Securing BGP: A Case Study (8)

Throughout the last several months, I’ve been building a set of posts examining securing BGP as a sort of case study around protocol and/or system design. The point of this series of posts isn’t to find a way to secure BGP specifically, but rather to look at the kinds of problems we need to think about when building such a system. The interplay between technical and business requirements are wide and deep. In this post, I’m going to summarize the requirements drawn from the last seven posts in the series.

Don’t try to prove things you can’t. This might feel like a bit of an “anti-requirement,” but the point is still important. In this case, we can’t prove which path along which traffic will flow. We also can’t enforce policies, specifically “don’t transit this AS;” the best we can do is to provide information and letting other operators make a local decision about what to follow and what not to follow. In the larger sense, it’s important to understand what can, and what can’t, be solved, or rather what the practical limits of any solution might be, as close to the beginning of the design phase as possible.

In the Continue reading

Sites that prevent ad blockers lose readers

It’s no secret that publishers despise ad blocker add-ons in web browsers. It is, after all, costing them revenue, and they have a right to make money. But there are different ways to skin a cat, so to speak, and one method isn’t working out very well.Some sites, such as our sister site Computerworld.com, will pop up a window politely asking you to disable the ad blocker and then let you continue on to the content. Others, however, flat out lock you out of the content until the ad blocker is disabled. And those sites are losing traffic. The question is how much of that loss can be attributed to the ad blocker blockade.The U.K. tech news site The Stack has looked at several sites that shut you out if an ad blocker is enabled, and it found virtually all of them are losing readers at a steady rate. It looked at both U.S. and European publishers, such as German publisher Axel Springer, publisher of the popular Bild newspaper and website, City AM financial news,  Forbes and Wired. All of those sites denied users access to content until they whitelisted the site or disabled their Continue reading

Volkswagen’s “Cloud First” Approach to Infrastructure Decisions

As automotive companies like Ford begin to consider themselves technology companies, others, including Volkswagen Group are taking a similar route. The company’s new CEO, who took over in September, 2015 has a background in computer science and began his career managing IT department for the Audi division. Under his more technical-tuned guard, IT teams within the company are taking major strides to shore up their infrastructure to support the 1.5 billion Euro investment in R&D for forthcoming electric and connected cars in the near future.

Part of the roadmap for Volkswagen Group includes a shift to OpenStack to manage

Volkswagen’s “Cloud First” Approach to Infrastructure Decisions was written by Nicole Hemsoth at The Next Platform.

Malvertising attack silently infects old Android devices with ransomware

Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.Web-based attacks that exploit vulnerabilities in browsers or their plug-ins to install malware are common on Windows computers, but not on Android, where the application security model is stronger.But researchers from Blue Coat Systems detected the new Android drive-by download attack recently when one of their test devices -- a Samsung tablet running CyanogenMod 10.1 based on Android 4.2.2 -- became infected with ransomware after visiting a Web page that displayed a malicious ad.To read this article in full or to leave a comment, please click here

Malvertising attack silently infects old Android devices with ransomware

Attackers are using two known exploits to silently install ransomware on older Android devices when their owners browse to websites that load malicious advertisements.Web-based attacks that exploit vulnerabilities in browsers or their plug-ins to install malware are common on Windows computers, but not on Android, where the application security model is stronger.But researchers from Blue Coat Systems detected the new Android drive-by download attack recently when one of their test devices -- a Samsung tablet running CyanogenMod 10.1 based on Android 4.2.2 -- became infected with ransomware after visiting a Web page that displayed a malicious ad.To read this article in full or to leave a comment, please click here

Network visibility with Docker

Microservices describes the critical role that network visibility provides as a common point of reference for monitoring, managing and securing the interactions between the numerous and diverse distributed service instances in a microservices deployment.

Industry standard sFlow is well placed to give network visibility into the Docker infrastructure used to support microservices. The sFlow standard is widely supported by data center switch vendors (Cisco, Arista, Juniper, Dell, HPE, Brocade, Cumulus, etc.)  providing a cost effective and scaleable method of monitoring the physical network infrastructure. In addition, Linux bridge, macvlan, ipvlan, adapters described how sFlow is also an efficient means of leveraging instrumentation built into the Linux kernel to extend visibility into Docker host networking.

