Thousands of Seagate NAS boxes host cryptocurrency mining malware

Thousands of publicly accessible FTP servers, including many from Seagate network-attached storage devices, are being used by criminals to host cryptocurrency mining malware.Researchers from security vendor Sophos made the discovery when they investigated a malicious program dubbed Mal/Miner-C, which infects Windows computers and hijacks their CPUs and GPUs to generate Monero, a bitcoin-inspired cryptocurrency.With most cryptocurrencies, users can generate new units by devoting their computing resources to solving complex math problems needed to validate transactions in the network. This process, known as "mining," provides an incentive for attackers to hijack other people's computers and use them for their own gain.To read this article in full or to leave a comment, please click here

Surfing On Tech Waves With Supermicro

If money were no object and accountants allowed companies to write off investments in systems instantly, then datacenters would be tossing hardware into the scrap heap as soon as new technology came along. But in the real world, companies have to take a more measured approach to adding new systems and upgrading old ones, and that can make the time when customers buy shiny new boxes a bit tough to predict.

Forecasting sales and trying to close them are two of the many challenges that all server, storage, and switching vendors face, and Supermicro, which straddles the line between the

Surfing On Tech Waves With Supermicro was written by Timothy Prickett Morgan at The Next Platform.

Open source routers deliver low cost, flexibility

Economical and flexibleOpen source software offers an economical and flexible option for deploying basic home, SMB or even enterprise networking. These open source products deliver simple routing and networking features, plus they are combined with security functionality, starting with a basic firewall and possibly including antivirus, antispam and Web filtering. These products can be downloaded and deployed on your own hardware, on a virtual platform, or in the cloud. Many of them sell pre-configured appliances as well. We reviewed five products: ClearOS, DD-WRT, pfSense, Untangle and ZeroShell. We found that ClearOS, pfSense, and Untangle could be appropriate for home use all the way up to the enterprise environment.To read this article in full or to leave a comment, please click here

Review: 5 open source alternatives for routers/firewalls

Open source software offers an economical and flexible option for deploying basic home, SMB or even enterprise networking. These open source products deliver simple routing and networking features, like DHCP and DNS. Plus, they are combined with security functionality, starting with a basic firewall and possibly including antivirus, antispam and Web filtering.To read this article in full or to leave a comment, please click here(Insider Story)

Open source routers deliver low cost, flexibility

Economical and flexibleOpen source software offers an economical and flexible option for deploying basic home, SMB or even enterprise networking. These open source products deliver simple routing and networking features, plus they are combined with security functionality, starting with a basic firewall and possibly including antivirus, antispam and Web filtering. These products can be downloaded and deployed on your own hardware, on a virtual platform, or in the cloud. Many of them sell pre-configured appliances as well. We reviewed five products: ClearOS, DD-WRT, pfSense, Untangle and ZeroShell. We found that ClearOS, pfSense, and Untangle could be appropriate for home use all the way up to the enterprise environment.To read this article in full or to leave a comment, please click here

Review: 5 open source alternatives for routers/firewalls

Open source software offers an economical and flexible option for deploying basic home, SMB or even enterprise networking. These open source products deliver simple routing and networking features, like DHCP and DNS. Plus, they are combined with security functionality, starting with a basic firewall and possibly including antivirus, antispam and Web filtering.These products can be downloaded and deployed on your own hardware, on a virtual platform, or in the cloud. Many of them sell pre-configured appliances as well if you like their feature-set or support, but don’t want to build your own machine.We reviewed five products: ClearOS, DD-WRT, pfSense, Untangle and ZeroShell. We found that ClearOS, pfSense, and Untangle could be appropriate for home use all the way up to the enterprise environment.To read this article in full or to leave a comment, please click here(Insider Story)

5 open source alternatives for routing/firewall

Economical and flexibleOpen source software offers an economical and flexible option for deploying basic home, SMB or even enterprise networking. These open source products deliver simple routing and networking features, plus they are combined with security functionality, starting with a basic firewall and possibly including antivirus, antispam and Web filtering. These products can be downloaded and deployed on your own hardware, on a virtual platform, or in the cloud. Many of them sell pre-configured appliances as well. We reviewed five products: ClearOS, DD-WRT, pfSense, Untangle and ZeroShell. We found that ClearOS, pfSense, and Untangle could be appropriate for home use all the way up to the enterprise environment.To read this article in full or to leave a comment, please click here

