How to block phishers when they come a knockin’

Just like throwing out a fishing line into the water, a phisher waits for just the slightest nibble before pouncing on a network. Eyal Benishti, CEO of IronScales, says the way to cut off the phishers food supply is to first go to the core of the issue: employee awareness. The CEO notes that cybercriminals by nature are lazy. “If your organization is a tough nut to crack, they will move on to find more low-hanging fruit,” Benishti says. According to the Verizon data breach investigation report published earlier this year, phishing remains a major data breach weapon of choice. Trend Micro added that ransomware is expected to be one of the biggest threats in 2016 and that a single ransom demand will go much higher, reaching seven figures.To read this article in full or to leave a comment, please click here

Networking Needs Information, Not Data

Networking Field Day 12 starts today. There are a lot of great presenters lined up. As I talk to more and more networking companies, it’s becoming obvious that simply moving packets is not the way to go now. Instead, the real sizzle is in telling you all about those packets instead. Not packet inspection but analytics.

Tell Me More, Tell Me More

Ask any networking professional and they’ll tell you that the systems they manage have a wealth of information. SNMP can give you monitoring data for a set of points defined in database files. Other protocols like NetFlow or sFlow can give you more granular data about a particular packet group of data flow in your network. Even more advanced projects like Intel’s Snap are building on the idea of using telemetry to collect disparate data sources and build collection methodologies to do something with them.

The concern that becomes quickly apparent is the overwhelming amount of data being received from all these sources. It reminds me a bit of this scene:

How can you drink from this firehose? Maybe you should be asking if you should instead?

Order From Chaos

Data is useless. We need to perform analysis Continue reading

Microsoft patches 27 flaws in Windows, Office, IE, and Edge

Microsoft released another batch of security patches Tuesday, fixing 27 vulnerabilities in Windows, Microsoft Office, Internet Explorer, and its new Edge browser.The patches are organized in nine security bulletins, five of which are rated critical and the rest important, making this Microsoft patch bundle one of the lightest this year in terms of the number of patches.All of the issues resolved this month are in desktop deployments, but Windows servers might also be affected depending on their configuration."For example, Windows servers running Terminal Services tend to act as both desktop and server environments," said Tod Beardsley, security research manager at Rapid7, via email. However, the majority of Windows server admins out there can roll out patches at a fairly leisurely pace, he said.To read this article in full or to leave a comment, please click here

Microsoft patches 27 flaws in Windows, Office, IE, and Edge

Microsoft released another batch of security patches Tuesday, fixing 27 vulnerabilities in Windows, Microsoft Office, Internet Explorer, and its new Edge browser.The patches are organized in nine security bulletins, five of which are rated critical and the rest important, making this Microsoft patch bundle one of the lightest this year in terms of the number of patches.All of the issues resolved this month are in desktop deployments, but Windows servers might also be affected depending on their configuration."For example, Windows servers running Terminal Services tend to act as both desktop and server environments," said Tod Beardsley, security research manager at Rapid7, via email. However, the majority of Windows server admins out there can roll out patches at a fairly leisurely pace, he said.To read this article in full or to leave a comment, please click here

Label Switched Multicast – Ethernet Header

I got an interesting email from Ying Lu who had read my posts on LSM:

I am curious about the Ethernet DA and codepoint used for multicast MPLS. Previously, I understand that:

– Ethernet DA is unicast MAC of nexthop of each replication leg.

– codepoint is 0x8847

However, looking at RFC5332, I am not so sure…

Quote:

“Ethernet is an example of a multipoint-to-multipoint data link. Ethertype 0x8847 is used whenever a unicast ethernet frame carries an MPLS packet.

Ethertype 0x8847 is also used whenever a multicast ethernet frame carries an MPLS packet, EXCEPT for the case where the top label of the MPLS packet has been upstream-assigned.

Ethertype 0x8848, formerly known as the “MPLS multicast codepoint”, is to be used only when an MPLS packet whose top label is upstream assigned is carried in a multicast ethernet frame.

Interesting question. What is the ethernet destination address (DA) and the value of the ethernet type field (codepoint) when the MPLS packet is being sent on an LSM LSP?

Getting back into the lab, I started a ping from CE1 to a group that CE3 had joined. I then ran a sniff on the segment between P and PE3.

Examining the Continue reading

Datadog Integrates AWS Lambda

Datadog’s latest integration is one of 18 Amazon integrations.

Box extends its global push with new Zones in Canada and Australia

Box has made no secret of its global ambitions, and on Wednesday it advanced them another step by announcing two new regional "Zones" in Canada and Australia."Our mission is to build out the most advanced social cloud," said Aaron Levie, cofounder and CEO of the California-based company, in an interview. "We want to make sure we can deliver no matter what your security, compliance or data-residency requirements."Different countries have established different requirements for the treatment and storage of data, resulting in a complex landscape for companies to navigate. Delivered through partnerships with Amazon Web Services and IBM Cloud, Box Zones essentially allows companies to store data in the location of their choice. When the paid feature was announced in April, the first non-U.S. Zones were in Germany, Ireland, Japan, and Singapore.To read this article in full or to leave a comment, please click here

Why Box’s CEO is so cloud crazy

Aaron Levie, the outspoken founder and CEO of enterprise file sharing and storage powerhouse Box, foresees a time when all enterprise data will head to the cloud, and his company this week is introducing expanded capabilities to speed that transition. Levie talked to Network World this week ahead of the company’s news about its Zones and Accelerator projects, and also discussed start-ups, the march of the public cloud, and even his past work as a professional magician. As for Zones, these allow Box customers to specify a geographic area for their data to be stored in, to help them cope with compliance issues generated by laws that mandate certain information be stored. The project started with Germany, Ireland, Singapore and Japan, and today’s announcements say that Australia and Canada are up next. (Australian service should be available in the third quarter of this year, with Canada to follow in the fourth quarter.) Levie says this makes Box the “most global” solution in its market segment.To read this article in full or to leave a comment, please click here

