5 Things Storage Vendors Won’t Tell You
No doubt you are spending big bucks on enterprise storage, and the vendors want to keep it that way.
Nerd Knobs? No, It’s Wanker Knobs
For a few years now I have used the term “nerd knobs” to describe a certain class of features implemented in networking products. This may have created the (mistaken) impression that nerd knobs are part of the IT hero culture. From now on I’m calling them “Wanker Knobs.” In most cases, wanker knobs are for […]
The post Nerd Knobs? No, It’s Wanker Knobs appeared first on EtherealMind.
How SDN Interest Has Evolved
Research reveals how some drivers for enterprise SDN deployment have shifted while others remain constant.
The Internet Of Things Gets Real
Learn from the experts how IoT will affect you, and how your company can benefit from its intelligence.
Saving a Cloonix network topology
The Cloonix network simulator has been updated to version 29, which adds the ability to save network simulation topologies and node configurations to a directory.
Users may save a network topology and all node configurations to a directory of their choice. They may also load saved topologies into Cloonix so they can restore a network scenario they previously created. The save function of Cloonix v29 supports copy-on-write filesystems and also allows users to save the full filesystems of nodes, if they wish.
This post will work through a detailed tutorial showing how to save, load, and re-save topologies and node configurations using the Cloonix GUI or command-line interface.
Different methods to save a Cloonix project
In this tutorial we will show three ways Cloonix may be used to save filesystems and network topologies:
- Create a new base filesystem by starting a VM in Cloonix, loading software and configurations, then saving either a full VM disk image or a derived VM disk image.
- This simple case is useful when upgrading or modifying disk images that will be used in simulation scenarios.
- This simple case is useful when upgrading or modifying disk images that will be used in simulation scenarios.
- Start the Cloonix graph, set up the VMs, load software, and configure them. Then save the topology and filesystems.
Can You Keep a Secret? (Part 2)
In part one, we saw how AES can be used to encrypt sensitive data so that it can be retrieved only by using an encryption key. The problem with this approach is that everyone who needs access to the data must have a copy of the key. If any one of these copies becomes compromised, the entire database must be re-encrypted using a new key, and the new key must be distributed securely to all parties involved. In this article, we'll see how symmetric encryption can be combined with asymmetric cryptography (namely RSA) to create a hybrid cryptosystem.
Let's begin by encrypting some data using AES as we did in part one. First we pad our plaintext's length to a multiple of 16 using null bytes, then generate a 256-bit encryption key and a 128-bit IV, and finally encrypt it with CFB-mode AES to generate a string of ciphertext.
>>> from Crypto.Cipher import AES >>> import os >>> plaintext = "Operation Neptune will launch on June 6th" >>> plaintext += (16 - len(plaintext) % 16) * chr(0) >>> encryption_key = os.urandom(32) >>> iv = os.urandom(16) >>> cipher = AES.new(encryption_key, AES.MODE_CFB, iv) >>> ciphertext = Continue reading
Can You Keep a Secret? (Part 2)
In part one, we saw how AES can be used to encrypt sensitive data so that it can be retrieved only by using an encryption key. The problem with this approach is that everyone who needs access to the data must have a copy of the key. If any one of these copies becomes compromised, the entire database must be re-encrypted using a new key, and the new key must be distributed securely to all parties involved. In this article, we'll see how symmetric encryption can be combined with asymmetric cryptography (namely RSA) to create a hybrid cryptosystem.
Let's begin by encrypting some data using AES as we did in part one. First we pad our plaintext's length to a multiple of 16 using null bytes, then generate a 256-bit encryption key and a 128-bit IV, and finally encrypt it with CFB-mode AES to generate a string of ciphertext.
>>> from Crypto.Cipher import AES >>> import os >>> plaintext = "Operation Neptune will launch on June 6th" >>> plaintext += (16 - len(plaintext) % 16) * chr(0) >>> encryption_key = os.urandom(32) >>> iv = os.urandom(16) >>> cipher = AES.new(encryption_key, AES.MODE_CFB, iv) >>> ciphertext = Continue reading
Can You Keep a Secret? (Part 2)
In part one, we saw how AES can be used to encrypt sensitive data so that it can be retrieved only by using an encryption key. The problem with this approach is that everyone who needs access to the data must have a copy of the key. If any one of these copies becomes compromised, the entire database must be re-encrypted using a new key, and the new key must be distributed securely to all parties involved. In this article, we'll see how symmetric encryption can be combined with asymmetric cryptography (namely RSA) to create a hybrid cryptosystem.
