NetworkingNexus.net

NSA chief warns cyberthreats persist despite China accord

On the eve of a significant agreement between the United States and China on trade and information security, the head of the National Security Agency cautioned that the two superpowers must develop a set of norms that would curb cyber-espionage and theft of intellectual property from U.S. firms.Adm. Michael Rogers appeared in a rare open hearing of the Senate intelligence committee to offer an update on the agency's work, with a particular focus on the various cyberthreats, which increasingly are coming from state-sponsored actors.[ Related: What would a U.S.-China cybertreaty really mean? ]To read this article in full or to leave a comment, please click here

Using Vagrant with OpenStack

In my earlier post on using Docker Machine with OpenStack, I talked about combining technologies in a “provider/consumer” model. In this post, I’m going to talk about creating this provider/consumer model using a different combination of technologies: OpenStack as the infrastructure provider and Vagrant for consuming that infrastructure.

If you’re unfamiliar with Vagrant, I recommend you first read this introduction to Vagrant (after that you can dig into all the other Vagrant-tagged posts). As I explain in that first post, Vagrant leverages the idea of providers (which enable Vagrant to work with various back-end virtualization platforms/solutions) as well as boxes (which are essentially VM templates). In this particular case, we’re leveraging an OpenStack provider for Vagrant that allows Vagrant to use OpenStack as the back-end virtualization solution. However, since OpenStack already has the equivalent of VM templates (in the form of images), there’s no need to use a Vagrant box. This makes using Vagrant with OpenStack slightly different than your typical Vagrant use case.

Prerequisites

Let’s start with reviewing some prerequisites—these are the things you’ll need to do/have done before you can use Vagrant with OpenStack (besides the obvious things like having Vagrant installed).

You’ll need a working OpenStack Continue reading

After pushing malware, ad networks also used for DDoS

Rogue online advertisements that infect computers with malware have become a common occurrence on the Internet. But now, it appears, hackers have also figured out how to launch crippling distributed denial-of-service (DDoS) attacks through ad networks.The DDoS mitigation team at CloudFlare recently observed a large-scale attack which they believe was the result of malicious ads being loaded inside apps and browsers on mobile devices.The attack, which targeted one of the company's customers, peaked at 275,000 HTTP requests per second and was launched from over 650,000 unique IP (Internet Protocol) addresses, most of them from China.What was interesting about this attack was that the requests appeared to be generated by real browsers, not scripts or malware, as are typically used in HTTP-based DDoS attacks. Furthermore, an analysis of the request headers indicated that almost 80 percent of the devices generating the traffic were smartphones and tablets.To read this article in full or to leave a comment, please click here

How Facebook Tells Your Friends You’re Safe in a Disaster in Under Five Minutes

In a disaster there’s a raw and immediate need to know your loved ones are safe. I felt this way during 9/11. I know I’ll feel this way during the next wild fire in our area. And I vividly remember feeling this way during the 1989 Loma Prieta earthquake.

Most earthquakes pass beneath notice. Not this one and everyone knew it. After ceiling tiles stopped falling like snowflakes in the computer lab, we convinced ourselves the building would not collapse, and all thoughts turned to the safety of loved ones. As it must have for everyone else. Making an outgoing call was nearly impossible, all the phone lines were busy as calls poured into the Bay Area from all over the nation. Information was stuck. Many tense hours were spent in ignorance as the TV showed a constant stream of death and destruction.

It’s over a quarter of a century later, can we do any better?

Facebook can. Through a product called Safety Check, which connects friends and loved ones during a disaster. When a disaster hits Safety Check prompts people in the area to indicate if they are OK or not. Then Facebook closes the worry loop by Continue reading

Getting to Know John Ryan, Business Development & Channels

Knowing the members of our Ansible community is important to us, and we want you to get to know the members of our team in (and outside of!) the Ansible office. Stay tuned to the blog to learn more about the people who are helping to bring Ansible to life.

