Fibbing: OSPF-Based Traffic Engineering with Laurent Vanbever

You might be familiar with the idea of using BGP as an SDN tool that pushes forwarding entries into routing and forwarding tables of individual devices, allowing you to build hop-by-hop path across the network (more details in Packet Pushers podcast with Petr Lapukhov).

Researchers from University of Louvain, ETH Zürich and Princeton figured out how to use OSPF to get the same job done and called their approach Fibbing. For more details, listen to Episode 45 of Software Gone Wild podcast with Laurent Vanbever (one of the authors), visit the project web site, or download the source code.

Network Simulation – Cisco Releases VIRL 1.0

Just in time for thanksgiving, Cisco has released version 1.0 of the popular network simulation tool VIRL. This is a major new release moving from Openstack Icehouse to Openstack Kilo. This means that your previous release of VIRL will NOT be upgradeable, only a fresh install is available. Cisco has started mailing out a link to the new release and I received my download link yesterday. It is also possible to download the image from the Salt server to the VM itself and then SCP it out from the VM, this is described in the release notes here.

The following platform reference VMs are included in this release:

  • IOSv – 15.5(3)M image
  • IOSvL2 – 15.2.4055 DSGS image
  • IOSXRv – 5.3.2 image
  • CSR1000v – 3.16 XE-based image
  • NX-OSv 7.2.0.D1.1(121)
  • ASAv 9.5.1
  • Ubuntu 14.4.2 Cloud-init

There are also Linux container images included. These are the following:

  • Ubuntu 14.4.2 LXC
  • iPerf LXC
  • Routem LXC
  • Ostinato LXC

This means that it will be a lot easier to do traffic generation, bandwidth testing and simulating a WAN by inserting delay, packet loss and jitter. It’s great to see Continue reading

Microsoft zaps dodgy Dell digital certificates

Microsoft has updated several of its security tools to remove two digital certificates installed on some Dell computers that could compromise data. The updates apply to Windows Defender for Windows 10 and 8.1; Microsoft Security Essentials for Windows 7 and Vista; and its Safety Scanner and Malicious Software Removal tool, according to postings here and here.To read this article in full or to leave a comment, please click here

VPN bug poses privacy threat to BitTorrent downloaders

A bug affecting some VPN services can be used to figure out a computer's real IP addresses, including those of BitTorrent users, which could pose a huge privacy and possibly a legal risk.The vulnerability affects those services that allow port forwarding, according to VPN provider Perfect Privacy, which wrote about the issue on Thursday.A successful attack requires a couple of conditions to be met: the attacker must be on the same VPN network as the victim, who also has to be lured into connecting to a resource controlled by the attacker.To read this article in full or to leave a comment, please click here

Contain Your Unikernels!

screenshot

After DockerCon EU in Barcelona several people asked me: “Is this for real?”. Yes it is, and today we are releasing the code for the entire “Unikernels, meet Docker!” demo on GitHub.

To get started, clone the DockerConEU2015-demo repository and follow the instructions in README.md. You will need a Linux host with Docker and KVM installed.

Apart from the MySQL, Nginx and PHP with Nibbleblog unikernels shown in the demo, the repository also contains some simpler examples to get you started that we did not have time to show live in the short time-slot. There’s also an in-progress MirageOS/KVM port, so stay tuned for a future post on that.

Presented as a ‘cool hack’ in the closing session of the conference, this demo is just a taste of what is possible. Next, I’m going to work with the wider unikernel and Docker developer community on a production quality version of this demo. The goal is to make unikernel technology easily accessible to as many developers as possible!

