Flaws in Huawei WiMax routers won’t be fixed, researcher says

Huawei isn't planning on patching several flaws in seven models of WiMax routers that are not being supported anymore by the company, according to a security researcher.Pierre Kim published a list of the affected models, which are still used in countries including Ivory Coast, Iran, Iraq, Libya, the Philippines, Bahrain and Ukraine.Kim notified Huawei of the problem on Oct. 28. He wrote that Huawei said the routers are no longer serviced by the company and would not be patched.The routers include the EchoLife BM626 WiMax CPE and associated models running the same firmware including the BM626e, BM635, BM632, BM631a, BM632w and the BM652.To read this article in full or to leave a comment, please click here

Understanding VLAN terminology – Access Trunk Native Tagged Untagged

Ever so often I myself have searched around for the exact difference between all of the different terms associated with VLAN's (Virtual Local Area Networks) and I'm sure a lot of people out there do the same. There's so much out there explaining these terms but it gets confusing when everything is virtualized. How does networking work in a virtualized host where the operating system networking stack provide virtual network functions such as a virtual switch?

I will start out by stating that networking works the same way it is expected to work in the physical world with wires and hardware boxes that switch or route traffic. To understand what these terms mean you need to first understand how VLANs work. VLAN segregation can happen on a IP range basis, on a port to port basis on the switch,  based on protocol, based on mac addresses or just based on some other higher layer abstractions. The most common implementation is however port based and I will go ahead by explaining these terms with respect to this premise. Also some of these terms are specifically defined by Cisco switches and have then on gone to become popular in network design vocabulary Continue reading

Data breach of toy maker VTech leaked photos of children, parents

The data breach of Hong Kong toy manufacturer VTech appears to have also included photos of children and parents, adding to what could be one of the most surprising leaks of the year.VTech, which makes cordless phones and what it terms electronic learning devices for kids, apologized on Twitter on Monday. The company said it has suspended the affected service, called Learning Lodge, and is notifying customers.Vice's Motherboard tech news site, which first reported the breach, said on Monday the breach also contained thousands of photos of parents and kids and chat logs.To read this article in full or to leave a comment, please click here

OSPF vs EIGRP for DMVPN

In this post I'm going to look at the characteristics of OSPF and EIGRP when used in a Dynamic Multipoint VPN (DMVPN). I will do my best not to play favorites and instead stick to the facts (yes, I do have a preference :-). To that end I will back everything up with data from my lab. The focus areas of the comparison will be:

  • Scalability of the hub router's control plane
  • Overall control plane stability
  • Traffic engineering

This post won't go into any background on how DMVPN works. If you're not yet familiar with DMVPN, I recommend watching these introductory videos by Brian McGahan. This post also does not do a deep dive on OSPF or EIGRP. I'm making the assumption that you're already familiar with the different LSA types in OSPF and general functions of EIGRP.

After reading this post you should be able to describe the pros and cons of OSPF and EIGRP in the three areas listed above and incorporate this knowlege into a DMVPN design.

CCIE Written Changes

Just when you thought you were prepared for your CCIE written exam, think again! Cisco has announced that as of July 25th 2016 they will be adding the section called “Evolving Technologies” to all written exams. If you are scheduled to take your written, in any track, before July25th than not to worry, these changes will not affect you in anyway according to Cisco.

This new section is going to account for 10% of your overall score on the exam with the original topics in your blueprint coming out to 90%. The most interesting point that we need to focus on is that the subdomains of this new section are subject to change as “new and emerging technologies are developed and adopted by the industry”.

Now I know what you’re thinking, “how am I supposed to study for this?”. It’s not all that bad! Cisco has at least given us some resources that we can use to begin preparing for these new topics on our written exam. Here at iPexpert, we’ll be adding these topics to new Written VOD products accordingly, and releasing updates over the next few months.

