NetworkingNexus.net

Advantages of Using Generalized TTL Security Mechanism (GTSM) with EBGP

A few weeks ago I described why EBGP TCP packets have TTL set to one (unless you configured EBGP multihop). Although some people claim that (like NAT) it could be a security feature, it’s not a good one. Generalized TTL Security Mechanism (GTSM, described in RFC 5082) is much better.

Most BGP implementations set TTL field in outgoing EBGP packets to one. That prevents a remote intruder that manages to hijack a host route to an adjacent EBGP peer from forming a BGP session as the TCP replies get lost the moment they hit the first router in the path.

Advantages of Using Generalized TTL Security Mechanism (GTSM) with EBGP

Top 5 Cloud-Native Risks and Best Practices to Avoid Them

Malicious actors are taking advantage of a plethora of new opportunities in the cloud. Here are the top cloud-native risks and strategies for avoiding them.

Cloudflare’s Channel Partner Award winners of 2022

We are thrilled to announce Cloudflare’s worldwide 2022 Channel Partner Award winners. Each of these partner companies and individuals went above and beyond, demonstrating outstanding commitment to working closely with Cloudflare to build technical competencies and to deliver compelling, integrated security and performance solutions for customers around the globe.

This past year was another milestone year, with record-setting growth for Cloudflare and our partners. The Cloudflare Channel and Alliances Partner Program received the highest, 5-star rating in CRN’s Partner Program Guide. New customer bookings acquired through partners jumped over 28% year over year.

In June, we announced the Cloudflare One Partner Specialization, with tailored enablement and new partner go-to-market resources for Cloudflare One, our SASE solution which includes the industry’s first, 100% Cloud-native Zero Trust platform. More than 1,600 partner sellers and technical sellers have completed Cloudflare Zero Trust training courses, enabling them to deliver the most comprehensive security needed in today’s connect-from-anywhere economy.The Cloudflare Channel Partner Network contributed to the significant market traction we’ve seen for Cloudflare One, including partner-sourced pipeline for Cloudflare One growing 240% from Q1 through Q4 of 2022.

As organizations across industries and the public sector require a fast and secure path to Zero Continue reading

India set to announce its first semiconductor fab

By promoting local manufacturing, India can reduce its dependence on imports and increase its ability to withstand global supply chain disruptions.

Fujitsu To Fork Arm Server Chip Line To Chase Clouds

When it comes to chips, there is a big difference between a kicker and a fork. …

Fujitsu To Fork Arm Server Chip Line To Chase Clouds was written by Timothy Prickett Morgan at The Next Platform.

Palo Alto bolsters AI support in SASE, SD-WAN products

Palo Alto Networks has added a variety of new features to its SASE and SD-WAN packages to help enterprises streamline network operations and better secure distributed WAN resources.The updates center around new automation capabilities in Palo Alto’s Prisma SASE, IoT support for its Prisma SD-WAN, and a new connector for its zero-trust offering. Coined by research firm Gartner, secure access service edge (SASE) refers to a network architecture that integrates SD-WAN and security functionality in a unified cloud service.To read this article in full, please click here

Sending Slack Messages with Python

Here’s a quick summary of what we’ve talked about in the last few posts — all with Python.

We’ve asked Netbox to provide some info using pynetbox.
We’ve added stuff to Netbox using pynetbox.
We’ve updated and deleted stuff in Netbox using pynetbox.
We’ve logged our messages with Python logging.

This is all fine and dandy, but I would guess that you’re not the only engineer in the company and production maintenance scripts don’t run off of your laptop. We need a way to let a group of people know what’s happening when one of your scripts is run. And please don’t say email. Email has been worthless for alerting for over a decade, and there are better ways to do it. Search your feelings…you know it to be true!

