CHI-NOG 2016

I’ll be speaking at the Chicago Network Operator’s Group (CHI-NOG) 2016 on the 12th of May 2016 on BGP security. As we come closer to what we’re actually going to deploy to make BGP more secure, I can come closer to describing it in the talks I give. Feel free too ping me if you’re going to be there.

The post CHI-NOG 2016 appeared first on 'net work.

Intel to ship thumb-sized Compute Sticks with Skylake chips in late April

If you've been waiting patiently for Intel's new Compute Sticks with Skylake chips, there's good news: Those thumb-sized PCs will start shipping on April 29.The three Compute Sticks, which have Intel's Core M3 and M5 chips, can turn a TV or display with an HDMI port into a PC. All you need to do is plug the Compute Stick into the HDMI port.These new Compute sticks were announced in January at CES. Starting at US $299, the Skylake-based Compute Sticks aren't priced as low as older models but pack the processing power of lightweight laptops.The benefits of Compute Sticks are still debated. These computers rate high in portability but have memory, storage, and port limitations. Users also need to lug around a wireless keyboard and mouse.To read this article in full or to leave a comment, please click here

Zuckerberg teases Aries and Terragraph projects to expand data networks

Facebook plans to unveil two projects on Wednesday that promise to improve Internet connectivity for users in cities and urban areas. The two, called Aries and Terragraph, will be detailed at its F8 conference in San Francisco, CEO Mark Zuckerberg said on Tuesday. Together, they represent an extension of Facebook's connectivity efforts that so far have been most closely identified with Aquila, a high-flying drone designed by the company to beam down an Internet signal to remote areas. Getting people online and keeping them connected is key to Facebook's expansion plans. After all, it won't be able to persuade new users to come to its services if the Internet connection isn't reliable.To read this article in full or to leave a comment, please click here

Facebook’s Zuckerberg takes shot at Donald Trump

Mark Zuckerberg, co-founder and CEO of Facebook, used his keynote speech at the company's annual developer conference today to take on Republican presidential front-runner Donald Trump.As Zuckerberg took the stage, he briefly mentioned what the audience of about 8,000 developers, analyst and press expected -- virtual reality and artificial intelligence.Then his speech quickly took a different turn and, without mentioning Trump by name, Zuckerberg took on the controversial businessman and his campaign platform.+ ALSO: Donald Trump vs. Steve Jobs: The tale of two con artists +To read this article in full or to leave a comment, please click here

50% off Tripp Lite Rotatable Outlet Surge Protector Power Strip – Deal Alert

If you're in the market for a full featured power strip with surge-protection, this model from Tripp Lite may be worth reviewing, especially given the current 50% discount. The TLP608RUSBB averages 4.5 out of 5 stars from nearly 600 customers (browse reviews). With a list price of $54, you can purchase now via Amazon for just $27.12.The strip is mountable, and its 6 outlets are rotatable, so it can be placed anywhere and each cord is conveniently free to run in its own direction. Also convenient is its 8 foot long cord and 2 built-in USB charging ports. The most critical spec though may be the AC surge protection which guards against voltage spikes, and comes backed by a lifetime warranty and $50,000 Ultimate Lifetime Insurance for any connected components damaged by a power surge.To read this article in full or to leave a comment, please click here

Failover Mechanism Part-2

Dual POP Dual last mile Dual CE (DPDLDC)
This is second post related to fail over Mechanism ,In first post we have configured IP SLA to track the Primary link.Here we won’t be configuring track but will be having IBGP configured between CPE-1 and CPE-2. It’s topology is also Dual POP Dual last mile Dual CE (DPDLDC).It provides redundancy both  for WAN connectivity as well as LAN connectivity.

Here we will be controlling the Traffic from CPE. ISP is very much transparent and is not influencing traffic in this scenario.

 Topology.
Here we wont’t track the WAN IP as in fail over Mechanism in last post but will have IBGP running between CPE-1 and CPE-2
Failover Mechanism —
1. Outgoing Traffic from CPE wan is controlled using Local-Preference (Higher LP preferred)
2. Incoming traffic to CPE is controlled using AS Path Prepend attribute of BGP at secondary( lower as path count , better path)
Normal Scenario
================
Primary WAN link is up .HSRP running on CPE-1 towards LAN is active state. CPE-1 has routes to other location from both EBGP and IBGP but will be preferred via PE1 (High Local Preference configured ).Whereas AS prepend is configured on CPE-2 Continue reading

FBI offers $25k reward for Andy Warhol Campbell’s Soup painting heist

The FBI today said it was offering a reward of up to $25,000 for information leading to the recovery of seven Andy Warhol paintings stolen from the Springfield Art Museum in Springfield, Missouri.+More on Network World: Want a meteorite? Christie’s set to auction unique space rocks+The collection, which has been owned by the Springfield Art Museum since 1985, is set number 31 of the Campbell’s Soup I collection and is valued at approximately $500,000. Each painting in the screen print collection measures 37 inches high by 24.5 inches wide and framed in white frames, the FBI stated. The FBI says that seven of 10 Andy Warhol paintings Campbell’s Soup I collection, made in 1968, were taken.To read this article in full or to leave a comment, please click here

