0

A Follow Up on SSH Bastion Hosts

This post is a follow-up on my earlier post on using an SSH bastion host. Since that article was published, I’ve gotten some additional information that I wanted to be sure to share with my readers. It’s possible that this additional information may not affect you, but I’ll allow you to make that determination based on your use case and your specific environment.

Agent Forwarding

You may recall that my original article said that you needed to enable agent forwarding, either via the -A command-line switch or via a ForwardAgent line in your SSH configuration file. This is unnecessary. (Thank you to several readers who contacted me about this issue.) I tested this several times using AWS instances, and was able to transparently connect to private instances (instances without a public IP address) via a bastion host without enabling agent forwarding. This is odd because almost every other tutorial I’ve seen or read instructs readers to enable agent forwarding. I’ve not yet determined why this is the case, but I’m going to do some additional testing and I’ll keep readers posted as I learn more.

Note that I’ve updated the original article accordingly.

The “-W” Parameter vs. Netcat

The Continue reading

0

Dell Gets Rid of Its Enterprise Content Business for $1.62B

EMC paid $1.7B for Documentum, back when.

0

Being pushed out of your comfort zone can make your IT career

“’Come to my office. You and I have something to talk about.’”That was the message John Marcante got from Vanguard’s then-chairman, Jack Brennan. It was a few months after Sept. 11, 2001. At the time, tragedy notwithstanding, Marcante was living his professional dream.Back then, he was leading all development for Vanguard’s institutional business. It was one of those jobs that many software-development pros view as the apex of their careers. The sales teams brought him to meet prospects. The client service teams wanted him out in front of valued clients, which included corporations and retirement plans.“That was a really cool job,” says Marcante, now CIO of Vanguard, “and I was in love with it.”To read this article in full or to leave a comment, please click here

0

Verizon buys Sensity and launches farm pilot with sensor tech

Verizon has been busy building a diverse Internet of Things (IoT) portfolio that includes sensors used on farms as well as on city streets.On Monday, the wireless carrier announced it is buying Sensity Systems for an undisclosed sum.Sensity, based in Sunnyvale, Calif., has focused on using energy-efficient LED lighting to help cities build an IoT platform on city streetlights. The platform can include the use of various sensors on a streetlight pole to monitor weather and city services ranging from parking to public safety.To read this article in full or to leave a comment, please click here

0

How Jefferson County’s IT Department Improved Their Security Posture with VMware NSX

Jefferson County, Colorado (“Jeffco”) is a local jurisdiction located against the beautiful Rocky Mountains and adjacent to the state capital in Denver.  Jeffco’s IT organization is charged with meeting the needs not only of the various internal departments of the county, but also of serving its half million residents.

As with most IT departments, Jeffco’s IT team has some key priorities to address, including modernizing application infrastructures and bringing more efficiency to business processes — all while fundamentally enhancing security.  It was these needs that led Jeffco to VMware NSX. “We’re doing as much as we can to simplify our infrastructure, yet provide more security, higher up time, and better performance,” says Matt Alexander, Senior Systems Administrator.

Like many other organizations, Jeffco first considered VMware NSX for micro-segmentation.  Their network had followed the traditional model of data center security: perimeter firewalls, DMZ, internal security zone.  But this legacy security model wasn’t enough.  Jeffco recognized the need to treat all network traffic — regardless of whether it originated inside or outside the data center — as potentially insecure.  “From a micro-segmentation and east-west firewalling perspective, we may have had the ability [in the past] but it was exceptionally expensive with physical Continue reading

0

25% off Black Diamond Spot Headlamp – Deal Alert

If you're camping, hunting, cycling, or even starting a generator in a power outage at night, a headlamp gives you a convenient hands-free light source, and this one from Black Diamond is capable of emitting a powerful 130 lumens of light, with several modes of operation -- low, high, strobe and a red LED mode for preservation of night vision. Power Tap technology allows you to quickly cycle through light modes with just a tap on the light housing vs. a switch or button press. The unit is also IPX4 splash resistant. Averaging 4.5 out of 5 stars from nearly 900 people (read reviews), its typical list price of $39.95 has been reduced to $29.88. See the discounted Black Diamond headlamp now on Amazon.To read this article in full or to leave a comment, please click here

0

Microsoft gets support for its fight against government gag orders

Microsoft has secured some big allies in a fight against the federal government, including three of its chief rivals, plus a hometown airline. 

