How Forbes inadvertently proved the anti-malware value of ad blockers

A few months back I postulated that Adblock Plus and other ad blocking software could act as protection against malware because they kept embedded malware in web pages from ever loading in your browser. Now, Forbes has proven me right.Forbes has taken an aggressive line against ad blockers. When it detects one running on your system, it denies you access to the content until you turn off the ad blocker. Needless to say, this hasn't gone over very well with some people.Forbes included a prominent security research in an article called "The Forbes 30 Under 30," which drew a number of other security researchers to check out the article. After disabling Adblock Plus, they were immediately served with pop-under malware. Security researcher Brian Baskin was the first to tweet about it and included a screen grab of the pop-under.To read this article in full or to leave a comment, please click here

IS-IS vs. OSPF Part II:  Small steps make steady progress

IS-IS Subnetwork Independent Operation

Continuing our journey through the land of IS-IS and hoping to reach the point where we get to understand how it actually works and the differences between it and OSPF, let’s focus today on how IS-IS is configured and why it uses both Levels and Areas.

So far, we’ve got some things cleared, as to where that odd node addressing scheme for the routers comes from, what is CLNS and CLNP and a few words on the hierarchy that IS-IS employs. To further things out, let’s go a bit deeper into the structure of the protocol itself.

The thing with IS-IS is that is Network layer independent, though the first thing we tend to do when configuring it is jump to the IP addressing. Consequently, today we’ll see how the OSI IS-IS works without configuring a single IP address, and then if we get to understand this, we can move on to the Integrated IS-IS operation

From a really high level, IS-IS operates as follows:

  • Routers running IS-IS will send hello packets out all IS-IS-enabled interfaces to discover neighbors and establish adjacencies.
  • Routers sharing a common data link will become IS-IS neighbors if their hello packets Continue reading

Beware: Surveillance software police are using to score citizens’ threat level

High-tech is increasingly used by police departments, but some have gone so far as surveilling citizens via software that calculates a citizen’s threat score.Intrado, the company behind the threat-scoring software, says Beware “sorts and scores billions of publicly-available commercial records in a matter of seconds - alerting responders to potentially dangerous situations while en route to, or at the location of, a 9-1-1 request for assistance.”In much the same way as the Harris Corporation keeps the lid tightly sealed on the details of its Stingray cell-site simulators and trackers, Intrado considers the how’s of Beware calculating threat scores to be a “trade secret.” However the Washington Post said the program scours “billions of data points, including arrest reports, property records, commercial databases, deep Web searches” as well as a citizen’s “social- media postings.” The calculated threat level is color-coded with green, yellow or red as the highest warning.To read this article in full or to leave a comment, please click here

Drupal to secure its update process with HTTPS

Developers of the popular Drupal content management system are working to secure the software's update mechanism after a researcher recently found weaknesses in it.Last week, researcher Fernando Arnaboldi from security firm IOActive disclosed several issues with the update mechanism in Drupal: the failure of the back-end administration panel to report update errors, a cross-site request forgery (CSRF) flaw that could allow attackers to force admins to repeatedly trigger update checks, and the lack of encryption for update downloads.The last issue was the most significant one, because it could have allowed attackers who could intercept the traffic between a Drupal-based site and the official Drupal servers, to inject back-doored updates. Such an attack could lead to the compromise of the site and its database.To read this article in full or to leave a comment, please click here

Rushing to the Now

Forget the (predictable) predictions for 2016. What’s here and happening right now? Perhaps, hiding behind the cloud (check) of ignorance, the rotting corpse of media disinterest or the red lit distractions of modern life, are things that may soon be obvious to all. Here’s my view of What Lies Beneath the fog, the decomposing bodies and those that […]

The post Rushing to the Now appeared first on Packet Pushers.

Rushing to the Now

Forget the (predictable) predictions for 2016. What’s here and happening right now? Perhaps, hiding behind the cloud (check) of ignorance, the rotting corpse of media disinterest or the red lit distractions of modern life, are things that may soon be obvious to all. Here’s my view of What Lies Beneath the fog, the decomposing bodies and those that […]

The post Rushing to the Now appeared first on Packet Pushers.

A Beginner’s Guide to Scaling to 11 Million+ Users on Amazon’s AWS

How do you scale a system from one user to more than 11 million users? Joel Williams, Amazon Web Services Solutions Architect, gives an excellent talk on just that subject: AWS re:Invent 2015 Scaling Up to Your First 10 Million Users.