FBI offers $25k reward for Andy Warhol Campbell’s Soup painting heist

The FBI today said it was offering a reward of up to $25,000 for information leading to the recovery of seven Andy Warhol paintings stolen from the Springfield Art Museum in Springfield, Missouri.+More on Network World: Want a meteorite? Christie’s set to auction unique space rocks+The collection, which has been owned by the Springfield Art Museum since 1985, is set number 31 of the Campbell’s Soup I collection and is valued at approximately $500,000. Each painting in the screen print collection measures 37 inches high by 24.5 inches wide and framed in white frames, the FBI stated. The FBI says that seven of 10 Andy Warhol paintings Campbell’s Soup I collection, made in 1968, were taken.To read this article in full or to leave a comment, please click here

Worth Reading: Intel and the Network Arms Race

Networking is undergoing a huge transformation. Software is surely a huge driver for enabling technology to grow by leaps and bounds and increase functionality. But the hardware underneath is growing just as much. We don’t seem to notice as much because the port speeds we deal with on a regular basis haven’t gotten much faster than the specs we read about years go. But the chips behind the ports are where the real action is right now.

The post Worth Reading: Intel and the Network Arms Race appeared first on 'net work.

Microsoft rated 6 of 13 security updates as critical, Badlock bug fix rated important

For April 2016 Patch Tuesday, Microsoft released 13 security bulletins, with six being rated as critical for remote code execution flaws and the patch for Badlock being among those rated only as important.CriticalMS16-037 is the cumulative fix for Internet Explorer. While most of the vulnerabilities being patched have not been publicly disclosed, the DLL loading RCE bug has been.MS16-038 is the monthly cumulative security update for Microsoft’s Edge browser to stop attackers from achieving RCE when a user visits a specially crafted webpage via Edge. The patch modifies how Edge handles objects in memory, as well as ensures cross-domain policies are properly enforced.To read this article in full or to leave a comment, please click here

Microsoft rated 6 of 13 security updates as critical, Badlock bug fix rated important

For April 2016 Patch Tuesday, Microsoft released 13 security bulletins with six being rated as critical for remote code execution flaws and the patch for Badlock being among those rated only as important.CriticalMS16-037 is the cumulative fix for Internet Explorer. While most of the vulnerabilities being patched have not been publicly disclosed, the DLL loading RCE bug has been.MS16-038 is the monthly cumulative security update for Microsoft’s Edge browser to stop attackers from achieving RCE when a user visits a specially crafted webpage via Edge. The patch modifies how Edge handles objects in memory as well as ensures cross-domain policies are properly enforced.To read this article in full or to leave a comment, please click here

Patching BADLOCK with Ansible

If you've been following recent security news, you may have heard of the Badlock vulnerability in the protocols used by the Microsoft Windows Active Directory infrastructure. This vulnerability could lead to a man-in-the-middle attacker intercepting traffic between a client and the Active Directory server, and then impersonating the client, gaining unauthorized access to resources.

Thanks to Ansible, however, patching your systems doesn't have to be complicated.

Here’s a sample playbook for Red Hat/Fedora/CentOS and Debian/Ubuntu systems

- hosts: all
  gather_facts: true
  become_method: sudo
  become_user: root
  vars:
    service_name:
      'Debian': 'smbd'
      'RedHat': 'smb'

  tasks:
    - name: check samba version
      shell: dpkg -l | grep -q samba
      when: ansible_os_family == 'Debian'
      register: samba_installed
      ignore_errors: True

    - name: update samba from apt if installed
      apt:
        name: samba
        state: latest
        update_cache: yes
      when: ansible_os_family == 'Debian' and samba_installed.rc == 0
      notify: restart_samba

    - name: check samba version
      shell: rpm -q samba
      when: ansible_os_family == 'RedHat'
      register: samba_installed
      ignore_errors: True

    - name: update samba from yum if installed
      yum:
        name: samba
        state: latest
        update_cache: yes
      when: ansible_os_family == 'RedHat' and samba_installed.rc == 0
      notify: restart_samba

  handlers:
    - name: restart_samba
      service:
        name: "{{  Continue reading

Political statements largely behind DDoS attacks

Countries around the world from Estonian and Ukraine to China, Russia, and the US have been the target of DDoS attacks, many of which are politically motivated. Criminals aren't necessarily looking to steal data or other assets as much as they are intending to make a very powerful statement.According to Nexusguard’s Q4 2015 threat report, attacks on Turkey skyrocketed ten-fold to more than 30,000 events per day, surpassing the thousands of attacks on other popular targets like China and the U.S. The attacks, targeting Turkish IP addresses, contributed to a big increase in DNS attacks, outweighing other popular NTP and CHARGEN methods by 183 percent.To read this article in full or to leave a comment, please click here

