Moving target defense vs. moving target attacks: The two faces of deception

The unceasing arms-race between cyber attackers and cyber defenders has gained unprecedented levels of sophistication and complication. As defenders adopt new detection and response tools, attackers develop various techniques and methods to bypass those mechanisms. And deception is one of the most effective weapons on both sides of the game.Deception techniques have traditionally been among the favorite methods in the attackers’ arsenal. Surprise and uncertainty provide the attacker with an inherent advantage over the defender, who cannot predict the attacker’s next move. Rather surprisingly, however, the broken symmetry can also be utilized by the defender.To read this article in full or to leave a comment, please click here

Moving target defense vs. moving target attacks: The two faces of deception

The unceasing arms-race between cyber attackers and cyber defenders has gained unprecedented levels of sophistication and complication. As defenders adopt new detection and response tools, attackers develop various techniques and methods to bypass those mechanisms. And deception is one of the most effective weapons on both sides of the game.

Deception techniques have traditionally been among the favorite methods in the attackers’ arsenal. Surprise and uncertainty provide the attacker with an inherent advantage over the defender, who cannot predict the attacker’s next move. Rather surprisingly, however, the broken symmetry can also be utilized by the defender.

To read this article in full or to leave a comment, please click here

Fibre Channel: What Is It Good For?

In my last article, I talked about how Fibre Channel, as a technology, has probably peaked. It’s not dead, but I think we’re seeing the beginning of a slow decline. Fibre Channel’s long goodbye is caused by a number of factors (that mostly aren’t related to Fibre Channel itself), including explosive growth in non-block storage, scale-out storage, and interopability issues.

But rather than diss Fibre Channel, in this article I’m going to talk about the advantages of Fibre Channel has over IP/Ethernet storage (and talk about why the often-talked about advantages aren’t really advantages).

Fibre Channel’s benefits have nothing to do with buffer to buffer credits, the larger MTU (2048 bytes), its speed, or even its lossless nature. Instead, Fibre Channel’s (very legitimate) advantages are mostly non-technical in nature.

It’s Optimized Out of the Box

When you build a Fibre Channel-based SAN, there’s no optimization that needs to be done: Fibre Channel comes out of the box optimized for storage (SCSI) traffic. There are settings you can tweak, but most of the time there’s nothing that needs to be done other than set port modes and setup zoning. The same is true for the host HBAs. While there are some Continue reading

Top 10 breaches of personal data in 2015

It was a bountiful year for hackers who gained unauthorized access to countless corporate and government databases. Here are the online breaches that hauled in the largest amount of personal data -- most of them tallying into the millions.No. 10: U.S. Internal Revenue ServiceNumber of people affected: About 334,000Security experts said it technically wasn’t “hacking” when thieves stole the tax information of 100,000 people through the IRS site. It was a case of weak security: They entered through the IRS’ “Get Transcript” service by answering security questions correctly, using personal information on their victims that had been obtained elsewhere, or simply guessing.To read this article in full or to leave a comment, please click here(Insider Story)

34,000 gamers affected by Christmas attack on Steam

Steam set a new record on Jan. 3 when over 12 million gamers were all gaming at the same time. Gamasutra reported that there were 12,332,504 concurrent users. The Steam stats showed Dota 2 as the most played game which peaked at 940,373 concurrent gamers. Counter-Strike had 643,402 concurrent players and Fallout 4 came in third at the peak with 116,599 gamers. That being said, today is the last day of the Steam winter sale.To read this article in full or to leave a comment, please click here

Server-Side Architecture. Front-End Servers and Client-Side Random Load Balancing

Chapter by chapter Sergey Ignatchenko is putting together a wonderful book on the Development and Deployment of Massively Multiplayer Games, though it has much broader applicability than games. Here's a recent chapter from his book.

Enter Front-End Servers

[Enter Juliet]
Hamlet:
Thou art as sweet as the sum of the sum of Romeo and his horse and his black cat! Speak thy mind!
[Exit Juliet]

— a sample program in Shakespeare Programming Language

 

 

Front-End Servers as an Offensive Line

 

Our Classical Deployment Architecture (especially if you do use FSMs) is not bad, and it will work, but there is still quite a bit of room for improvement for most of the games out there. More specifically, we can add another row of servers in front of the Game Servers, as shown on Fig VI.8:

BlackEnergy cyberespionage group adds disk wiper and SSH backdoor to its arsenal

A cyberespionage group focused on companies and organizations in the energy sector has recently updated its arsenal with a destructive data-wiping component and a backdoored SSH server.The group is known in the security community as Sandworm or BlackEnergy, after its primary malware tool, and has been active for several years. It has primarily targeted companies that operate industrial control systems, especially in the energy sector, but has also gone after high-level government organizations, municipal offices, federal emergency services, national standards bodies, banks, academic research institutions and property companies.Over the past few months, the group has targeted organizations from the media and energy industries in Ukraine, according to security researchers from antivirus vendor ESET. These new operations have brought to light some changes in the group's techniques.To read this article in full or to leave a comment, please click here

