The IoT is uranium

Does the thought of 600 Gbps-plus of traffic hitting your URLs excite you? Do you get tingles up and down your spine thinking about watching your line of business apps frying? Perhaps that wonderful text, where an alert from you financial processor says “We’ve gone black, again, and expect to be back online perhaps maybe possibly tonight” thrills you.The Internet of Thingies (IoT) is actually nuclear, and we’ve witnessed the first use of a nuclear internet weapon. Brian Krebs’ Krebs on Security site was smashed. It could happen to you. To read this article in full or to leave a comment, please click here

snaproute Go BGP Code Dive (11): Moving to Open Confirm

In the last post in this series, we began considering the bgp code that handles the open message that begins moving a new peer to open confirmed state. This is the particular bit of code of interest—

case BGPEventBGPOpen:
  st.fsm.StopConnectRetryTimer()
  bgpMsg := data.(*packet.BGPMessage)
  if st.fsm.ProcessOpenMessage(bgpMsg) {
    st.fsm.sendKeepAliveMessage()
    st.fsm.StartHoldTimer()
    st.fsm.ChangeState(NewOpenConfirmState(st.fsm))
  }

We looked at how this code assigns the contents of the received packet to bgpMsg; now we need to look at how this information is actually processed. bgpMsg is passed to st.fsm.ProcessOpenMessage() in the next line. This call is preceded by the st.fsm, which means this function is going to be found in the FSM, which means fsm.go. Indeed, func (fsm *FSM) ProcessOpenMessage... is around line 1172 in fsm.go—

func (fsm *FSM) ProcessOpenMessage(pkt *packet.BGPMessage) bool {
 body := pkt.Body.(*packet.BGPOpen)

 if uint32(body.HoldTime) < fsm.holdTime {
  fsm.SetHoldTime(uint32(body.HoldTime), uint32(body.HoldTime/3))
 }

 if body.MyAS == fsm.Manager.gConf.AS {
  fsm.peerType = config.PeerTypeInternal—
 } else {
  fsm.peerType = config.PeerTypeExternal
 }

 afiSafiMap := packet.GetProtocolFromOpenMsg(body)
 for protoFamily, _ := range afiSafiMap {
  if fsm. Continue reading

IDG Contributor Network: Sensors come home

For hundreds of years, engineers have built sensors into systems and devices to gather information from the physical world. Sensors have done much to automate systems, make the world smarter and advance our way of life, but only recently have consumers engaged with sensor information in personal ways.+ Also on Network World: Homeland Security issues call to action on IoT security +The sensor industry is growing at a very healthy pace. “The IoT (Internet of Things) is impacting growth across many market sectors, including sensors, where the number of units produced and employed will exceed 35 billion units by 2018,” according to Semico Research & Consulting Group. Vendors are shipping discrete sensors, as well as combo sensors that incorporate more than one function.To read this article in full or to leave a comment, please click here

22% off ThermaCELL Mosquito Repellent Pest Control Outdoor and Camping Lantern – Deal Alert

The Thermacell Mosquito Repellent Lantern effectively repels mosquitoes and other biting insects in a 15 x 15-foot zone. It has no open flames, operates on a single butane cartridge, and is perfect for a deck, porch or campsite. It averages 4.5 out of 5 stars on Amazon and is currently discounted to $31.02. See it now on Amazon.To read this article in full or to leave a comment, please click here

Armies of hacked IoT devices launch unprecedented DDoS attacks

Security researchers have been warning for years that poor security for internet of things devices could have serious consequences. We're now seeing those warnings come true, with botnets made up of compromised IoT devices  capable of launching distributed denial-of-service attacks of unprecedented scale. Octave Klaba, the founder and CTO of French hosting firm OVH, sounded the alarm on Twitter last week when his company was hit with two concurrent DDoS attacks whose combined bandwidth reached almost 1 terabit per second. One of the two attacks peaked at 799Gbps alone, making it the largest ever reported.To read this article in full or to leave a comment, please click here

