IDG Contributor Network: How much does a data breach actually cost?

The American public has become so inured to data breaches that it’s difficult to remember them all. Infamous breaches like the ones at Target and Sony become almost forgettable when confronted with the recently disclosed half-billion accounts compromised at Yahoo in 2014.The numbers are simply staggering. It is estimated over 900,000,000 records of personally identifiable information (PII) have been stolen in the U.S. over the past few years. Keeping a memory of all the hacks and when they happened may require the use of complex data visualization.To read this article in full or to leave a comment, please click here

What’s New in Tower 3: Search

Ansible-Tower-3-blog-series.png

In July, we released Ansible Tower 3. In this blog series, we will take a deeper dive into Tower changes designed to make our product simpler and easier to scale Ansible automation across your environments. In our last post, our Principal Software Engineer Matt Jones highlighted what’s new for Tower 3 notifications.

If you’d like to learn more about the release, our Director of Product Bill Nottingham wrote a complete overview of the Tower 3 updates.

Simplifying Search

Tower gives you the ability to manage the use of Ansible for an entire enterprise, allowing you to potentially manage hundreds of Playbooks and thousands of hosts in a single place. Tower also gives you the ability to audit all types of usage through its integrated activity stream, which can be verbose. One of the goals of Tower 3 was to provide a consistent and full-featured user interface for dealing with these large collections of data.

In Tower 2, searching these collections was pretty limited. You could only make a single query for a particular collection. In Tower 3, we developed and implemented a tag-based searching system throughout the app, allowing you to chain multiple queries together so that you can quickly Continue reading

Configuring Raspberry Pi as a router

I'm setting up a little test network for IoT devices, one isolated a bit from my home network. This is a perfect job for a computer like the Raspberry Pi (or similar computers, such as the Odroid-C2, which is what I'm actually using here). I thought I'd blog the setup details in case anybody else wanted to setup their own isolated home network.

Choice of hardware

The Raspberry Pi B v3 is a fine choice, but there are many alternatives. I'm using the Odroid C2 instead. It's nearly the same, but the chief difference for my purposes is that the Ethernet adapter is native. On the RPi, the Ethernet adapter is actually connected via USB. Network utilities don't like USB Ethernet as much.

The choice of hardware dictates the operating system. Download the latest version of Ubuntu for the Odroid C2. They keep moving around where to get it, but you can google "odroid c2 downloads" to find it. My version is Ubuntu MATE 16.04 LTS.


Your home network

Your home network likely uses the addresses 192.168.1.xxx. This is also the range that most of the devices I'm testing will use as their initial defaults. Therefore, Continue reading

Pennsylvania man sentenced to 18 months for celeb hacking

A Pennsylvania man was sentenced to 18 months in federal prison on charges of hacking the Google and Apple email accounts of over 100 people including celebrities, and getting access to nude videos and photographs of some people.The sentencing against Ryan Collins, 36, of Lancaster is the offshoot of a Department of Justice investigation into the online leaks of photographs of numerous female celebrities in September 2014, widely referred to as "Celebgate."But DOJ has not found any evidence linking Collins to the actual leaks or the sharing and uploading of the content.Between November 2012 and early September 2014, Collins is said to have sent e-mails to victims that appeared to be from Apple or Google and asked them to provide their usernames and passwords. Having gained access to the email accounts, he got hold of personal information including nude photographs and videos, and in some cases used a software program to download the entire contents of the victims' Apple iCloud backups, according to DOJ.To read this article in full or to leave a comment, please click here

Pennsylvania man sentenced to 18 months for celeb hacking

A Pennsylvania man was sentenced to 18 months in federal prison on charges of hacking the Google and Apple email accounts of over 100 people including celebrities, and getting access to nude videos and photographs of some people.The sentencing against Ryan Collins, 36, of Lancaster is the offshoot of a Department of Justice investigation into the online leaks of photographs of numerous female celebrities in September 2014, widely referred to as "Celebgate."But DOJ has not found any evidence linking Collins to the actual leaks or the sharing and uploading of the content.Between November 2012 and early September 2014, Collins is said to have sent e-mails to victims that appeared to be from Apple or Google and asked them to provide their usernames and passwords. Having gained access to the email accounts, he got hold of personal information including nude photographs and videos, and in some cases used a software program to download the entire contents of the victims' Apple iCloud backups, according to DOJ.To read this article in full or to leave a comment, please click here

NAPALM Update on Software Gone Wild

We did a podcast describing NAPALM, an open-source multi-vendor abstraction library, a while ago, and as the project made significant progress in the meantime, it was time for a short update.

