General – The Future of Networking – Pete Lumbis

The next person I interviewed about the future of networking is my friend Pete Lumbis. Pete used to be the routing escalations TAC leader at Cisco and now he is working at Cumulus as a SE. Pete holds both a CCIE and a CCDE.

Daniel: The networking world is changing. What are the major changes coming up in the next few years that you think we will see?

Pete: Automation is the big thing these days. Either through APIs or abstraction tools like Ansible or Puppet. I think there will be more embracing of automation, but as a side effect I think we will have to start building networks that are more automation friendly by creating fewer exceptions and one-offs. This also touches on a larger point which is the need to build systems and networks that are less fragile. Automation is less scary when you have an architecture that can tolerate some level of failure.

Daniel: What are the major skills that people in networking need to learn to stay ahead of the curve?

Pete: Fundamentals don’t change. ARP is ARP. MAC addresses still have 48-bits. Understanding fundamentals will always be key. Beyond that it’s going to be about Continue reading

And this is why you need automation

I stumbled upon a great description of how you can go bankrupt in 45 minutes due to a manual deployment process. The most relevant part of it:

Any time your deployment process relies on humans reading and following instructions you are exposing yourself to risk. Humans make mistakes. The mistakes could be in the instructions, in the interpretation of the instructions, or in the execution of the instructions.

And no, it's not just application deployment. A similar disaster could happen in your network.

Bitfinex asks users to share losses of bitcoin theft

Bitfinex, the digital currency exchange in Hong Kong that reported a bitcoin theft last week, has decided to shave a little over 36 percent from its customers' accounts and assets to make up for losses from the hack.“Upon logging into the platform, customers will see that they have experienced a generalized loss percentage of 36.067%,” Bitfinex said in a blog post Saturday. It promised an announcement later on the details of the methodology used to arrive at the losses."This is the closest approximation to what would happen in a liquidation context," Bitfinex wrote. Customers will be issued a token labeled BFX to record their losses, though the exchange is still not clear about how it will compensate them.To read this article in full or to leave a comment, please click here

Hairpinning traffic through ASA with State Bypass

Several years ago I wrote an article about the Woes of Using an ASA as a Default Gateway. I have received a lot of feedback about this post and recently had a request for an update around ASA > 8.3. When building this scenario out with current ASA code, I found that the base NAT configuration (internet only PAT) had no bearing on the hairpin configuration. As expected, I found the same challenge around state bypass. I wanted to share a current post that demonstrates the challenges and solutions when traffic is bounced off the inside interface of the ASA.

The requirements of the configuration are as follows–

• TestHost must be able to Telnet and Ping to Internet and PartnerHost
• The inside interface of asav-1 must be the default gateway for TestHost
• asav-1 is doing PAT for Internet destined traffic
• PartnerRTR and ParnterHost have been preconfigured as shown above

The following are the base configurations for all of the devices. The configuration of asav-1 does not seem to allow communication from TestHost to PartnerHost (100.1.1.0/24 network).

TestHost Configuration

hostname TestHost
!
interface GigabitEthernet2
 description to iosvl2-1
 ip address 10.1.1.5 255.255.255.0
!
ip route 0.0. Continue reading

23% off HDMI Cloner Box for Gaming or HD Video Stream Capture, No PC needed – Deal Alert

Here's a device any gamer or video enthusiast may want to have on hand. Connect a game console, DVD, or any video source to this gadget via its HDMI input, and with the push of a button it captures and saves the video stream to any attached USB flash drive, with no PC required. Advanced hardware H.264 encoding captures your live gameplay or video playback in 1080p Full HD, while keeping the file size low and capturing speeds high. Averaging 4 out of 5 stars on Amazon from over 170 customers (read reviews), the gadget's $129.99 list price has been reduced 23% to $99.99. With the unit you'll get a free 16gb USB stick to get you started (enough for several hours of video). See the discounted cloner box now on Amazon.To read this article in full or to leave a comment, please click here

