Response: Doing No Harm

Ivan posted here: I’ll take ownership of the statement because at least it sounds like something I have discussed on the podcast and, sadly, because there aren’t that many networking podcasts. The comment is in relation to the purpose of a stateful firewall when compared to a stateless firewall aka access lists. I do think that […]

The post Response: Doing No Harm appeared first on EtherealMind.

Design of a Modern Cache

This is a guest post by Benjamin Manes, who did engineery things for Google and is now doing engineery things for a new load documentation startup, LoadDocs.

Caching is a common approach for improving performance, yet most implementations use strictly classical techniques. In this article we will explore the modern methods used by Caffeine, an open-source Java caching library, that yield high hit rates and excellent concurrency. These ideas can be translated to your favorite language and hopefully some readers will be inspired to do just that.

Eviction Policy

A cache’s eviction policy tries to predict which entries are most likely to be used again in the near future, thereby maximizing the hit ratio. The Least Recently Used (LRU) policy is perhaps the most popular due to its simplicity, good runtime performance, and a decent hit rate in common workloads. Its ability to predict the future is limited to the history of the entries residing in the cache, preferring to give the last access the highest priority by guessing that it is the most likely to be reused again soon...

6 analytics trends that will shape business in 2016

In its recently released Analytics Trends 2016 report, consulting firm Deloitte predicts six major trends will significantly shape business in 2016."Business leaders continue to face many varying challenges and opportunities, and staying ahead of these trends will have a lasting impact on how their organizations will operate in the future," says John Lucker, principal, Deloitte Consulting. "By going on the offensive with issues such as cybersecurity, organizations are making a strategic shift in the way they operate. Concurrently, the widening data scientist talent gap could be a business growth barrier. One thing is certain: effectively using analytics is essential in delivering insights that help achieve new levels of innovation and value."To read this article in full or to leave a comment, please click here

Planning for security breaches: What CIOs need to know to stay out of the hot seat

Foley & Lardner LLP Matthew Karlyn, Partner, Technology Transactions & Outsourcing Practice, Foley & Lardner LLP “I’ve been in meeting after meeting after meeting where companies like all of yours absolutely underestimate the impact of security breaches on the company,” Matthew Karlyn, Partner, Technology Transactions & Outsourcing Practice, Foley & Lardner LLP told attendees at the CIO Perspectives event in Houston in November 2015.To read this article in full or to leave a comment, please click here(Insider Story)

Why VCE customers should embrace, not fear, Dell’s merger with EMC

2015 was filled with many big technology acquisitions, the most notable of which was Dell dropping a whopping $67 billon for EMC. One of the most interesting questions that has been raised regarding the acquisition is what happens to the EMC Federation companies, most notably, VCE (disclosure: VMware is a client of ZK Research).VCE was founded as a joint venture between three market-leading vendors – VMware, Cisco, and EMC – to deliver a converged solution comprised of products from the three companies. In October of 2014, VCE announced it was acquiring controlling interest in the JV from Cisco (VMware was a minority shareholder).To read this article in full or to leave a comment, please click here

Worth Reading: Light at the end of the silicon

Silicon photonics has emerged as one of those areas of such far-reaching potential that its challenges and benefits tend to be clouded in generalities. Light as the main medium does indeed promise to alter fields including biological and chemical sensing, navigation, radio frequency sensing, communications, but for our purposes here, the potential within large-scale computing is of greater interest. -via the next platform

The post Worth Reading: Light at the end of the silicon appeared first on 'net work.

Time to Consider User Behavior Analytics (UBA)

In 2012, I did an extension research project on big data security analytics. My thesis was that big data tools like Hadoop, Mahout, MapReduce, and Pig would greatly enhance in-depth historical cybersecurity investigations beyond anything provided by SIEM tools. In retrospect, I believe my assumptions were correct, but the market remains in an early stage of development even today. While general use of big data security analytics is still in its genesis phase, there appears to be an increasingly popular use case in cybersecurity: User Behavior Analytics (UBA). UBA is roughly defined as the analysis of all activities related to individual users, covering devices, processes, applications, network sessions, and data consumed and utilized. UBA builds a data analytics model where all log files, endpoint and network forensics, authentication requests, and data access actions are aligned with individual users themselves. To read this article in full or to leave a comment, please click here

Critical vulnerabilities patched in Magento e-commerce platform

If you're running an online shop based on the Magento e-commerce platform, it's a good idea to update it as soon as possible. The latest patches fix critical vulnerabilities that could allow attackers to hijack administrative accounts.One issue was discovered by researchers from Web security firm Sucuri and stems from improper validation of email addresses in the customer registration form.The flaw allows a malicious user to include JavaScript code in the email field, leading to a so-called stored cross-site scripting (XSS) attack. The JavaScript code is saved along with the form and is triggered when the user account is listed in the website's back-end panel.To read this article in full or to leave a comment, please click here

Securing BGP: A Case Study (1)

What would it take to secure BGP? Let’s begin where any engineering problem should begin: what problem are we trying to solve?

