Vulnerability in popular bootloader puts locked-down Linux computers at risk

Pressing the backspace key 28 times can bypass the Grub2 bootloader's password protection and allow a hacker to install malware on a locked-down Linux system.GRUB, which stands for the Grand Unified Bootloader, is used by most Linux distributions to initialize the operating system when the computer starts. It has a password feature that can restrict access to boot entries, for example on computers with multiple operating systems installed.This protection is particularly important within organizations, where it is also common to disable CD-ROM, USB and network boot options and to set a password for the BIOS/UEFI firmware in order to secure computers from attackers who might gain physical access to the machines.To read this article in full or to leave a comment, please click here

Share And Share Alike

ShareArrows

Every once in a while, I like to see who is clicking through to my blog. It helps me figure out what’s important to write about and who reads things. I found a recent comment that made me think about what I’m doing from a different perspective.

The Con Game

I get occasional inbound traffic from Reddit. The comments on Reddit are a huge reason to follow threads on the site. In one particular thread on /r/networking linked back to my blog as a source of networking news and discussion. But a comment gave me pause:

https://www.reddit.com/r/networking/comments/3mpjpz/networking_websites/cvgyfye

And I quote:

Cons : they almost all know each other and tend to promote each other content.

This was a bit fascinating to me. Of the people in that particular comment, I’ve only ever met one in person. I do know quite a few people in the networking space as part of my career, both related to Tech Field Day and just through writing.

It is true that I share quite a bit of content from other writers. My day job notwithstanding, I feel it is my duty to identify great pieces of writing or thought-provoking ideas and share it Continue reading

Data center tax break ignites political battle in Michigan

The U.S. data center industry is now operating just like a sports franchise. When a local NFL football team wants a new stadium, it can threaten to move to a city promising a bigger and better stadium.Michigan now faces the data center version of this dilemma.The state's data center industry is growing at about 12% a year, thanks to a shift to cloud computing. Life has been good for commercial data center operators, and they haven't been pushing for tax breaks. But that changed once Nevada-based Switch, a data center facilities firm, arrived with a plan to build a mega data center.To read this article in full or to leave a comment, please click here

Encryption used by terrorists provides lively GOP debate fodder

The ongoing political discourse over encrypted Internet communications used by potential terrorists sparked some major fireworks in last night's GOP presidential debate.Republican frontrunner Donald Trump was booed by some in the Las Vegas crowd when he called for "getting our smartest minds to infiltrate [ISIS's] Internet." In reaction to the boos, Trump told the crowd, "You're objecting to infiltrating their communications -- I don't get that."It wasn't only some in the crowd that objected to Trump's view. U.S. Sen. Rand Paul (R-Ky.) took Trump to task, saying Trump had argued to "close the Internet, which defies the First Amendment...Are you going to change the Constitution?"To read this article in full or to leave a comment, please click here

Broadcom Tomahawk 101

Juniper recently launched their Tomahawk-based switch (QFX5200) and included a lot of information on the switching hardware in one of their public presentations (similar to what Cisco did with Nexus 9300), so I got a non-NDA glimpse into the latest Broadcom chipset.

You’ll get more information on QFX5200 as well as other Tomahawk-based switches in the Data Center Fabrics Update webinar in spring 2016.

Here’s what I understood the presentation said:

Read more ...

How to not present to the Swiss

Being English and being constantly exposed to bad language practice (not the curse word type), during a recent trip to Switzerland, I totally failed in keeping my English plain and vanilla. Their English was better than my own and in this sense I totally failed. Here is my top five of innocently said statements that just do not translate. If nothing else, it might help you to not make the same mistake when presenting to others not of your own tongue.

1) Shooting fish in a barrel
2) Stuck under a rock
3) Lots of ways to skin a cat, including with a machine gun
4) Everything including the kitchen sink
5) More features than you can shake a stick at

Speaking English is really hard to do when you’re English!!!

The post How to not present to the Swiss appeared first on ipengineer.net.

No, you can’t shut down parts of the Internet

In tonight's Republican debate, Donald Trump claimed we should shutdown parts of the Internet in order to disable ISIS. This would not work. I thought I'd create some quick notes why.

This post claims it would be easy, just forge a BGP announcement. Doing so would then redirect all Syrian traffic to the United States instead of Syria. This is too simplistic of a view.

Technically, the BGP attack described in the above post wouldn't even work. BGP announcements in the United States would only disrupt traffic to/from the United States. Traffic between Turkey and ISIS would remain unaffected. The Internet is based on trust -- abusing trust this way could only work temporarily, before everyone else would untrust the United States. Legally, this couldn't work, as the United States has no sufficient legal authority to cause such an action. Congress would have to pass a law, which it wouldn't do.