New products of the week 9.12.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Basic OOB Reboot Solution for 240 VACKey features: An economical solution for controlling remote 240 VAC reboot and power control functions at remote network equipment sites. Features dual 20 Amp power inlets and eight switched IEC-C13 power outlets. More info.To read this article in full or to leave a comment, please click here

IBM cloud chief: The next phase of cloud is a race to add value

At 105 years old, IBM has been through more than a few major technology transformations. Arguably, none is bigger than the current retooling of the company around cloud computing – an effort overseen by Robert LeBlanc, senior vice president, IBM Cloud. LeBlanc says IT leaders and business executives aren’t caught up in Wall Street’s worries over IBM’s revenue declines or the pace of the cloud transformation. BB: Is your sales force fully onboard with selling those cloud services versus the traditional on-premise offerings? What have you done to incent the sales force to make that shift? BB: Partnerships seem to be another important part of your strategy. You have an expanded partnership with VMware that you spoke about at VMworld. You have a partnership with Workday. Can you explain the overall partner strategy for advancing the cloud position and what should customers expect in the way of future partnerships?To read this article in full or to leave a comment, please click here(Insider Story)

What’s the testimonial of passwords?

In this case described by Orin Kerr, the judge asks if entering a password has any testimonial other than "I know the password". Well, rather a lot. A password is content. While it's a foregone conclusion that this encrypted drive here in this case belongs to the suspect, the password may unlock other things that currently cannot be tied to the suspect. Maybe the courts have an answer to this problem, but in case they haven't, I thought I'd address this from a computer-science point of view.


Firstly, we have to address the phrasing of entering a password, rather than disclosing the password. Clearly, the court is interested in only the content of the disk drive the password decrypts, and uninterested in the password itself. Yet, entering a password is the same as disclosing it. Technically, there's no way to enter a password in such a way that it can't be recorded. I don't know the law here, and whether courts would protect this disclosure, but for the purposes of this blog post, "entering" is treated the same as "disclosing".

Passwords have content. This paper focuses on one real, concrete example, but let's consider some hypothetical cases first.

Continue reading

iPhone 8 rumor rollup: Yes, already

With the Apple iPhone 7 and 7 Plus now officially old news before they are even available, it's on to iPhone 8.At least according to so many headlines:*Fortune: "Many looking past iPhone 7 to next year's iPhone 8"*MacRumors: "Apple still working to perfect wireless charging technology for 'iPhone 8'"*NBC News: "Should you wait... for the iPhone 8?"To read this article in full or to leave a comment, please click here

How to use Ansible ios_config to configure devices

A lot of new networking modules were released as part of Ansible 2.1. The Cisco IOS, IOS XR, NXOS, Junos and Arista EOS platforms got three common modules, the platform_config, platform_command and platform_template. The command and template modules more or less explains themselves. The config modules have some more tricks to them and I’ve gotten a few questions about how they work. In this article I’m going to focus on the ios_config module and show how you can use it to configure Cisco IOS devices. Future version of Ansible will add more parameters, this article is for Ansible 2.1.

Continue reading

How to use Ansible ios_config to configure devices

A lot of new networking modules were released as part of Ansible 2.1. The Cisco IOS, IOS XR, NXOS, Junos and Arista EOS platforms got three common modules, the platform_config, platform_command and platform_template. The command and template modules more or less explains themselves. The config modules have some more tricks to them and I’ve gotten a few questions about how they work. In this article I’m going to focus on the ios_config module and show how you can use it to configure Cisco IOS devices. Future version of Ansible will add more parameters, this article is for Ansible 2.1.
Continue reading

Krebs’ site under attack after alleged owners of DDoS-for-hire service were arrested

After security journalist Brian Krebs exposed the DDoS-for-hire service, vDOS, and the alleged owners of the service were arrested, a massive attack was launched against the Krebs on Security site.Last Thursday, Krebs wrote about vDOS and the two 18-year-old Israeli hackers running the DDoS attack service. In the past two years, the duo launched over 150,000 attacks and made at least $618,000. vDOS had been hacked and Krebs had obtained a copy of the vDOS database.vDOS had paying subscribers with the cost depending upon how many seconds the DDoS attack lasted. Krebs reported, “In just four months between April and July 2016, vDOS was responsible for launching more than 277 million seconds of attack time, or approximately 8.81 years’ worth of attack traffic.”To read this article in full or to leave a comment, please click here