Armies of hacked IoT devices launch unprecedented DDoS attacks

Security researchers have been warning for years that poor security for internet of things devices could have serious consequences. We're now seeing those warnings come true, with botnets made up of compromised IoT devices  capable of launching distributed denial-of-service attacks of unprecedented scale. Octave Klaba, the founder and CTO of French hosting firm OVH, sounded the alarm on Twitter last week when his company was hit with two concurrent DDoS attacks whose combined bandwidth reached almost 1 terabit per second. One of the two attacks peaked at 799Gbps alone, making it the largest ever reported.To read this article in full or to leave a comment, please click here

Illusive Networks seeks to slow Swift attackers through deception

Today's savvy bank robbers don't break into vaults looking for gold or diamonds: They're more likely to be hacking networks looking for access to the Swift payment system. Illusive Networks wants to catch them in the act.In February, hackers exploited Bangladesh Bank's access to the Swift fund transfer network to steal US$81 million -- and almost got away with $951 million.They had infiltrated the bank's network, installing malware on the Swift Alliance Access server that exchanged messages with the gateway to Swift's secure fund transfer system. They used the bank's Swift credentials to order payments, while their malware interfered with the printing of confirmation messages, delaying the bank's discovery of the electronic heist.To read this article in full or to leave a comment, please click here

Illusive Networks seeks to slow Swift attackers through deception

Today's savvy bank robbers don't break into vaults looking for gold or diamonds: They're more likely to be hacking networks looking for access to the Swift payment system. Illusive Networks wants to catch them in the act.In February, hackers exploited Bangladesh Bank's access to the Swift fund transfer network to steal US$81 million -- and almost got away with $951 million.They had infiltrated the bank's network, installing malware on the Swift Alliance Access server that exchanged messages with the gateway to Swift's secure fund transfer system. They used the bank's Swift credentials to order payments, while their malware interfered with the printing of confirmation messages, delaying the bank's discovery of the electronic heist.To read this article in full or to leave a comment, please click here

Asynchronous Docker metrics

Docker allows large numbers of lightweight containers can be started and stopped within seconds, creating an agile infrastructure that can rapidly adapt to changing requirements. However, the rapidly changing populating of containers poses a challenge to traditional methods of monitoring which struggle to keep pace with the changes. For example, periodic polling methods take time to detect new containers and can miss short lived containers entirely.

This article describes how the latest version of the Host sFlow agent is able to track the performance of a rapidly changing population of Docker containers and export a real-time stream of standard sFlow metrics.
The diagram above shows the life cycle status events associated with a container. The Docker Remote API provides a set of methods that allow the Host sFlow agent to communicate with the Docker to list containers and receive asynchronous container status events. The Host sFlow agent uses the events to keep track of running containers and periodically exports cpu, memory, network and disk performance counters for each container.

The diagram at the beginning of this article shows the sequence of messages, going from top to bottom, required to track a container. The Host sFlow agent first registers for container Continue reading

The U.S. presidential candidates on technology, privacy issues

With the general election creeping ever closer here in the United States, now seemed like a good time to get an official stance from the four presidential candidates who will be on the ballot about critical issues around technology and privacy.

I narrowed my list of questions for them down to just four (my original list was around 12) in order to make this easy for each campaign to answer. And each campaign was asked the exact same questions—with no variation whatsoever.

Even so, the only campaign to respond to me in any real way was Jill Stein’s. The Hillary Clinton, Gary Johnson and Donald Trump campaigns declined to provide concrete stances or clarifications—though I did get some helpful links from a Johnson surrogate.