If you are an advanced AWS user this talk is not for you, but it’s a great way to get started if you are new to AWS, new to the cloud, or if you haven’t kept up with with constant stream of new features Amazon keeps pumping out.

As you might expect since this is a talk by Amazon that Amazon services are always front and center as the solution to any problem. Their platform play is impressive and instructive. It's obvious by how the pieces all fit together Amazon has done a great job of mapping out what users need and then making sure they have a product in that space. 

Some of the interesting takeaways:

  • Start with SQL and only move to NoSQL when necessary.
  • A consistent theme is take components and separate them out. This allows those components to scale and fail independently. It applies to breaking up tiers and creating microservices.
  • Only invest in tasks Continue reading

Worth Reading: Replacing Judgment with Algorithms

Human judgment is being replaced by automatic algorithms, and that brings with it both enormous benefits and risks. The technology is enabling a new form of social control, sometimes deliberately and sometimes as a side effect. And as the Internet of Things ushers in an era of more sensors and more data — and more algorithms — we need to ensure that we reap the benefits while avoiding the harms.

The post Worth Reading: Replacing Judgment with Algorithms appeared first on 'net work.

The Incident Response “Fab Five”

I’ve been focused on security analytics for several years and spent a good part of 2015 investigating technologies and methodologies used for incident response.  Based upon lots of discussions with cybersecurity professionals and a review of industry research, I’ve come up with a concept I call the incident response “fab five.”  Enterprise organizations with the most efficient and effective incident detection and response, tend to establish best practice and synchronization in 5 distinct areas: Host monitoring.  This centers on understanding the state and activities of host computers.  Host monitoring tends to concentrate on Windows PCs, but may also include oversight of Macs, Linux, servers, and even cloud-based workloads.  Historically, host monitoring was based upon log collection and analysis but SOC managers are also embracing open source EDR tools (i.e. GRR, MIG, etc.) as well as commercial forensic offerings (i.e. Carbon Black, Countertack, Hexis Cyber Solutions, Guidance Software EnCase, RSA Ecat, Tanium, etc.).  The trend is toward collecting, processing, and analyzing more host forensic data in real-time. Network monitoring.  Beyond network logs, I see leading-edge organizations collecting and analyzing a combination of flow and PCAP data.  Think of technologies Continue reading

When Novell tapped David Bowie’s ch-ch-changes for an ad campaign

Networking and computing vendors have a long history of using famous songs to help market their offerings, and also have a tradition of reinventing themselves over and over. So it's no surprise that David Bowie's Changes would wind up in at least one major ad campaign.MORE: A history of singing the Big BluesThe music and fashion icon's death on Sunday at the age of 69 reminded me of that $60 million Novell "The Power to Change" marketing campaign that debuted on Monday Night Football back in the year 2000.To read this article in full or to leave a comment, please click here

99 Problems and Configuration and Telemetry Ain’t Two

Isn’t SNMP just great? I love monitoring my network using an unreliable transport mechanism and an impenetrable and inconsistent data structure. Configuring my devices using automation is equally fun, where NETCONF has been subverted into something so ridiculously vendor-specific (and again, inconsistent), that each new device type (even from a single vendor) can mean starting again from scratch. Is there any hope for change? OpenConfig says yes.

Monitoring The Network

Love it or hate it (hate it), SNMP remains the de facto standard for alerting and monitoring. I think we cling on to SNMP as an industry because we’re scared that any replacement will end up being just as clunky, and we’d simple be putting expensive lipstick on a particularly ugly pig. If we want to get rid of SNMP, whatever comes next will need to bring significant benefits.

Configuring the Network

If you’re dedicated to making changes manually, it’s likely you don’t care much about the mechanisms currently available to automate configuration changes. However, I can assure you that writing scripts to make changes to network device configurations is a frustrating activity, especially in a multi-vendor environment. I should add that I consider automating CLI commands and screen-scraping the Continue reading

Take them seriously — you could change the world

We often think that because we’re engineers, squirreled away in the basement suite (we used to have a fireproof suit hanging in the basement elevator as a little joke on the IT world at one job), we can’t have a huge impact on people. Or maybe it’s because you don’t think you’re famous enough — you don’t have a blog, several books published, multiple speaking engagements, and you don’t work for some big vendor. Whatever the reason for thinking you don’t — or shouldn’t — have an impact in someone’s life, let me say this.

You’re wrong.

