US Homeland Security wants heavy-duty IoT protection

The diversity and capabilities as well as a lack of security found in the multitude of devices in the Internet of Things world is making people at the US Department of Homeland Security more than a little concerned.This week it put out a call for “novel ideas and technologies to improve situational awareness and security measures for protecting IoT domains, as well as technologies that will help DHS operational and support components gain comprehensive and near continuous knowledge of IoT components and systems that affect their operations and assets.”To read this article in full or to leave a comment, please click here

US Homeland Security wants heavy-duty IoT protection

The diversity and capabilities as well as a lack of security found in the multitude of devices in the Internet of Things world is making people at the US Department of Homeland Security more than a little concerned.This week it put out a call for “novel ideas and technologies to improve situational awareness and security measures for protecting IoT domains, as well as technologies that will help DHS operational and support components gain comprehensive and near continuous knowledge of IoT components and systems that affect their operations and assets.”To read this article in full or to leave a comment, please click here

Stuff The Internet Says On Scalability For December 11th, 2015

Hey, it's HighScalability time:


Cheesy Star Trek graphics? Nope. It's hot gas streaming into Pandora’s Cluster.

 

If you like Stuff The Internet Says On Scalability then please consider supporting me on Patreon.

  • 100 millionJohn Henry as played by a conventional computer loses to a quantum computer; 400,000: cores in PayPal's OpenStack deployment; 10TB: max size of Google Cloud SQL database; 9%: Kickstarter projects that don't deliver; $2.3 trillion: worth of The Forbes 400 members; billions: worth of Spanish treasure ship;

  • Quotable Quotes:
    • Pandalicious: I actually expect that down the road most large open source projects will start distributing a standardized build environment via docker containers. 
    • @glasnt: "Optimise for speed flexibility & evolution" "Whoever is iterating faster has a huge advantage" - @adrianco #yow15 
    • @erikbryn: LIDAR goes from $75K to $500, leaves Moore's Law in the Dust
    • Henry Miller: One has to believe wholeheartedly in what one is doing, realize that it is the best one can do at the moment—forego perfection now and always!—and accept the consequences which giving birth entails.
    • @jedws: "uber is way more reliable on Saturday and Sunday because there are no engineers working on the.system" #yow15
    • Continue reading

Cyberspy group repurposes 12-year-old Bifrose backdoor

A group of hackers that primarily targets companies from key industries in Asia is using heavily modified versions of a backdoor program called Bifrose that dates back to 2004.The group, which researchers from antivirus vendor Trend Micro call Shrouded Crossbow, has been targeting privatized government organizations, government contractors and companies from the consumer electronics, computer, healthcare, and financial industries since 2010.The group's activities are evidence that engaging in cyberespionage doesn't always require huge budgets, stockpiles of zero-day vulnerabilities and never-before-seen malware programs. Old cybercrime tools can be repurposed and improved for efficient attacks.To read this article in full or to leave a comment, please click here

Wall Street Tech group reveals 2016 educational series

The Wall Street Technology Association (WSTA) has revealed its 2016 educational series of events, to be held in New York City and Boston, for financial tech pros.The nearly 50-year-old non-profit's events hit on a variety of serious tech issues:* Transforming WANs with Virtualization panel discussion, NYC, Jan. 21* Mobile-First Design and Seamless Delivery seminar, NYC, Feb. 25* Analytics: Achieving a Sustainable Competitive Advantage seminar, NYC, March 15* Assessing Cybersecurity Business Risk and Managing Threats seminar, NYC, April 14* Fraud Data Intelligence Frameworks panel discussion, Boston, April 28To read this article in full or to leave a comment, please click here

Show 267: Juniper’s Sky Advanced Threat Prevention (Sponsored)

The Packet Pushers talk to Juniper Networks about Sky Advanced Threat Prevention (ATP), a cloud-based anti-malware service integrated with SRX Gateways. It employs multiple technologies to identify risks and provide a higher degree of accuracy in threat prevention.

The post Show 267: Juniper’s Sky Advanced Threat Prevention (Sponsored) appeared first on Packet Pushers.

Show 267: Juniper’s Sky Advanced Threat Prevention (Sponsored)

The Packet Pushers talk to Juniper Networks about Sky Advanced Threat Prevention (ATP), a cloud-based anti-malware service integrated with SRX Gateways. It employs multiple technologies to identify risks and provide a higher degree of accuracy in threat prevention.

The post Show 267: Juniper’s Sky Advanced Threat Prevention (Sponsored) appeared first on Packet Pushers.

