Cisco switch software vulnerable

Cisco this week issued a security advisory on a vulnerability in its IOS XE software. IOS XE Release 16.1.1 could allow an attacker to cause an affected device to reload.The vulnerability is due to incorrect processing of packets that have a source MAC address of 0000:0000:0000, the advisory states. An attacker could exploit it by sending a frame that has a source MAC address of all zeros to an affected device.A successful exploit could allow the attacker to cause the device to reload. All products that run IOS XE Release 16.1.1 are vulnerable, the advisory states. Two of those products are Cisco’s Catalyst 3850 and 3650 series switches.To read this article in full or to leave a comment, please click here

Notable 2015 deaths in technology, science & inventions

The networking and computing world, as well as the worlds of science and inventions, lost well-known pioneers as well as younger movers and shakers during 2015. Here’s a brief look back at these people and their contributions (see Slideshow version here). LOOK BACK: 2014’s notable deathsRalph Ungermann: Co-founder of Zilog, Ungermann-Bass (Died June 2, age 73) Ungermann was a pioneer in both the PC industry via his 1974 co-founding of microprocessor maker Zilog and of the data communications industry via his 1978 launch of Ungermann-Bass, which Tandem Computers, and later Newbridge Networks, acquired. A serial entrepreneur, the Berkeley College-educated Ungermann also formed an ATM switching and multimedia networking company called First Virtual in 1994, before moving into the world of venture capital by co-founding a firm in Shanghai. In his obituary, Ungermann is quoted as having once said: " I like to pioneer things, create a space that does not exist. If you can imagine it, you can create it. It is much more fun and challenging to create an industry, than to follow someone else.”To read this article in full or to leave a comment, please click here

OSFP Forwarding Address Part II: Redistribution and filtering don’t get along very well

Hoping you all enjoyed the first part of the OSPF forwarding address saga, I’m back with the promise to make things clear regarding a nicely built redistribution case. I’m not sure if you’ve ever come across it, or ever will, but it’s interesting because it explains why we need the rules to set the forward address (if you don’t remember them, you can take a look at Part I).

Let’s see what I’m talking about. Remember the second topology from Part I? Long story short, I tried to break it. Managed to partially do it, though I am still thinking of a way to make things worse, if possible :). The following setup consists in the starting point of Part II:

ospf_2_1

Initially, R2’s and R3’s interfaces towards R0 are included in area 0, in order for them to fulfill all the conditions to set the forwarding address in their T5 LSA. The snippets below show the initial state:

R1#show ip ospf interface brief
Interface    PID   Area            IP Address/Mask    Cost  State Nbrs F/C
Fa1/0           1          0               10.10.13.1/24            1        DR    1/1
Fa0/0          1          0               10.10.12.1/24            1        DR    1/1

R2#show ip ospf Continue reading

Three ways to use the cloud to regain control over network endpoints

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach.The dramatically increased persistence and creativity of attackers call for an equally radical change in how businesses protect themselves. Promising new cloud-based endpoint security solutions can meaningfully change how we protect against cyber intrusions.  Here's how you can leverage the cloud to regain control over endpoints:1. The cloud can enable enterprises to keep tabs on and learn from attackers as they test attack strategies. Today’s adversaries often have the resources to buy traditional security software, network appliances and virtually any other on-premise solution to figure out how they tick. By re-creating mock networks and endpoint protection systems of victims they target, they can find ways to bypass defenses. Given that on-premise defenses are by design downloaded and available locally, they are naturally exposed to attacker scrutiny-- and without tipping off the vendor or the intended victim.To read this article in full or to leave a comment, please click here

Poor security decisions expose payment terminals to mass fraud

Some payment terminals can be hijacked to commit mass fraud against customers and merchants, researchers have found.The terminals, used predominantly in Germany but also elsewhere in Europe, were designed without following best security principles, leaving them vulnerable to a number of attacks.Researchers from Berlin-based Security Research Labs (SRLabs) investigated the security of payment terminals in Germany and were able to use them to steal payment card details and PIN numbers, hijack transactions and compromise merchant accounts. They plan to present their findings at the 32nd Chaos Communication Congress (32C3) later this month.To read this article in full or to leave a comment, please click here

He sees you when you’re sleeping and when you’re awake via unsecured IP cameras

According to the song Santa Claus is Coming to Town: Santa “sees you when you're sleeping;” and he “knows when you're awake;” Saint Nick “knows if you've been bad or good…” But what if any he or she with an Internet connection could see you when you’re sleeping, know when you’re awake, or if you’ve been bad or good? The idea is creepy as can be, but it’s still a fact for people who have installed a security camera without setting a secure password.I’m all for domain privacy, even though the U.S. wants to kill it off via the TPP, but the admin of Insecam is wise enough to use a privacy protection service. There is a bit of irony in that perhaps.To read this article in full or to leave a comment, please click here