To read this article in full or to leave a comment, please click here

The U.S. presidential candidates on technology, privacy issues

With the general election creeping ever closer here in the United States, now seemed like a good time to get an official stance from the four presidential candidates who will be on the ballot about critical issues around technology and privacy.I narrowed my list of questions for them down to just four (my original list was around 12) in order to make this easy for each campaign to answer. And each campaign was asked the exact same questions—with no variation whatsoever.Even so, the only campaign to respond to me in any real way was Jill Stein’s. The Hillary Clinton, Gary Johnson and Donald Trump campaigns declined to provide concrete stances or clarifications—though I did get some helpful links from a Johnson surrogate.To read this article in full or to leave a comment, please click here

Docker containers are coming to Windows

When most people think of application containers – one of the most popular new trends in how software is built and run by developers – they associate the technology very closely with Linux.Now, Docker Inc. – perhaps the most well-known container startup - is teaming up with Microsoft to integrate Docker Engine in Windows Server.+MORE AT NETWORK WORLD: Review: Windows Server 2016 steps up security, cloud support +Microsoft announced the news at its Ignite event in Atlanta this week, along with the general availability of Windows Server and Windows Systems Center 2016.To read this article in full or to leave a comment, please click here

Microsoft continues pushing hybrid cloud with new launches

Microsoft continued its push to get companies on the hybrid cloud train on Monday, with the launch of several products all tailored at helping bridge on-premises datacenters and the public cloud.The company announced that Windows Server 2016 and System Center 2016 will be available for purchase on October 1, and generally available in mid-October. On top of that, it unveiled new Azure functionality that makes it easier to monitor both public cloud infrastructure and on-premises datacenters in one control plane.The second technical preview of Azure Stack is now also broadly available, after Microsoft launched it in private beta last month.To read this article in full or to leave a comment, please click here

Clonezilla Server Edition Installation on Ubuntu

clonezilla-logo

The tutorial describes installation steps for Clonezilla Server Edition (SE) on Ubuntu 16.04.1 LTS using a Bash script. Clonezilla is OpenSource Cloning System (OCS) and it is a partition and disk imaging/cloning program . It helps you to do system deployment, bare metal backup and recovery. Two types of Clonezilla are available, Clonezilla live and Clonezilla SE (server edition).

Clonezilla live is suitable for single machine backup and restore. Clonezilla SE is for massive deployment because it can clone many computers simultaneously. Clonezilla saves and restores only used blocks in the hard disk. It decreases time and saves the hard disk space and increases the clone efficiency.

Clonezilla is a part of DRBL (Diskless Remote Boot in Linux) which provides a diskless environment for client machines. Therefore we need to install and configure DRBL server first. I created DRBL deployment script deploy_drbl.sh that helps you to install DRBL and configure server on Ubuntu with a single Ethernet card. You have to provide only the name of Ethernet interface and the script creates virtual interface for you based on your physical interface. It also downloads a DRBL project public key, download and install drbl package from repository. The script starts interactive Bash and Perl scripts that come with Continue reading

Real-time Insights Into App Delivery with Ansible Tower Data in Splunk

 Ansible-Tower-and-Splunk-blog.png

Here at Ansible by Red Hat, we’re always looking for ways to make Ansible more useful when automating all the things.

That being said, most people know this UI when they see it:

Splunk-Ansible-App-Screen-1.png


When we ask Ansible users about their favorite tools, Splunk is a very common answer. Splunk software is at its most powerful when it is used to aggregate and correlate data from numerous sources across your environment. However, there hasn't been an easy way to use Splunk to analyze data from Ansible Tower job runs.

Not any longer. Today we’re happy to announce the result of our latest integration project - the Ansible Tower App for Splunk.

Splunk-Ansible-App-Screen-2.png


The value of analytics platforms such as Splunk, is the ability to collect and correlate machine data including environment events with the actions that caused them. Application lifecycle management teams need the ability to correlate deployment-related data (i.e. Tower job runs) with host events (i.e. system and service logs).

Picture the following scenario:
A development team is working to release a new version of their application. What is the easiest way for a team to validate the success of the application deployment process?

The Ansible Tower app for Splunk allows a team to deploy Continue reading

1 2,643 2,644 2,645 2,646 2,647 3,840