0

Announcing Universal DNSSEC: Secure DNS for Every Domain

CloudFlare launched just five years ago with the goal of building a better Internet. That’s why we are excited to announce that beginning today, anyone on CloudFlare can secure their traffic with DNSSEC in just one simple step.

This follows one year after we made SSL available for free, and in one week, more than doubled the size of the encrypted web. Today we will do the same with DNSSEC, and this year, we’ll double the size of the DNSSEC-enabled web, bringing DNSSEC to millions of websites, for free.

If DNS is the phone book of the Internet, DNSSEC is the unspoofable caller ID. DNSSEC ensures that a website’s traffic is safely directed to the correct servers, so that a connection to a website is not intercepted by a man-in-the-middle.

Solving A Decades-Old Vulnerability In DNS

Every website visit begins with a DNS query. When I visit cloudflare.com, my browser first needs to find the IP address:

cloudflare.com. 272 IN A 198.41.215.163

When DNS was invented in 1983, the Internet was used by only a handful of professors and researchers, and no one imagined that there could be foul play. Thus, DNS relies on Continue reading

0

Versa Decouples Hardware from Software for SD-WAN, vCPE, & Security

Decoupling like Juniper? No comparison, say Versa's founders.

0

How to avoid a data center overrun with idle servers

You've undoubtedly read, or at least seen the articles talking about "comatose" servers, servers in data centers that don't do any work and just sit idle. A study from Stanford University professor Jonathan Koomey and Jon Taylor, a partner at the consulting firm Athensis Group found that up to 30% of all physical servers in data centers do nothing all day long and no one notices.This is not a new discovery; it has been around for several years. In 2008, McKinsey & Co. released a similar study, finding that up to 30% of servers in data centers were as they put it "functionally dead." The Uptime Institute issued a similar report in 2012, finding around 30% of servers to be idle and not working.To read this article in full or to leave a comment, please click here

0

First Linux ransomware program cracked, for now

Administrators of Web servers that were infected with a recently released ransomware program for Linux are in luck: There's now a free tool that can decrypt their files.The tool was created by malware researchers from antivirus firm Bitdefender, who found a major flaw in how the Linux.Encoder.1 ransomware uses encryption.The program makes files unreadable by using the Advanced Encryption Standard (AES), which uses the same key for both the encryption and decryption operations. The AES key is then encrypted too by using RSA, an asymmetric encryption algorithm.To read this article in full or to leave a comment, please click here

0

Andrew Lerner on Vendorspeak

Andrew Lerner, my favorite Gartner analyst, recently published a hilarious blog post describing what vendors mean when they say “our product is software-defined” or “we’ll make it work”. Enjoy!

Need more vendorspeak? Try eight levels of vendor acceptance (carefully documented during a particularly stressful on-site test in Poland).

0

CCIE Three Months Later

Today November, 10th 2015 marks three months since I passed the CCIE Routing and Switching lab exam. Needless to say a few things have changed, not all necessarily career driven. My journey’s a...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

0

Comodo fixes bug that led to issue of banned digital certificates

Comodo said Monday it fixed a bug that led to the issuance of some now-banned digital certificates. Other CAs might have the same problem, too.Under new rules from the CA/Browser Forum (CAB) that came into force on Nov. 1, certification authorities (CAs) are not supposed to issue new SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificates for internal host names.Comodo had been preparing for the rule change, but a "subtle bug" was introduced in its issuing system on Oct. 30, wrote Rob Stradling, senior research and development scientist, in a post on the CAB Forum.To read this article in full or to leave a comment, please click here

0

CEOs of Ericsson & Cisco Promise an End-to-End Networking Wonderland

Ericsson and Cisco worked on this relationship for more than a year.

0

Five Functional Facts about TACACS+ in ISE 2.0

The oft-requested and long awaited arrival of TACACS+ support in Cisco's Identity Services Engine (ISE) is finally here starting in version 2.0. I've been able to play with this feature in the lab and wanted to blog about it so that existing ISE and ACS (Cisco's Access Control Server, the long-time defacto TACACS+ server) users know what to expect.

Below are five facts about how TACACS+ works in ISE 2.0.

0

Cisco & Ericsson: Neither Fish nor Fowl

Whatever it is, the Cisco/Ericsson alliance will threaten competitors.

0

If one of Pluto’s moons spins any faster its surface might fly off

As if Pluto and its moons weren’t unique enough – scientists at the SETI Institute say if tiny Hydra were spinning much faster its surface would fly off. The fact that most of Plutos moons -- Styx, Nix, Kerberos and Hydra – are spinning wildly anyway is an anomaly, so when NASA’s New Horizon’s space probe got close enough to make some observations about the spin rates of Pluto’s known satellites what was found surprised a few folks. Typically most inner moons in the solar system keep one face pointed toward their central planet, NASA stated. +More on Network World: NASA telescopes watch cosmic violence, mysteries unravel+To read this article in full or to leave a comment, please click here