FCC report: US broadband speeds tripled between 2011 and 2014

When it comes to broadband Internet connection speeds in the United States, there’s both good news and bad news to report. The good news is that average download speeds for American broadband subscribers has tripled between 2011 and 2014. The bad news? The US still has a lot of catching up to do.According to the FCC’s fifth Measuring Broadband America report, the average download speed in the US hit 31 megabits per second (Mbps) in September 2014. That compares favorably to an average download speed of 10Mbps in March 2011 and 15Mbps in September 2012.  To read this article in full or to leave a comment, please click here

Think visually: How graphics skills help engineers

Among all the skills I hear network engineers talk about, two that are often underrated are writing skills and graphics skills. There is some small slice of the networking world that is serious about writing (though I often think we make too big of a production out of writing, getting wrapped around tools and process instead of focusing on actual writing), but graphics is one area the we really don’t talk about a lot. After all, I’m an engineer, not a graphic designer, right? Or maybe — I’ve always heard I should be a master of one skill, rather than a jack of all trades…

Diane, over at Data Center Mix, has a great post up on four ways being an artist has helped her sell data center products. There are some great ideas in there, but as someone with formal training in graphic design (in a distant past I can barely remember any longer), I wanted to add a few thoughts about graphics skills as a network engineer.

She begins with this thought: a picture is worth a thousand words. I’m never quite certain this is actually true in every case (Charles Dickens in cartoon format doesn’t sound very Continue reading

AMD throws down the GPU gauntlet with new 4th-gen “Polaris”

AMD's new Polaris graphics architecture ushers in a fourth-generation graphics core, unheard of power efficiency, and perhaps more importantly for the company, hope.The company said Monday that Polaris will pack a mostly redesigned GPU including the new fourth-gen GCN cores, a new memory controller, new multimedia cores, and a new geometry processor. Perhaps more importantly, it'll be just as fast as a comparable Nvidia part, while using a lot less power, the company said. In a demo to the press, AMD showed off a PC with an early Polaris GPU running Star Wars Battlefield at 1920x1080 resolution at 60 fps and consuming just 86 watts. The exact same system outfitted with a GeForce GTX 950 consumed 140 watts. AMD used desktop parts to sub in for laptop parts as it didn't have mobile components yet, but the chip will initially be aimed at laptops and more entry-level desktop graphics cards.To read this article in full or to leave a comment, please click here

HP tackles ‘visual hacking’ with privacy filters in laptop, tablet screens

HP is putting integrated filters in laptop and tablet displays this year so Peeping Toms can't steal confidential information when surreptitiously viewing your screen. HP's privacy filters will make laptop and tablet screens visible to users in direct view of the display. Moving slightly away makes what's displayed on the screen fuzzier and then virtually invisible the further you go. Users won't be able to see a screen from a 35 degree angle on the left or right, said John Groden, director for Elitebook products at HP. This feature could be handy in planes, airports or cafes, where sensitive information on the laptop could be visible to others.To read this article in full or to leave a comment, please click here

OED Tools: ConzoleZ

The problem As many IT professionals I work quite often on the command line with many command prompts open. Windows lacks a good native command prompt software so usually you see monitors filled with black terminals that are hard to manage and track. The automation ConsoleZ allows multiple tabs and to split tabs vertically or […]

Getting VMRC links with Python

It became quite a pain to get Web-based console working on ESXi hosts or vCenter servers with deprecation of NPAPI plugins in modern browsers. As for me, the most comfortable method to get a remote console access is to use standalone Virtual Machine Remote Console client (VMRC) which is available for free for major OSes. The sad

Review: Best smart switches for under $500

Smart switchesSmart switches offer functionality found in managed switches, such as VLANs, port mirroring, and link aggregation. However, smart switches are typically targeted towards small and midsized networks that don’t need the complete management capabilities and fine-tuning offered in fully managed switches. We looked at switches from six vendors, the same vendors from our recent small business router review. So if you’re building an SMB network, reference both reviews to find a matching router and switch that meets your needs. Vendors include the big-name Cisco, popular home and business brands D-Link, Linksys, and Netgear, and also lesser-known names DrayTek and UTT Technologies. We setup and evaluated each switch and in this review we compare product in regards to price, features, and user-friendliness. Read the full review.To read this article in full or to leave a comment, please click here

Dual Carrier MPLS VPN Design

For the purpose of high availability, critical locations of company A – a customer of VPN service provider – is connected to two different carriers. However, this connectivity requires an important design consideration. Figure-1 In the network design shown above, customer AS 64512 is connected to two different providers: AS100 and AS200. Since this site is critical to the […]

The post Dual Carrier MPLS VPN Design appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.