0

Application Security Report: Q2 2023

Cloudflare has a unique vantage point on the Internet. From this position, we are able to see, explore, and identify trends that would otherwise go unnoticed. In this report we are doing just that and sharing our insights into Internet-wide application security trends.

This report is the third edition of our Application Security Report. The first one was published in March 2022, with the second published earlier this year in March, and this is the first to be published on a  quarterly basis.

Since the last report, our network is bigger and faster: we are now processing an average of 46 million HTTP requests/second and 63 million at peak. We consistently handle approximately 25 million DNS queries per second. That's around 2.1 trillion DNS queries per day, and 65 trillion queries a month. This is the sum of authoritative and resolver requests served by our infrastructure. Summing up both HTTP and DNS requests, we get to see a lot of malicious traffic. Focusing on HTTP requests only, in Q2 2023 Cloudflare blocked an average of 112 billion cyber threats each day, and this is the data that powers this report.

But as usual, before we dive in, Continue reading

0

An August reading list about online security and 2023 attacks landscape

In 2023, cybersecurity continues to be in most cases a need-to-have for those who don’t want to take chances on getting caught in a cyberattack and its consequences. Attacks have gotten more sophisticated, while conflicts (online and offline, and at the same time) continue, including in Ukraine. Governments have heightened their cyber warnings and put together strategies, including around critical infrastructure (including health and education). All of this, at a time when there were never so many online risks, but also people online — over five billion in July 2023, 64.5% of the now eight billion that are the world’s total population.

Here we take a look at what we’ve been discussing in 2023, so far, in our Cloudflare blog related to attacks and online security in general, with several August reading list suggestions. From new trends, products, initiatives or partnerships, including AI service safety, to record-breaking blocked cyberattacks. On that note, our AI hub (ai.cloudflare.com) was just launched.

Throughout the year, Cloudflare has continued to onboard customers while they were being attacked, and we have provided protection to many others, including once.net, responsible for the 2023 Eurovision Song Contest online voting system Continue reading

0

Manage OSPF for network automation with Ansible validated content

In the quickly evolving networking environment, efficient management of routing protocols is essential for reliable and optimized network performance.

Red Hat Ansible Automation Platform is a powerful tool for streamlining repetitive tasks and orchestrating complex network configurations. One crucial aspect of platform-agnostic network management is the management of routing protocols, and in this blog post, we'll explore how Ansible Automation Platform can be utilized to manage OSPF (Open Shortest Path First), a widely used dynamic routing protocol.

At AnsibleFest 2022 we announced a new form of content included in the platform, called Ansible validated content.  We also have detailed blogs on Network Automation with Ansible Validated Content using the network.base collection, and BGP Management with Ansible Validated Content using the network.bgp collection. Now, we are adding a network validated content Collection called network.ospf to manage your OSPF protocols. 

OSPF is a widely used dynamic routing protocol, and Ansible Automation Platform can significantly streamline the management of OSPF configurations. In this blog post, we will explore the benefits of managing OSPF with Ansible Automation Platform, including some practical examples of how to automate common OSPF tasks that are part of network management.

 

Network OSPF Continue reading

0

Network Break 443: Nuclear DCs, Mobile Cars, Fibrechannel, Open Source And Cheese

We’ve got more durm and strang in open source license debate, cars that don't work wihtout a network, something mumble something Fibrechannel, a security acquisition by Check Point, cheesy microchips and more.

0

Network Break 443: Nuclear DCs, Mobile Cars, Fibrechannel, Open Source And Cheese

We’ve got more durm and strang in open source license debate, cars that don't work wihtout a network, something mumble something Fibrechannel, a security acquisition by Check Point, cheesy microchips and more.

The post Network Break 443: Nuclear DCs, Mobile Cars, Fibrechannel, Open Source And Cheese appeared first on Packet Pushers.

0

netlab 1.6.1: BGP Reports, Markdown Support

We added just a few small features in netlab release 1.6.1¹:

• Markdown reports: netlab report command can produce Markdown-formatted reports, making it extremely easy to include them in your documentation (assuming you’re using Markdown to write it)
• If you’re using BGP in your labs, you can generate reports on BGP autonomous systems and BGP neighbors.
• I made locations of default files configurable. I’m using this feature in large projects where I want to have a shared set of project-wide defaults for topologies stored in different directories.