NAPALM started as a library that abstracted the intricacies of network device configuration management. Initially it supported configuration replace and merge; in the meantime, they added support for diffs and rollbacks

Read more ...

Personal data of 550,000 Red Cross blood donors was breached

The Australian Red Cross said its blood donor service has found that registration information of 550,000 donors had been compromised, which the agency blamed on human error by a third-party contractor.The moot issue at this point, which may decide how the breach unfolds, is that nobody knows how many people have the data. The information from 2010 to 2016 was available on the website from Sept. 5 to Oct. 25. this year.The database backup, consisting of 1.74GB with about 1.3 million records, contains information about blood donors, such as name, gender, physical address, email address, phone number, date of birth, blood type, country of birth, and previous donations, according to security researcher Troy Hunt.To read this article in full or to leave a comment, please click here

Personal data of 550,000 Red Cross blood donors was breached

The Australian Red Cross said its blood donor service has found that registration information of 550,000 donors had been compromised, which the agency blamed on human error by a third-party contractor.The moot issue at this point, which may decide how the breach unfolds, is that nobody knows how many people have the data. The information from 2010 to 2016 was available on the website from Sept. 5 to Oct. 25. this year.The database backup, consisting of 1.74GB with about 1.3 million records, contains information about blood donors, such as name, gender, physical address, email address, phone number, date of birth, blood type, country of birth, and previous donations, according to security researcher Troy Hunt.To read this article in full or to leave a comment, please click here

VRF-Aware SNMP on Brocade VDX

SNMP was not designed with VRFs in mind. Querying the routing table via SNMP did not take into account the idea of having multiple routing tables. But clearly it’s something people want to do, so some clever engineers figured out how to shoe-horn VRF contexts in. This week a customer asked me how to query the routing table for the non-default VRF on Brocade VDX switches. Here’s how to do it:

VRF Configuration

For this lab I have Loopback 1 in the default VRF, with an IP of 50.50.50.50/32. I’ve created another VRF called “internet”, and put Loopback 2 in that VRF, with IP 60.60.60.60/32. Now I have two different routing tables:

VDX6940-204063# sh run rb 1 int loop 1
rbridge-id 1
interface Loopback 1
no shutdown
ip address 50.50.50.50/32
!
!
VDX6940-204063# sh ip route
Total number of IP routes: 1
Type Codes - B:BGP D:Connected O:OSPF S:Static U:Unnumbered +:Leaked route; Cost - Dist/Metric
BGP Codes - i:iBGP e:eBGP
OSPF Codes -  Continue reading

VRF-Aware SNMP on Brocade VDX

SNMP was not designed with VRFs in mind. Querying the routing table via SNMP did not take into account the idea of having multiple routing tables. But clearly it’s something people want to do, so some clever engineers figured out how to shoe-horn VRF contexts in. This week a customer asked me how to query the routing table for the non-default VRF on Brocade VDX switches. Here’s how to do it:

VRF Configuration

I’m using a Brocade 6940 running NOS 7.0.1 here. Note that SNMP configuration changed around NOS 6.x, so if you’re running something older this may work differently.

