Research ‘net: Dirt jumper -smart

Distributed Denial of Service (DDoS) attacks are often used to hold companies—particularly wealthy companies, like financial institutions—to ransom. Given the number of botnets in the world which can be purchased by the hour, and the relative ease with which new systems can be infected (especially given the rise of the Internet of Things), it’s important to find new and innovative ways to protect against such attacks. Dirt Jumper is a common DDoS platform based on the original Dirt, widely used to initiate such attacks. Probably the most effective protection against DDoS attacks, particularly if you can’t pin down the botnet and block it on a per-IP-address basis (try that one some time) is to construct a tar pit that will consume the attacker’s resources at a rate faster than your server’s are consumed.

The paper linked here describes one such tar pit, and even goes into detail around a defect in the Dirt Jumper platform, and how the defenders exploited the defect. This is not only instructive in terms of understanding and countering DDoS attacks, it’s also instructive from another angle. If you think software is going to eat the world, remember that even hacking software has defects that Continue reading

IRS warns: 400% flood in phishing and malware this tax year alone

There has been a 400% surge in phishing and malware incidents in this tax season alone, the Internal Revenue Service warned this week.According to the IRS phony emails aimed at fooling taxpayers into thinking these are official communications from the IRS or others in the tax industry, including tax software companies.+More on Network World: The Big Hang-up: IRS customer call center service stinks+“The phishing schemes can ask taxpayers about a wide range of topics. E-mails can seek information related to refunds, filing status, confirming personal information, ordering transcripts and verifying PIN information. Variations of these scams can be seen via text messages, and the communications are being reported in every section of the country,” the IRS stated.To read this article in full or to leave a comment, please click here

Golang is GO GO GO!

@ipyandy Tweet

You will have to be a programmer if you’re going to be a network engineer in the future, they say. I don’t agree, but it surely helps you do your job. But what language should you learn? Perl? (no) Python? (maybe) Ruby? (perhaps) Every time I say something about learning Python, a little voice on Twitter says Or Go!. Go? Go. And so, sucker that I am, I gave it a go (pun intended). TLDR: I think you should, too.

The Go Programming Language

The name Go feels like it should be a terrible word to search for on the Internet because it’s so short, but searches actually work remarkably well if you use Google Search. Compare the results of a search for “go if then else” from Bing and Google below; I’ll let you guess which is which:

Go Search Comparison

Maybe Google has learned from my search history. So, what’s important to know? Go is:

  • Open source. The source code is readily available and can sometimes be helpful to figure out what’s going on.
  • Free, obviously
  • Pretty fast
  • Multi-platform (Linux, OS X, Windows for starters)
  • A compiled language
  • Strongly typed
  • Capable of Continue reading

Google lends Apple support over FBI encryption demands

Google CEO Sundar Pichai has lent support to Apple in the debate over encrypted iPhones—sort of.In a series of Twitter posts, Pichai praised Apple CEO Tim Cook for writing an “important” letter that speaks out against the FBI’s decryption demands. “Forcing companies to enable hacking could compromise users’ privacy,” Pichai wrote.While Pichai noted that Google provides data access to law enforcement when legally required, that’s different from making tech companies enable hacking of customers’ devices and data. “Could be a troubling precedent,” Pichai added.To read this article in full or to leave a comment, please click here

Experts contend Apple has the technical chops to comply with court order

On a technical level, Apple can comply with the U.S. Federal Bureau of Investigation's (FBI) request for help in accessing an iPhone used by Syed Rizwan Farook, one of the people accused of killing 14 in California two months ago, security experts said Wednesday."I believe it is technically feasible for Apple to comply with all of the FBI's requests in this case," said Dan Guido, the co-founder and CEO of Trail of Bits, a New York City-based security firm, in a Wednesday post on his firm's blog. "On the iPhone 5C, the passcode delay and device erasure are implemented in software and Apple can add support for peripheral devices that facilitate PIN code entry."To read this article in full or to leave a comment, please click here