The following commands build the Host sFlow binary package from sources on an Ubuntu 14.04 system:
sudo apt-get update
sudo apt-get install build-essential
sudo apt-get install libpcap-dev
sudo apt-get install wget
wget https://github.com/sflow/host-sflow/archive/v1.29.1.tar.gz
tar -xvzf v1.29.1.tar.gz
cd host-sflow-1.29.1
make DOCKER=yes PCAP=yes deb
This resulting hsflowd_1.29.1-1_amd64.deb package can be copied and installed on all the hosts in the Docker cluster using configuration management tools such as Puppet, Chef, Ansible, etc.

This Continue reading

May 4th – Get Ready for Next-Generation Cloud Security with NSX and Armor

Shopping for cloud solutions used to mean choosing between performance, elasticity and security — you could get one, maybe two, but never all three. With the help of VMware NSX, Armor Active Cyber Defense has proven that you can achieve the highest level of cloud security while maintaining the high performance and elasticity you demand.

Join our webcast, Next-Generation Cloud Security with VMware NSX and Armor, on May 4 to explore how NSX enhances automation and flexibility.

Learn more about VMware NSX and the key components of the Armor Virtual Private Cloud, including Server, Network and Security Virtualization. VMware and Armor Experts will demonstrate how to architect an environment with fully integrated security that provides the performance and efficiency customers demand from the cloud.

As threat actors display more proficiency, speed and diligence, cloud security is more important than ever. Here’s your chance to explore how VMware NSX can deliver secure cloud environments to you and your customers.

Sign up for our May 4 webcast today and explore the transformative security and automation benefits of VMware NSX.

The post May 4th – Get Ready for Next-Generation Cloud Security with NSX and Armor appeared first on The Network Virtualization Blog.

The Joy of Deploying Apache Storm on Docker Swarm

This is a guest repost from Baqend Tech on deploying and redeploying an Apache Storm cluster on top of Docker Swarm instead of deploying on VMs. It's an interesting topic because of the experience Wolfram Wingerath called it "a real joy", which is not a phrase you hear often in tech. Curious, I asked what made using containers such a good experience over using VMs? Here's his reply:

Being pretty new to Docker and Docker Swarm, I'm sure there are many good and bad sides I am not aware of, yet. From my point of view, however, the thing that makes deployment (and operation in general) on top of Docker way more fun than on VMs or even on bare metal is that Docker abstracts from heterogeneity and many issues. Once you have Docker running, you can start something like a MongoDB or a Redis server with a single-line statement. If you have a Docker Swarm cluster, you can do the same, but Docker takes care of distributing the thing you just started to some server in your cluster. Docker even takes care of downloading the correct image in case you don't have it on your machine right now. You also Continue reading

IDG Contributor Network: Fight corporate data loss with secure, easy-to-use collaboration tools

The Panama Papers should be a wake-up call to every CEO, COO, CTO and CIO in every company.Yes, it’s good that alleged malfeasance by governments and big institutions came to light. However, it’s also clear that many companies simply take for granted that their confidential information will remain confidential. This includes data that’s shared within the company, as well as information that’s shared with trusted external partners, such as law firms, financial advisors and consultants. We’re talking everything from instant messages to emails, from documents to databases, from passwords to billing records.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Fight corporate data loss with secure, easy-to-use collaboration tools

The Panama Papers should be a wake-up call to every CEO, COO, CTO and CIO in every company.Yes, it’s good that alleged malfeasance by governments and big institutions came to light. However, it’s also clear that many companies simply take for granted that their confidential information will remain confidential. This includes data that’s shared within the company, as well as information that’s shared with trusted external partners, such as law firms, financial advisors and consultants. We’re talking everything from instant messages to emails, from documents to databases, from passwords to billing records.To read this article in full or to leave a comment, please click here

