0

Stop Thinking About SDN!

0

10 SDN Platform Options

0

Encryption project issues 1 million free digital certificates in three months

Let's Encrypt, an organization set up to encourage broader use of encryption on the Web, has distributed 1 million free digital certificates in just three months.The digital certificates cover 2.5 million domains, most of which had never implemented SSL/TLS (Secure Sockets Layer/Transport Layer Security), which encrypts content exchanged between a system and a user. An encrypted connection is signified in most browsers by "https" and a padlock appearing in the URL bar."Much more work remains to be done before the Internet is free from insecure protocols, but this is substantial and rapid progress," according to a blog post by the Electronic Frontier Foundation, one of Let's Encrypt's supporters.To read this article in full or to leave a comment, please click here

0

Don’t be Discouraged by Plagiarists

Recently, a friend pointed out that an individual had taken one of my cheat sheets, superimposed his own logo and URL on it, and published it as his own work. This is certainly not the first time I've been plagiarized, nor will it be the last, I suspect. I called out the individual on Twitter, and I'm very gratefully for the many people who helped me compel him to remove the illegitimate content. Eventually.

I wanted to write a quick post sharing my thoughts on this incident for the benefit of everyone who has expressed interest in starting their own blog or web site. I've heard plenty of people comment over the years to the effect of, "Why bother starting a blog if someone's just going to harvest the RSS feed and re-publish it on their own site to make a few bucks?" Indeed, this has always been a concern among producers of both free and paid content.

I wish I could tell you that plagiarism isn't that big a deal, or that it won't happen to you. But the truth is plagiarism is a huge problem in our industry (and across the Internet in general), and if Continue reading

0

Don’t be Discouraged by Plagiarists

Recently, a friend pointed out that an individual had taken one of my cheat sheets, superimposed his own logo and URL on it, and published it as his own work. This is certainly not the first time I've been plagiarized, nor will it be the last, I suspect. I called out the individual on Twitter, and I'm very gratefully for the many people who helped me compel him to remove the illegitimate content. Eventually.

I wanted to write a quick post sharing my thoughts on this incident for the benefit of everyone who has expressed interest in starting their own blog or web site. I've heard plenty of people comment over the years to the effect of, "Why bother starting a blog if someone's just going to harvest the RSS feed and re-publish it on their own site to make a few bucks?" Indeed, this has always been a concern among producers of both free and paid content.

I wish I could tell you that plagiarism isn't that big a deal, or that it won't happen to you. But the truth is plagiarism is a huge problem in our industry (and across the Internet in general), and if Continue reading

0

Don’t be Discouraged by Plagiarists

Recently, a friend pointed out that an individual had taken one of my cheat sheets, superimposed his own logo and URL on it, and published it as his own work. This is certainly not the first time I've been plagiarized, nor will it be the last, I suspect. I called out the individual on Twitter, and I'm very gratefully for the many people who helped me compel him to remove the illegitimate content. Eventually.

I wanted to write a quick post sharing my thoughts on this incident for the benefit of everyone who has expressed interest in starting their own blog or web site. I've heard plenty of people comment over the years to the effect of, "Why bother starting a blog if someone's just going to harvest the RSS feed and re-publish it on their own site to make a few bucks?" Indeed, this has always been a concern among producers of both free and paid content.

I wish I could tell you that plagiarism isn't that big a deal, or that it won't happen to you. But the truth is plagiarism is a huge problem in our industry (and across the Internet in general), and if Continue reading

0

Versa’s Software-Defined Security Wins Business With a Systems Integrator

Versa recently added SD-security to its SD-WAN.

0

Home Depot will pay up to $19.5 million for massive 2014 data breach

Home Depot has agreed to pay as much as $19.5 million to remedy the giant data breach it suffered in 2014, the company confirmed on Tuesday.Included in that figure is a reported $13 million to reimburse customers for their losses and $6.5 million to provide them with one and a half years of identity protection services.Home Depot was not required to admit any wrongdoing."We’re working to put the litigation behind us," spokesman Stephen Holmes said via email. "This was the most expeditious path, but it’s not an admission of liability."Customers "were not responsible for fraudulent charges, and they’ve been our primary focus throughout," he said.To read this article in full or to leave a comment, please click here

0

The Next Level: Challenges Aligning IT And The Business

Denise Donohue and Russ White stop by The Next Level podcast to share strategies to better align network design and technology choices with business requirements.

The post The Next Level: Challenges Aligning IT And The Business appeared first on Packet Pushers.

0

The Next Level: Challenges Aligning IT And The Business

Denise Donohue and Russ White stop by The Next Level podcast to share strategies to better align network design and technology choices with business requirements.

The post The Next Level: Challenges Aligning IT And The Business appeared first on Packet Pushers.