Microsoft is fighting the government over its right to tell customers when federal agents request their data and emails. The company filed a lawsuit in April against the federal government, charging such gag orders violate the Constitution and threaten the future of cloud computing. 

+ Also on Network World: Microsoft says tech companies ‘whipsawed’ by conflicting laws on global data transfer +

To read this article in full or to leave a comment, please click here

0

Worth Reading: Hardware slaves to the master algorithm

Over the long course of IT history, the burden has been on the software side to keep pace with rapid hardware advances—to exploit new capabilities and boldly go where no benchmarks have gone before. However, as we swiftly ride into a new age where machine learning and deep learning take the place of more static applications and software advances are far faster than chipmakers can tick and tock to, hardware device makers are scrambling. —The Next Platform

The post Worth Reading: Hardware slaves to the master algorithm appeared first on 'net work.

0

MySQL zero-day exploit puts some servers at risk of hacking

A publicly disclosed vulnerability in the MySQL database could allow attackers to completely compromise some servers.The vulnerability affects "all MySQL servers in default configuration in all version branches (5.7, 5.6, and 5.5) including the latest versions," as well as the MySQL-derived databases MariaDB and Percona DB, according to Dawid Golunski, the researcher who found it.The flaw, tracked as CVE-2016-6662, can be exploited to modify the MySQL configuration file (my.cnf) and cause an attacker-controlled library to be executed with root privileges if the MySQL process is started with the mysqld_safe wrapper script.The exploit can be executed if the attacker has an authenticated connection to the MySQL service, which is common in shared hosting environments, or through an SQL injection flaw, a common type of vulnerability in websites.To read this article in full or to leave a comment, please click here

0

Network Break 103: Dell, EMC Unite; HPE, Intel Sell Parts

Todays Network Break digs into the official union of Dell & EMC, analyzes software spin-outs by HPE & Intel, speculates on a Cisco acquisition & more The post Network Break 103: Dell, EMC Unite; HPE, Intel Sell Parts appeared first on Packet Pushers.

0

SoftBank Will Build LoRa IoT Network Followed by NB-IoT & CAT-M

As founding member of the LoRa Alliance, it's no surprise SoftBank is deploying a LoRaWAN network.

0

Aruba Offers On-Demand Network Products

The HPE company now sells subscription-based networking products.

0

snaproute Go BGP Code Dive (10): Moving to Established

In the last post on this topic, we traced how snaproute’s BGP code moved to the open state. At the end of that post, the speaker encodes an open message using packet, _ := bgpOpenMsg.Encode(), and then sends it. What we should be expecting next is for an open message from the new peer to be received and processed. Receiving this open message will be an event, so what we’re going to need to look for is someplace in the code that processes the receipt of an open message. All the way back in the fifth post of this series, we actually unraveled this chain, and found this is the call chain we’re looking for—

• func (st *OpenSentState) processEvent()
• st.fsm.StopConnectRetryTimer()
• bgpMsg := data.(*packet.BGPMessage)
• if st.fsm.ProcessOpenMessage(bgpMsg) {
  • st.fsm.sendKeepAliveMessage()
  • st.fsm.StartHoldTimer()
  • st.fsm.ChangeState(NewOpenConfirmState(st.fsm)) }

I don’t want to retrace all those steps here, but the call to func (st *OpenSentState) processEvent() (around line 444 in fsm.go) looks correct. The call in question must be a call to a function that processes an event while the peer is in the open state. This call seems to satisfy both Continue reading

0

Verizon Continues Development of Smart Cities with Sensity Acquisition

Verizon adds another IoT company to its portfolio.

0

Deep Learning Architectures Hinge on Hybrid Memory Cube

We have heard about a great number of new architectures and approaches to scalable and efficient deep learning processing that sit outside of the standard CPU, GPU, and FPGA box and while each is different, many are leveraging a common element at all-important memory layer.

