Suspect arrested in 5-year-old kernel.org breach

Five years after a security breach forced the Linux Foundation to take kernel.org offline and to rebuild several of its servers, police have arrested a suspect in the case.Donald Ryan Austin, a 27-year-old computer programmer from El Portal, Florida, was arrested during a traffic stop on Aug. 28 based on a sealed indictment returned by a federal grand jury in the Northern District of California in June.Austin is charged with intentionally damaging four protected servers operated by the Linux Foundation and one of its members in 2011. More specifically, the programmer is accused to have installed rootkit and trojan software on the servers in order to steal the credentials of authorized users connecting to them via SSH (Secure Shell).To read this article in full or to leave a comment, please click here

Suspect arrested in 5-year-old kernel.org breach

Five years after a security breach forced the Linux Foundation to take kernel.org offline and to rebuild several of its servers, police have arrested a suspect in the case.Donald Ryan Austin, a 27-year-old computer programmer from El Portal, Florida, was arrested during a traffic stop on Aug. 28 based on a sealed indictment returned by a federal grand jury in the Northern District of California in June.Austin is charged with intentionally damaging four protected servers operated by the Linux Foundation and one of its members in 2011. More specifically, the programmer is accused to have installed rootkit and trojan software on the servers in order to steal the credentials of authorized users connecting to them via SSH (Secure Shell).To read this article in full or to leave a comment, please click here

5 important reasons you should learn scripting

scripting-blurToday’s IT landscape if full of software defined marketecture, and lore of a dystopian future full of network engineers that do nothing but write code. But in reality, there are plenty of actual reasons you should be learning programming, or at least some basic scripting.  For many network engineers programming is not new, we have all been hacking together shell, Perl and Python for a VERY long time. While the requirements in the future may change, today it is not necessary to become half network engineer half software engineer, but learning the basics now will keep you in the know. Learning the basics of logic and loop statements will not only help you speed up day to day tasks, but it will help you understand other languages as you expand your knowledge in the future. So, here are my top 10 reasons I think you need to learn scripting.

1: Automation can save you time

Writing a script for common / repetitive tasks can save you a staggering amount of time. Over the years I have written hundreds of scripts to aide in everything from Data Center VLAN/SVI management to banning/unbanning MAC addresses from multiple wireless lan controllers.

2: Continue reading

Arista And Streaming Telemetry

On todays Weekly Show, we talk network telemetry with our sponsor, Arista Networks. Telemetry gives you deeper visibility into the network in near real time, and when combined with analytics can provide useful insights for operators. The post Show 304: Arista And The Brave New World Of Streaming Telemetry (Sponsored) appeared first on Packet Pushers.

Best practices for incident response in the age of cloud

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.Most CISOs receive a rude awakening when they encounter their first major security issue in the cloud. If they identify a critical vulnerability that requires a patch, they may not have the authorization to tweak the cloud provider's pre-packaged stack. And if the customer does not own the network, there may not be a way to access details that are critical to investigating an incident.In order to avoid a major security issue in the cloud, CISO’s must  have an incident response plan.  Here is how to build one:To read this article in full or to leave a comment, please click here

Best practices for incident response in the age of cloud

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.

Most CISOs receive a rude awakening when they encounter their first major security issue in the cloud. If they identify a critical vulnerability that requires a patch, they may not have the authorization to tweak the cloud provider's pre-packaged stack. And if the customer does not own the network, there may not be a way to access details that are critical to investigating an incident.

In order to avoid a major security issue in the cloud, CISO’s must  have an incident response plan.  Here is how to build one:

To read this article in full or to leave a comment, please click here

Apple quashes 3 zero-days with emergency Mac update

Apple yesterday issued an emergency security update for the Mac, patching the same trio of vulnerabilities the company fixed last week on the iPhone. According to one of the groups that first revealed the flaws, the vulnerabilities could have been "weaponized" for use against OS X, the Mac's operating system. The out-of-band update was aimed at OS X El Capitan (aka 10.11) and Yosemite (10.10), the 2015 and 2014 editions, respectively. Older versions, including 2014's OS X Mavericks, went unpatched: Apple is nearing the release of its annual Mac operating system upgrade and thus the end of support for the edition of three years ago. Like the urgent update Apple released last week for the iPhone -- iOS 9.3.5 -- the Mac patches quash three bugs, two in the operating system's kernel and the third in the Safari browser.To read this article in full or to leave a comment, please click here

Apple quashes 3 zero-days with emergency Mac update

Apple yesterday issued an emergency security update for the Mac, patching the same trio of vulnerabilities the company fixed last week on the iPhone. According to one of the groups that first revealed the flaws, the vulnerabilities could have been "weaponized" for use against OS X, the Mac's operating system. The out-of-band update was aimed at OS X El Capitan (aka 10.11) and Yosemite (10.10), the 2015 and 2014 editions, respectively. Older versions, including 2014's OS X Mavericks, went unpatched: Apple is nearing the release of its annual Mac operating system upgrade and thus the end of support for the edition of three years ago. Like the urgent update Apple released last week for the iPhone -- iOS 9.3.5 -- the Mac patches quash three bugs, two in the operating system's kernel and the third in the Safari browser.To read this article in full or to leave a comment, please click here

U.S. cloud vendors adjust to Snowden effect, Privacy Shield

When whistleblower Edward Snowden shocked the world in 2013 by revealing that the NSA was allegedly siphoning data from U.S. internet companies, pundits proclaimed that winter was coming for American cloud vendors in Europe. Evidence now suggests those fears may have been overblown.IDC said this month that U.S. cloud vendors have increased their combined cloud infrastructure revenue two-and-a-half-times in Western Europe, topping $2 billion since the Snowden Effect was supposed to freeze the market. Amazon Web Services (AWS), Microsoft, Alphabet’s Google and IBM increased their market share by a third in the region, hitting 40 percent in 2015.To read this article in full or to leave a comment, please click here

