DNS Zombies

It seems that some things just never die, and this includes DNS queries. In a five month experiment encompassing the detailed analysis of some 44 billion DNS queries we find that one quarter of these DNS queries are zombies - queries that have no current user awaiting the response, and instead are echoes of previous queries. What is causing these zombies? Are we seeing deranged DNS resolvers that maniacally re-query the same questions and never accept the answer. Or is this something slightly more sinister and are we seeing evidence of widespread DNS stalking and shadowing? Let's find out.

General – How to Build a Network Pt.2

In the previous post I talked about why you should build a network of people to both help you in your career and to improve your own skillset. How does one build this network of people?

There are endless ways of building a network and the ways I describe here are based on my personal experience. That said, I do believe that there are some common factors regardless of what approach you take.

Interacting in Forums – There are a lot of forums available, forums for Cisco Learning Network, Cisco Support Community, training vendor forums, product forums, vendor forums. These are often the best resources for getting help on a product and finding those golden nuggets of information that are not always available from the official documentation. There are often very skilled and experienced people in these forums answering posts and writing posts. Try to contribute to the forums and to learn from them and start interacting with these people. Many forums have some form of ranking which makes it easier to spot the people that are the most active on the forums.

I started writing a lot on CLN several years ago and that has been very benificial for Continue reading

Worth Reading: Free market needs some sunshine

This week is Sunshine Week, and lots of people are writing about government transparency, which is very important. From federal agencies stiff-arming Freedom of Information Act requests, to government agencies punishing whistleblowers, to the Obama Administration’s new record in withholding public information, there’s a lot to talk about. But it’s not just the government that matters. Plenty of private companies that deal with the public could do better with transparency than they do, and they’d be a lot more trusted if they did. The question is whether they care more about being trusted, or about what they can get away with. At the moment, it’s looking as if they’re more concerned with the latter. -via USA Today

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: Free market needs some sunshine appeared first on 'net work.

With IBM, you’re licensing at full-capacity if you don’t have ILMT

There is no downside to a licensing model where you only pay for what you’re actually using and have the ability to increase or decrease licensing. This is what makes the IBM sub-capacity licensing model so attractive.

The advantages of IBM’s sub-capacity licensing model are obvious, but the misinterpretations and misunderstanding of how to deploy sub-capacity happens frequently. In fact, I would say three out of five clients we work with start out saying they are using sub-capacity licensing when in reality they are using full-capacity licenses.

Your enterprise is always at full-capacity with IBM unless the appropriate steps are taken to change that status to sub-capacity IBM licensing. With few exceptions, IBM will consider an organization at full-capacity unless IBM License Metric Tool (ILMT) is implemented. What does this mean? If ILMT hasn’t been implemented, IBM doesn’t recognize your right to license at sub-capacity and will, in fact, view the organization’s license metrics as a full-capacity IBM licensing model. Under full-capacity licensing, you must license all active, physical processors in the server versus sub-capacity licensing where you pay for the virtual cores allocated.

To read this article in full or to leave a comment, please click here

CAP Theorem and Routing

In 2000, Eric Brewer was observing and discussing the various characteristics of database systems. Through this work, he observed that a database generally has three characteristics—

  • Consistency, which means the database will produce the same result for any two readers who happen to read a value at the same moment in time.
  • Availability, which means the database can be read by any reader at any moment in time.
  • Partionability, which means the database can be partitioned.

Brewer, in explaining the relationship between the three in a 2012 article, says—

The easiest way to understand CAP is to think of two nodes on opposite sides of a partition. Allowing at least one node to update state will cause the nodes to become inconsistent, thus forfeiting C (consistency). Likewise, if the choice is to preserve consistency, one side of the partition must act as if it is unavailable, thus forfeiting A (availability).