Krebs’ site under attack after alleged owners of DDoS-for-hire service were arrested

After security journalist Brian Krebs exposed the DDoS-for-hire service, vDOS, and the alleged owners of the service were arrested, a massive attack was launched against the Krebs on Security site.Last Thursday, Krebs wrote about vDOS and the two 18-year-old Israeli hackers running the DDoS attack service. In the past two years, the duo launched over 150,000 attacks and made at least $618,000. vDOS had been hacked and Krebs had obtained a copy of the vDOS database.vDOS had paying subscribers with the cost depending upon how many seconds the DDoS attack lasted. Krebs reported, “In just four months between April and July 2016, vDOS was responsible for launching more than 277 million seconds of attack time, or approximately 8.81 years’ worth of attack traffic.”To read this article in full or to leave a comment, please click here

Eero, my Wi-Fi hero

Getting really good Wi-Fi coverage is hard in most buildings unless you can place your access point in the center of the building and the building doesn’t have lots of metal in it to distort and attenuate the signal. A cheap solution is to use a range extender to improve the reach of your Wi-Fi but, unfortunately, many of these products use a single radio to repeat the signal which results in reduced bandwidth. There is, however, a better way: Eero, a company that’s been shipping their eponymously named product for just over a year, have the best solution I’ve tested so far. The eero system (I must note here that the company and devices are named after the architect Eero Saarinen, famous for his clean, sophisticated design aesthetic, and Eero writes the device’s name in the style of e.e. cummings: all lower case, thus “eero”) creates a mesh network, each node having two radios so that they can send and receive simultaneously using adaptive routing to maximize throughput. The product really is nicely designed with the same kind of polished look and feel that characterizes Apple’s products (in fact, the design strikes me a much like the Continue reading

Eero, my Wi-Fi hero

Getting really good Wi-Fi coverage is hard in most buildings unless you can place your access point in the center of the building and the building doesn’t have lots of metal in it to distort and attenuate the signal. A cheap solution is to use a range extender to improve the reach of your Wi-Fi but, unfortunately, many of these products use a single radio to repeat the signal which results in reduced bandwidth. There is, however, a better way: Eero, a company that’s been shipping their eponymously named product for just over a year, have the best solution I’ve tested so far. The eero system (I must note here that the company and devices are named after the architect Eero Saarinen, famous for his clean, sophisticated design aesthetic, and Eero writes the device’s name in the style of e.e. cummings: all lower case, thus “eero”) creates a mesh network, each node having two radios so that they can send and receive simultaneously using adaptive routing to maximize throughput. The product really is nicely designed with the same kind of polished look and feel that characterizes Apple’s products (in fact, the design strikes me a much like the Continue reading

Down with idiotic disclaimer footers and dumb surveys!

How often do you receive an email message with a footer like this: The contents are not to be disclosed to anyone other than the addressee. Unauthorised recipients must preserve this confidentiality and should please advise the sender immediately of any error in transmission. This gem of pseudo-legal nonsense is from a message that I did not solicit and is the work of eDigitalResearch.com at the behest of ”The Expedia Customer Experience Team." At some point, someone in either or both organizations must have thought this footer was necessary which is curious because the serious, weighty, highly private content in the message was a customer satisfaction survey addressed to me. Was this, you might be wondering, a very personalized survey with, perhaps, sensitive, personal data included? Nope, and here, at the very slight risk of their dogs of law snapping at me, is the message that had the above footer appended:To read this article in full or to leave a comment, please click here

ISSU Upgrade of Cisco Catalyst 6880-X VSS Cluster and 6800ia FEX extenders

How does Internet work - We know what is networking

I wrote all the details about ISSU procedure steps and explained each step extensively. For a shorter update procedure guide check abbreviated article: Short list of upgrade steps without extensive explanations “Cisco Catalyst 6880-X VSS ISSU Upgrade Steps“ Intro Cisco spoiled us over the years with great and detailed documentation on each technology and hardware component they support. Still, I managed to find a part where documentation is not detailed enough to give you definite number of steps to get things done. While preparing for software upgrade of Cisco Catalyst 6880-X VSS cluster I stumbled on one of the first examples of

ISSU Upgrade of Cisco Catalyst 6880-X VSS Cluster and 6800ia FEX extenders

1 2,721 2,722 2,723 2,724 2,725 3,883