How fake users are impacting business … and your wallet

A few weeks ago, Kristen Faughnan got something that surprised her: a "low balance" text message from her bank. That didn't make sense. She'd just paid for a haircut, but she knew how much was in her account.  Even after paying her stylist, it was much more than the level at which the bank would tell her she was almost out of funds. "I logged onto my bank account to find two recent charges from Groupon," she says. They were from a cologne store in Texas. Faughnan lives in Pennsylvania. Faughnan was most likely victim of a costly form of cybercrime: a fake user taking over her account. Fake users spam real users that are part of a site, steal confidential information or, as in the case with Faughnan, take over an account (the fraudulent purchases were made through a credit card she had stored in the site -- a credit card that had expired, which added another piece to the puzzle). To read this article in full or to leave a comment, please click here

Wyndham settlement: No fine, but more power to the FTC

On the face of it, Wyndham Hotels and Resorts dodged a major bullet from the Federal Trade Commission (FTC).After three major data breaches in 2008 and 2009 that compromised the credit card information of more than 619,000 customers and led to more than $10.6 million in fraudulent charges, the company earlier this month settled a lawsuit brought by the FTC that doesn’t require it to pay a penny in fines or even admit that it did anything wrong.To read this article in full or to leave a comment, please click here

What is a micro loop in routing?

Micro loop can be found in fast-rerouted networks. Fast reroute, as a proactive convergence mechanism, provides sub-second data plane convergence. If there are technical glitches, upstream node sends the traffic through the repaired path to the downstream device. For the downstream node to be used as a backup/repair node, it should be loop-free. What do […]

The post What is a micro loop in routing? appeared first on Network Design and Architecture.

Trump is right about “schlong”

The reason Trump is winning is because the attacks against him are unfair. The recent schlong-gate is a great example.

Yes, "schlong" means "penis", but is also means "rubber hose". Getting beaten by a rubber hose has long been a severe way of beating somebody. Getting "schlonged" has long meant getting a severe beating with absolutely no sexual connotation. Sure, you may never heard of this slang, because it's very regional, but it does exist. Fact checkers have gone back and found many uses of this word to mean just that [1] [2] [3] [4] [5], meaning "severe beating" in a non-sexual sense.

We regularly use words like hosed, shafted, stiffed, chapped, and boned to mean something similar. Sure, some of these derive from a base word for "penis", but are commonly used these days without any sexual or derogatory connotation. The only different about "schlonged" is that most Americans were unfamiliar with the idiom. Had Trump said "shafted" instead, this controversy would not have erupted.

But those who hate Trump, and who have only known "schlong" to mean something dirty and derogatory, are unwilling to let go Continue reading

Segment Routing Fast Reroute

Segment Routing Fast Reroute  – Traffic Engineering with Segment Routing uses LFA mechanism to provide 50 msec fast reroute capability. Current Segment Routing implementation for the OSPF uses regular LFA (Loop Free Alternate) for fast reroute in Cisco devices. Because LFA (Loop Free Alternate) has topology limitations, it does not include many faulty scenarios. On the […]

The post Segment Routing Fast Reroute appeared first on Network Design and Architecture.

10 amazing algorithms

Figuring out mysteriesImage by FlickrCyber technology couldn’t get by without algorithms to encrypt, analyze metadata and find traffic anomalies, but they are used more and more widely in other fields. Here are 10 algorithms that perform functions as varied as scanning for disease genes, catching classroom cheats and figuring out murder mysteries as well as Agatha Christie’s heroine Miss Marple.To read this article in full or to leave a comment, please click here

Quick look: History-making Space X rocket launch/return

The FirstImage by Reuters/Joe SkipperThey have talked about it for years and had a couple failures but SpaceX this week did what no one has done before – they launched a multi-stage rocket into space, delivered 11 satellites into low-Earth orbit and landed the first stage of the spacecraft back on the launching pad. The Falcon rocket becomes the first of what SpaceX hopes will become a family of reusable launcher systems. Take a look.To read this article in full or to leave a comment, please click here

The year in security, identify theft and fraud

We all like to talk about security, but sometimes words can't tell the whole the story. That's especially true in the case of cyber-threats, identify theft and fraud. It's a numbers game. And as you'll see, users weren't the winners in 2015. To paint a picture of 2015, we asked CIO.com contributor Jen A. Miller to comb through the headlines and industry reports to uncover on how hackers, scammers and thieves got the best of us. Rather than ramble on, we decided to let the numbers do the talking Check out our infographic below (and you can also download the PDF). Click for a larger image or download the PDF using the link below. To read this article in full or to leave a comment, please click here(Insider Story)

1 3,233 3,234 3,235 3,236 3,237 3,872