0

Patching BADLOCK with Ansible

If you've been following recent security news, you may have heard of the Badlock vulnerability in the protocols used by the Microsoft Windows Active Directory infrastructure. This vulnerability could lead to a man-in-the-middle attacker intercepting traffic between a client and the Active Directory server, and then impersonating the client, gaining unauthorized access to resources.

Thanks to Ansible, however, patching your systems doesn't have to be complicated.

Here’s a sample playbook for Red Hat/Fedora/CentOS and Debian/Ubuntu systems

- hosts: all
  gather_facts: true
  become_method: sudo
  become_user: root
  vars:
    service_name:
      'Debian': 'smbd'
      'RedHat': 'smb'

  tasks:
    - name: check samba version
      shell: dpkg -l | grep -q samba
      when: ansible_os_family == 'Debian'
      register: samba_installed
      ignore_errors: True

    - name: update samba from apt if installed
      apt:
        name: samba
        state: latest
        update_cache: yes
      when: ansible_os_family == 'Debian' and samba_installed.rc == 0
      notify: restart_samba

    - name: check samba version
      shell: rpm -q samba
      when: ansible_os_family == 'RedHat'
      register: samba_installed
      ignore_errors: True

    - name: update samba from yum if installed
      yum:
        name: samba
        state: latest
        update_cache: yes
      when: ansible_os_family == 'RedHat' and samba_installed.rc == 0
      notify: restart_samba

  handlers:
    - name: restart_samba
      service:
        name: "{{  Continue reading

0

Political statements largely behind DDoS attacks

Countries around the world from Estonian and Ukraine to China, Russia, and the US have been the target of DDoS attacks, many of which are politically motivated. Criminals aren't necessarily looking to steal data or other assets as much as they are intending to make a very powerful statement.According to Nexusguard’s Q4 2015 threat report, attacks on Turkey skyrocketed ten-fold to more than 30,000 events per day, surpassing the thousands of attacks on other popular targets like China and the U.S. The attacks, targeting Turkish IP addresses, contributed to a big increase in DNS attacks, outweighing other popular NTP and CHARGEN methods by 183 percent.To read this article in full or to leave a comment, please click here

0

Political statements largely behind DDoS attacks

Countries around the world from Estonian and Ukraine to China, Russia, and the US have been the target of DDoS attacks, many of which are politically motivated. Criminals aren't necessarily looking to steal data or other assets as much as they are intending to make a very powerful statement.According to Nexusguard’s Q4 2015 threat report, attacks on Turkey skyrocketed ten-fold to more than 30,000 events per day, surpassing the thousands of attacks on other popular targets like China and the U.S. The attacks, targeting Turkish IP addresses, contributed to a big increase in DNS attacks, outweighing other popular NTP and CHARGEN methods by 183 percent.To read this article in full or to leave a comment, please click here

0

Intel on the cheap: Chip maker ships $15 IoT developer board

At US$15, the Quark Microcontroller Developer Kit D2000 is perhaps the least expensive computer Intel has ever shipped.The single-board computer has all the components mashed onto a tiny circuit board. It can be used to develop gadgets, wearables, home automation products, industrial equipment and other Internet of Things products.Developers could also use the computer to hook up sensors for temperature, light, sound, weather and distance to devices.The developer board is now available from Mouser Electronics. It will also be available from Avnet, according to Intel.To read this article in full or to leave a comment, please click here

0

How Verizon finds IoT innovation outside its four walls

Verizon Ventures says that while consumer Internet of Things startups were all the rage in 2014 and continue to be popular among investors, enterprise IoT newcomers have become even hotter properties among venture capitalists over the past two years, with enterprise IoT investment expected to double or triple that of consumer IoT in 2016.Verizon’s investment arm has been among those outfits targeting enterprise IoT, with investments in startups such as Filament and Veniam, which focus on industrial networks and connected vehicles, respectively.To read this article in full or to leave a comment, please click here

0

10 Internet of Things companies to watch

It’s good to be an Internet of Things startup these days. Cisco forked over $1.4B for IoT platform provider Jasper in February.  Nokia Growth Partners has raised a $350 million IoT-focused investment fund. And IoT startups are pulling in tens of millions in venture funding.Verizon, in its new “State of the Market: Internet of Things 2016” report, states that its venture arm estimates that while consumer-oriented IoT firms pulled in 15% more funding than enterprise-focused ones in 2014, it is enterprise IoT startups that are now raking in the big bucks. Verizon Ventures says enterprise IoT startups attracted 75% more funding than consumer IoT upstarts last year and that enterprise IoT startups are expected to grab 2 to 3 times as much funding as their consumer counterparts this year.To read this article in full or to leave a comment, please click here

0

How Verizon finds IoT innovation outside its four walls

Verizon Ventures says that while consumer Internet of Things startups were all the rage in 2014 and continue to be popular among investors, enterprise IoT newcomers have become even hotter properties among venture capitalists over the past two years, with enterprise IoT investment expected to double or triple that of consumer IoT in 2016.Verizon’s investment arm has been among those outfits targeting enterprise IoT, with investments in startups such as Filament and Veniam, which focus on industrial networks and connected vehicles, respectively.To read this article in full or to leave a comment, please click here

0

What should IETF “standard track” actually mean?