At this point, we all have some magic messaging tool that someone in upper management decided we needed. There are others out there, but I would guess that the majority of companies are using Microsoft Teams or Slack with some Webex Teams sprinkled in there. These are great tools with lots of features and are probably not yet overused to point of making users ignore the messages, so they are Continue reading

Sending Slack Messages with Python

Here’s a quick summary of what we’ve talked about in the last few posts — all with Python.

We’ve asked Netbox to provide some info using pynetbox.
We’ve added stuff to Netbox using pynetbox.
We’ve updated and deleted stuff in Netbox using pynetbox.
We’ve logged our messages with Python logging.

Dell offers bare metal cloud via colocation

A new deal between Dell and colocation services provider Cyxtera will enable enterprises to access Dell’s PowerEdge infrastructure for bare-metal deployments in Cyxtera facilities.“Bare metal” cloud services means you get the hardware with no software loaded. Typically, a cloud services provider offers an operating system, usually Linux, and accompanying infrastructure. With bare metal, you just get CPU cores, memory, networking and storage but no OS. You provide your own environment.Under the deal, enterprises will be able to deploy Dell hardware through Cyxtera’s enterprise bare-metal service, an on-demand offering that connects an enterprise’s existing on-premises infrastructure with the colocation environment.To read this article in full, please click here

Dell offers bare metal cloud via colocation

Day Two Cloud 186: A Day In The Life Of A Sales Engineer With Pete Robertson

Today's Day Two Cloud episode gets into sales engineering. IT pros may look down on sales for not being a strictly technical discipline, but it turns out there's more overlap between an engineer and a sales engineer than you might think. Both have to solve problems, understand requirements, and design and deliver outcomes. Our guest is Pete Robertson, a sales engineer for a value-added reseller.

Day Two Cloud 186: A Day In The Life Of A Sales Engineer With Pete Robertson

The post Day Two Cloud 186: A Day In The Life Of A Sales Engineer With Pete Robertson appeared first on Packet Pushers.

Using the at command to schedule tasks on Linux

To schedule a command or script to run at some particular time, the at command is perfect and provides many options for specifying the time you want it to run. It will set the task up to be run whenever you specify, and you can view the scheduled tasks or even change your mind and cancel one of them as you see fit.The at command differs from cron in that it sets up a command or script to run only once, while cron allows you to set up commands or scripts to be run on a specified schedule – whether every day, once a week, a couple times a month or even just once a year.at command syntax Using the at command is relatively easy, though it has a lot of options, particularly on how you specify the time a task should be run. If you specify a time like shown below, the task will be set up to be run the next time you reach 15:27 (3:27 PM), whether that's today or tomorrow.To read this article in full, please click here

Using the at command to schedule tasks on Linux

Announcing WAF Attack Score Lite and Security Analytics for business customers

In December 2022 we announced the general availability of the WAF Attack Score. The initial release was for our Enterprise customers, but we always had the belief that this product should be enabled for more users. Today we’re announcing “WAF Attack Score Lite” and “Security Analytics” for our Business plan customers.

Looking back on “What is WAF Attack Score and Security Analytics?”

Vulnerabilities on the Internet appear almost on a daily basis. The CVE (common vulnerabilities and exposures) program has a list with over 197,000 records to track disclosed vulnerabilities.

That makes it really hard for web application owners to harden and update their system regularly, especially when we talk about critical libraries and the exploitation damage that can happen in case of information leak. That’s why web application owners tend to use WAFs (Web Application Firewalls) to protect their online presence.

Most WAFs use signature-based detections, which are rules created based on specific attacks that we know about. The signature-based method is very fast, has a low rate of false positives (these are the requests that are categorized as attack when they are actually legitimate), and is very efficient with most of the attack categories we know. However, Continue reading

Analyze any URL safely using the Cloudflare Radar URL Scanner

One of the first steps in an information security investigation is to gather as much context as possible. But compiling that information can become a sprawling task.