Helium goes Green with new IoT environmental sensor

The biggest claim to fame for startup Helium, an Internet of Things company that started in 2013, has been perhaps co-founder Shawn Fanning.Fanning, of course, is the serial entrepreneur who developed Napster and started other companies. But Helium is making a name for itself by expanding from its software beginnings to usher companies into IoT with sensors, software and cloud services. Its goal is to improve company productivity by putting the streams of data collected from sensors to action.Helium is releasing new sensors, applications and development tools as it builds out a comprehensive product line. The company's latest product is a new sensor called Helium Green, which can monitor temperature, humidity, barometric pressure, motion, and light.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Demystifying the Information Centric Network

Information Centric Networking (ICN) is receiving increasing interest in the context of future wireless networks. So, what is ICN? Why is it important and will it have a role in next generation 5G networks? I think it will and for some very good reasons.ICN is a research area that dates back to about 2006 and has been cooking for over a decade. It defines a new way of inter-networking or, as I see it, a very natural next step now for the internet—if it is done right.The principles and essential architecture of today’s internet are rooted in the system that was created for simple file transfers some 40-plus years ago. The internet has, of course, evolved within this restrictive construct, and the media consumption experience you most likely enjoy today is as much a function of carefully choreographed Content Delivery Networks (CDN) as the old internet client-server model. CDNs and the careful management of content (aka information) are essential to the smooth functioning that we perceive today.To read this article in full or to leave a comment, please click here

Control with Ansible Tower, Part 2

tower-control-series-screen.png

This is the second in a series of posts about how Ansible and Ansible Tower enable you to manage your infrastructure simply, securely, and efficiently.

When we talk about Tower, we often talk in terms of Control, Knowledge, and Delegation. But what does that mean?  In this series of blog posts, we'll describe some of the ways you can use Ansible and Ansible Tower to manage your infrastructure.

In our first blog post, we described how Ansible Tower makes it easy to control the way your infrastructure is configured via configuration definition and continuous remediation.

But controlling the configuration of your infrastructure is just one step. You also need control of the components of your infrastructure - your inventory. You need to do day-to-day management tasks on demand. And Ansible Tower makes those easy as well.

INVENTORY - THE BASICS

If you’ve used Ansible, you know about the basics of inventory. A static Ansible inventory is just an INI-style file that describes your hosts and groups, and optionally some variables that apply to your hosts and groups. Here's an example from the Ansible documentation.

{% raw %} 
[atlanta]
host1
host2

[raleigh]
host2
host3

[southeast:children]
atlanta
raleigh

[southeast:vars]
nameserver=dns.southeast.example. Continue reading

Biogen: Data Science and Docker Swarm

written by Theo Platt, Associate Director, Biogen and Karl Gutwin, Senior Data Architect, Biogen The Data Sciences department at Biogen has been using Docker and watching the (r)evolution for a couple of years. Last year, as our experience with Docker grew and … Continued

IDG Contributor Network: Was that a tremor?

There’s a 62 percent chance of an earthquake in the San Francisco Bay Area in the next 30 years, according to the U.S. Geological Service. But no one knows when or where the next big one might be. So, when I heard of startup offering an early-warning service for earthquakes, I wanted to learn more.It’s a tough problem to solve. Thousands of widely dispersed sensors are needed, as an earthquake could originate anywhere. To be effective, an early-warning service also needs a dependable communication network and fast analysis. Take a look at what happened when the last "big one" struck the San Francisco Bay Area.To read this article in full or to leave a comment, please click here

Bangladesh Bank cyber-heist hackers used custom malware to steal $81 million

Hackers behind the Bangladesh bank heist created malware to compromise the SWIFT financial system. Security researchers said the malware allowed attackers to modify a database logging the bank’s activity over the SWIFT network, to delete records of outgoing transfer orders and to intercept incoming transfer confirmation messages, and to manipulate both account balance logs and a printer used to make hard copies of the transfer orders.The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a cooperative owned by 3,000 financial institutions. SWIFT software is supposed to securely send and receive information about financial transactions; the messaging platform is reportedly used by 11,000 banks worldwide. SWIFT admitted to Reuters that it was aware of malware targeting its client software “Alliance Access,” which is not used by all 11,000 banks.To read this article in full or to leave a comment, please click here

1 3,033 3,034 3,035 3,036 3,037 3,857