0

RSA 2016: There Are Way Too Many Security Companies

Let's face it, security is overcrowded.

0

Leaders’ STEM education determines stance on iPhone encryption case

Robert Hannigan head of Britain’s NSA equivalent agency the GCHQ, finally stopped asking for a backdoor to encrypted devices. Instead he called for an end to what he called the “abuse of encryption” by ISIS and other terrorists and criminals at the MIT Internet Policy Research Initiative, according to a report by the MIT Technology Review.Hannigan wasn’t getting what he wanted by calling it a backdoor so he changed the name for building flawed encryption that law enforcement can exploit to “ending the abuse of encryption.” Hannigan’s attempt to use speechwriters and political spin to solve a mathematical problem is a fool’s errand.To read this article in full or to leave a comment, please click here

0

Collaborating on incident response: Rook Security

At the 2016 RSA Conference, CSO's Steve Ragan chats with J.J. Thompson, CEO of Rook Security, about how security teams can collaborate better (including via mobile devices) during incident response events.

0

Cisco security chief: How to beat back security system complexity

Cisco has aggressively bought up security vendors and worked on integrating their software protections into existing Cisco gear, making for a simpler, more secure and flexible network, says Cisco’s security chief. David Goeckeler “The customers we talk to have an average of somewhere around 50 to 60 different vendors in their network to deliver their security posture,” says David Goeckeler, senior vice president and general manager of Cisco’s security business. “What’s happening in the industry is the complexity of managing all those different products is overwhelming the effectiveness of them.”To read this article in full or to leave a comment, please click here

0

Cisco security chief: How to beat back security system complexity

Cisco has aggressively bought up security vendors and worked on integrating their software protections into existing Cisco gear, making for a simpler, more secure and flexible network, says Cisco’s security chief. David Goeckeler “The customers we talk to have an average of somewhere around 50 to 60 different vendors in their network to deliver their security posture,” says David Goeckeler, senior vice president and general manager of Cisco’s security business. “What’s happening in the industry is the complexity of managing all those different products is overwhelming the effectiveness of them.”To read this article in full or to leave a comment, please click here

0

Microsoft released 13 security bulletins, 5 rated critical but 8 patching RCE bugs

For March 2016 Patch Tuesday, Microsoft released 13 security bulletins and rated five of those as critical.Critical patches for RCE flawsMS16-023 is the cumulative patch for IE to stop remote code execution flaws and correct 13 memory corruption vulnerabilities that have not been publicly disclosed.MS16-024 is the monthly fix for Microsoft Edge; it patches 10 memory corruption flaws that could lead to remote code execution and one information disclosure bug – none of which have been publicly disclosed.To read this article in full or to leave a comment, please click here

0

RPKI ARIN Agreement Update

In December of 2014 I wrote an article about  a legal agreement that was discouraging network operators from implementing an important Internet security function.  I am happy to report, the situation has improved: ARIN no longer requires operators explicitly accept a click-through agreement in order to access the Trust Anchor Locator (TAL). Resource Public Key […]

The post RPKI ARIN Agreement Update appeared first on Packet Pushers.

0

DockerCon 2016: First Speakers Announced!

We are so excited to announce our first speakers for DockerCon 2016! A brand new website for the conference is also now live with all the latest news and info about DockerCon taking place June 19-21 in beautiful Seattle, Washington! … Continued

0

RPKI ARIN Agreement Update

In December of 2014 I wrote an article about  a legal agreement that was discouraging network operators from implementing an important Internet security function.  I am happy to report, the situation has improved: ARIN no longer requires operators explicitly accept a click-through agreement in order to access the Trust Anchor Locator (TAL). Resource Public Key […]

The post RPKI ARIN Agreement Update appeared first on Packet Pushers.

0

Reaction: BGP convergence, divergence & the ‘net

Let’s have a little talk about BGP convergence.

We tend to make a number of assumptions about the Internet, and sometimes these assumptions don’t always stand up to critical analysis. . . . On the Internet anyone can communicate with anyone else – right? -via APNIC

Geoff Huston’s recent article on the reality of Internet connectivity—no, everyone cannot connect to everyone—prompted a range of reactions from various folks I know.

For instance, BGP is broken! After all, any routing protocol that can’t provide basic reachability to every attached destination must be broken, right? The problem with this statement is it assumes BGP is, at core, a routing protocol. To set the record straight, BGP is not, at heart, a routing protocol in the traditional sense of the term. BGP is a system used to describe bilateral peering arrangements between independent parties in a way that provides loop free reachability information. The primary focus of BGP is not loop free reachability, but policy.

After all, BGP convergence is a big deal, right? Part of the problem here is that we use BGP as a routing protocol in some situations (for instance, on data center fabrics), so we have a hard time adjusting our thinking Continue reading