This post is going to be a little off the beaten path, but it might yet be useful for folks interested in the process of standardization through the IETF.

Last week, at the IETF in Buenos Aires, a proposal was put forward to move the IPv4 specifications to historic status. Geoff Huston, in his ISP column, points out the problem with this sort of thing—

As one commenter in the Working Group session pointed out, declaring IPv4 “Historic” would likely backfire and serve no better purpose other than exposing the IETF to ridicule. And certainly there is some merit in wondering why a standards body would take a protocol specification used by over 3 billion people, and by some estimated 10 billion devices each and every day and declare it to be “Historic”. In any other context such adoption figures for a technology would conventionally be called “outstandingly successful”!

The idea to push IPv4 to historic is, apparently, an attempt to move the market, in a sense. If it’s historic, then the market won’t use it, or will at least move away from it.

Right.

Another, similar, line of thinking came up at the mic during a discussion around whether Continue reading

0

Micron Enlists Allies For Datacenter Flash Assault

If component suppliers want to win deals at hyperscalers and cloud builders, they have to be proactive. They can’t just sit around and wait for the OEMs and ODMs to pick their stuff like a popularity contest. They have to engineer great products with performance and then do what it takes on price, power, and packaging to win deals.

This is why memory maker Micron Technology is ramping up its efforts to get its DRAM and flash products into the systems that these companies buy, and why it is also creating a set of “architected solutions” focused on storage that …

Micron Enlists Allies For Datacenter Flash Assault was written by Timothy Prickett Morgan at The Next Platform.

0

IDG Contributor Network: Scaling out cloud apps still a challenge despite multi-core CPU advancements

Despite recent advancements and improved parallelism in multi-core CPU performance, there is still a big challenge to be solved relating to the scale-out of cloud applications.Put simply, Linux application performance scales poorly as CPU core count increases. This is commonly experienced as typical Linux applications can be expected to see a 1.5X performance improvement for a 2-core CPU, but the scale quickly plateaus after that, with 4 core performance only improving around 2.5X. The performance further degrades as core counts rise. Given that, along with Intel’s announcement that its Xeon chips have up to 22 cores, scaling performance efficiently across cores is extremely important.To read this article in full or to leave a comment, please click here

0

IRS security is failing taxpayers, senator says

The U.S. Internal Revenue Service, the Congress, and private electronic tax-filing vendors aren't doing enough to protect the personal information of taxpayers, senators said Tuesday.The IRS needs to step up its cyberecurity efforts, said members of the Senate Finance Committee, citing two recent data breaches at the agency, along with 94 open cybersecurity recommendations from the Government Accountability Office."Hackers and crooks, including many working for foreign crime syndicates, are jumping at every opportunity they have to steal hard-earned money and sensitive personal data from U.S. taxpayers," Senator Ron Wyden, an Oregon Democrat, said during a hearing. "In my view, taxpayers have been failed by the agencies, the companies, and the policymakers here in Congress they rely on to protect them."To read this article in full or to leave a comment, please click here

0

IRS security is failing taxpayers, senator says

The U.S. Internal Revenue Service, the Congress, and private electronic tax-filing vendors aren't doing enough to protect the personal information of taxpayers, senators said Tuesday.The IRS needs to step up its cyberecurity efforts, said members of the Senate Finance Committee, citing two recent data breaches at the agency, along with 94 open cybersecurity recommendations from the Government Accountability Office."Hackers and crooks, including many working for foreign crime syndicates, are jumping at every opportunity they have to steal hard-earned money and sensitive personal data from U.S. taxpayers," Senator Ron Wyden, an Oregon Democrat, said during a hearing. "In my view, taxpayers have been failed by the agencies, the companies, and the policymakers here in Congress they rely on to protect them."To read this article in full or to leave a comment, please click here

0

Startup analyzes behavior to stop malware threats

Startup Seceon has joined a growing number of firms focused on quickly analyzing behaviors on corporate networks to identify and prioritize threats that ought to be dealt with, cutting down on the manual work required to spot and stop attacks.In addition to identifying intrusions, the company’s Open Threat Management (OTM) platform can also automatically block suspect behaviors using scripts to other devices on the network.The company competes against a number of others including Damballa, LightCyber and Vectra as well as vendors with broader portfolios such as Carbon Black, Black Ensilo, Fireeye, Guidance, Promisec, Resolution1 Security, and Tanium.To read this article in full or to leave a comment, please click here