Verizon, Viptela partner to offer hosted SD-WAN

Looking to capitalize on the emerging software-defined WAN market opportunity, Verizon has entered into an agreement to offer startup Viptela’s SD-WAN technology as a hosted product.+MORE AT NETWORK WORLD: SD-WAN: What it is and why you’ll use it one day +SD-WAN is the idea of bringing software defined networking capabilities to branch office sites. Controlling the WAN through software allows for easier management of the network if changes are needed and SD-WANs typically support multiple types of connections, from broadband to MPLS to LTE.To read this article in full or to leave a comment, please click here

Man rescued by Disney cruise ship charged with hacking Boston Children’s Hospital

Disney might bring to mind a warm and fuzzy happy ending, but such was not the case for a 31-year-old man who sent out a distress call from his boat, was rescued by a Disney cruise ship near Cuba, and then arrested in Miami for his alleged involvement with an Anonymous cyberattack against Boston Children’s Hospital.After Martin Gottesfeld and his wife pulled a ghost and vanished, relatives and his employer reported them missing. The FBI had been investigating him since October 2014, when the agency searched his house for evidence linking him to a cyberattack on the hospital. According to the DOJ press release, a few days ago, FBI “counterparts in the Bahamas” contacted Boston’s FBI to report that Gottesfeld was not a registered guest on the Disney cruise ship which rescued him at sea.To read this article in full or to leave a comment, please click here

Popular home security system SimpliSafe can be easily disabled by burglars

It's not unusual to hear of vulnerabilities in smart-home security systems these days, as security researchers turn their attention to the Internet of Things. It's worrying, though, when a modern security system turns out to be vulnerable to a so-called replay attack, the kind of thing that worked against garage door openers back in the 1990s.The latest example is SimpliSafe, a wireless alarm system that's marketed as cheaper and easier to install than traditional wired home security systems. Its manufacturer claims that the system is used in over 200,000 homes in the U.S.According to Andrew Zonenberg, a researcher with security consultancy firm IOActive, attackers can easily disable SimpliSafe alarms from up to 30 meters away, using a device that costs around $250 to create a replay attack.To read this article in full or to leave a comment, please click here

Latest tests show all four major wireless carriers are strong

Despite claims by the four biggest U.S. wireless carriers that each one has the best nationwide network, the latest performance data gathered by testing firm RootMetrics shows that are all good and getting better."This a great time for consumers. Network providers are really trying hard so that consumers ultimately benefit. You're not going to go wrong with any one of them," said Julie Dey, vice president of RootMetrics, in an interview.The competition between all four has been tight for years, but came into special focus in the last two months as Verizon, then T-Mobile and Sprint started running separate national ads that show tiny colorful balls running down a track with a narrator asserting each carrier's network superiority.To read this article in full or to leave a comment, please click here

vBrownBag: Techniques of a Network Detective

An essential part of running any network is being able to quickly diagnose and resolve service impacting events. But how does one do that in the world of IT where the only thing constant about technology is the constant change? We need to lean more heavily on the troubleshooting methodology and approach.  On the “techniques” of being a Network Detective.  How does one work towards solving ANY  “who done it”?  Simple…. one  Gathers the Facts Collects the Clues Follows the Evidence Interviews the Witnesses, and Questions the Suspects We will take this approach and show how one can use this and apply it in troubleshooting any networking “who done it”

detective_vbrown

Looking for more on some of the Techniques of a Network Detective?  Check out CiscoLive on Demand Library for BRKARC-2002 or my blog on Packet Pushers. Note: CiscoLive On Demand Library is completely free.

Just click on the one you want.  :)  Have fun!

packet

detective

 

What a Week at Cisco Live Berlin!

What a week at Cisco Live Berlin! First time presenting BRKSDN-4005 in front of 180 people, many are CCIEs. Brought one talented Indonesian who demonstrated All-in-one VM to learn SDN & NFV at home, using a single click on web portal to auto provision physical router, openflow with ODL, router VNF on OpenStack KVM, from Network Manager he wrote in python. And btw he has 2x CCIEs ;-)

1 3,096 3,097 3,098 3,099 3,100 3,805