[minipost] Capturing bidirectional traffic of virtual machine (VMs) on vmWare ESX 6.x

Here I was getting a trouble with communication between an ESX virtual machine and the nearby switch (Nuage/DCN controller VM talking with a VTEP switch if someone is interested) and because that switch was direct destination of the control plane packets (OVSDB over TCP) I was not having much success creating a mirroring interface on the switch. So I learned how to capture a specific virtual machine traffic directly on the ESXi host’s SSH console and to not forget that, I will document this here.

Step 1 – enable SSH to the ESX host

In most cases this is not running by default, so go to the ESXi server direct terminal or iLo and via “F2″enter system customization and enter troubleshooting section:

ESX host troubleshooting options location

ESX host troubleshooting options location

Right behind this menu should be “SSH Enable” option, and you simply hit that with enter ?

ALTERNATIVE: If you have vCenter deployed, you can use its GUI to enable SSH on a specific host like this:

Locate ESX Host in vCenter and open its security profile

Locate ESX Host in vCenter and open its security profile

Inside security profiles enable SSH server

Inside security profiles enable SSH server

Step 2 – locating switchport ID

My virtual machine was called “DCN4.0R5_VSC1” and was simply connected to logical vswitch0 in Continue reading

Nerd Alert! You need a Christmas tree for your car!

What makes this product truly nerdy is that you have to be kind of a nerd to drive around with a lit up Christmas tree on your car roof. A PR company recently sent me a sample of the aptly named Christmas Car Tree and, natch, I had to, er, test drive it. The Christmas Car Tree It’s easy to assemble, solidly made (it’s got a metal, bolt-together frame), and unless you're driving a Ferrari, this 30-inch tree isn’t going to come loose. The Christmas Car Tree has 70 LEDs in multiple colors and can be folded flat so you can get into low garages.To read this article in full or to leave a comment, please click here

Cisco dents Arista again with patent infringement ruling

A US trade judge ruled today that Arista Networks infringed on two Cisco switch patents – the second important victory the networking giant has won against Arista in their ongoing legal confrontation since it began in 2014.U.S. International Trade Commission Judge MaryJoan McNamara issued the so-called “initial determination” on the case which now must be reviewed by the ITC. In the end should the ITC find against Arista its switches could once again be banned from import into the US. The ITC you may recall ruled against Arista in another part of this case and between June and August the company could not import those products. In November Arista announced that US Customs has given it permission to resume importing its networking gear in the United States.To read this article in full or to leave a comment, please click here

Cisco dents Arista again with patent infringement ruling

A US trade judge ruled today that Arista Networks infringed on two Cisco switch patents – the second important victory the networking giant has won against Arista in their ongoing legal confrontation since it began in 2014.U.S. International Trade Commission Judge MaryJoan McNamara issued the so-called “initial determination” on the case which now must be reviewed by the ITC. In the end should the ITC find against Arista its switches could once again be banned from import into the US. The ITC you may recall ruled against Arista in another part of this case and between June and August the company could not import those products. In November Arista announced that US Customs has given it permission to resume importing its networking gear in the United States.To read this article in full or to leave a comment, please click here

Cisco dents Arista again with patent infringement ruling

A US trade judge ruled today that Arista Networks infringed on two Cisco switch patents – the second important victory the networking giant has won against Arista in their ongoing legal confrontation since it began in 2014.U.S. International Trade Commission Judge MaryJoan McNamara issued the so-called “initial determination” on the case which now must be reviewed by the ITC. In the end should the ITC find against Arista its switches could once again be banned from import into the US. The ITC you may recall ruled against Arista in another part of this case and between June and August the company could not import those products. In November Arista announced that US Customs has given it permission to resume importing its networking gear in the United States.To read this article in full or to leave a comment, please click here

OpenStack SDN With OVN (Part 2) – Network Engineering Analysis

In this post we will see how OVN implements virtual networks for OpenStack. The structure of this post is such that starting from the highest level of networking abstraction we will delve deeper into implementation details with each subsequent section. The biggest emphasis will be on how networking data model gets transformed into a set of logical flows, which eventually become OpenFlow flows. The final section will introduce a new overlay protocol GENEVE and explain why VXLAN no longer satisfies the needs of an overlay protocol.