But "routing" is just a logical layer built on top of telecommunications links. Since Syria and Iraq own their respective IP address space, I'm not even sure ISIS is allowed to use it. Instead, ISIS has to pay for telecommunications links to route traffic through other countries. This causes Continue reading

DNS Terminology

The DNS is defined in literally dozens of different RFCs. The terminology used by implementers and developers of DNS protocols, and by operators of DNS systems, has sometimes changed in the decades since the DNS was first defined. This document gives current definitions for many of the terms used in the DNS in a single document. I saw this RFC

Risky Business #394 — Matthew Green talks “crypto bans”

On this week's show we're chatting with Johns Hopkins University cryptographer Matthew Green about rumblings emanating out of DC with regard to "stopping encryption", whatever the hell that means.

In this week's sponsor interview we're chatting with Oliver Fay from Context about a paper they did in conjunction with UK's CERT about exploit kits. How much do they cost? Are there any that stick out as being particularly good? Or bad, depending on your point of view...

Links to everything are in this week's show notes.

read more

       

Three men arrested in alleged wide-ranging spam operation

Three men have been charged over a hacking scheme that allegedly collected tens of millions of personal records for use in spam campaigns.U.S. prosecutors say the trio broke into the networks of three companies and improperly accessed the network of a fourth one where one of the men was employed.Their primary goals revolved around obtaining email addresses for consumers in order to advertise insurance companies or online sites that sold narcotics without prescriptions, according to a news release.They also used used the email systems of some hacked companies to send spam in an attempt to avoid antispam security filters.To read this article in full or to leave a comment, please click here

Modifying OpenStack Security Groups with Terraform

In this post I’d like to discuss a potential (minor) issue with modifying OpenStack security groups with Terraform. I call this a “potential minor” issue because there is an easy workaround, which I’ll detail in this post. I wanted to bring it to my readers’ attention, though, because as of this blog post this matter had not yet been documented.

As you probably already know if you read my recent introduction to Terraform blog post, Terraform is a way to create configurations that automate the creation or configuration of infrastructure components, possibly across a number of different providers and/or platforms. In the introductory blog post, I showed you how to write a Terraform configuration that would create an OpenStack logical network and subnet, create a logical router and attach it to the logical network, and then create an OpenStack instance and associate a floating IP. In that example, I used a key part of Terraform, known as interpolation.

Broadly speaking, interpolation allows Terraform to reference variables or attributes of other objects created by Terraform. For example, how does one refer to a network that he or she has just created? Here’s an example taken from the introductory blog post:

 Continue reading

Google researchers find remote execution bug in FireEye appliances

Google researchers found a software flaw in several models of FireEye's security appliances that they say could give a cyberattacker full access to a company's network.It's not unheard of to find security flaws in security software, but the latest discovery highlights once again how no technology is immune to such problems.FireEye issued a statement on Tuesday saying it had issued a patch for the flaw, which affects its NX, EX, FX and AX Series appliances. The appliances passively monitor network traffic and pluck out suspicious files for study away from the live network.To read this article in full or to leave a comment, please click here

Quick tips and reference on tcpdump tool



Linux bridges are powerful virtual switches that come with the networking stack of core Linux. Bridging is loaded as part of the bridge kernel module. Linux bridges amongst others have made it possible to network virtual machines and containers on a KVM based linux node.

Very so often I have had to go in and figure out where the packets either egressing the VM or ingress traffic to the VM magically vanishes and tcpdump has been one of the most valuable tools for me. Debugging in the networking world pretty much has a standard algorithm to it: Start from the source and check for packets along the route to the destination at every hop. Once you figure out where the packet disappears, where the black hole is, it is half the problem solved.

To do exactly this we have a variety of debugging tools ranging from Wireshark that captures packets to tcpdump and sniffers. All of these have one thing in common - they are user processes that hook onto specific kernel parameters to capture the packets. For example, although you do not explicitly set an interface in promiscuous mode this interface is moved to promiscuous mode when the packet Continue reading

ProPublica shines harsh light on AT&T-ization of American Red Cross

Former AT&T executive Gail McGovern gets credit for longevity at the American Red Cross -- she walked into a messy situation in 2008 and has served as CEO since -- but she and her pack of AT&T cronies mainly get taken to task throughout a thorough new ProPublica article on the charity's struggles. Not only has McGovern failed to turn around the financial fortunes of Red Cross, but her management organization's style has hurt morale and limited the charity's effectiveness in aiding Americans, according to the report.(ProPublica, if you don't know, is a nonprofit investigative journalism newsroom, and has been examining the travails of Red Cross over the past couple of years in conjunction with NPR.)To read this article in full or to leave a comment, please click here

1 3,134 3,135 3,136 3,137 3,138 3,763