The International Space Station: Reveling at 15

Hailing 15Image by NASANASA and the world cosmos community this month celebrate the International Space Station’s 15th consecutive year of humans living in its celestial lab. In those 15 years, 45 crewed expeditions -- more than 220 people from 17 countries -- have visited the station, constructed over more than 115 space flights conducted on five different types of launch vehicles. The station now measures 357 feet end-to-end and provides more livable room than a conventional six-bedroom house, NASA says. Here we take a look at life onboard and what the ISS has meant to space exploration.To read this article in full or to leave a comment, please click here

VBulletin resets patches and issues emergency patches following breach

VBulletin Solutions has reset the passwords for over 300,000 accounts on its website following a security breach, and also released emergency security patches. The company's Internet forum software is used on tens of thousands of websites.It's not clear if the patches were prompted by the security breach, but the hacker who claimed to have compromised the vBulletin.com database put a zero-day vBulletin exploit -- an exploit for an unpatched vulnerability -- up for sale on Monday.VBulletin Solutions did not immediately respond to an inquiry seeking more details about the patches and their relationship to the breach.To read this article in full or to leave a comment, please click here

VBulletin resets passwords, issues emergency patches following breach

VBulletin Solutions has reset the passwords for over 300,000 accounts on its website following a security breach, and also released emergency security patches. The company's Internet forum software is used on tens of thousands of websites. It's not clear if the patches were prompted by the security breach, but the hacker who claimed to have compromised the vBulletin.com database put a zero-day vBulletin exploit -- an exploit for an unpatched vulnerability -- up for sale on Monday. VBulletin Solutions did not immediately respond to an inquiry seeking more details about the patches and their relationship to the breach.To read this article in full or to leave a comment, please click here

TalkTalk breach investigation leads to fourth arrest

Police investigating the data breach at U.K. telecommunications operator TalkTalk made their fourth arrest late Tuesday, as lawmakers launched their own inquiry into the case.The Metropolitan Police Cyber Crime Unit and the National Crime Agency arrested a 16-year-old boy at an address in Norwich, England, after visiting it with a search warrant.Police had previously arrested a 15-year-old boy from County Antrim, Northern Ireland, on Oct. 26, a 16-year-old boy in Feltham, England, on Oct. 29, and a 20-year-old man in Staffordshire on Oct. 31.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers All four were arrested on suspicion of offenses under the Computer Misuse Act, and all have now been released on bail without charge while police continue their investigation.To read this article in full or to leave a comment, please click here

How to push security earlier into the dev process

A new crop of products is emerging that aim to implant security best practices and compliance checks as early and often as possible when new infrastructure is spun up in the cloud or when new applications are launched in a rapid development environment.The idea behind these products is that security should be incorporated into the entire life cycle of resources being used or applications being developed. Some vendors contend that too often security assessments are either not performed, or they’re done too late in the process of managing resources and apps. Tools from companies like Amazon Web Services, Microsoft and Chef are all aiming to ensure security best practices are automatically enforced as early on in the process as possible.To read this article in full or to leave a comment, please click here

How to test and fix IPv6 fragmentation issues

In an earlier blog post, I discussed the issues associated with IPv6 packet fragmentation. Of particular significance, IPv6 fragmentation relies extensively on the computer sourcing packets being able to receive ICMPv6 “packet too big” message type 2 sent from any intermediate device in the route to the packet’s destination. The capability to confirm that an […]

How to test and fix IPv6 fragmentation issues

In an earlier blog post, I discussed the issues associated with IPv6 packet fragmentation. Of particular significance, IPv6 fragmentation relies extensively on the computer sourcing packets being able to receive ICMPv6 “packet too big” message type 2 sent from any intermediate device in the route to the packet’s destination.

The capability to confirm that an end user in a network will correctly receive the packet-too-big ICMPv6 message has been added to the test-ipv6 mirrors, including http://test-ipv6.arbor.net. This new capability allows a user to identify if the packet-too-big message is being discarded between the user’s computer and the web site.

In the “Tests Run” tab of the main test-ipv6 mirror page, the “Test IPv6 large packet” test documents the IPv6 fragmentation behavior. If further information is desired, one can click on the “Technical Info” link.

If the “Test IPv6 large packet” test is failing, the packet-too-big ICMPv6 message is likely being dropped. This indicates issues within the user’s computer, enterprise network or elsewhere along the path to the test-ipv6 mirror.  The problematic device may be a router or firewall device, although it may even be the “firewall” software configured on the user’s computer.

Any device in the Continue reading

It’s a Switch! It’s a Router! It’s a Server! It’s a new product platform – NFX250

Today marks a very special day for me at Juniper. A brand new product line that I’ve managed from the very beginning has been announced. The NFX250 is a unique platform that actualizes the concepts of Network Functions Virtualization we’ve all heard so much about, but hardly see encompassed in an end-to-end solution. The NFX250 is a Distributed … Continue reading It’s a Switch! It’s a Router! It’s a Server! It’s a new product platform – NFX250

CCIE Recertification + Certification News 2015

The last time I re-certified, it took me three times to pass the CCIE R&S written exam. While that exam is a challenge that many people fail to pass the first time out, I felt like I was getting rusty on some fundamentals. Three times was not the end of the world, but the effort felt forced. I wanted a refresher.

Many US enterprises still running XcodeGhost-infected Apple apps, FireEye says

Dozens of U.S. enterprises are still using Apple mobile apps seeded with malware for a clever hacking scheme revealed last month known as XcodeGhost.The computer security firm FireEye said Tuesday it has detected that 210 enterprises that are still using infected apps, showing that the XcodeGhost malware "is a persistent security risk," according to a blog post.Last month, more than 4,000 applications were found to have been modified with a counterfeit version of Xcode, which is an application development tool from Apple.To read this article in full or to leave a comment, please click here