The impact of one person can hardly be underestimated; from a book I read recently, for instance:

I turned and walked out of his office, closing the door with the characteristic rattle of the frosted glass pane. Though I could not have put it into words then, I was a different person from the one who had walked into that office ten minutes earlier. A person for whom I had the highest regard had taken me seriously. If he thought I was worthy of an hour of his time every week, then just maybe I was worth something. -Michael Card, The Walk

The Continue reading

FCC: 10 percent of Americans still lack access to proper broadband

Last week, we reported on the strides Internet services providers in the United States have made to improve broadband connection speeds, but noted how ISPs still have a lot of catching up to do. Case in point: As Endgadget reported Friday, a new Federal Communications Comission report shows that as of 2014, roughly 10 percent of Americans still didn’t have access to a broadband Internet connection that meets the FCC’s minimum definition of broadband (25 megabits per second download; 3Mbps upload—a standard that the agency set in early 2015).To read this article in full or to leave a comment, please click here

The Microsoft Exchange Server settings you must get right

Microsoft has invested millions of dollars into Azure and Office 365, and their competitors are following suit with bona fide public cloud offerings of their own. But public cloud solutions are not for everyone. Organizations of many stripes have legitimate reasons for not wanting their restricted data on systems beyond their total control.For many of these entities, on-premises Exchange Server is a messaging must. Microsoft continues to update the software with the assurance that any improvements made to its cloud-based stack will eventually trickle down. Increasingly, these features are adding layers of complexity to the already daunting task of running an enterprise-grade messaging system. It's easy to get lost when going through hardware capacity planning, setting up DAGs (database availability groups) and site resiliency, configuring mail routing, and making sure your users can actually connect to the system.To read this article in full or to leave a comment, please click here

Why Syncsort introduced the mainframe to Hadoop

When you think of leaders in big data and analytics, you’d be forgiven for not listing Syncsort among them. But this nearly 50-year-old company, which began selling software for the decidedly unglamorous job of optimizing mainframe sorting, has refashioned itself into a critical conduit by which core corporate data flows into Hadoop and other key big data platforms. Syncsort labels itself "a freedom fighter" liberating data and dollars -- sometimes millions of dollars -- from the stranglehold of big iron and traditional data warehouse/analytics systems.In this installment of the IDG CEO Interview Series, Chief Content Officer John Gallant spoke with Josh Rogers, who was named CEO this week, as well as outgoing CEO Lonne Jaffe, who remains as Senior Advisor to Syncsort’s board. Among other topics, the pair talked about why Syncsort was recently acquired by Clearlake Capital Group, and how Syncsort’s close partnership with Splunk is dramatically improving security and application performance management.To read this article in full or to leave a comment, please click here(Insider Story)

Why Syncsort introduced the mainframe to Hadoop

When you think of leaders in big data and analytics, you’d be forgiven for not listing Syncsort among them. But this nearly 50-year-old company, which began selling software for the decidedly unglamorous job of optimizing mainframe sorting, has refashioned itself into a critical conduit by which core corporate data flows into Hadoop and other key big data platforms. Syncsort labels itself "a freedom fighter" liberating data and dollars -- sometimes millions of dollars -- from the stranglehold of big iron and traditional data warehouse/analytics systems.To read this article in full or to leave a comment, please click here(Insider Story)

Your license plate: Window to your life

Big Brother watching you is bad enough. But Big Brother allowing hackers to watch you as well is worse.And that is increasingly the case, thanks to the indiscriminate, and insecure, collection of vehicle license plate data, according to recent reports from the Electronic Frontier Foundation (EFF) and the alt-weekly DigBoston.The technology at issue is Automated License Plate Readers (ALPR) – cameras mounted on patrol cars or stationary roadside structures like utility poles that record not just the plate number, but metadata including the date, time and location of the vehicle.EFF reported late last year that it had found, “more than a hundred ALPR cameras were exposed online, often with totally open Web pages accessible by anyone with a browser.” Those cameras were in several Louisiana communities; in Hialeah, Florida; and at the University of Southern California.To read this article in full or to leave a comment, please click here

OED tools: Chocolatey

The problem Install software on Windows and keep it updated is a boring and repetitive task. Linux and BSD/OSX users can install software from packages and keep it updated with a simple apt-get update;apt-get upgrade command. Wouldn’t it be great to have the same feature on Windows? The automation Chocolatey is a package manager for […]
1 3,102 3,103 3,104 3,105 3,106 3,754