The CAP theorem, therefore, represents a two out of three situation—yet another two out of three “set” we encounter in the real world, probably grounded someplace in the larger space of complexity. We’ll leave the relationship to complexity on the side for the moment, however, and just look at how Continue reading

New ransomware abuses Windows PowerShell, Word document macros

A new ransomware program written in Windows PowerShell is being used in attacks against enterprises, including health care organizations, researchers warn.PowerShell is a task automation and configuration management framework that's included in Windows and is commonly used by systems administrators. It has its own powerful scripting language that has been used to create sophisticated malware in the past.The new ransomware program, dubbed PowerWare, was discovered by researchers from security firm Carbon Black and is being distributed to victims via phishing emails containing Word documents with malicious macros, an increasingly common attack technique.To read this article in full or to leave a comment, please click here

10 big announcements from Google’s Cloud Conference

In San Francisco this week at Pier 48, overlooking the Giants’ AT&T Ballpark, Google Cloud Platform (GCP) executives are holding a user conference to introduce products and services they hope will help make the case for choosing Google in the cloud.Sam Charrington, a cloud and big data analyst and advisor, summed up Google executives’ pitch best this week on Twitter: “GCP exec team’s operating thesis: ‘Cloud’s not done. The industry’s just beginning the journey.”+MORE AT NETWORK WORLD: Is Google pushing the cloud envelope too far? +To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For March 25th, 2016


Did you know there's a field called computational aesthetics? Neither did I. It's cool though.

 

If you like this sort of Stuff then please consider offering your support on Patreon.

  • 51%: of billion-dollar startups founded by immigrants; 2.8 billion: Twitter metric ingestion service writes per minute; 1 billion: Urban Airship push notifications a day; 1.5 billion: Slack messages sent per month; 35 million: server nodes in the world; 10: more regions will be added to Google Cloud;  697 million: WeChat active monthly users; 

  • Quotable Quotes:
    • Dark Territory: When officials in the Air Force or the NSA neglected to let Microsoft (or Cisco, Google, Intel, or any number of other firms) know about vulnerabilities in its software, when they left a hole unplugged so they could exploit the vulnerability in a Russian, Chinese, Iranian, or some other adversary’s computer system, they also left American citizens open to the same exploitations—whether by wayward intelligence agencies or by cyber criminals, foreign spies, or terrorists who happened to learn about the unplugged hole, too. 
    • @xaprb: If you adopt a microservices architecture with 1000x more things to monitor, you should not expect your monitoring cost Continue reading

Worth Reading: The IANA transition so far

Since the creation of ICANN in 1998, the community has fervently supported this transition. For more than 10 years, APNIC and the RIR communities have actively advocated for the end of a special role by a single government. Here are some historical highlights of the last 10 years of the IANA stewardship transition from an APNIC and number community perspective. -via APNIC

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: The IANA transition so far appeared first on 'net work.

Brussels attacks reinforce that security is everybody’s problem

I’ve had some rather unusual security training over the years. One of my earliest jobs was in security and law enforcement, and my course of study in graduate and undergraduate school included covering some of the largest security disasters in corporate history. Oh, and I was an internal auditor leader for a time when we had a tight emphasis on security. And, I’ve actually been a body guard.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers One of the things I’ve learned is that security is as much a mindset as anything else. Whether you are talking about personal security or securing your firm or country it is a heads-up game. The most successful are those that are constantly looking for abnormalities and are willing to do what is necessary when they see one to discover if there is a problem. Those that simply depend on tools or others to keep them secure likely aren’t. While these folks may lead far less stressful lives, their sense of security is a sham.  To read this article in full or to leave a comment, please click here

Malware authors quickly adopt SHA-2 through stolen code-signing certificates

As the IT industry is working to phase out the aging SHA-1 hashing algorithm it's not just website owners and software developers who are scrambling to replace their digital certificates: Cybercriminals are following suit too.Researchers from Symantec have recently found new samples of the Carberp.B online banking Trojan that were digitally signed with not one, but two stolen certificates: one using a SHA-1 signature and one using a SHA-2 signature."It can be safely surmised that the malware author used certificates containing differing algorithms with the hope of thwarting detection," the Symantec researchers said in a blog post.To read this article in full or to leave a comment, please click here

France fines Google for not being forgetful enough

The French data protection authority has fined Google for failing to implement the so-called right to be forgotten as ordered.Last year, the French National Commission on Computing and Liberty (CNIL) decided that requests to have personal information delisted from search results should apply to all Google properties, not just those in European domains.Google had been removing results from searches performed on domains including google.co.uk and google.fr, but not from its main site, google.com, even though it is accessible from within the EU.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers The CNIL could have fined Google up to €300,000 (US$336,000) for failing to comply with its ruling, but in the end ordered the company to pay just €100,000.To read this article in full or to leave a comment, please click here

1 2,935 2,936 2,937 2,938 2,939 3,696