Continue reading

CCIE/CCDE Re-certification Time Again – Go for it? … or Emeritus?

It is “that” time again.  Time to start studying for one of the CCxE (CCIE/CCDE) re-certifications. Got my 1st CCIE back in 1997.  A couple years later my CCIE SNA/IP.  Then back in 2009 I passed my “favorite E” – the CCDE.  And now?   I’ll tell you a secret that I actually haven’t told anyone at all except for my wife. — I am so tired of studying for the writtens. I prefer spending my time getting my hands dirty in the lab at work in CPOC, learning new technologies, reading pcap files, technically reviewing books, writing blogs, making youtubes, CiscoLive….. Anything but studying… yet again…. just to pass a CCxE written.  Especially now with the 10% “evolving technologies” add.  For the past few months I’ve been trying so hard to get myself to sit down and do some studying.  It has really been a struggle to get myself to study and I have rescheduled my exam twice so far. It has just been really hard to find the motivation when there are so many other things I’d prefer to be doing.

To make matters worse, each and every time I actually Continue reading

6 network and security trends you can expect in 2017

‘Tis the season for tech bloggers to prognosticate and pontificate about the trends for the next year.  This is also the time of year when we fondly reflect on the amazing rate of innovation during the past year and try to imagine how the pace of new technology will continue to accelerate. When publicly making these types of predictions, it is prudent to write about trends that are probable, and it is unwise to write about things that are too far-reaching. Along these lines, here are six network and security technology predictions that are probable for 2017.1. Malware will continue to evolve Malware has been the most effective way for attackers to reach targets globally.  Malware propagation has been the definitive attack method for the past few years, and now the effectiveness of most antivirus products is called into question. More and more security vendors offer malware defenses, but not all of these vendor’s solutions are completely effective as malware continues to metamorphize.To read this article in full or to leave a comment, please click here

Tips for Troubleshooting Apps in Production with Docker Datacenter

If you have been using Docker for some time, after the initial phases of building Dockerfiles and running a container here and there, the real work begins in building, deploying and operating multi-container applications in a production environment.  Are you operationally ready to take your application to production? Docker Datacenter provides an integrated management framework for your Dockerized environment and applications and when coupled with clear strategies in approaching and resolving anomalies, IT ops teams can be assured in successfully operationalizing Docker.

Let’s use a sports metaphor to approach troubleshooting:

  • Pre-Game will cover the planning phase for your applications
  • Game Time will cover troubleshooting tools available in Docker Datacenter
  • Post-Game will discuss complementary tools to aid in ongoing insights

Pre-Game

Whether or not you are sports fan, you can appreciate the importance of the planning out any task. This is no different than what you would do for your applications. Health checks are a great way to provide a deeper level of insight into how your application is performing. Since Docker 1.12 there is a new HEALTHCHECK directive. We can use this directive to signal to the Docker Engine whether or not the application is healthy.

There are a two ways to implement the HEALTHCHECK Continue reading

Why CISOs succeed and why they leave

Earlier this year, ESG and the Information Systems Security Association (ISSA) published a research report titled, The State of Cyber Security Careers. The report was based on a survey of 437 cybersecurity professionals, the clear majority of which were ISSA members.Two-thirds of these cybersecurity professionals worked at an organization that employed a CSO or CISO. These individuals were then asked to identify the most important qualities that make a successful CISO. Here is a sample of the results: 50% of respondents said strong leadership skills were most important 47% of respondents said strong communication skills were most important 30% of respondents said a strong relationship with business executives was most important 29% of respondents said a strong relationship with the CIO and other members of the IT leadership team was most important 23% of respondents said strong management skills were most important Based upon this list, it’s clear that successful CISOs need to be strong business people who can work with business and IT executives. This is an important consideration since many security professionals are deeply rooted in the technology rather than the business aspects of infosec.To read this article in full or to leave a comment, please Continue reading