For this lab I have Loopback 1 in the default VRF, with an IP of 50.50.50.50/32. I’ve created another VRF called “internet”, and put Loopback 2 in that VRF, with IP 60.60.60.60/32. Now I have two different routing tables:

VDX6940-204063# sh run rb 1 int loop 1
rbridge-id 1
interface Loopback 1
no shutdown
ip address 50.50.50.50/32
!
!
VDX6940-204063# sh ip route
Total number of IP routes: 1
Type Codes - B:BGP D:Connected O:OSPF S:Static U:Unnumbered +:Leaked route; Cost - Dist/Metric
BGP Codes - i:iBGP e:eBGP
OSPF Codes -  Continue reading

73% off TechMatte Air Vent Magnetic Universal Car Mount for Smartphones – Deal Alert

The MagGrip Vent Car Mount is a sturdy, cradle-less device holding system focused on simplicity. Pop it onto your car's air vent and magnets do all the work. Currently discounted to just $8 and averages 4.5 out of 5 stars on Amazon from over 7,000 people. Learn more, or buy it now, on Amazon.To read this article in full or to leave a comment, please click here

Malware from Friday’s DDoS attack continues to harass in short bursts

It's still unclear who pulled off Friday's massive internet disruption, but the malware largely responsible for the cyber attack has since assaulted new targets -- possibly including video gamers.Since last Friday, botnets created by the Mirai malware have been launching distributed denial-of-service attacks at seemingly random targets, in short bursts, according to a security researcher who goes by the name MalwareTech.He has tracked Mirai-powered botnets and helped produce a Twitter feed that monitors their DDoS attacks. On Wednesday alone, the feed posted close to 60 attacks, many of them lasting from 30 seconds to over a minute long.To read this article in full or to leave a comment, please click here

Malware from Friday’s DDoS attack continues to harass in short bursts

It's still unclear who pulled off Friday's massive internet disruption, but the malware largely responsible for the cyber attack has since assaulted new targets -- possibly including video gamers.Since last Friday, botnets created by the Mirai malware have been launching distributed denial-of-service attacks at seemingly random targets, in short bursts, according to a security researcher who goes by the name MalwareTech.He has tracked Mirai-powered botnets and helped produce a Twitter feed that monitors their DDoS attacks. On Wednesday alone, the feed posted close to 60 attacks, many of them lasting from 30 seconds to over a minute long.To read this article in full or to leave a comment, please click here

WISP Design: Using OSPF to build a transit fabric over unequal links

 

Defining the problem – unused capacity

One of the single greatest challenges if you have ever owned, operated or designed a WISP (Wireless Internet Service Provider) is using all of the available bandwidth across multiple PtP links in the network. It is very common for two towers to have multiple RF PtP (Point-to-Point) links between them and run at different speeds. It is not unusual to have a primary link that runs at near-gigabit speeds and a backup link that may range anywhere from 50 Mbps to a few hundred Mbps.

This provides a pretty clean HA routing architecture, but it leaves capacity in the network unused until there is a failure. One of the headaches WISP designers always face is how to manage and engineer traffic for sub-rate ethernet links – essentially links that can’t deliver as much throughput as the physical link to the router or switch. In the fiber world, this is pretty straightforward as two links between any two points can be the exact same speed and either be channeled together with LACP or rely on ECMP with OSPF or BGP.

However, in the WISP world, this becomes problematic, as the links are unequal and Continue reading

WISP Design: Using OSPF to build a transit fabric over unequal links

 

Defining the problem – unused capacity

One of the single greatest challenges if you have ever owned, operated or designed a WISP (Wireless Internet Service Provider) is using all of the available bandwidth across multiple PtP links in the network. It is very common for two towers to have multiple RF PtP (Point-to-Point) links between them and run at different speeds. It is not unusual to have a primary link that runs at near-gigabit speeds and a backup link that may range anywhere from 50 Mbps to a few hundred Mbps.

This provides a pretty clean HA routing architecture, but it leaves capacity in the network unused until there is a failure. One of the headaches WISP designers always face is how to manage and engineer traffic for sub-rate ethernet links – essentially links that can’t deliver as much throughput as the physical link to the router or switch. In the fiber world, this is pretty straightforward as two links between any two points can be the exact same speed and either be channeled together with LACP or rely on ECMP with OSPF or BGP.

However, in the WISP world, this becomes problematic, as the links are unequal and Continue reading

1 2,486 2,487 2,488 2,489 2,490 3,763