Evaluating my own books…

This is a bit of a slow week in the US, and I’ve been deeply imbibing philosophy and theology this weekend (getting ready for the first two PhD classes), so I’m going to do something a little different this week. A lot of folks email me asking about which of my books are worth buying, or asking me if they should buy this or that specific book I’ve written across the years. So, herewith, an honest appraisal of my own books.

Advanced IP Network Design

This book is based on single question—what have we learned from working on failed networks from the perspective of TAC and Escalation in terms of good network design? It’s hard to believe, but this was (AFAIK) the second book published by Cisco Press, in 1999 (that’s 16 years, 10 books, and two degrees ago!). While I have a fond place in my heart for this book, all the material here is generally updated and improved in Optimal Routing Design, below.

EIGRP for IP

This started life as the EIGRP white paper, written based on a thorough reading of the EIGRP code base as it existing in 2000, along with many hours spent with GDB, Continue reading

4 new cybercrime trends threaten your business

The more things change, the more things stay the same -- at least for hackers. That's one of the finding in Proofpoint's mid-year threat report on the attacks of choice for the first half of 2015. In addition to the return of an old friend, the cybersecurity company also found more targeted attacks towards businesses, heightened activity around social media and a shift in the volume and accuracy of the bad stuff that ends up in your inbox, looking to take your money. Click the attachment They're baaaaaack – email attachments that infect a computer once clicked upon, that is. To read this article in full or to leave a comment, please click here

Credentials stored in Ashley Madison’s source code might have helped attackers

If you're a company that makes its own websites and applications, make sure your developers don't do what the Ashley Madison coders did: store sensitive credentials like database passwords, API secrets, authentication tokens or SSL private keys in source code repositories.Judging by the massive amount of data leaked last month by Impact Team from AshleyMadison.com's owner Avid Life Media (ALM), the hackers gained extensive access to the Canadian company's IT infrastructure.The ALM data dumps contained customer records and transaction details from the Ashley Madison infidelity website, but also the email database of the company's now-former CEO and the source code for the company's other online dating websites including CougarLife.com and EstablishedMen.com.To read this article in full or to leave a comment, please click here

New products of the week 09.08.15

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Alteryx 10.0 Pricing: Alteryx starts at $3,995 Per-User, Per-Year (3-Year Subscription); $5,194 Per-User, Per-Year (1-Year Subscription)To read this article in full or to leave a comment, please click here

ZeusVM: Bits and Pieces

ZeusVM is a relatively new addition to the Zeus family of malware. Like the other Zeus variants, it is a banking trojan (“banker”) that focuses on stealing user credentials from financial institutions. Although recent attention has been on non-Zeus based bankers such as Neverquest and Dyreza, ZeusVM is still a formidable threat. At the time […]

ZeusVM: Bits and Pieces

ZeusVM is a relatively new addition to the Zeus family of malware. Like the other Zeus variants, it is a banking trojan (“banker”) that focuses on stealing user credentials from financial institutions. Although recent attention has been on non-Zeus based bankers such as Neverquest and Dyreza, ZeusVM is still a formidable threat. At the time of this writing, it is actively being developed and has implemented some interesting features such as a custom virtual machine and basic steganography. In addition, due to a recent leak of a builder program, the ability to create new ZeusVM campaigns is now in the hands of many more miscreants.

To foster a better understanding of ZeusVM, the attached paper examines some of the internals of the malware from a reverse engineer’s perspective. While it doesn’t cover every component, the visibility provided can help organizations better detect and protect from this threat.

ZeusVM: Bits and Pieces (PDF)

ZeusVM: Bits and Pieces Appendix 1 (TXT)

Weird bug of the day: Twitter in-app browser can’t visit site

We keep a close eye on tweets that mention CloudFlare because sometimes we get early warning about odd errors that we are not seeing ourselves through our monitoring systems.

Towards the end of August we saw a small number of tweets like this one:

indicating that trying to browse to a CloudFlare customer web site using the Twitter in-app browser was resulting in an error page. Which was very odd because it was clearly only happening occasionally: very occasionally.

Luckily, the person who tweeted that was in the same timezone as me and able to help debug together (thanks James White!); we discovered that the following sequence of events was necessary to reproduce the bug:

  1. Click on a link in a tweet to a web site that is using an https URL and open in the Twitter in-app browser (not mobile Safari). This site may or may not be a CloudFlare customer.

  2. Then click on a link on that page to a site over an http URL. This site must be on CloudFlare.

  3. BOOM

That explained why this happened very rarely, but the question became... why did it happen at all? After some debugging it appeared to happen in Continue reading

Which Path in the WAN are those Business Critical Applications Taking?