Why CISOs succeed and why they leave

Earlier this year, ESG and the Information Systems Security Association (ISSA) published a research report titled, The State of Cyber Security Careers. The report was based on a survey of 437 cybersecurity professionals, the clear majority of which were ISSA members.Two-thirds of these cybersecurity professionals worked at an organization that employed a CSO or CISO. These individuals were then asked to identify the most important qualities that make a successful CISO. Here is a sample of the results: 50% of respondents said strong leadership skills were most important 47% of respondents said strong communication skills were most important 30% of respondents said a strong relationship with business executives was most important 29% of respondents said a strong relationship with the CIO and other members of the IT leadership team was most important 23% of respondents said strong management skills were most important Based upon this list, it’s clear that successful CISOs need to be strong business people who can work with business and IT executives. This is an important consideration since many security professionals are deeply rooted in the technology rather than the business aspects of infosec.To read this article in full or to leave a comment, please Continue reading

Why CISO Succeed and Why They Leave

Earlier this year, ESG and the Information Systems Security Association (ISSA) published a research report titled, The State of Cyber Security Careers.  The report was based on a survey of 437 cybersecurity professionals, the clear majority of which were ISSA members.Two-thirds of these cybersecurity professionals worked at an organization that employed a CSO or CISO.  These individuals were then asked to identify the most important qualities that make a successful CISO.  Here is a sample of the results: 50% of respondents said that strong leadership skills were most important 47% of respondents said that strong communication skills were most important 30% of respondents said that a strong relationship with business executives was most important 29% of respondents said that a strong relationship with the CIO and other members of the IT leadership team was most important 23% of respondents said that strong management skills were most important Based upon this list, it’s clear that successful CISOs need to be strong business people who can work with business and IT executives.  This is an important consideration since many security professionals are deeply rooted in the technology rather than the business aspects of infosec.To Continue reading

Intel, Microsoft going long distance with Cortana on Windows 10 PCs

Intel and Microsoft are working on technology allowing you to shout out commands to Cortana or activate a Windows 10 PC from sleep mode without being all that close to it.The chipmaker is working with Microsoft to add "far-field speech recognition" technology, where one can shout out Cortana commands to a Windows PC from longer distances."Soon, you’ll be able to speak to your PC from a distance and access all of your information on the device and in the cloud," Navin Shenoy is senior vice president and general manager for the Client Computing Group for Intel, said in a blog entry this week. To read this article in full or to leave a comment, please click here

Obama orders review of election hacks as Trump doubts Russia’s role

President Barack Obama has ordered U.S. intelligence agencies to conduct a full review of the cyberattacks that allegedly tried to disrupt this year's election, as his successor Donald Trump casts doubt over Russia's possible involvement. Obama's homeland security advisor Lisa Monaco first mentioned the need for the review while speaking to reporters on Friday morning, according to Politico."We may be crossed into a new threshold, and it is incumbent upon us to take stock of that, to review, to conduct some after-action, to understand what this means, and to impart those lessons learned," Monaco reportedly said.To read this article in full or to leave a comment, please click here

Obama orders review of election hacks as Trump doubts Russia’s role

President Barack Obama has ordered U.S. intelligence agencies to conduct a full review of the cyberattacks that allegedly tried to disrupt this year's election, as his successor Donald Trump casts doubt over Russia's possible involvement. Obama's homeland security advisor Lisa Monaco first mentioned the need for the review while speaking to reporters on Friday morning, according to Politico."We may be crossed into a new threshold, and it is incumbent upon us to take stock of that, to review, to conduct some after-action, to understand what this means, and to impart those lessons learned," Monaco reportedly said.To read this article in full or to leave a comment, please click here