0

IDG Contributor Network: Sisense wants to make every user a data scientist

Analytics seems to be like the pot of gold at the end of the rainbow—hugely valuable but generally difficult (or impossible) to reach. It was always too hard, too slow, too expensive and too technical to be used on a widespread basis.Then things started to change. The rise of APIs meant that getting data into and out of core solutions became easier. The advent of cloud computing meant that standing up infrastructure on a short-term basis was easier, and a bunch of new approaches helped to make things far easier. One of the biggest proponents of this new way of driving analytics out to the business users is SAP, who is pushing hard for its HANA in-memory analytics service.To read this article in full or to leave a comment, please click here

0

Startup analyzes behavior to stop malware threats

Startup Seceon has joined a growing number of firms focused on quickly analyzing behaviors on corporate networks to identify and prioritize threats that ought to be dealt with, cutting down on the manual work required to spot and stop attacks.In addition to identifying intrusions, the company’s Open Threat Management (OTM) platform can also automatically block suspect behaviors using scripts to other devices on the network.The company competes against a number of others including Damballa, LightCyber and Vectra as well as vendors with broader portfolios such as Carbon Black, Black Ensilo, Fireeye, Guidance, Promisec, Resolution1 Security, and Tanium.To read this article in full or to leave a comment, please click here

0

Open Networking is Part of Everyone’s Future

If there’s one thing I learned at the Open Networking Summit (ONS) last month in Santa Clara, it’s that Open...

0

The HTC 10 campaigns for the title best smartphone of 2016

HTC announced the HTC 10 premium smartphone today—its entry into the extreme competition for best smartphone on the planet. The device belongs to a category that makes no compromises in exterior presentation and interior performance. Trade-offs are a luxury enjoyed by makers of commodity smartphone models that pragmatic consumers buy.HTC earned its reputation by designing exquisite phones that others in the industry, including Apple, had to follow and sometimes copy. Most notably the iPhone 6 and 6s product lines look like HTC designs. Powered by a Qualcomm 820 SoC, the HTC 10 will be one of the fastest phones available. However, raw speed is its least-important feature because almost every smartphone is fast, to such an extent that the performance increase of the newest phones compared to last year’s is barely perceptible.To read this article in full or to leave a comment, please click here

0

Sponsored Post: TechSummit, Netflix, Aerospike, TrueSight Pulse, Redis Labs, InMemory.Net, VividCortex, MemSQL, Scalyr, AiScaler, AppDynamics, ManageEngine, Site24x7

Who's Hiring?

• Senior Service Reliability Engineer (SRE): Drive improvements to help reduce both time-to-detect and time-to-resolve while concurrently improving availability through service team engagement.  Ability to analyze and triage production issues on a web-scale system a plus. Find details on the position here: https://jobs.netflix.com/jobs/434


• Manager - Performance Engineering: Lead the world-class performance team in charge of both optimizing the Netflix cloud stack and developing the performance observability capabilities which 3rd party vendors fail to provide.  Expert on both systems and web-scale application stack performance optimization. Find details on the position here https://jobs.netflix.com/jobs/860482


• Software Engineer (DevOps). You are one of those rare engineers who loves to tinker with distributed systems at high scale. You know how to build these from scratch, and how to take a system that has reached a scalability limit and break through that barrier to new heights. You are a hands on doer, a code doctor, who loves to get something done the right way. You love designing clean APIs, data models, code structures and system architectures, but retain the humility to learn from others who see things differently. Apply to AppDynamics


• Software Engineer (C++). You will be responsible for building Continue reading

0

The Gig Economy Breaks Social Security

With the tax deadline looming in the US and the future of the gig economy as the engine of scaling startup workforces under fire, there's an important point to consider: In the gig economy the entire social contract is kaput. Here's why.

Everyone who works in the US pays into the Social Security system. The whole idea of Social Security is young people pay in and old people take out.

When you are an employee Social Security taxes are taken directly out of your paycheck. You don't even have to think about it.

When you work in the gig economy you get a 1099-MISC at the end of the year. A 1099 reports payments made by the hiring company during the year and it's sent by the hiring company both to the worker and the IRS.

It's up to the worker to identify their income on their tax return as self employment income, which is subject to a Social Security tax of 15.3%. Most gig workers probably won't declare this income because a lot of them don't even know they are supposed to. My wife, Linda Coleman, a respected Enrolled Agent, says from people she has talked to Continue reading

0

Docker Container Network Types

Docker provides similar network connection options as general virtualization solutions such as VMware products, Hyper-V, KVM, Xen, VirtualBox, etc. However, Docker takes a slightly different approach with its network drivers, confusing new users which are familiar with general terms used by other virtualization products. The following table matches general terms with Docker network drivers you can use to achieve the same type of connectivity for your container.

General Virtualization Term	Docker Network Driver
NAT Network	bridge
Bridged	macvlan, ipvlan (experimental since Docker 1.11)
Private / Host-only	bridge
Overlay Network / VXLAN	overlay