“Learning about and avoiding impairments (delay, loss, jitter) along the path that business critical traffic takes.”  That is what I wrote in my previous blog “IWAN’s Intelligent Path Control & Using Your Backup Link.”  But how is that possible to do?

Thinking some type of probe? From where to where? Thinking the WAN edge links? But how do you know the path you send your probes over is the path that your business critical traffic is taking?

Let’s talk about what I mean by this by looking at an example.

which_path2

 

 

 

 

 

 

In the above picture we have 2 sites with 1 host per site, and 1 WAN connection between the two.

  • Branch2 w/ host 10.2.10.101
  • Hub Site w/ host 114.114.114.101
  • WAN connection w/ 21.21.102.3 on the Branch2 side and 21.21.1.2 on the Hub Site side.

Let’s say you check the health of the path between Branch2 and the Hub Site with some type of probe/IP SLA.  You will be doing it from the 2 WAN IP addresses 21.21.102.3 and 21.21.1.2.   Right?  Continue reading

Quick look: World’s largest e-waste dump

e-wasteImage by REUTERS/Tyrone SiuReuters recently took a look at what the town of Guiyu in China, which is commonly known, as one of the world's largest electronic waste dump sites. A particularly polluted place as you might imagine, Guiyu exists to salvage bits of valuable metals such as gold, copper and aluminum mostly from hard drives, mobile phones, computer screens and computers from around the world though sources have changed: China now produces 6.1 million metric tons of e-waste a year second only to the US with 7.2 million tons , according to the Ministry of Industry and Information Technology.To read this article in full or to leave a comment, please click here

$60 device spoofs phantom objects and tricks self-driving cars into stopping

A security researcher used a homemade $60 system to outsmart self-driving car lidar sensors that cost thousands; he was able to trick an autonomous vehicle into slowing down and even launched a denial of service attack on a self-driving car's tracking system so that it came to a complete stop.Lidar, a remote sensing technology, is most commonly known as the circular “eye” mounted on the roof of most self-driving cars; it acts somewhat like radar as the lasers spin around to scan the area and detect objects. Lidar devices come in various sizes and prices. The lidar (Light Detection and Ranging) market is estimated to be a one billion market by 2020; it’s not used exclusively for driverless cars as seen in recent news about autonomous golf carts and surveying drones. Yet Jonathan Petit, a principal scientist at Security Innovation, believes lidar sensors are “the most susceptible technologies” in self-driving vehicles.To read this article in full or to leave a comment, please click here

Want IoT? Here’s How a Major US Utility Collects Power Data from Over 5.5 Million Meters

I serendipitously found this fascinating reply by Richard Farley, your friendly neighborhood meter reader, in a local email list giving a rare first-hand account of how the Advanced Metering Infrastructure works in California. This is real Internet of Things territory. So if it doesn't have a typical post structure that is why. He generously allowed it to be reposted with a few redactions. When you see “A Major US Utility”, please replace it with the most likely California power company.

Old mechanical meters had bearings that over time wore out and caused friction that threw off readings. That friction would cause the analog gauge to spin slower than it should, resulting in lower readings than actual usage -- hence "free power". It's like a clock falling behind over time as the gears wear down.

For A Major US Utility "estimated billing" happens when your meter, for whatever reason, was not able to be read. The algorithms approved by the CPUC and are almost always favorable to the consumer. A Major US Utility hates to have to do estimated billing because they almost always have to underestimate based on the algorithms and CPUC rules. Not 100% sure about this, but if they Continue reading

I passed the CCIE Lab Exam in Routing and Switching v5!

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
Well the post that I have been dreaming of writing since the start of this blog is actually being written. I passed the CCIE Lab Exam in Routing and Switching v5 in Brussels last week and am now CCIE #50038 It has been a journey and as readers of this […]

Other pages of interest:

Post taken from CCIE Blog

Original post I passed the CCIE Lab Exam in Routing and Switching v5!

Kaspersky Lab pushes emergency patch for critical vulnerability

Kaspersky Lab has released an emergency patch for some of its antivirus products after a security researcher found a critical vulnerability that could allow hackers to compromise computers.The flaw was discovered by vulnerability researcher and Google security engineer Tavis Ormandy, who mentioned it Saturday on Twitter, before sending the bug's details to Kaspersky.Ormandy's Twitter message included a screen shot showing the Windows calculator (calc.exe) running under the Kaspersky antivirus process.It works great against versions 15 and 16, he said.Versions 15 and 16 correspond to Kaspersky's 2015 and 2016 product lines. It's not clear if only Kaspersky Anti-Virus was affected or also the vendor's Internet Security and Total Security products.To read this article in full or to leave a comment, please click here

1 3,186 3,187 3,188 3,189 3,190 3,697