Personally, I would like to thank Amir Chaudhry, Justin Cormack, Anil Madhavapeddy, Richard Mortier, Mindy Preston and Jeremy Yallop for helping me put the demo Continue reading

Older Dell devices also affected by dangerous eDellRoot certificate

Users of Dell Windows-based laptops, desktops, tablets and other devices that were bought before August should check if their systems have the self-signed eDellRoot certificate that can compromise their private communications.The certificate was installed by Dell Foundation Services (DFS), an application that Dell preloads on many of its devices in order to ease customer service and technical support functions.After the certificate's existence came to light earlier this week, Dell said that it started deploying the certificate through a Dell Foundation Services version released in August. This led many people to believe that only Dell devices bought since August were affected.To read this article in full or to leave a comment, please click here

Millions of embedded devices use the same hard-coded SSH and TLS private keys

Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH (Secure Shell) host keys or HTTPS (HTTP Secure) server certificates, a study found.By extracting those keys, hackers can potentially launch man-in-the-middle attacks to intercept and decrypt traffic between users and millions of devices.Researchers from security firm SEC Consult analyzed firmware images for over 4,000 models of embedded devices from more than 70 manufacturers. In them they found over 580 unique private keys for SSH and HTTPS, many of them shared between multiple devices from the same vendor or even from different ones.To read this article in full or to leave a comment, please click here

Millions of embedded devices use the same hard-coded SSH and TLS private keys

Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH (Secure Shell) host keys or HTTPS (HTTP Secure) server certificates, a study found.By extracting those keys, hackers can potentially launch man-in-the-middle attacks to intercept and decrypt traffic between users and millions of devices.Researchers from security firm SEC Consult analyzed firmware images for over 4,000 models of embedded devices from more than 70 manufacturers. In them they found over 580 unique private keys for SSH and HTTPS, many of them shared between multiple devices from the same vendor or even from different ones.To read this article in full or to leave a comment, please click here

Another Year of Thankfulness

By the time you read this, I’ll be down at Oak Island on the North Carolina Coast, where my wife will be getting the turkey ready, and making a white chocolate cheesecake. No, I won’t tell you the address, but I will tell you this.

I’m thankful for this year.

I’m thankful for my family. For my wife and kids who put up with me and my insane schedule.

I’m thankful for my friends (I would list them all, but I’d probably forget someone, which would hurt feelings; it just doesn’t seem right to hurt anyone’s feelings today). Across the years, I’ve been taught so much about networking and engineering in the last 20+ years, from working on RADAR systems to large scale data centers. I’ve been given so many opportunities to write and speak, and been shown how to be just a better person.

I’m thankful that God has opened a door into a top notch PhD program, the support structure every PhD student needs to succeed, and two great mentors (more than anyone could ask for).

I know it’s not Thanksgiving in every country in the world. But there’s never a bad day to give thanks for what Continue reading

Thank you for your trust!

Wow, another year swooshed by. I can’t believe it’s almost gone. Maybe it’s all the travels I had throughout the year, and I MUST start with a huge THANK YOU to whoever is watching after me – there wasn’t a single major SNAFU.

Next, I’d like to thank the people who caused all that travel: attendees of my workshops.

Read more ...

Risky Business #391 — Dell fails hard

On this week's show we're chatting with Darren Kemp of Duo Security. He's one of the authors of a post about the latest example of computer manufacturer shitware introducing catastrophic vulnerabilities into shipped systems. This time it's Dell's turn.

If you haven't heard what they actually did you'll hardly even believe it. That's this week's feature interview.

read more

Microsoft beefs up security products to block adware

Microsoft is adding a new opt-in defense for enterprises to block adware, which is often sneakily wrapped into free downloads.Adware is often classified as a potentially unwanted application, or PUA, an industry term for applications that aren't necessarily malware but could be a security or performance risk."These applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify among the noise, and can waste helpdesk, IT, and user time cleaning up the applications," according to a Microsoft blog post.To read this article in full or to leave a comment, please click here

Dridex spam campaigns target the US, UK and France

The Dridex botnet, which targets financial credentials, appears to be gaining steam again, striking computers in the U.S., U.K. and France.Trend Micro is the latest security vendor to say it is seeing Dridex activity after the U.S. Department of Justice said last month it had significantly disrupted it in a joint action with the U.K. Sometimes referred to as Cridex or Bugat, Dridex is advanced malware that collects financial login details and other personal information that can be used to drain bank accounts.Trend has seen multiple spam campaigns sending out malicious attachments, such as Excel or Word documents, that could install Dridex, wrote Ryan Flores, a threat research manager.To read this article in full or to leave a comment, please click here