Self-driving warehouse robots give Giant Eagle a lift

Wheels turning and forklifts filled—that’s one measure of success in any warehouse. If you can increase the amount of product picked up and put away, the more productive and cost efficient you are.For Pittsburgh-based retailer Giant Eagle, the key to making that happen is to operate vision-guided, autonomous vehicles—robots—in its distribution centers.+ Also on Network World: How IoT helps transplant surgeons track organ shipments +To read this article in full or to leave a comment, please click here

Seagate built a whopping 60TB SSD that it aims ship next year

There aren't many shockers when it comes to storage capacity, but try this one on for size: Seagate has announced a 60TB SSD that may ship as early as next year.Seagate showed the drive at the Flash Memory Summit in Silicon Valley on Tuesday. It called it a "technology demonstration," which means there could still be a few kinks to work out.But if Seagate can deliver as planned, the drive would have close to four times the capacity of the largest SSD available currently, Samsung's PM1633a SSD.The drive will be aimed at servers and flash arrays, where it could help meet the growing demand for storage fueled by mobile devices, online video and the emerging internet of things.To read this article in full or to leave a comment, please click here

Raspberry Pi in the sky: How to build this awesome $115 airplane tracker

If you've ever looked up at a plane and wondered where it's headed, this simple project is for you. Thanks to cheap, miniaturized electronics, you can now build a receiver that connects to your smartphone and shows details about all the aircraft in the sky around you. It takes less than an hour and costs about $115. The device receives and decodes ADS-B, a data broadcast from aircraft that transmits a callsign, location, altitude, speed and a few other bits of information. If you live near an airport or under a flight path, there's a good chance you can receive these transmissions easily.To read this article in full or to leave a comment, please click here

ThousandEyes Touts Enhanced End-User Experience

The Endpoint Agent specifically monitors the web/application layer and network layer from the end-user’s perspective

IDG Contributor Network: Datadog integrates with AWS Lambda, enables support for serverless architectures

I'm a big fan of so-called serverless architectures. The idea of these products is that developers don't have to think about spinning up servers to do some processing—rather a construct that goes something along the lines of "when trigger A happens, set off process B, and when process B is complete, your job is done" can be enabled.Amazon Web Services (AWS) was the first of the public cloud vendors to launch a serverless offering, AWS Lambda. Since then, it is an approach other players have followed.But while serverless offerings add massive value in terms of simplicity and economics, they provide challenges. The servers that run the actual code to process these events are not exposed to developers. As such, developers have zero visibility into how those servers are working and what they're up to.To read this article in full or to leave a comment, please click here

The 16 most pivotal events in Windows history

Thirty years of WindowsImage by Jeff ChristensenFor better or for worse, Windows has defined the modern era of personal computing. Microsoft’s signature OS runs on the vast majority of PCs worldwide, and it has also worked its way into servers, tablets, phones, game consoles, ATMs, and more. To read this article in full or to leave a comment, please click here

Review: 13 primo Python web frameworks

If you are developing a web application and have picked Python as the language to build it in, that’s a smart move. Python’s maturity of development, robust libraries, and breadth of real-world adoption have helped make it a no-brainer for web development.Zope2. Zope is not for simple RESTful APIs (per Bottle or Flask) or even basic websites with interactivity (à la Django). Rather, it’s meant to be a full-blown, enterprise-grade application server stack, similar to offerings for Java. The documentation describes the framework as “most useful for component developers, integrators, and web designers.” One major third-party product, the Plone CMS, uses Zope as its substrate and serves as a major driver of Zope’s continued development.To read this article in full or to leave a comment, please click here(Insider Story)

Bridging IT’s growing generation gap

Do millennials make up a substantial portion of your IT staff? If not, they will soon. Within a few years, millennials — roughly defined as people born after 1981 — will comprise the biggest demographic in the country, overtaking the baby boomers, who are today's most populous generation. By 2020, one-third of U.S. adults will be millennials, according to researchers at the University of Southern California. PricewaterhouseCoopers predicts that they will also account for more than 50% of the workforce by that time.To read this article in full or to leave a comment, please click here(Insider Story)

When will car manufacturers secure your vehicle?

Reduction in sales and damage to brand are potential bottom line impacts that auto manufacturers need to be concerned about when it comes to security risks and connected cars. According to a newly released IOActivereport , "Commonalities in Vehicle Vulnerabilities", authored by senior security consultant Corey Thuen, "39 percent of vulnerabilities are related to the network. This is a general category that includes all network traffic, such as Ethernet or web."Using security best practices publications to design connected cars can mitigate up to 45 percent of vulnerabilities, yet OBD2 adapters, telematics systems and other embedded devices remain security problems in the modern vehicle.To read this article in full or to leave a comment, please click here

When will car manufacturers secure your vehicle?

Reduction in sales and damage to brand are potential bottom line impacts that auto manufacturers need to be concerned about when it comes to security risks and connected cars. According to a newly released IOActivereport , "Commonalities in Vehicle Vulnerabilities", authored by senior security consultant Corey Thuen, "39 percent of vulnerabilities are related to the network. This is a general category that includes all network traffic, such as Ethernet or web."Using security best practices publications to design connected cars can mitigate up to 45 percent of vulnerabilities, yet OBD2 adapters, telematics systems and other embedded devices remain security problems in the modern vehicle.To read this article in full or to leave a comment, please click here

Cloud Migration Key Points To Consider

Managing Network Sprawl