This week we're happy to introduce you to John Ryan, who joined Ansible as head of business development and channels. John has more than 30 years of experience in business development, channels, sales and marketing in infrastructure software, open source and network security. He’s held leadership positions at Proofpoint, Apigee, Red Hat, IBM and Sun Microsystems. John holds a B.S. in Computer Science from the University of Pittsburgh and an MBA from Case Western Reserve University.

What’s your role at Ansible?

I develop and manage strategic alliances with leading cloud, networking, storage, infrastructure technology and consulting, reseller and systems integrator partners. I’m also helping to build out Ansible’s partner program, resources and joint DevOps market-making initiatives.

I collaborate closely with the a wide spectrum of teams, including product, engineering, marketing and sales leadership teams along with our partners to develop, promote, sell and drive Continue reading

Iran: Latest Nation to Host Critical Global Internet Infrastructure

As crippling economic sanctions are poised to be lifted by the United States, Iran is starting to emerge from its isolation as a regional and, in a very limited sense, global Internet player. Iran continues to methodically build out its Internet infrastructure, working on its domestic connectivity (including IPv6), providing service to neighboring countries (such as Iraq and Afghanistan), stockpiling limited IPv4 address space, and providing a strategic terrestrial alternative to vulnerable submarine cables.

Recently, Iran began hosting a root DNS server, thereby potentially providing this critical service to the rest of the world. In this blog, we’ll explore some of these latest developments and their challenges. In November, European Internet registrar RIPE will hold its regional operator meeting (MENOG) in Tehran, where attendees from around the world will learn firsthand about recent developments in the fast-growing Iranian Internet.

K-root Debuts in Iran

As most readers of this blog will know, when you access any resource on the Internet by name (e.g., www.cnn.com), your computer must first convert this name into an IP address (e.g., 23.235.46.73), which it then uses to gain access to Continue reading

Don’t Miss the Brocade SDN Controller Webinar with Insights on OpenDaylight!

Join SDxCentral and Brocade for the SDN Controller Report webinar on September 29th. Register today!

Worth Reading: The changing mobile landscape

Rather than a large pool of potential suppliers who are strongly motivated to compete with each other by building to the specifications provided by the cellular access providers, the concentration of supply has lead to a different dynamic where the platform providers are able to effectively dictate their terms and conditions to the mobile access network operators. Interestingly this, in turn, has emboldened some of the larger application providers to flex their market muscles and in turn set forth in their own direction. via circle id

The post Worth Reading: The changing mobile landscape appeared first on 'net work.

Intellectual virtue and the engineer

On the 19th of January in 2009, Captain “Sully” Sullenberger glided an Airbus A320 into the Hudson River just after takeoff from LaGuardia airport in New York City. Both engines failed due to multiple bird strikes, so the ditching was undertaken with no power, in a highly populated area. Captain Sullenberger could have attempted to land on one of several large highways, but all of these tend to have heavy traffic patterns; he could not make it to any airport with the power he had remaining, so he ditched the plane in the river. Out of the 155 passengers on board, only one needed overnight hospitalization.

There are a number of interesting things about this story, but there is one crucial point that applies directly to life at large, and engineering in detail. Here’s a simple question that exposes the issue at hand—

Do you think the Captain had time to read the manual while the plane was gliding along in the air after losing both engines? Or do you think he just knew what to do?