A free, almost foolproof way to check for malware

No single antimalware engine can keep up with all the malware out there. But how about 57 of 'em?In this video, you'll learn how to download and run Windows Sysinternals Process Explorer to test all currently running executables on your Windows system against VirusTotal's 57 antivirus engines, which together offer the best accuracy you can ever get (with a small percentage of false positives that are pretty easy to spot). Neither the Sysinternals Process Explorer software nor the VirusTotal service cost anything at all. The whole setup process will take you about five minutes and the scan, which you can execute any time you like, takes less than a minute. Only malware in memory will be detected, but if you're infected, very likely that malicious process will be running -- and this easy method will sniff it out. Watch and learn.To read this article in full or to leave a comment, please click here

Endpoint security still inadequate despite growing threats

Endpoint security solutions today are lacking in spite of significant gaps, vulnerabilities in security and heightened fear of a security breach, says Promisec, endpoint security and compliance vendor.According to Promisec data, 89 percent of VP and C-Level IT leaders who responded in a Promisec survey have a heightened fear of a breach over the next year while only 32 percent of respondents have advanced endpoint security in place.The fact that 73 percent of the respondents agree that endpoints are the most vulnerable point for attack should magnify concerns. The demand is there and analyst market valuations for endpoint security reflect that. The market value should grow from $11.62 billion this year to $17.38 billion by 2020, according to a recent MarketsandMarkets report. Analyst group TechNavio pegs the growth at a CAGR of 10.4 percent over the period 2014-2019.To read this article in full or to leave a comment, please click here

Transforming ideas into light bulbs – LiFi

About 4 years ago, Harald Haas, a physicist and professor of mobile communications at the University of Edinburgh, was the first to coin the term Li-Fi, at a TED Talk during TEDGlobal 2011. Since then, millions of bits about this technology roamed the Internet, and many companies already started implementing it.

Who’s doing this already?

The history begins with a company named Velmenni, which has produced a light bulb that works with Li-Fi technology on a small scale. They are not the first to prove the technology works, nor the first to conduct a real-world experiment, but here’s their Jugnu Lighbulb demo.

Philips has developed a VLC (Visible Light Communication) system for shoppers at stores. People have to download an app on their smartphone and then it will interact with the LEDs in the store. The LEDs can pinpoint their location in the store and give them corresponding coupons and information based on which aisle they are on and what they are looking at.Philips-Connected-retail-lighting-system-infographicByteLight has developed a system similar to Philips’ lighting network, making LEDs “talk” to any smartphone and tablet with a camera and/or Bluetooth Smart technology that is “opened to listen”.

http://i1.wp.com/website-assets.bytelight.com/assets/how_it_works-1ee62918322ee289a0c7d315b2554cd0.jpg?w=474

The first VLC smartphone prototype was Continue reading

Custom metrics with Cumulus Linux

Cumulus Networks, sFlow and data center automation describes how Cumulus Linux is monitored using the open source Host sFlow agent that supports Linux, Windows, FreeBSD, Solaris, and AIX operating systems and KVM, Xen, XCP, XenServer, and Hyper-V hypervisors, delivering a standard set of performance metrics from switches, servers, hypervisors, virtual switches, and virtual machines.

Host sFlow version 1.28.3 adds support for Custom Metrics. This article demonstrates how the extensive set of standard sFlow measurements can be augmented using custom metrics.

Recent releases of Cumulus Linux simplify the task by making machine readable JSON a supported output in command line tools. For example, the cl-bgp tool can be used to dump BGP summary statistics:
cumulus@leaf1$ sudo cl-bgp summary show json
{ "router-id": "192.168.0.80", "as": 65080, "table-version": 5, "rib-count": 9, "rib-memory": 1080, "peer-count": 2, "peer-memory": 34240, "peer-group-count": 1, "peer-group-memory": 56, "peers": { "swp1": { "remote-as": 65082, "version": 4, "msgrcvd": 52082, "msgsent": 52084, "table-version": 0, "outq": 0, "inq": 0, "uptime": "05w1d04h", "prefix-received-count": 2, "prefix-advertised-count": 5, "state": "Established", "id-type": "interface" }, "swp2": { "remote-as": 65083, "version": 4, "msgrcvd": 52082, "msgsent": 52083, "table-version": 0, "outq": 0, "inq": 0, "uptime": "05w1d04h", "prefix-received-count": 2, "prefix-advertised-count": 5, "state": "Established", "id-type": "interface" } },  Continue reading

I use SNMP SETs and I’m not afraid to admit it.

Do you remember back in CCNA school when we learned all sorts of great things that we very rarely followed. One of the favourites was that we are supposed to put meaningful descriptions on all of our interfaces so we know what the other side is connected to.

How many people actually follow that advice?

Yeah, I never do it either. There’s always just too many things on the list that need to get done and it seems like that extra 5 seconds it would take me to update the description to the interface just doesn’t seem like it’s worth the effort. Of course, then I later check the port and end up knocking out my XYZ services and cause myself an outage.

This is where a little python and a decent NMS can help to solve a problem.

Understanding ifIndex

Before we get into the code. We need to understand a little about ifIndex values and how they relate to the physical interfaces of the devices. If you’re REALLY interested, you can do some reading in RFC 2863.  But in a nutshell, each interface on a device, whether physical or logical has a specific numeric value assigned to it Continue reading

1 3,184 3,185 3,186 3,187 3,188 3,808