0

netlab 1.6.1: BGP Reports, Markdown Support

We added just a few small features in netlab release 1.6.1¹:

• Markdown reports: netlab report command can produce Markdown-formatted reports, making it extremely easy to include them in your documentation (assuming you’re using Markdown to write it)
• If you’re using BGP in your labs, you can generate reports on BGP autonomous systems and BGP neighbors.
• I made locations of default files configurable. I’m using this feature in large projects where I want to have a shared set of project-wide defaults for topologies stored in different directories.

0

Building a VXLAN Lab Using Nexus9000v

As I dive into the world of VXLAN, I will need a lab as that is the best way to deepen the learning process and to get hands-on experience with a protocol. I will be building a Cisco Nexus9000v lab in VMware ESX but the same images can be used in CML, EveNG, GNS3, etc. The lab is based on the following topology:

The specific platform I’ll use is the Nexus9300v which has the following requirements:

• 1 vCPU (2 recommended).
• 10 GB of RAM (12 GB recommended).

Note that there is also a Nexus9500v image which is a 16-slot modular chassis. As I have no need for multiple slots, and it requires more CPUs, I will not be using this image.

The specific image I am using is nexus9300v64.10.2.5.M.ova, which is NX-OS version 10.2.5.

Deploying the OVA can take some time but is otherwise straightforward. Refer to my post on caveats for more details.

I have mapped the different NICs to different port groups:

The mgmt0 interface is mapped to my management network so that I can SSH to the devices. I have also created specific port groups for the interconnections between leaf Continue reading

0

Weekend Reads 081823

A group of academics has devised a “deep learning-based acoustic side-channel attack” that can be used to classify laptop keystrokes that are recorded using a nearby phone with 95% accuracy.

Of all vertical industries, manufacturing saw a 42% increase in total victims between Q4 2021 and Q4 2022, underscoring the potential threat to global supply chains.

In this article, we discuss the constant back and forth that has been going on for the last 5 years or so in protecting the privacy of data through FL. Just when it looks like FL is able to keep local data private, out comes a study to deflate us.

New research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access.

Luckily there is a huge amount of research underway to look for batteries that last longer, charge faster, and are made from more readily available minerals.

Vade’s Threat Intelligence and Response Center (TIRC) researchers analyzed what they dubbed the “Eevilcorp phishing campaign” and the malware its perpetrators used in depth.

The latest quarterly report from Backblaze on hard drive reliability reveals a rise in failures among certain drives.

In 2020 a Continue reading

0

Hedge 191: Power in the Data Center with Sarah Martin

While power is crucial for data centers, it’s also something network engineers don’t talk about a lot. In this episode of the Hedge, Sarah Martin from HED Design joins us to talk about the history, current state, and future of power in data centers.

download

0

9 career-boosting Wi-Fi certifications

If you’re looking to add more certifications to your resume, don’t forget about wireless. Whether you’re just starting your IT career, have been in IT before Wi-Fi was a thing, or even if you have a non-IT position, there are certifications to help prove your wireless knowledge and skills.For starters, there are vendor-neutral certifications from Certified Wireless Network Professionals (CWNP), one of the most popular programs in the wireless world. These are great if you aren’t already loyal to a networking brand. And even if you already have a favorite brand, these go deeper into the 802.11 standards and radio frequency (RF) technology without all the proprietary details and brand specifics.To read this article in full, please click here

0

Heavy Networking 695: Automating Network And Firewall Operations With BackBox (Sponsored)

On today's Heavy Networking we explore network and firewall automation with sponsor BackBox. BackBox has developed a platform that aims to deliver practical automation out of the box. We get under the hood to understand how it works, what it delivers, and how it addresses the challenges of network and security operations.

0

Heavy Networking 695: Automating Network And Firewall Operations With BackBox (Sponsored)

On today's Heavy Networking we explore network and firewall automation with sponsor BackBox. BackBox has developed a platform that aims to deliver practical automation out of the box. We get under the hood to understand how it works, what it delivers, and how it addresses the challenges of network and security operations.

The post Heavy Networking 695: Automating Network And Firewall Operations With BackBox (Sponsored) appeared first on Packet Pushers.