Political statements largely behind DDoS attacks

Countries around the world from Estonian and Ukraine to China, Russia, and the US have been the target of DDoS attacks, many of which are politically motivated. Criminals aren't necessarily looking to steal data or other assets as much as they are intending to make a very powerful statement.According to Nexusguard’s Q4 2015 threat report, attacks on Turkey skyrocketed ten-fold to more than 30,000 events per day, surpassing the thousands of attacks on other popular targets like China and the U.S. The attacks, targeting Turkish IP addresses, contributed to a big increase in DNS attacks, outweighing other popular NTP and CHARGEN methods by 183 percent.To read this article in full or to leave a comment, please click here

Intel on the cheap: Chip maker ships $15 IoT developer board

At US$15, the Quark Microcontroller Developer Kit D2000 is perhaps the least expensive computer Intel has ever shipped.The single-board computer has all the components mashed onto a tiny circuit board. It can be used to develop gadgets, wearables, home automation products, industrial equipment and other Internet of Things products.Developers could also use the computer to hook up sensors for temperature, light, sound, weather and distance to devices.The developer board is now available from Mouser Electronics. It will also be available from Avnet, according to Intel.To read this article in full or to leave a comment, please click here

How Verizon finds IoT innovation outside its four walls

Verizon Ventures says that while consumer Internet of Things startups were all the rage in 2014 and continue to be popular among investors, enterprise IoT newcomers have become even hotter properties among venture capitalists over the past two years, with enterprise IoT investment expected to double or triple that of consumer IoT in 2016.Verizon’s investment arm has been among those outfits targeting enterprise IoT, with investments in startups such as Filament and Veniam, which focus on industrial networks and connected vehicles, respectively.To read this article in full or to leave a comment, please click here

10 Internet of Things companies to watch

It’s good to be an Internet of Things startup these days. Cisco forked over $1.4B for IoT platform provider Jasper in February.  Nokia Growth Partners has raised a $350 million IoT-focused investment fund. And IoT startups are pulling in tens of millions in venture funding.Verizon, in its new “State of the Market: Internet of Things 2016” report, states that its venture arm estimates that while consumer-oriented IoT firms pulled in 15% more funding than enterprise-focused ones in 2014, it is enterprise IoT startups that are now raking in the big bucks. Verizon Ventures says enterprise IoT startups attracted 75% more funding than consumer IoT upstarts last year and that enterprise IoT startups are expected to grab 2 to 3 times as much funding as their consumer counterparts this year.To read this article in full or to leave a comment, please click here

How Verizon finds IoT innovation outside its four walls

Verizon Ventures says that while consumer Internet of Things startups were all the rage in 2014 and continue to be popular among investors, enterprise IoT newcomers have become even hotter properties among venture capitalists over the past two years, with enterprise IoT investment expected to double or triple that of consumer IoT in 2016.Verizon’s investment arm has been among those outfits targeting enterprise IoT, with investments in startups such as Filament and Veniam, which focus on industrial networks and connected vehicles, respectively.To read this article in full or to leave a comment, please click here

What should IETF “standard track” actually mean?

This post is going to be a little off the beaten path, but it might yet be useful for folks interested in the process of standardization through the IETF.

Last week, at the IETF in Buenos Aires, a proposal was put forward to move the IPv4 specifications to historic status. Geoff Huston, in his ISP column, points out the problem with this sort of thing—

As one commenter in the Working Group session pointed out, declaring IPv4 “Historic” would likely backfire and serve no better purpose other than exposing the IETF to ridicule. And certainly there is some merit in wondering why a standards body would take a protocol specification used by over 3 billion people, and by some estimated 10 billion devices each and every day and declare it to be “Historic”. In any other context such adoption figures for a technology would conventionally be called “outstandingly successful”!

The idea to push IPv4 to historic is, apparently, an attempt to move the market, in a sense. If it’s historic, then the market won’t use it, or will at least move away from it.

Right.

Another, similar, line of thinking came up at the mic during a discussion around whether Continue reading

Micron Enlists Allies For Datacenter Flash Assault

If component suppliers want to win deals at hyperscalers and cloud builders, they have to be proactive. They can’t just sit around and wait for the OEMs and ODMs to pick their stuff like a popularity contest. They have to engineer great products with performance and then do what it takes on price, power, and packaging to win deals.

This is why memory maker Micron Technology is ramping up its efforts to get its DRAM and flash products into the systems that these companies buy, and why it is also creating a set of “architected solutions” focused on storage that …

Micron Enlists Allies For Datacenter Flash Assault was written by Timothy Prickett Morgan at The Next Platform.