Let's begin by encrypting some data using AES as we did in part one. First we pad our plaintext's length to a multiple of 16 using null bytes, then generate a 256-bit encryption key and a 128-bit IV, and finally encrypt it with CFB-mode AES to generate a string of ciphertext.
>>> from Crypto.Cipher import AES >>> import os >>> plaintext = "Operation Neptune will launch on June 6th" >>> plaintext += (16 - len(plaintext) % 16) * chr(0) >>> encryption_key = os.urandom(32) >>> iv = os.urandom(16) >>> cipher = AES.new(encryption_key, AES.MODE_CFB, iv) >>> ciphertext = Continue reading
Change the (S)Channel! Deconstructing the Microsoft TLS Session Resumption bug
Initial Problem Report
Several months ago we started hearing occasional reports from .NET developers that they were having trouble maintaining HTTPS sessions with one of our customer’s websites. Establishing connections worked just fine but they would periodically get disconnected, resulting in an exception that crashed their application. Around the same time, we also started hearing reports that two other Microsoft products—Internet Explorer and its heir-apparent, Edge—were also having trouble with our edge.
Just a few weeks prior, we had updated our handling of TLS session tickets to be more performant and more secure. We suspected these improvements were the trigger and focused our investigation there. What we learned was that the problem ran much deeper than .NET or IE. It went all the way down to the SChannel security package, which provides TLS functionality for a vast array of Microsoft applications.
TLS Session Tickets
Before diving into the story further, however, it’s helpful to understand exactly what TLS session tickets are, how they’re beneficial to HTTPS, and what optimizations CloudFlare does to use them at scale. (If you’d like to skip over the primer and jump right to the punchline, go ahead and click here.)
Overview
First introduced in Continue reading
OSPF LSA Types
OSPF LSA (link state advertisements) are used to create a logical network topology. But Why we have 11 different LSAs ? What are their purposes ? Most important questions many time is not asked by the engineers thus you can’t find many places on the Internet which provides these answers. The reason of having 11 […]
The post OSPF LSA Types appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.
OSPF LSA Types
OSPF LSA (link state advertisements) are used to create a logical network topology. But Why we have 11 different LSAs ? What are their purposes ? Most important questions many time is not asked by the engineers thus you can’t find many places on the Internet which provides these answers. The reason of having 11 […]
The post OSPF LSA Types appeared first on Orhanergun.
Ericsson-Cisco Partnership Is Already Flowering, Cisco Claims
An early teaser for the MWC cage match against Nokia.
Versa SD-WAN Webinar Q&A: Lessons Learned from NFV PoCs
Explore the architecture & business logic needed to make a business case for vCPE & managed SD-WAN.
Datanauts 022: Certifications – The Good, The Bad, The Infuriating
The Datanauts dive into the wild world of IT certifications to discuss their value (both real and perceived), how the certification system works, what it gets right, and where it drives them crazy.
The post Datanauts 022: Certifications – The Good, The Bad, The Infuriating appeared first on Packet Pushers.
Datanauts 022: Certifications – The Good, The Bad, The Infuriating
The Datanauts dive into the wild world of IT certifications to discuss their value (both real and perceived), how the certification system works, what it gets right, and where it drives them crazy.
The post Datanauts 022: Certifications – The Good, The Bad, The Infuriating appeared first on Packet Pushers.
Hackers aren’t smart — people are stupid
The top three hacking problems for the last 10 years are "phishing", "password reuse", and "SQL injection". These problems are extremely simple, as measured by the fact that teenagers are able to exploit them. Yet they persist because, unless someone is interested in hacking, they are unable to learn them. They ignore important details. They fail at grasping the core concept.
Phishing
Phishing happens because the hacker forges email from someone you know and trust, such as your bank. It appears nearly indistinguishable from real email that your bank might send. To be fair, good phishing attacks can fool even the experts.
But when read advice from "experts", it's often phrased as "Don't open emails from people you don't know". No, no, no. The problem is that emails appear to come from people you do trust. This advice demonstrates a lack of understanding of the core concept.
What's going on here is human instinct. We naturally distrust strangers, and we teach our children to distrust strangers.Therefore, this advice is wired into our brains. Whatever advice we hear from experts, we are likely to translate it Continue reading