The Hybrid Memory Cube (HMC), which we expect to see much more of over the coming year and beyond, is at the heart of several custom architectures to suit the deep learning market. Nervana Systems, which was recently acquired by Intel (HMC maker, Micron’s close partner), Wave Computing, and other research efforts all see a …

Deep Learning Architectures Hinge on Hybrid Memory Cube was written by Nicole Hemsoth at The Next Platform.

0

Worth Reading: gRPC

HTTP’s convenience comes with a huge performance trade-off, which takes us back to the issue of finding the most optimal communication framework for microservices. Enter gRPC, the modern, lightweight communication protocol from Google. It’s a high-performance, open-source universal remote procedure call (RPC) framework that works across a dozen languages running in any OS. Within the first year of its launch, gRPC was adopted by CoreOS, Netflix, Square, and Cockroach Labs among others. —New Stack

The post Worth Reading: gRPC appeared first on 'net work.

0

40% off First Alert Dual Photoelectric and Ionization Sensor Smoke Alarm – Deal Alert

The BRK 3120B smoke detector from First Alert contains technology that many experts are now recommending -- dual sensors. A photoelectric sensor detects slow and smoldering fires, while an ionization sensor can detect often fast moving open flames. Your current detectors may have only one or the other, so if you're due (or overdue) for new ones, it might be something to consider. This model is hardwired with a battery backup (see below for non-hardwired model), so all units interconnect. When an alarm is triggered, indicator lights let you know which detector was the initiator, so there's no guessing. If being used in a public area, the BRK 3120B also has locking features that prevent theft of the battery or the unit itself. It averages 4.5 out of 5 stars from over 220 people (read reviews) and you can buy it now on Amazon for $29.97.To read this article in full or to leave a comment, please click here

0

Debian Stable 8.5: Like Ubuntu’s early days

I spend a significant portion of my life installing and testing distributions of Linux-based systems. It’s really rather ridiculous.Even obscure ones—ones that never stand a chance of being listed on the likes of DistroWatch—find their way onto my drives. I can’t help it. It’s an addiction.But you know which one I haven’t installed in a long, long while? Debian. Not some Debian-derived system, like the ones that get a lion’s share of the media attention, but pure Debian. I haven’t loaded it in eons. I know, weird, right?So, I installed it. Debian Stable. Code-name “Jessie.” Originally released as version 8.0 in April 2015—then given the ole’ “point-5” update to 8.5 in June 2016.To read this article in full or to leave a comment, please click here

0

OpenText to buy Dell EMC’s enterprise content division

Canadian enterprise information management vendor OpenText has agreed to buy Dell Technologies' EMC enterprise content division for US$1.62 billion in a deal that, the companies say, will allow them to focus on their core missions.The acquisition of the "highly profitable" Dell EMC Enterprise Content Division will allow OpenText to expand its related services to Asia and Africa and across a larger customer base, including the healthcare and oil production industries, said OpenText CEO and CTO Mark Barrenechea. To read this article in full or to leave a comment, please click here

0

Docker at Tech Field Day 2016

Save the date!  This coming Thursday Docker is excited to host the delegates of Cloud Field Day at our headquarters for a deep dive into the Docker platform. Cloud Field Day is part of a series of Tech Field Day events that bring together technology companies and IT thought leaders to talk shop with technology and insights.

 

Cloud Field Day will be live and in person at Docker HQ but anyone can join in by participating in the live stream.  Docker will be featured at 1pm on Thursday Sept 15th. Join us by visiting the Cloud Field Day event page.

Cloud field day is just one in a series of Tech Field Day sessions coordinated by IT industry veterans Stephen Foskett and Tom Hollingsworth. Learn more about the whole Tech Field Day series here.

 

 

 

ICYMI:  Our very own Mike Coleman, spoke at the Tech Field Day Express at VMworld.  In this one hour session, Mike walked a group of vExperts through an introduction to containers, what the new end to end application workflow looks like and an overview of Docker 1.12 with built in orchestration.

 

Intro to Docker

Build, Ship, Run Continue reading