Cloudflare is excited to announce early access to a new, free tool — the Radar URL Scanner. Provide us a URL, and our scanner will compile a report containing a myriad of technical details: a phishing scan, SSL certificate data, HTTP request and response data, page performance data, DNS records, whether cookies are set to secure and HttpOnly, what technologies and libraries the page uses, and more.

Let’s walk through a report on John Graham-Cumming’s blog as an example. Conveniently, all reports generated will be publicly accessible.

The first page is the summary tab, and you’ll see we’ve broken all the available data into the following categories: Security, Cookies, Network, Technology, DOM, and Performance. It’s a lot of content so we will jump through some highlights.

In the Summary tab itself, you’ll notice the submitted URL was https://blog.jgc.org. If we had received a URL short link, the scanner would have followed the redirects and generated a report for the final URL.

The Security tab presents information to help determine whether a Continue reading

Using the power of Cloudflare’s global network to detect malicious domains using machine learning

Cloudflare secures outbound Internet traffic for thousands of organizations every day, protecting users, devices, and data from threats like ransomware and phishing. One way we do this is by intelligently classifying what Internet destinations are risky using the domain name system (DNS). DNS is essential to Internet navigation because it enables users to look up addresses using human-friendly names, like cloudflare.com. For websites, this means translating a domain name into the IP address of the server that can deliver the content for that site.

However, attackers can exploit the DNS system itself, and often use techniques to evade detection and control using domain names that look like random strings. In this blog, we will discuss two techniques threat actors use – DNS tunneling and domain generation algorithms – and explain how Cloudflare uses machine learning to detect them.

Domain Generation Algorithm (DGA)

Most websites don’t change their domain name very often. This is the point after all, having a stable human-friendly name to be able to connect to a resource on the Internet. However, as a side-effect stable domain names become a point of control, allowing network administrators to use restrictions on domain names to enforce policies, for example Continue reading

Detecting API abuse automatically using sequence analysis

Today, we're announcing Cloudflare Sequence Analytics for APIs. Using Sequence Analytics, Customers subscribed to API Gateway can view the most important sequences of API requests to their endpoints. This new feature helps customers to apply protection to the most important endpoints first.

What is a sequence? It is simply a time-ordered list of HTTP API requests made by a specific visitor as they browse a website, use a mobile app, or interact with a B2B partner via API. For example, a portion of a sequence made during a bank funds transfer could look like:

Order	Method	Path	Description
1	GET	/api/v1/users/{user_id}/accounts	user_id is the active user
2	GET	/api/v1/accounts/{account_id}/balance	account_id is one of the user’s accounts
3	GET	/api/v1/accounts/{account_id}/balance	account_id is a different account belonging to the user
4	POST	/api/v1/transferFunds	Containing a request body detailing an account to transfer funds from, an account to transfer funds to, and an amount of money to transfer

Why is it important to pay attention to sequences for API security? If the above API received requests for POST /api/v1/transferFunds without any of the prior requests, it would Continue reading

Automatically discovering API endpoints and generating schemas using machine learning

Cloudflare now automatically discovers all API endpoints and learns API schemas for all of our API Gateway customers. Customers can use these new features to enforce a positive security model on their API endpoints even if they have little-to-no information about their existing APIs today.

The first step in securing your APIs is knowing your API hostnames and endpoints. We often hear that customers are forced to start their API cataloging and management efforts with something along the lines of “we email around a spreadsheet and ask developers to list all their endpoints”.

Can you imagine the problems with this approach? Maybe you have seen them first hand. The “email and ask” approach creates a point-in-time inventory that is likely to change with the next code release. It relies on tribal knowledge that may disappear with people leaving the organization. Last but not least, it is susceptible to human error.

Even if you had an accurate API inventory collected by group effort, validating that API was being used as intended by enforcing an API schema would require even more collective knowledge to build that schema. Now, API Gateway’s new API Discovery and Schema Learning features combine to automatically Continue reading

« Previous 1 … 295 296 297 298 299 … 3,804 Next »