Hacking computer monitors to spy, steal data and manipulate what you see

The list of ways we can be spied upon seems nearly endless, but you can add one more to that list: active screen snooping via your vulnerable monitor. And that’s just one flavor of attack that can be pulled off by exploiting monitors.You might not agree with everything you read online, but you can usually trust that what you are reading was actually published somewhere by someone. Whether or not you like what the balance is in your banking account, most folks would not expect that number to be faked. The same would be true for a person monitoring critical infrastructure, but the information being displayed on a computer monitor can be manipulated and may not be the truth.To read this article in full or to leave a comment, please click here

Hacking monitors for spying, stealing data, manipulating what you see on the screen

The list of ways we can be spied upon seems nearly endless, but you can add one more to that list: active screen snooping via your vulnerable monitor. And that’s just one flavor of attack that can be pulled off by exploiting monitors.You might not agree with everything you read online, but you can usually trust that what you are reading was actually published somewhere by someone. Whether or not you like what the balance is in your banking account, most folks would not expect that number to be faked. The same would be true for a person monitoring critical infrastructure, but the information being displayed on a computer monitor can be manipulated and may not be the truth.To read this article in full or to leave a comment, please click here

Hacking monitors for spying, stealing data, manipulating what you see on the screen

The list of ways we can be spied upon seems nearly endless, but you can add one more to that list: active screen snooping via your vulnerable monitor. And that’s just one flavor of attack that can be pulled off by exploiting monitors.You might not agree with everything you read online, but you can usually trust that what you are reading was actually published somewhere by someone. Whether or not you like what the balance is in your banking account, most folks would not expect that number to be faked. The same would be true for a person monitoring critical infrastructure, but the information being displayed on a computer monitor can be manipulated and may not be the truth.To read this article in full or to leave a comment, please click here

High-security electronic safes can be hacked through power and timing analysis

Some consumer safes protected with electronic locks are quite easy to hack using basic techniques. Others, though, like those made to store guns, are designed to resist expert manipulation.However, one hacker demonstrated at the DEF CON security conference Friday that even high-security rated electronic safe locks are susceptible to side-channel attacks typically used against cryptosystems.Side-channel attacks involve techniques like analyzing power fluctuations and variations in the time it takes operations to complete on an electronic device. By monitoring these values when the system checks the user's input against a stored value, attackers can incrementally recover encryption keys or, in the case of electronic safe locks, the correct access code.To read this article in full or to leave a comment, please click here

High-security electronic safes can be hacked through power and timing analysis

Some consumer safes protected with electronic locks are quite easy to hack using basic techniques. Others, though, like those made to store guns, are designed to resist expert manipulation.However, one hacker demonstrated at the DEF CON security conference Friday that even high-security rated electronic safe locks are susceptible to side-channel attacks typically used against cryptosystems.Side-channel attacks involve techniques like analyzing power fluctuations and variations in the time it takes operations to complete on an electronic device. By monitoring these values when the system checks the user's input against a stored value, attackers can incrementally recover encryption keys or, in the case of electronic safe locks, the correct access code.To read this article in full or to leave a comment, please click here

Microduino mCookie; a platform for experimenting with the Internet of Things. Great idea but …

If you’re experimenting with the Internet of Things, you now have a huge range of platforms to choose from. Many of these platforms are essentially bare boards and hooking up sensors often requires adding breadboards, breaking out the soldering iron, and down and dirty wiring. While there’s nothing actually wrong with any of this as a way to experiment and develop ideas, it’s less than ideal where getting quickly from a concept to a working device is the goal. So it was that Microduino’s mCookie system was designed to make IoT experimentation fast and easy as well as inexpensive.To read this article in full or to leave a comment, please click here

