Pica8 overcomes white box obstacles

The evolution to software defined networking (SDN) is well underway. ZK Research (I am an employee of ZK Research) shows that almost 80% of organizations are interested in the topic, although fewer than 10% have actually deployed the technology. This means there are a huge number of organizations trying to understand the best way to deploy SDN. One such way is to leverage the cost benefits of a white box switch with some sort of standards-based technology such as OpenFlow. Low cost hardware, industry standards and a few best practices should make for a relatively straightforward deployment. Not so fast. Not all white boxes are created equal. While all white box switches do offer compelling economics, they are known to have some performance issues. White box switches deployed as a top of rack (ToR) need handle tens of thousands of flows.To read this article in full or to leave a comment, please click here

Worth Reading: Data is a toxic asset

Our Internet search data reveals what’s important to us, including our hopes, fears, desires and secrets. Communications data reveals who our intimates are, and what we talk about with them. I could go on. Our reading habits, or purchasing data, or data from sensors as diverse as cameras and fitness trackers: All of it can be intimate. Saving it is dangerous because many people want it. -via Schneier on Security

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Reading: Data is a toxic asset appeared first on 'net work.

The Design Mindset (1)

How does a network designer, well, actually design something? What process do you use as a designer to get from initial contact with a problem to building a new design to deploying a solution? What is the design mindset? I’ve been asking myself just this question these last few months, going through old documentation to see if I can find a pattern in my own thinking that I could outline in a way that’s more definite than just “follow my example.” What I discovered is my old friends the OODA loop and the complexity model are often in operation.

So, forthwith, a way to grab hold of a designer mindset, played out in an unknown number of posts.

Begin with observe. Observation is the step we often skip, because we’ve either worked on the network for so long “we don’t need to,” or we’re “so experienced we know what to look for.” This is dangerous. Let me give you an example.

ooda-complexityA long time ago, in a small shire on the borders of reality (it seems now), I worked on a piece of equipment we called the funnyman. Specifically, this was the FNM-1, which was used to detect runway Continue reading

Ukraine Emerges as Bogus Routing Source

decision_marketing

Last fall, the Interior Minister of Ukraine announced the creation of a national Cyberpolice (Кіберполіцію) to protect the country from everything from credit card fraud to malware.  Here’s something that would be great to add to their list: fraudulent BGP routing out of Ukraine.  Last year, we reported on an incident in which Ukrainian ISP Vega hijacked routes from British Telecom (including that of the UK’s Atomic Weapons Establishment), an event that could perhaps be chalked up to an innocent mistake.  However, the fraudulent routing we’re now seeing from Ukraine is deliberately designed to go unnoticed.  We’ll review some of this new behavior in this blog.

Governments take note

The profile of this issue has grown in the past year as governments have had to respond to their address space being fraudulently used.  Last July, the Dutch Minister of Foreign Affairs (pictured right) was confronted with parliamentary questions concerning an incident where “attackers” had commandeered IP address space belonging to the Ministry of Foreign Affairs the previous year.  In that incident, on 18 November 2014, Decision Marketing (AS62228) out of Sofia, Bulgaria began globally announcing eleven BGP routes that did not belong to Continue reading

OED tools: bash oneliners

Linux scripting is a skill every network/system engineer should learn in the early stages of the career. Plenty of guides available in the interwebz, The Bash Academy is a good start. A particular type of scripts are the one-liners: just a line of code to solve a problem. This is the latest I’ve used while […]

Documents with malicious macros deliver fileless malware to financial-transaction systems

Spammed Word documents with malicious macros have become a popular method of infecting computers over the past few months. Attackers are now taking it one step further by using such documents to deliver fileless malware that gets loaded directly in the computer's memory.Security researchers from Palo Alto Networks analyzed a recent attack campaign that pushed spam emails with malicious Word documents to business email addresses from the U.S., Canada and Europe.The emails contained the recipients' names as well as specific information about the companies they worked for, which is not typical of widespread spam campaigns. This attention to detail lent more credibility to spam messages and made it more likely that victims would open the attached documents, the researchers said.To read this article in full or to leave a comment, please click here

Snuggling Up to Papers We Love – What’s Your Favorite Paper?


