0

Juniper warns of spying code in firewalls

Juniper, a major manufacturer of networking equipment, said on Thursday it found spying code planted in certain models of its firewalls, an alarming discovery that echoes of state-sponsored tampering. The affected products are those running ScreenOS, one of Juniper's operating systems that runs on a range of appliances that act as firewalls and enable VPNs. ScreenOS versions 6.2.0r15 through 6.2.0r18 and 6.3.0r12 through 6.3.0r20 are vulnerable, according to an advisory. The unauthorized code was found during a recent internal review, wrote Bob Worrall, Juniper's chief information officer. He did not indicate where Juniper thinks the code originated.To read this article in full or to leave a comment, please click here

0

Technology Short Take #58

Welcome to Technology Short Take #58. This will be the last Technology Short Take of 2015, as next week is Christmas and the following week is the New Year’s holiday. Before I present this episode’s collection of links, articles, and thoughts on various data center technologies, allow me to first wish all of my readers a very merry and very festive holiday season. Now, on to the content!

Networking

• Looking for a step-by-step install guide for VMware NSX? This one is a bit older (refers to NSX 6.1 and the current release is 6.2), but you might find it helpful nevertheless.
• Ray Budavari—who is an absolutely fantastic NSX resource—has a blog post up on the integration between VMware NSX and vRealize Automation. This first post (judging by the “part 1” in the title this will be a series) is a bit light on details, but I’m hoping future posts will dive deeper into this topic.
• Mustafa Akin has an article on Docker’s new overlay networking functionality. He describes how to set it up (on both VirtualBox and Digital Ocean) and provides some high-level performance information as well.
• If you’d like to play around with Cumulus Linux but don’t Continue reading

0

Gotchas for using a different subnet for a VM than that of the host in Openstack

0

Cyberattack prediction: Hackers will target a US election next year

A major cyberattack next year will target a U.S. election, security expert Bruce Schneier predicts.The attack won't hit the voting system and may not involve the presidential election, but the temptation for hackers is too great, even in state and local races, said Schneier, a computer security pioneer and longtime commentator."There are going to be hacks that affect politics in the United States," Schneier said. Attackers may break into candidates' websites, e-mail or social media accounts to uncover material the campaigns don't want public, he said.Schneier gave the prediction Thursday on a webcast from incident response company Resilient Systems, where he is chief technology officer.To read this article in full or to leave a comment, please click here

0

Last Chance! Use Dialogic PowerMedia XMS & Oracle Communications MANO Layer for Automated Lifecycle Management of Applications

Join Dialogic and Oracle on January 15th at 10:00am PT to learn more about how to achieve automation and vendor interoperability between Dialogic’s real-time multimedia VNFs and Oracle’s MANO layer.

0

Court finds for Arista in EOS suit with co-founder

A California court has found in favor of Arista Networks in a software ownership lawsuit filed by its co-founder.In a preliminary ruling, the California Superior Court, Santa Clara County found that OptumSoft, a company started by Arista co-founder David Cheriton, does not own Arista code developed to work with royalty-free licensed software. That software is OptumSoft’s TACC -- Types, Attributes and Constraints Compiler -- a platform for developing modular or distributed applications or systems, a key functionality Arista markets as a differentiator for it EOS operating system software.To read this article in full or to leave a comment, please click here

0

How network segmentation provides a path to IoT security

Earlier this month I attended Cisco’s Internet of Things World Forum in Dubai (disclosure: Cisco is a client of ZK Research). One of the things I liked about the event is that it showcased a wide variety of uses cases across a number of different vertical industries. Some were in the ideation phase, some were early stage, and some fully deployed. While many of the use cases were quite different, there was one point of commonality, and that’s the need for security.The Internet of things (IoT) poses quite a different challenge for security and IT professionals. Traditional cybersecurity is becoming increasingly difficult even though most IT devices being connected have some basic security capabilities. Now consider the operational technology (OT) being connected to our company networks to enable IoT. These are devices like medical equipment, factory floor machines, drills, shipping containers, and other things that have no inherent security capabilities and the most basic network functions.To read this article in full or to leave a comment, please click here

0

Not Tor, MIT’s Vuvuzela messaging system uses ‘noise’ to ensure privacy

As privacy of The Onion Router (Tor) network comes into question, MIT researchers say they have devised a secure system called Vuvuzela that makes text messaging sent through it untraceable and that could be more secure than Tor when it comes to hiding who is talking to whom.While it’s not ready for prime time, the messaging system makes it extremely difficult for attackers to find out which connected users are communicating with which others or whether they are sending or receiving messages at all, the researchers say in “Vuvuzela: Scalable Private Messaging Resistant to Traffic Analysis”.To read this article in full or to leave a comment, please click here

0

CCDE – CCDE Qualification Exam Passed

A couple of days ago I passed the Cisco Certified Design Expert (CCDE) Qualification Exam which means that I am now eligible to take the CCDE practical. I’m aiming to give that a try in May. This post will give some insight into what a candidate needs to pass the CCDE Qualification exam and how to study for it.

The CCDE is a very broad exam. The ideal candidate must have a very strong background in Routing & Switching (RS) and Service Provider (SP) technologies. These are the meat of the exam. It is also desirable to have a decent knowledge of Data Center (DC) and security technologies. It’s also desirable to have a basic understanding of wireless and storage technologies.

It’s difficult to study for the CCDE and the CCDE Qualification Exam if you don’t have enough experience in the real world. While a person can study for the CCIE without a lot of experience, doing the same for the CCDE is difficult because design and network architecture requires implementation experience and design experience. The ideal candidate should be CCIE RS and SP certified already or have the equivalent knowledge of someone that is. Does that mean that it’s Continue reading

0

My 3 year Workiversary!