A supercomputer is taking on humans in a hacking contest at DEF CON

Can a supercomputer beat humans in a hacking contest? We're about to find out.For the first time, a fully automated supercomputer is trying to compete with humans in a major hacking contest, and so far the machine is hanging in there.The supercomputer, known as Mayhem, is among the teams taking part in this year’s Capture the Flag contest at the DEF CON security conference in Las Vegas.The game involves detecting vulnerabilities in software and patching them, and humans have been playing it at DEF CON for years.Now computers are getting in on the act. DARPA, a U.S. defense agency, recently held an all-machine competition, awarding $2 million to the team that did best.To read this article in full or to leave a comment, please click here

A supercomputer is taking on humans in a hacking contest at DEF CON

Can a supercomputer beat humans in a hacking contest? We're about to find out.For the first time, a fully automated supercomputer is trying to compete with humans in a major hacking contest, and so far the machine is hanging in there.The supercomputer, known as Mayhem, is among the teams taking part in this year’s Capture the Flag contest at the DEF CON security conference in Las Vegas.The game involves detecting vulnerabilities in software and patching them, and humans have been playing it at DEF CON for years.Now computers are getting in on the act. DARPA, a U.S. defense agency, recently held an all-machine competition, awarding $2 million to the team that did best.To read this article in full or to leave a comment, please click here

This PC monitor hack can manipulate pixels for malicious effect

Don’t believe everything you see. It turns out even your computer monitor can be hacked.On Friday, researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.To read this article in full or to leave a comment, please click here

This PC monitor hack can manipulate pixels for malicious effect

Don’t believe everything you see. It turns out even your computer monitor can be hacked.On Friday, researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.To read this article in full or to leave a comment, please click here

Bigfoot data: Disney patent to track visitors by their shoes

We are truly in the era of all-encompassing analytics. Today, everything you click on, everything you post, where you go, what you purchase, and who you’re connected to are all data points to be captured, categorized, cross-indexed, tabulated, and analyzed. “O! M! G!” you may be muttering “Will surveillance never end?” Sure it will end. When hell freezes over. Nope, the surveillance cat is out of the bag, the monitoring pigeon has flown the coup, and the privacy bridge has been burnt. Welcome to the future. As if to underline that reality, the latest foray into quantifying you, has just been patented by Disney. In a recent filing titled System and method using foot recognition to create a customized guest experience, the company that bought you “a people trap run by a rat” (I kid you with love, Disney) has raised (lowered?) the bar on knowing who you are by proposing that they will track you by looking at ... wait for it ... your footwear.To read this article in full or to leave a comment, please click here

Bigfoot data: Disney patent to track visitors by their shoes

We are truly in the era of all-encompassing analytics. Today, everything you click on, everything you post, where you go, what you purchase, and who you’re connected to are all data points to be captured, categorized, cross-indexed, tabulated, and analyzed. “O! M! G!” you may be muttering “Will surveillance never end?” Sure it will end. When hell freezes over. Nope, the surveillance cat is out of the bag, the monitoring pigeon has flown the coup, and the privacy bridge has been burnt. Welcome to the future. As if to underline that reality, the latest foray into quantifying you, has just been patented by Disney. In a recent filing titled System and method using foot recognition to create a customized guest experience, the company that bought you “a people trap run by a rat” (I kid you with love, Disney) has raised (lowered?) the bar on knowing who you are by proposing that they will track you by looking at ... wait for it ... your footwear.To read this article in full or to leave a comment, please click here

SDxCentral Weekly News Roundup — August 5, 2016

Big Switch Networks announced the company’s launch in Australia.

Docker SF Meetup #47; Docker 1.12, Docker for Mac and Tugbot

On Wednesday members of the Docker SF Meetup community joined us at Docker HQ for our 47th Docker meetup in San Francisco! It was a great evening with talks and demos from Docker’s own Ben Bonnefoy, Nishant Totla, as well as Neil Gehani from HPE.

Continue reading

Continuous Integration Testing on Docker Cloud

This is a guest post by Stephen Pope & Kevin Kaland from Project Ricochet

Docker Cloud is a SaaS solution hosted by Docker that gives teams the ability to easily manage, deploy, and scale their Dockerized applications.
Continue reading