0

Government CIOs and CISOs under siege by insider threats

When the Office of Management and Budget rolled out its far-reaching blueprint for federal agencies to improve their cybersecurity posture, it identified a number of areas where government CIOs and CISOs can improve, including rapid detection and response to incidents and the need to recruit and retain top security talent.The Cybersecurity Strategy and Implementation Plan (PDF available here) also highlights the need for agencies to take steps to mitigate one of the more pervasive -- and overlooked -- security risks: insider threats.[ Related: Insider threats force balance between security and access ]To read this article in full or to leave a comment, please click here

0

Need for cyber-insurance heats up, but the market remains immature

Spurred by the rash of high-profile hacks, companies are purchasing cyber-insurance to protect themselves from the financial liability associated with data loss and business disruption. But the still-maturing market for cyber-insurance remains fraught with loopholes and inconsistencies, and suffers from a shortage of qualified staff who can properly assess cybersecurity profiles, experts and CIOs say."The application process is less than what you would think it would be, in terms of the due diligence," says Shawn Wiora, CIO and CISO of Creative Solutions in Healthcare, a nursing care facility provider. "I like to work with strong partners and, at this point, I'm not sure that a lot of [the insurers] know what they're doing."To read this article in full or to leave a comment, please click here

0

Class action lawsuit alleges AMD’s Bulldozer CPUs aren’t really 8-core processors

AMD is in the hot seat again. This time it’s not about company earnings, but AMD’s marketing claims about the power of its Bulldozer CPU platform. In late October, one disappointed AMD buyer filed a class action lawsuit arguing that AMD’s statements about Bulldozer supporting up to eight cores were false.Tony Dickey, a resident of Alabama who brought the suit against the company, says AMD’s actions violate the consumer legal remedies act, California’s unfair competition law, false advertising, fraud, breach of express warrant, negligent misrepresentation, and unjust enrichment.To read this article in full or to leave a comment, please click here

0

7 ways hackers can use Wi-Fi against you

7 ways hackers can use Wi-Fi against youImage by ThinkstockWi-Fi — oh so convenient, yet oh so dangerous. Here are seven ways you could be giving away your identity through a Wi-Fi connection and what to do instead.Using free hotspotsImage by ThinkstockTo read this article in full or to leave a comment, please click here

0

Worth Reading: The ‘net is the real world

How much time have I wasted decrying the many hours a day a billion people waste on Facebook? How could I have been so wrong? How could I have not seen it? Facebook (FB) is the real world now. Our wives are all beautiful, our husbands brilliant, our children talented, our pets hilarious, and our home lives one impeccably framed picture after another. via fox business

The post Worth Reading: The ‘net is the real world appeared first on 'net work.

0

Cisco & Ericsson Team Up to Face Nokia & Alcatel-Lucent

The telecom giants pair up in an apparent face-off against Nokia and Alcatel-Lucent.

0

OpenSwitch: Exciting Stuff

It was about a month ago that HP (along with several partners) announced OpenSwitch, a new network OS for white box switching hardware.

This week, HPE brought OpenSwitch Chief Architect Michael Zayats to present to TFDx delegates at the ONUG conference. I was fortunate to be one of these delegates and the usual disclaimers apply.

What is OpenSwitch?
It's an open source network OS for whitebox switching platforms. The code is open, and so is the development process. They're actively encouraging people to get involved. Coordination is done over IRC, bug tracking is open, documentation is available for edit, etc... Open. Open. Open.

Who is behind OpenSwitch?
Well, first there's the vendor consortium. To a large degree, it's that new company with the boxy logo: HPE. They employ the chief architect and a handful of developers. There are some other vendors, notably Broadcom (without whom this couldn't happen because of their NDA policies around silicon drivers), switch manufacturers (ODMs), etc...

Also of critical importance are the users: There are already some large end-user companies playing with, using, and contributing to OpenSwitch.

Wait how many OSes is HPE shipping/supporting now?
Yeah... Awkward! That's a couple of versions of Comware, Provision, Continue reading

0

Microsoft to acquire data protection firm Secure Islands

Microsoft announced Monday that it has made a deal to acquire Secure Islands, an Israeli company that focuses on protecting companies' data. Neither company disclosed the terms of the deal.The acquisition will help Microsoft level up its Azure Rights Management Service, which lets companies protect files individually and in bulk with tools that ensure they aren't opened or modified by people who are unauthorized to do so. Secure Islands's services include data classification technology that automatically detects the creation of new files from a variety of sources and then applies a protection policy to it.  To read this article in full or to leave a comment, please click here

0

Sophos synchronizes endpoint, network security

Sophos this week rolled out a firewall/end point security package with an eye toward more quickly helping IT detect threats and autonomously isolate infected devices.The key to the company’s security protection package is Sophos Security Heartbeat endpoint software and the firm’s new XG Firewall family.+More on Network World: Review: Stop insider attacks with these 6 powerful tools+According to Dan Schiappa, senior vice president of the end user security group at Sophos, Security Heartbeat sends continuous, real-time health information about the end point. If suspicious traffic is identified by the firewall, or malware is detected on the endpoint, security and threat information -- such as the MAC address, computer name, username and process information associated with the threat -- is instantly shared securely via between endpoints and the XG firewall.To read this article in full or to leave a comment, please click here