So LinkedIn told me it was my 3 year workiversary the other day.  3 whole years since starting with Fluency Communications and building out their National Next Gen Network. When I first joined the company, the network was ran on … Continue reading →

0

Containerd: a daemon to control runC

As we build out Docker’s infrastructure plumbing, we are committed to releasing these plumbing components as open source to help the community. Today we’re releasing a new daemon to control runC called: containerd. It’s built for performance and density, and will eventually be … Continued

0

NASA offers $15k for your wicked cool air traffic technology

The airspace of the future could get messy, what with drones, aircraft and suborbital spacecraft -- and NASA wants the public’s help in developing technology that will help manage that mélange. +More on Network World: The weirdest, wackiest and coolest sci/tech stories of 2015+ The space agency this week announced a $15,000 public contest -- called the “Sky for All challenge” -- to develop technologies that could be part of what it calls “a clean-slate, revolutionary design and concept of operations for the airspace of the future.” The challenge opens Dec. 21, and participants may pre-register now. The deadline for submissions is Feb. 26, 2016 and is being administered by crowdsourcing site HeroX.To read this article in full or to leave a comment, please click here

0

ECI Develops an ONOS-Based SDN Controller

The company is contributing its code to the open source community.

0

Featured Video: Huawei Highlights Inaugural OPNFV Summit

Huawei shares the high points of the 2015 OPNFV Summit in a featured video summary. Watch now!

0

Vancouver & Montreal, Canada: CloudFlare’s latest data centers

With the holiday season in full swing, it's only fitting that we continue to spread cheer, joy and a faster Internet around the world. To start the season we begin in Canada with NHL rivals Montreal and Vancouver, our 70th and 71st points of presence (PoPs) globally. Montreal and Vancouver, the 2nd and 3rd largest Canadian metropolitan areas, respectively, join our existing PoP in Canada's largest, Toronto.

Together, CloudFlare's network in Canada is now milliseconds away from the country's 31 million Internet users. As of now, the web sites, mobile apps and APIs of all CloudFlare customers are delivered at a cool 6.1 million times the speed of the fastest slapshot (for the curious, the current NHL speed record belongs to Zdeno Chára of the Boston Bruins, whose slapshot clocked 108.8 miles per hour / 175.1 kilometers per hour).

Latency matters

Canada is not just one of the most wired countries in the world, with nearly 87 per cent of Canadian households connected to the Internet, but also one of the largest as measured by e-commerce transaction volume. According to Statistics Canada, Canadian enterprises sold more than US$100 billion in goods and services over the Internet in Continue reading

0

A Different Kind of POP: The Joomla Unserialize Vulnerability

At CloudFlare, we spend a lot of time talking about the PoPs (Points of Presence) we have around the globe, however, on December 14th, another kind of POP came to the world: a vulnerability being exploited in the wild against Joomla’s Content Management System. This is known as a zero day attack, where it has been zero days since a patch has been released for that bug. A CVE ID has been issued for this particular vulnerability as CVE-2015-8562. Jaime Cochran and I decided to take a closer look.

In this blog post we’ll explain what the vulnerability is, give examples of actual attack payloads we’ve seen, and show how CloudFlare automatically protects Joomla users. If you are using Joomla with CloudFlare today and have our WAF enabled, you are already protected.

The Joomla Web Application Firewall rule set is enabled by default for CloudFlare customers with a Pro or higher plan, which blocks this attack. You can find it in the Joomla section of the CloudFlare Rule Set in the WAF Dashboard.

What is Joomla?

Joomla is an open source Content Management System which allows you to build web applications and control every aspect of the content of your Continue reading

0

The weirdest, wackiest and coolest sci/tech stories of 2015

WackyImage by Reuters/ Toby MelvilleIt’s that time of year again when we take a look at some of the most interesting and sometimes silly sci/tech stories of the year. This year we have flame-throwing drones, wicked cool pictures of Pluto and quantum computing advancements to name just a few topics. Take a look.To read this article in full or to leave a comment, please click here

0

Microsoft extends SmartScreen browsing protection to foil malvertising and exploit kits

Microsoft SmartScreen, the phishing and malware filtering technology built into Internet Explorer, Edge and Windows, has now been updated to block Web-based attacks that silently exploit software vulnerabilities to infect computers.Such attacks are known as drive-by downloads, because they don't require user interaction aside from browsing to a malicious website or a legitimate one that has been compromised.To launch such attacks, hackers use tools known as exploit kits that take advantage of vulnerabilities in the OS, the browser, or popular software like Flash Player, Silverlight and Java.While exploit kits typically target vulnerabilities after they have been patched by software vendors, there have been cases when they've exploited previously unknown flaws that are known in the security industry as zero-days. In addition, the time window between when patches are released and when attackers start targeting the fixed flaws has significantly shrunk in recent years, giving users less time to update.To read this article in full or to leave a comment, please click here

0

Brocade DemoFriday Q&A + Video: Tacker, an SDN Controller, & a vRouter – Simplifying Management of the CPE

Brocade's Robert McBride & Vikram Singh answer DemoFriday questions. Read for more insights on how to simplify vCPE management.

0

Worth Reading: Troubleshooting video applications

Maybe it’s another sign of experience, aging, cynicism, and/or ego. Lately, I seem to be doing a lot of troubleshooting of application performance problems. “What on earth was the developer thinking?” is becoming a recurrent refrain, at least in my head. This is (I hope) not ego, just a real question about what appears to be a sub-optimal approach. via network computing

The post Worth Reading: Troubleshooting video applications appeared first on 'net work.