From a talk by @aysylu22 at QCon London on modern computer science applied to distributed systems in practice.

 

 

There has been a renaissance in the appreciation of computer science papers as a relevant source of wisdom for building today's complex systems. If you're having a problem there's likely some obscure paper written by a researcher twenty years ago that just might help. Which isn't to say there aren't problems with papers, but there's no doubt much of the technology we take for granted today had its start in a research paper. If you want to push the edge it helps to learn from primary research that has helped define the edge.

If you would like to share your love of papers, be proud, you are not alone:

Worth Listening: Aligning IT and the Business

To maximize the value that IT adds to our organizations, it’s critical for us to be cognizant of business requirements and to focus our technology capabilities on meeting them. It can be hard to keep this top of mind when racing against the clock to fix a network outage or meet a big project deadline. So right now, while you are listening to The Next Level, we’re going to hone in on the business end of IT and get strategies for how technology can be better put to business use. -via packet pushers

LinkedInTwitterGoogle+FacebookPinterest

The post Worth Listening: Aligning IT and the Business appeared first on 'net work.

An Abundance of Incident Response Bottlenecks

Manual processes represent a major incident response bottleneck at enterprise organizations.  Here are a few alarming data points from some recent ESG research (note: I am an ESG employee):1.       27% of enterprise organizations (i.e. those with more than 1,000 employees) spend at least 50% of their incident response time on manual processes like filling out paper work, finding a particular person, physically viewing multiple security management tools, etc.2.       93% of organizations believe that their incident response efficiency and effectiveness is limited by the time and effort required for manual processes.As if this wasn’t bad enough, IR process issues are exacerbated by a few other challenges:To read this article in full or to leave a comment, please click here

IDG Contributor Network: Phishers hit large Internet firms more than banks, among study findings

Google, Apple and Facebook were targeted by double the number of phishing sites as financial institutions, like banks and PayPal were in 2015, Webroot says in its latest annual briefing published in February.The reason for the dot-com thrust is so that the hackers can accumulate larger numbers of user IDs and passwords—many people on those sites use the same credentials across the Internet, Webroot explains. Attacking the Facebooks et al, garners “multiple compromised accounts with each phishing victim,” the security outfit says.To read this article in full or to leave a comment, please click here

4 reasons not to pay up in a ransomware attack

When a demand for your money or your data pops up on a critical system, you have only a short period of time to decide whether to respond to a ransomware attack.Online extortion is on the increase, as criminals use a variety of attack vectors, including exploit kits, malicious files, and links in spam messages, to infect systems with ransomware. Once all the files have been encrypted, victims can either try to recover the files on their own or pay the ransom. While there have been some exceptions, victims are seldom able to break the encryption and restore access. More often, successful circumvention of a ransomware attack involves wiping the affected systems and promptly restoring everything from clean backups.To read this article in full or to leave a comment, please click here

Defense in depth: Stop spending, start consolidating

When it comes to layered defense and security tools, less is often more just as more can sometimes be less. The average enterprise uses 75 security products to secure their network. That's a lot of noise and a lot of monitoring and testing for security practitioners. To make sure that the security tools not only work but work in harmony with each other, some security professionals recommend taking a closer look at the layers of the security ecosystem to eliminate redundancies that contribute to alert overload. There is a lot of threat intelligence information out there, and Stephan Chenette, CEO, AttackIQ said all of that threat information can be overwhelming. "They need to use the threat information to determine what is applicable to their organization and tailor it to their industry. Risk has a number of factors, not only the impact to organization but also the real probability of the threat," Chenette said.To read this article in full or to leave a comment, please click here

How to conduct a tabletop exercise

As you discovered in the first installment of this five-part series, tabletop exercises can be an important practical tool for reviewing and updating incident response plans. You should schedule them to correspond with yearly Incident Response (IR) plan reviews.When you use existing incident response measures as you play out tabletop data breaches, you uncover holes in IR that can amplify disaster when real data compromise hits the proverbial fan. Unexpected results in tabletop scenarios can foster positive change in IR planning to prepare the enterprise.To read this article in full or to leave a comment, please click here(Insider Story)

1 3,018 3,019 3,020 3,021 3,022 3,763