The last big update to the CCIE blueprints that I Continue reading

First Internet ecommerce was at least 1990

This article from FastCompany claims that the first Internet e-commerce transaction was 1994. This isn't true. The site "cdconnection.com" was selling CDs online since 1990. Well, they claim 1990, I don't know what evidence they have. But I personally can remember buying CDs on their site for over a year before I switched jobs in mid-1994 (so probably at least 1993).

I write this up because it's apparently an important concern when Internet e-commerce was "invented", so I'm writing up what I witnessed. It's a silly competition, of course, since Internet e-commerce is such an obvious idea that nobody can "invent" it. Somebody probably accepted payments for things online even before that. But, as of 1993 when I purchased music, CDconnection was a well-honed business, a "site", with an interface, with a wide selection, using Telnet with V100 commands to format the screen.






US Marshals jump into ‘Cyber Monday’ mania

OK so it’s not Amazon, Target or Wal-Mart Cyber Monday sales but the US Marshals are offering up what it calls “Cyber Monday” auctions for ill-gotten-booty.“Cyber Monday is generally thought to be the start of the online holiday shopping season. We would like to encourage shoppers who are already online in search of bargains to consider stopping by our auction website to bid on forfeited assets,” said Jason Wojdylo, Chief Inspector of the U.S. Marshals Service Asset Forfeiture Division in a statement. These online auctions are designed to generate proceeds from ill-gotten gains to give back to victims, he stated.To read this article in full or to leave a comment, please click here

Amazon shows off hybrid drone prototype for Amazon Prime Air service

Amazon showed off its new prototype drone to be used in its future Prime Air service, which will deliver packages up to five pounds in the time it takes to get a pizza delivered, “in 30 minutes or less.”Former Top Gear host Jeremy Clarkson said in the Amazon Prime Air video that eventually there will be a “whole family of Amazon drones, different designs for different environments.”That won’t happen until Amazon has FAA approval, as the company explained in several of its FAQs.To read this article in full or to leave a comment, please click here

Assuming the worst is not the best assumption

It was too bad to be true, but I should have known that assuming the worst was not the best assumption. I was driving the “other” car, the Saab, on the way back from the METNAV shop around eight in the morning. Since the shop was located in the middle of the three runways, this meant I had to drive across the 18 taxiway, along the white lines painted between the C-141’s, C-130’s, KC-10’s, F-4’s, and sometimes other odds and ends, and then past the Tower, off the flightline, and onto the “surface streets.” As I was coming off a call at around three in the morning, I wasn’t in uniform. For some reason, I hadn’t driven my normal car — a white Jeep — so the folks in the Tower certainly wouldn’t recognize me.

So when the SP flipped his lights on and pulled in behind me, I was worried. Just as the lights came on, I remembered something really important: I had forgotten to put my sticker on the car. You see, to drive on the flightline, you had to have a sticker on your car. There were various colors for the different areas you could gain Continue reading

Security for the New Battlefield

What will be our security challenge in the coming decade? Running trusted services even on untrusted infrastructure. That means protecting the confidentiality and integrity of data as it moves through the network. One possible solution – distributed network encryption – a new approach made possible by network virtualization and the software-defined data center that addresses some of the current challenges of widespread encryption usage inside the data center.

VMware’s head of security products Tom Corn recently spoke on the topic at VMworld 2015 U.S., noting, “Network encryption is a great example of taking something that was once a point product, and turning it into a distributed service—or what you might call an infinite service. It’s everywhere; and maybe more importantly it changes how you implement policy. From thinking about it through the physical infrastructure—how you route data, etcetera—to through the lens of the application, which is ultimately what you’re trying to protect. It eventually becomes really a check box on an application.”

VMware NSX holds the promise of simplifying encryption, incorporating it directly so that it becomes a fundamental attribute of the application. That means so as long as it has that attribute, any packet will be Continue reading

1 3,086 3,087 3,088 3,089 3,090 3,695