0

There’s more to more than meets the eye

The Linux more command is a fairly obvious command to use when you want to scan through a text file a screen at a time, but there still might be quite a few things you don’t know about this command. For one thing, you don’t have to start at the top of the file if you don’t want to. Add an argument like +20 and you will start with the 20th line in the file with a command like that shown below.$ man +20 myfile Note that the more command automatically adjusts itself to the number of lines in your terminal window. In addition, the last line displayed will not be a line from the file by default, but an indication of what percentage of the text has been displayed thus far – at least if there’s more text to follow. It will look like this:To read this article in full, please click here

0

There’s more to more than meets the eye

The Linux more command is a fairly obvious command to use when you want to scan through a text file a screen at a time, but there still might be quite a few things you don’t know about this command. For one thing, you don’t have to start at the top of the file if you don’t want to. Add an argument like +20 and you will start with the 20th line in the file with a command like that shown below.$ man +20 myfile Note that the more command automatically adjusts itself to the number of lines in your terminal window. In addition, the last line displayed will not be a line from the file by default, but an indication of what percentage of the text has been displayed thus far – at least if there’s more text to follow. It will look like this:To read this article in full, please click here

0

Micron launches CXL 2.0 memory expansion modules

Micron has introduced memory expansion modules that support the 2.0 generation of Compute Express Link (CXL) and come with up to 256GB of DRAM running over a PCIe x8 interface.CXL is an open interconnect standard with wide industry support that is meant to be a connection between machines allowing for the direct sharing of contents of memory. It is built on top of PCI Express for coherent memory access between a CPU and a device, such as a hardware accelerator, or a CPU and memory.PCIe is normally used in point-to-point communications, such as SSD to memory, while CXL will eventually support one-to-many communication. So far, CXL is capable of simple point-to-point communication only.To read this article in full, please click here

0

Micron launches CXL 2.0 memory expansion modules

Micron has introduced memory expansion modules that support the 2.0 generation of Compute Express Link (CXL) and come with up to 256GB of DRAM running over a PCIe x8 interface.CXL is an open interconnect standard with wide industry support that is meant to be a connection between machines allowing for the direct sharing of contents of memory. It is built on top of PCI Express for coherent memory access between a CPU and a device, such as a hardware accelerator, or a CPU and memory.PCIe is normally used in point-to-point communications, such as SSD to memory, while CXL will eventually support one-to-many communication. So far, CXL is capable of simple point-to-point communication only.To read this article in full, please click here

0

Fireside Chat: Enabling Network Resilience with Google’s Lihi Shadmi

Google’s Lihi Shadmi delivers a fireside chat during our 'Network Resilience Boot Camp' presented by Data Center Knowledge and Network Computing. This excerpt is from our live 'Network Resilience Boot Camp' virtual event moderated by Bonnie D. Graham on June 29, 2023.

0

Caveats When Deploying Nexus9000v

As I’m building a VXLAN lab based on Nexus9000v, I ran into some caveats while deploying. Some things are related to ESX (vSphere) only while others apply to also other platforms.

The boot process for Nexus9000v is a bit special. It requires using a serial console to access switch prompt and from there booting the NX-OS image. There are a few steps to enable this in vCenter. For the VM that was deployed using the OVA, edit settings of the VM and go to Virtual Hardware -> Serial port 1:

Use the following settings:

• Use Network.
• Direction – Server.
• Port URI – telnet://<portnumber>.

Note that when selecting a port number, it must be a port above 1024.

Next, under VM Options, go to Advanced and select Edit Configuration…

Click Add Configuration Params and add the following entry:

efi.serialconsole.enabled with a value of TRUE:

The server also needs to have firewall ports open. This is done by going to Configure -> System -> Firewall:

Make sure that VM serial port is enabled.

Then, power on the device which will boot to Loader. Boot on the image stored on bootflash:

Loader Version 5.9.3.94

loader  Continue reading

0

Getting Comfortable with the Command Line

More than a dozen years after the SDN brouhaha erupted, some people still haven’t got the memo on the obsolescence of CLI. For example, Julia Evans tries to make people comfortable with the command line. Has nobody told her it’s like teaching COBOL?

On a more serious note: you OUGHT TO master Linux CLI and be comfortable using CLI commands on network devices and servers. Her article has tons of useful tips and is definitely worth reading.