ARP Spoofing Attack with Scapy
When an IP packet is sent from one host to another in a local area […]
The post ARP Spoofing Attack with Scapy first appeared on Brezular's Blog.
Day Two Cloud 180: Understanding AWS EC2 At The Edge
On today's Day Two Cloud podcast, we speak with Jan Hofmeyr, a VP within Amazon Web Services (AWS). This show was recorded at AWS re:Invent 2022 in Las Vegas, and we discuss EC2 at the edge, AWS Outposts and how local zones work, connecting Outposts to the AWS cloud, and more.Day Two Cloud 180: Understanding AWS EC2 At The Edge
On today's Day Two Cloud podcast, we speak with Jan Hofmeyr, a VP within Amazon Web Services (AWS). This show was recorded at AWS re:Invent 2022 in Las Vegas, and we discuss EC2 at the edge, AWS Outposts and how local zones work, connecting Outposts to the AWS cloud, and more.
The post Day Two Cloud 180: Understanding AWS EC2 At The Edge appeared first on Packet Pushers.
Response: Complexities of Network Automation
David Gee couldn’t resist making a few choice comments after I asked for his opinion of an early draft of the Network Automation Expert Beginners blog post, and allowed me to share them with you. Enjoy 😉
Network automation offers promises of reliability and efficiency, but it came without a warning label and health warnings. We seem to be perpetually stuck in a window display with sexily dressed mannequins.
Response: Complexities of Network Automation
David Gee couldn’t resist making a few choice comments after I asked for his opinion of an early draft of the Network Automation Expert Beginners blog post, and allowed me to share them with you. Enjoy 😉
Network automation offers promises of reliability and efficiency, but it came without a warning label and health warnings. We seem to be perpetually stuck in a window display with sexily dressed mannequins.
Kubernetes network monitoring: What is it, and why do you need it?
In this article, we will dive into Kubernetes network monitoring and metrics, examining these concepts in detail and exploring how metrics in an application can be transformed into tangible, human-readable reports. The article will also include a step-by-step tutorial on how to enable Calico’s integration with Prometheus, a free and open-source CNCF project created for monitoring the cloud. By the end of the article, you will be able to create customized reports and graphical dashboards from the metrics that Calico publishes to get better insight into the inner workings of your cluster and its various components. In addition, you will have the fundamental knowledge of how these pieces can fit together to establish Kubernetes network monitoring for any environment.
Background
The benefits offered by cloud computing and infrastructure as code, including scalability, easy distribution, and quick and flexible deployment, have caused cloud service adoption to skyrocket. But this rapid adoption requires checks and balances to ensure that cloud services are secure and running in their desired state. Furthermore, any security events and problems should be logged and reported for future examination.
Read our guide on Kubernetes logging: Approaches and best practices
In the past, traditional monitoring solutions such as Nagios Continue reading
Huawei Named the Top Leader in the Gartner 2022 Magic Quadrant for Wired and Wireless LAN Infrastructure
Huawei’s portfolio includes enterprise wired and wireless LAN infrastructure offerings that serve millions of customers worldwide across industries, and those customers rate them highly.Kubernetes At The Edge – Is It Really A Thing?
There’s a lot of hype around both Kubernetes and edge computing, so it shouldn’t be a surprise that vendors and cloud providers are offering products and services that combine the two. But what is edge computing? And can you run Kubernetes at the edge?
The post Kubernetes At The Edge – Is It Really A Thing? appeared first on Packet Pushers.
Why Enterprise IT ‘Five Nines’ is Laughable Using A Nuclear Example
Neing serious 100% uptime means serious engineering. IT is never serious.
Prepare to Converge: Aligning the Priorities of Networking and Security
The convergence of cybersecurity and networking into a cloud-first operating model is essential. But this means that both network and security teams will need to learn how to collaborate much more closely.Missed the big CPU news this month?
Sponsored Post: In case you missed the big news earlier this month, Intel introduced its 4th Gen Intel® Xeon® Scalable processors (formerly codenamed Sapphire Rapids) to a huge industry fanfare – groundbreaking datacenter silicon which promises to push the boundaries of performance for high performance computing (HPC), artificial intelligence (AI) and networking workloads. …
Missed the big CPU news this month? was written by Martin Courtney at The Next Platform.
Ansible Automation Platform 2.3 Configuration as Code Improvements
On November 29, we launched Red Hat Ansible Automation Platform 2.3, which included new and exciting features including improvements for Configuration as Code (CaC). Ansible Automation Platform 2.3 also includes improvements to automation controller as well as the introduction of Ansible validated content. This blog post will walk you through what CaC is and the benefits it can bring to your organization, including a UI and API walkthrough of automation controller and how to take a full Configuration as Code approach to your automation infrastructure.
What is Configuration as Code (CaC) in Ansible Automation Platform?
CaC is a term generally referring to the separation of configuration settings from the actual code. The ideal being you can store that configuration data in source control, and easily run and tweak it to match different environments.
In Ansible Automation Platform terms, we can use the features within the automation controller in combination with CaC to provide a more flexible, richer experience. Essentially we’ve added ‘Prompt on Launch’ to everything within a job template, many of which will also trickle down into workflows.
‘Prompt on launch’ is our Ansible Automation Platform way of saying ‘this is the Continue reading
CVE-2022-47929: traffic control noqueue no problem?
USER namespaces power the functionality of our favorite tools such as docker, podman, and kubernetes. We wrote about Linux namespaces back in June and explained them like this:
Most of the namespaces are uncontroversial, like the UTS namespace which allows the host system to hide its hostname and time. Others are complex but straightforward - NET and NS (mount) namespaces are known to be hard to wrap your head around. Finally, there is this very special, very curious USER namespace. USER namespace is special since it allows the - typically unprivileged owner to operate as "root" inside it. It's a foundation to having tools like Docker to not operate as true root, and things like rootless containers.
Due to its nature, allowing unprivileged users access to USER namespace always carried a great security risk. With its help the unprivileged user can in fact run code that typically requires root. This code is often under-tested and buggy. Today we will look into one such case where USER namespaces are leveraged to exploit a kernel bug that can result in an unprivileged denial of service attack.
Enter Linux Traffic Control queue disciplines
In 2019, we were exploring leveraging Linux Traffic Control's queue Continue reading