Let’s Donate Our Organs and Unused Cloud Cycles to Science

There’s a long history of donating spare compute cycles for worthy causes. Most of those efforts were started in the Desktop Age. Now, in the Cloud Age, how can we donate spare compute capacity? How about through a private spot market?

There are cycles to spare. Public Cloud Usage trends:

  • Instances are underutilized with average utilization rates between 8-9%

  • 24% of instance reservations are unused

Maybe all that CapEx sunk into Reserved Instances can be put to some use? Maybe over provisioned instances could be added to the resource pool as well? That’s a lot of power Captain. How could it be put to good use?

There is a need to crunch data. For science. Here’s a great example as described in This is how you count all the trees on Earth. The idea is simple: from satellite pictures count the number of trees. It’s an embarrassingly parallel problem, perfect for the cloud. NASA had a problem. Their cloud is embarrassingly tiny. 400 hypervisors shared amongst many projects. Analysing all the data would would take 10 months. An unthinkable amount of time in this Real-time Age. So they used the spot market on AWS.

The upshot? The test run cost Continue reading

Third try is no charm for failed Linux ransomware creators

Getting cryptographic implementations right is difficult. A group of malware creators is currently experiencing that hard truth, to the amusement of security researchers.For the past several months, a group of cybercriminals have been infecting Linux systems -- primarily Web servers -- with a file-encrypting ransomware program that the security industry has dubbed Linux.Encoder.This development is worrying, because Web server infections don't require user interaction as on desktop computers where getting users to open rogue email attachments or visit malicious websites are common attack vectors. Instead, the hackers use automated scanners to find servers that host vulnerable applications or have weak SSH passwords they can guess using brute-force methods.To read this article in full or to leave a comment, please click here

Passed the CCDE written. Now what?

I was fortunate enough to finally pass the CCDE written exam yesterday morning.

That begs the question of “Now What?”

Well, I will spend a couple of days putting together a study strategy, based on where I am now compared to where I need to be in order to pass the exam. As it looks now, I am probably going for a fall 2016 exam date. That gives me enough time to settle into a new job with everything that entails.

It also means that I will need to spend 2-3 hours of study per day (some weekends more than that), with a combination of watching Cisco Live 365 videos and reading CVD’s/Books.

On top of that, my good friend Daniel Dib and I, along with hopefully a few others will have some design discussions using Webex. We have been told its really important to iron out different design ideas with other people. Especially if we can get a group together with people from different areas of expertise (Datacenter, Service Provider, Enterprise etc.).

Alas, an update to this story will come shortly! :)

Take care!

Creating VLAN interfaces in Linux

Communicating over multiple VLAN's is possible by using VLAN sub interfaces in linux. A vlan interface can be created in linux which shows up as a network interface device. Each of these interfaces are used as you would use a normal linux interface - assign an IP to it, attach it to a bridge, add routing tables entries and more. One use case is when you need a VM to act as an L2 gateway having one leg on one VLAN and another leg on the other.

As always this can be achieved in multiple ways: using the vconfig command, adding a new interface network-script file (CentOS/Redhat) or by using the "ip" command. I will describe all three methods here:

First thing you will need is to load the 8021q linux kernel module that is responsible for VLAN tagging/untagging.  See RFC.

Check if you have VLAN module. You can check the ouput of lsmod and figure out if 8021q is loaded or I simply like to do this:

 lsmod | grep 8021q

You should see 8021q and some other lines in the output.

Add module to linux. Note that you'll need to automate this. You can add it in systemctl Continue reading

Mythical vuln-disclosure program

In the olden days (the 1990s), we security people would try to do the "right thing" and notify companies about the security vulnerabilities we'd find. It was possible then, because the "Internet" team was a small part of the company. Contacting the "webmaster" was a straightforward process -- indeed their email address was often on the webpage. Whatever the problem, you could quickly get routed to the person responsible for fixing it.

Today, the Internet suffuses everything companies do. There is no one person responsible. If companies haven't setup a disclosure policy (such as an email account "[email protected]"), they simply cannot handle disclosure. Assuming you could tell everyone in the company about the problem, from the CEO on down to the sysadmins and developers, you still won't have found the right person to tell -- because such a person doesn't exist. There's simply no process for dealing with the issue.

I point this out in response to the following Twitter discussion:



Josh's assertion is wrong. There is nobody at American Airlines that can handle a bug report. At some point, Continue reading

Juniper Networks Announces Date of Fourth Quarter and Fiscal Year 2015 Preliminary Financial Results Conference Call and Webcast

SUNNYVALE, CA–(Marketwired – January 05, 2016) – Juniper Networks (: JNPR), the industry leader in network innovation, today confirmed it will release preliminary financial results for the fourth quarter and fiscal year ended Dec. 31, 2015, on Wednesday, Jan. 27, 2016 after the close of the market. The Company’s senior management will host a conference... Read more →

Juniper Networks Announces Date of Fourth Quarter and Fiscal Year 2015 Preliminary Financial Results Conference Call and Webcast

SUNNYVALE, CA–(Marketwired – January 05, 2016) – Juniper Networks (: JNPR), the industry leader in network innovation, today confirmed it will release preliminary financial results for the fourth quarter and fiscal year ended Dec. 31, 2015, on Wednesday, Jan. 27, 2016 after the close of the market. The Company’s senior management will host a conference... Read more →

1 3,048 3,049 3,050 3,051 3,052 3,694