Faux phishing scheme shows how hacks unfold

Many CIOs have implemented software that dupes employees into clicking on links and attachments that simulate phishing scams, an increasingly common educational tool to warn workers about the dangers of suspicious email messages. Security software maker Bitglass has reversed the shenanigans by leaking faked Google Apps credentials on the Dark Web, a hacker's playground for trafficking in stolen data. Then it tracked the activity, watching the many ways in which hackers wreaked havoc with supposed stolen online identities. Rich Campagna, vice president of products and marketing at Bitglass,To read this article in full or to leave a comment, please click here

ADVA Creates NFV Group From Overture Acquisition

It's based on VNFs of multiple partners.

NFV at Mobile World Congress: What to Look For

MWC 2016 should provide some guideposts to where NFV might go in 2016.

Emerging Networking Technologies You Must Know

HPE White Paper: Ditch Workflow-Driven OSS Orchestration with HPE’s New Approach for Hybrid Networks

Learn about HPE's original approach to OSS transformation in hybrid environments & support next-generation levels of agility. Check out this new HPE white paper!

Yahoo heads in new research direction

The latest move in the topsy-turvy world of Yahoo is to ditch its Labs organization and squeeze its researchers into its product teams to help bring new ideas to market more quickly.Yahoo VP of Research Yoelle Maarek spun the development this way in a blog post this week: Recently we announced our efforts to make Yahoo a more focused company. This focus will let us accelerate the pace of innovation to make our products even better. We saw these changes as an opportunity to better align our research efforts, while preserving Yahoo’s culture of exploration and inquiry. As a result, we are reorganizing Yahoo Labs and moving forward with a new approach to research at Yahoo.To read this article in full or to leave a comment, please click here

East West Segmentation With ACI

East/west segmentation is required in the data center to protect backend networks from each other. Segmentation is often implemented using ACLs between VLANS on your core switch. The ACLS are maintained by network or security engineers but define the flows permitted … Continue reading →

The post East West Segmentation With ACI appeared first on The Network Sherpa.

Hard-coded password exposes up to 46,000 video surveillance DVRs to hacking

Up to 46,000 Internet-accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can easily be taken over by hackers.According to security researchers from vulnerability intelligence firm Risk Based Security (RBS), all the devices share the same basic vulnerability: They accept a hard-coded, unchangeable password for the highest-privileged user in their software -- the root account.Using hard-coded passwords and hidden support accounts was a common practice a decade ago, when security did not play a large role in product design and development. That mentality has changed in recent years and many vendors, including large networking and security appliance makers, are frequently issuing firmware updates to fix such basic flaws when they are discovered by internal and external security audits.To read this article in full or to leave a comment, please click here

Hard-coded password exposes up to 46,000 video surveillance DVRs to hacking

Up to 46,000 Internet-accessible digital video recorders (DVRs) that are used to monitor and record video streams from surveillance cameras in homes and businesses can easily be taken over by hackers.According to security researchers from vulnerability intelligence firm Risk Based Security (RBS), all the devices share the same basic vulnerability: They accept a hard-coded, unchangeable password for the highest-privileged user in their software -- the root account.Using hard-coded passwords and hidden support accounts was a common practice a decade ago, when security did not play a large role in product design and development. That mentality has changed in recent years and many vendors, including large networking and security appliance makers, are frequently issuing firmware updates to fix such basic flaws when they are discovered by internal and external security audits.To read this article in full or to leave a comment, please click here

Building nginx and Tarantool based services

Are you familiar with this architecture? A bunch of daemons are dancing between a web-server, cache and storage.

What are the cons of such architecture? While working with it we come across a number of questions: which language (-s) should we use? Which I/O framework to choose? How to synchronize cache and storage? Lots of infrastructure issues. And why should we solve the infrastructure issues when we need to solve a task? Sure, we can say that we like some X and Y technologies and treat these cons as ideological. But we can’t ignore the fact that the data is located some distance away from the code (see the picture above), which adds latency that could decrease RPS.

The main idea of this article is to describe an alternative, built on nginx as a web-server, load balancer and Tarantool as app server, cache, storage.

Improving cache and storage

EMC & VMware Engineer a Hyperconverged Appliance

Designed for smaller companies moving toward hybrid cloud.

Worth Reading: Leave Your Gas Can at Home

There seems to be a trend in IT, where everyone likes to play follow the leader. Everyone uses the same vendor for the same things, and they try to use the same cookie cutter pattern. If you have any decent exposure to various organizations, you’ll know that’s just not the case. Trying to shove a square peg in a round hole, never works out well. -via Packet Pushers

The post Worth Reading: Leave Your Gas Can at Home appeared first on 'net work.

Want to sell your brand to a developer? Laptop stickers could be yet another way!