Peanuts with a purpose: Sen.se unveils new smart sensors at IFA

Expecting people to figure out what its Cookie multipurpose smart sensors could be used for didn't work out so well for Sen.se. It's trying a different approach with its new Peanut sensors: application-specific packaging that sells the purpose, not the product.The first Peanut, launched Thursday, is a thermometer presented as a way to get alerts if a child's room gets too cold or a refrigerator too hot.Future Peanuts, all in the same 7.5-gram, 45 x 25 x 5 millimeter case, will contain different sensors and be packaged as an alarm clock/sleep monitor (SleepPeanut), a medication reminder (MedPeanut), or a remote control (PeanutButton). Sen.se plans to release a new reason to connect things to the internet every six weeks.To read this article in full or to leave a comment, please click here

Best Deals of the Week, August 29 – September 2 – Deal Alert

Best Deals of the Week, August 29 - September 2 - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of August 29th. All items are highly rated, and dramatically discounted!43% off NETGEAR AC750 WiFi Range ExtenderIf you're struggling with wifi dead zones, boost the range of your existing WiFi and create a stronger signal in hard-to-reach areas with a wifi extender, like this one from Netgear. The AC750's design is compact and discrete. Plug it into a wall outlet and it delivers AC dual band WiFi up to 750 Mbps from your existing wifi network. 2.4Ghz and 5Ghz both supported. This model averages 4 out of 5 stars from nearly 12,000 people on Amazon (read reviews) and its typical list price of $69.98 has been reduced a generous 43% to just $39.99. To read this article in full or to leave a comment, please click here

Microsoft bug bounty program adds .NET Core and ASP.NET Core

Microsoft has expanded its bug bounty programs to cover the open-source .NET Core and ASP.NET Core application development platforms.The .NET Core and ASP.NET Core technologies are used to create server applications that can run on Windows, Linux, and Mac. The ability to write code once and have it run on multiple platforms have made these technologies popular with enterprise software developers.Microsoft will pay monetary rewards between US$500 and $15,000 for critical vulnerabilities in the RTM (release to manufacturing), Beta, or RC (release candidate) releases of these platforms.Flaws in Microsoft's cross-platform Kestrel web server are also covered by the new bug bounty program, as well as vulnerabilities in the default ASP.NET Core templates provided with the ASP.NET Web Tools Extension for Visual Studio 2015 or later.To read this article in full or to leave a comment, please click here

Multi-site with Cross-VC NSX: Consistent Security and Micro-segmentation Across Sites

Several posts have been written prior on multi-site with Cross-VC NSX describing the fundamentals, use cases, deployment models, and flexibility Cross-VC NSX provides. In this post, we focus on the security benefits of a multi-site Cross-VC NSX solution.

Prior Cross-VC NSX Blogs:
Cross-VC NSX: Multi-site Deployments with Ease and Flexibility
NSX-V: Multi-site Options and Cross-VC NSX Design Guide
Enhanced Disaster Recovery with Cross-VC NSX and SRM
Cross-VC NSX for Multi-site Solutions

So, why multi-site with Cross-VC NSX? The following five reasons should be enough for you to seriously consider Cross-VC NSX as a solution for your multi-site needs:

1.) Centralized Management
Centralized management of security policies across multiple vCenter domains/sites. You have one central location to configure security policies and only write the security policy once, which is then applied across all vCenter domains/sites.

Figure 1 Central Management of Security Policies Across Sites from Primary NSX Manager

Figure 1 Central Management of Security Policies Across Sites from Primary NSX Manager


2.) Consistent Security Across vCenter Domains/Sites
Consistent security policies across vCenter domains/sites provided automatically by Cross-VC NSX enables enhanced workload mobility. Security policies are configured on the primary NSX Manager and automatically synced to the secondary NSX Managers providing for uniform security across all sites.

Figure 2 Consistent Security Across Sites with Universal Distributed Firewall

Figure 2 Consistent Security Across Sites Continue reading

Using BGP in Leaf-and-Spine Fabrics

In the Leaf-and-Spine Fabric Designs webinar series we started with the simplest possible design: non-redundant server connectivity with bridging within a ToR switch and routing across the fabric.

After I explained the basics (including routing protocol selection, route summarization, link aggregation and addressing guidelines), Dinesh Dutt described how network architects use BGP when building leaf-and-spine fabrics.

Watch the video

HPE said to plan sale of its software unit

Hewlett Packard Enterprise is said to be looking to sell its software division, which would include the business from its disastrous acquisition of Autonomy in 2011, according to news reports.The enterprise IT company that emerged from the breakup of Hewlett-Packard has been restructuring its operations recently, including a US$8.5 billion deal announced in May to spin off and merge its enterprise services business with CSC. A sale of the software business would leave the company focused largely on servers, networking, storage, business critical systems and technology services.To read this article in full or to leave a comment, please click here

Details Emerge On China’s 64-Core ARM Chip

While the world awaits the AMD K12 and Qualcomm Hydra ARM server chips to join the ranks of the Applied Micro X-Gene and Cavium ThunderX processors already in the market, it could be upstart Chinese chip maker Phytium Technology that gets a brawny chip into the field first and also gets traction among actual datacenter server customers, not just tire kickers.

Phytium was on hand at last week’s Hot Chips 28 conference, showing off its chippery and laptop, desktop and server machines employing its “Earth” and “Mars” FT series of ARM chips. Most of the interest that people showed in

Details Emerge On China’s 64-Core ARM Chip was written by Timothy Prickett Morgan at The Next Platform.

1 2,700 2,701 2,702 2,703 2,704 3,843