or to leave a comment, please click here

AT&T will prove 5G using open-source SDN technology

The blazing fast speed and low latency of 5G could suffer from the same obstacle that Gig-internet access does: a scarcity of apps that demonstrate its capabilities. Case in point: The Chattanooga municipal power company EPB slashed the price of Gig-internet to $69.95 per month because many customers opted for slower 100MB service at $59.95 because typical mobile and PC apps do not showcase the benefits of the top speed offering.It is a chicken and egg problem, or more aptly the chicken and the app problem. Without high-speed infrastructure, apps cannot be built that demonstrate the capabilities of 5G. And without apps, infrastructure will not reach cost effectiveness and be deployed at scale. 5G will not scale without distributing the cloud platforms into the network infrastructure running on software-defined networking (SDN) commodity hardware.To read this article in full or to leave a comment, please click here

UK defense secretary urges NATO to fend off Russian cyberattacks

The U.K.’s defense secretary is accusing Russia of using cyber attacks to “disable” democratic processes across the West, and he's demanding that NATO fight back.“NATO must defend itself as effectively in the cyber sphere as it does in the air, on land, and at sea,” Defense Secretary Michael Fallon said. “So adversaries know there is a price to pay if they use cyber weapons.”Fallon made the comments in a Thursday speech about the threat of “Russia’s military resurgence.”He pointed to the Kremlin’s suspected role in influencing last year’s presidential election in the U.S., as part of growing number of alleged cyber attacks that have targeted Western governments.   To read this article in full or to leave a comment, please click here

UK defense secretary urges NATO to fend off Russian cyberattacks

The U.K.’s defense secretary is accusing Russia of using cyber attacks to “disable” democratic processes across the West, and he's demanding that NATO fight back.“NATO must defend itself as effectively in the cyber sphere as it does in the air, on land, and at sea,” Defense Secretary Michael Fallon said. “So adversaries know there is a price to pay if they use cyber weapons.”Fallon made the comments in a Thursday speech about the threat of “Russia’s military resurgence.”He pointed to the Kremlin’s suspected role in influencing last year’s presidential election in the U.S., as part of growing number of alleged cyber attacks that have targeted Western governments.   To read this article in full or to leave a comment, please click here

US Immigration and Customs Enforcement nabs $20M in fake sports gear ahead of Super Bowl 51

Like clockwork, the week leading up to the Super Bowl has seen the federal government tear into the counterfeit sports gear element – this time seizing some $20 million worth of fake jerseys, hats, cell-phone accessories and thousands of other bogus items prepared to be sold to unsuspecting consumers.+More on Network World: 10 of the latest craziest and scariest things the TSA found on your fellow travelers+ ICE/DHS U.S. Immigration and Customs Enforcement (ICE) and Homeland Security Investigations (HSI) teams nabbed 260,000 counterfeit sports-related items during its annual, year-long Operation Team Player sting. Last year ICE seized nearly 450,000 phony items worth an estimated $39 million. In 2014 it grabbed 326,147 phony items worth more than $19.5 million.To read this article in full or to leave a comment, please click here

US Immigration and Customs Enforcement nabs $20M in fake sports gear ahead of Super Bowl 51

Like clockwork, the week leading up to the Super Bowl has seen the federal government tear into the counterfeit sports gear element – this time seizing some $20 million worth of fake jerseys, hats, cell-phone accessories and thousands of other bogus items prepared to be sold to unsuspecting consumers.+More on Network World: 10 of the latest craziest and scariest things the TSA found on your fellow travelers+ ICE/DHS U.S. Immigration and Customs Enforcement (ICE) and Homeland Security Investigations (HSI) teams nabbed 260,000 counterfeit sports-related items during its annual, year-long Operation Team Player sting. Last year ICE seized nearly 450,000 phony items worth an estimated $39 million. In 2014 it grabbed 326,147 phony items worth more than $19.5 million.To read this article in full or to leave a comment, please click here

IDG Contributor Network: A guide to hybrid cloud transformation

Enterprises have made it clear that when it comes to cloud computing, one size does not fit all.  What we’re hearing from the market is the need for consistency with choice, otherwise known as a balanced cloud platform. Unique business needs, along with security, geography and regulatory considerations, dictate a mixing and matching of both public and private cloud solutions—thus the rise of hybrid.Case in point, Forrester surveyed 1,000-plus North American and European enterprise decision makers and found that in the next 12 months 38 percent are building private clouds, 32 percent are building public clouds, and 59 percent are adopting a hybrid model.To read this article in full or to leave a comment, please click here

Microsoft will likely fix Windows SMB denial-of-service flaw on Patch Tuesday

Microsoft will likely wait until February 14 to fix a publicly disclosed vulnerability in the SMB network file sharing protocol that can be exploited to crash Windows computers. The vulnerability was disclosed Thursday when the security researcher who found it posted a proof-of-concept exploit for it on GitHub. There was concern initially that the flaw might also allow for arbitrary code execution and not just denial-of-service, which would have made it critical. The CERT Coordination Center (CERT/CC) at Carnegie Mellon University at first mentioned arbitrary code execution as a possibility in an advisory released Thursday. However, the organization has since removed that wording from the document and downgraded the flaw's severity score from 10 (critical) to 7.8 (high).To read this article in full or to leave a comment, please click here

Microsoft will likely fix Windows SMB denial-of-service flaw on Patch Tuesday

Microsoft will likely wait until February 14 to fix a publicly disclosed vulnerability in the SMB network file sharing protocol that can be exploited to crash Windows computers. The vulnerability was disclosed Thursday when the security researcher who found it posted a proof-of-concept exploit for it on GitHub. There was concern initially that the flaw might also allow for arbitrary code execution and not just denial-of-service, which would have made it critical. The CERT Coordination Center (CERT/CC) at Carnegie Mellon University at first mentioned arbitrary code execution as a possibility in an advisory released Thursday. However, the organization has since removed that wording from the document and downgraded the flaw's severity score from 10 (critical) to 7.8 (high).To read this article in full or to leave a comment, please click here

1 2,348 2,349 2,350 2,351 2,352 3,855