Way back in the mists of time, a man named Aristotle struggled over the concept of ethics. Not only was he trying to Continue reading

18 million hit by Identity theft last year

Almost 18 million people were victims of identity theft in the United States last year, with the majority of crimes targeting credit cards and bank accounts, the Department of Justice said Sunday.The figure represents 7 percent of the U.S. population aged 16 or older and is a rise of 1 million people from 2012, the last year for which the DOJ's Bureau of Justice Statistics published a similar report.The latest report counts instances where a person experienced misuse of a financial or other account -- not simply a breach of their personal information.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords Just over two in every five cases involved a credit card account and just under two in five involved a bank account.To read this article in full or to leave a comment, please click here

Silent Circle aims at the enterprise market with Blackphone 2

Silent Circle's second privacy-focused device, the Blackphone 2, is designed to meet the management and security needs of enterprises, while not alienating workers who will end up using it for their personal affairs as well. The phone, launched Monday, integrates with Google's Android for Work program, which allows companies to manage and secure the Android devices of their employees. The phone also works with major device management platforms including those from MobileIron, Citrix, Good and SOTI. One of the most important new features of Blackphone 2 is called Spaces and allows users to create virtual phone environments with different security settings.To read this article in full or to leave a comment, please click here

Keep out ahead of shadow IT

It's time to face a cold, hard fact: The "shadow IT" parade is passing you by, and if you don't get out in front of it and lead it where you want it to go, you might get run over.Gartner projected in 2012 that marketing department spending on IT will surpass IT department spending on IT in the near future. True, that has yet to happen, but the scales keep tipping. Take a hard look at that future: You may not be in it.[ Navigate the modern hiring landscape with InfoWorld's special report, "The care and feeding of a rockstar developer." | Share your tech story and get a $50 American Express gift cheque if published. Send it to [email protected]. | Keep up with hot topics in programming with InfoWorld's Application Development newsletter. ] Shadow IT has been presented as a new threat to IT departments because of the cloud. Not true -- the cloud has simply made it easier for non-IT personnel to acquire and create their own solutions without waiting for IT's permission. Moreover, the cloud has made this means of technical problem-solving more visible, bringing shadow IT into the light. In fact, Continue reading

Worth Reading: Anycast TCP

But recently, some popular CDNs have also started using anycast for HTTP traffic. This gave us hope, because their TCP connection with end users would last for a similar duration as LinkedIn’s TCP connection to our end users. A Nanog presentation in 2006 claimed that anycast works. So, to validate the assumption that TCP over anycast in the modern internet is no longer a problem, we ran a few synthetic tests. -via catchpoint

Throughput 101: Don’t Guess At File Sizes

In this video, network troubleshooting guru Tony Fortunato demonstrates how to perform a file transfer test to determine file size.

Pica8’s White Box OS Gets a Big-Name Partner in HP

A milestone deal for the white box OS vendor.

Why You Should Adopt A Cloud-First Networking Strategy

The rise of hybrid cloud in the enterprise means that network engineers need to focus on enabling and supporting cloud in all its forms.

New products of the week 09.28.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.BitbucketKey features: Bitbucket Server (formerly named Stash) is a Git solution for professional teams. New capabilities include Git Mirroring for distributed team members, Large File Storage support and help in organizing complex repository structures. More info.To read this article in full or to leave a comment, please click here

New products of the week 09.28.2015

NIST joins fight against cybercrime

The Department of Commerce's National Institute of Standards and Technology (NIST) is awarding roughly $3.7 million for three pilot projects designed to make online transactions more private and secure. This fourth round of recipients of the National Strategy for Trusted Identities in Cyberspace (NSTIC) grants will, respectively, pilot technologies designed to safeguard tax returns, secure medical information and protect online storage. The NSTIC, which unites the public and private sectors, launched in 2011. The new grantees are: MorphoTrust USA (Billerica, Mass., $1,005,168)MorphoTrust’s second NSTIC pilot grant will focus on preventing the theft of personal state tax refunds in multiple states. MorphoTrust will leverage trust created during the online driver licensing process, which includes biometrics and more, to build trustworthy electronic IDs. To read this article in full or to leave a comment, please click here

Learn SDN with Virtual Routers and Switches

Bryan would love to get hands-on SDN experience and sent me this question:

I was recently playing around with Arista vEOS to learn some Arista CLI as well as how it operates with an SDN controller. I was wondering if you know of other free products that are available to help people learn.

Let’s try to do another what-is-out-there survey.