A small collection of autonomous systems

In this network—in any collection of BGP autonomous systems—there are three sorts of problems that can occur at the AS level. For the purposes of this explanation, assume AS65000 is advertising 2001:db8:0:1::/64. While I’ve covered this ground before, it’s still useful to outline them:

  1. AS65001 could advertise 2001:db8:0:1::/64 as if it is locally attached. This is considered a false origination, or a hijacked route.
  2. AS65001 could advertise a route to 2001:db8:0:1::/64 with the AS path [65000,65001] to AS65003. This is another form of route hijacking, but instead of a direct hijack it’s a “one behind” attack. AS65001 doesn’t pretend to own the route in question, but rather to be connected to the AS that is originating the route.
  3. AS65000 could consider AS65003 a customer, or rather AS65003 might be purchasing Internet connectivity from AS65000. This would mean that any routes AS65000 advertises to AS65003 are not intended to be retransmitted back to AS65004. If, for instance, 2001:db8:0:1::/64, is advertised by AS65000 to AS65003, and AS65003 readvertises it to AS65004, AS65003 would be an unintentional transit AS in the Continue reading

CISOs should take security training seriously

In many ways, security awareness training exemplifies the way information security is seen and tackled by senior management.A once-a-year, classroom-based approach may be traditional, with security updates and warnings posted on walls and the Intranet, but it is also a sign of a tick-box, compliance-driven approach to security. It is often done to appease industry regulators, PCI and data protection authorities, and the training can offer relatively basic – arguably condescending- advice.But times are changing. The threat landscape is growing with the arrival of millions of mobiles and wearables, each with their own IP address, while organized crime and nation-state APT groups are looking at new ways of compromising victims. From exploit kits and Trojans to ransomware, phishing and social engineering scams – the criminal game has moved on.To read this article in full or to leave a comment, please click here

Telephonic DoS a smokescreen for cyberattack on Ukrainian utility

The late December telephonic denial-of-service attack against a Ukrainian power company was a smokescreen to cover up a cyber attack, experts say."This is one of the more common reasons why these attacks are done," said Rene Paap, product marketing manager at security vendor A10 Networks.According to Paap, telephonic DoS attacks have been around for a while, but don't get as much attention as the big DDoS attacks.Just like a regular DDoS attack, telephonic DoS works by overwhelming the victim's call center with so many fake phone calls that legitimate calls can't get through.[ ALSO ON CSO: Ukrainian power companies are getting hit with more cyberattacks ]To read this article in full or to leave a comment, please click here

New products of the week 1.25.2016

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Actifio Global ManagerKey features: AGM is a web-scale data virtualization solution delivering instant access and radically simple management of application data for business resiliency and test data management across private, public, and hybrid cloud. More info.To read this article in full or to leave a comment, please click here

New products of the week 1.25.2016

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Actifio Global ManagerKey features: AGM is a web-scale data virtualization solution delivering instant access and radically simple management of application data for business resiliency and test data management across private, public, and hybrid cloud. More info.To read this article in full or to leave a comment, please click here

REVIEW: Cyphort makes advanced threat protection easier than ever

Over the past few months, we’ve reviewed a variety of cutting-edge security tools that combat advanced persistent threats (APTs); everything from threat intelligence to virtual sandboxing to privileged identity management. And while all of these programs have been powerful, they all had varying degrees of complexity when it came to usability and customization.To read this article in full or to leave a comment, please click here(Insider Story)

Whatever Happened to “Do No Harm”?

A long time ago in a podcast far, far away one of the hosts saddled his pony unicorn and started explaining how stateful firewalls work:

Stateful firewall is a way to imply trust… because it’s possible to hijack somebody’s flows […] and if the application changes its port numbers… my source port changes when I’m communicating with my web server - even though I’m connected to port 80, my source port might change from X to Y. Once I let the first one through, I need to track those port changes […]

WAIT, WHAT? Was that guy really trying to say “someone can change a source port number of an established TCP session”?

Read more ...
1 3,164 3,165 3,166 3,167 3,168 3,836