© Arun Sriraman

A sign of pride and fun for some but chaos for others; laptop stickers as I recently figured out is yet another way of marketing and branding. I'm sure a lot of people have wondered why a company gives away goodies in conferences and exhibitions. It's for direct+indirect marketing. When you see people walking around wearing a company printed T-Shirt or a cap, that company reaches people it never spoke to directly. It can be thought about as "flooding" in networking terms.

If its known that stickers are a marketing technique, why would someone want to mutilate their laptop with them?

Good question indeed.  I have seen people fret at the sight of my laptop and come at me with the expression of - "Oh my god! What has he done to the poor laptop".. The picture you see above is my work laptop. I like stickers and I put them on my laptop because I agree with a product or the company that makes a product and would want to share this with others (i.m.o. it also makes it look cool).

Laptop stickers though a smaller marketing channel, are nevertheless effective. Continue reading

How Rightsizing A Network Saved Millions

A few years ago I was approached by a state organization to be a second set of eyes for a large purchase of Cisco routers and access points to connect all its branch offices to a new central hub. Most hardware line items were Cisco 2921s and 2951s and Aironet 1041s. I asked how many […]

The post How Rightsizing A Network Saved Millions appeared first on Packet Pushers.

How Rightsizing A Network Saved Millions

A few years ago I was approached by a state organization to be a second set of eyes for a large purchase of Cisco routers and access points to connect all its branch offices to a new central hub. Most hardware line items were Cisco 2921s and 2951s and Aironet 1041s. I asked how many […]

The post How Rightsizing A Network Saved Millions appeared first on Packet Pushers.

A case for cloud privacy brokerage

There is Software-as-a-Service, Disaster Recover-as-a-Service, SECurity-as-a-Service. What's currently missing, and the crux of much cloud-profiting malaise, is PRiVacy-as-a-Service.Cloud Access Security Broker (CASB) software, something that's in the lab right now, does a great job of things like infiltration/exfiltration (read: filtration) of organizational data from SaaS applications. Some do some wicked things as proxies for user apps. The idea is to help keep users honest and prevent organizational assets from jeopardy.But when we-as-civilians do everyday surfing, answering emails and going about our business on the Internet, we're protected at the firewall level as users. Perhaps it's Malwarebytes, or a myiad of client-side security packages. And we admonish people to NEVER open spam, as spam often delivers unbelievably nasty systems attack code, disguised as benign attachments.To read this article in full or to leave a comment, please click here

Will Cisco Shine On?

Cisco announced their new Digital Ceiling initiative today at Cisco Live Berlin. Here’s the marketing part:

And here’s the breakdown of protocols and stuff:

Funny enough, here’s a presentation from just three weeks ago at Networking Field Day 11 on a very similar subject:

Cisco is moving into Internet of Things (IoT) big time. They have at least learned that the consumer side of IoT isn’t a fun space to play in. With the growth of cloud connectivity and other things on that side of the market, Cisco knows that is an uphill battle not worth fighting. Seems they’ve learned from Linksys and Flip Video. Instead, they are tracking the industrial side of the house. That means trying to break into some networks that are very well put together today, even if they aren’t exactly Internet-enabled.

Digital Ceiling isn’t just about the PoE lighting that was announced today. It’s a framework that allows all other kinds of dumb devices to be configured and attached to networks that have intelligence built in. The Constrained Application Protocol (CoaP) is designed in such a way as to provide data about a great number of devices, not just lights. Yet lights are the launch Continue reading

Junos Conditional Route Advertisement

University network borders tend to be more complicated than those in similarly sized corporate organizations. I recently helped a peer from another university transition from IOS to Junos for border routing. While most of the configuration was straightforward, he required a unique  conditional routing policy. Since I’ve been working with Junos for many years (starting […]

The post Junos Conditional Route Advertisement appeared first on Packet Pushers.

Junos Conditional Route Advertisement

University network borders tend to be more complicated than those in similarly sized corporate organizations. I recently helped a peer from another university transition from IOS to Junos for border routing. While most of the configuration was straightforward, he required a unique  conditional routing policy. Since I’ve been working with Junos for many years (starting […]

The post Junos Conditional Route Advertisement appeared first on Packet Pushers.

‘Unbreakable’ security that wasn’t: True tales of tech hubris

The $30,000 lockImage by Library of CongressEighteenth century British engineer Joseph Bramah invented a lock that, he was sure, could never be picked. He was so sure that he offered 200 guineas (roughly $30,000 today) to anyone who could defeat it. Cris Thomas, a 21st-century strategist at Tenable Network Security, calls this one of the first bug bounties in history. The lock remained seemingly impregnable for more than 67 years, until an American locksmith named Alfred Charles Hobbs defeated it in 1851, prompting a contemporary observer to remark that "the mechanical spirit, however, is never at rest, and if it is lulled into a false state of listlessness in one branch of industry, and in one part of the world, elsewhere it springs up suddenly to admonish and reproach us with our supineness."To read this article in full or to leave a comment, please click here