0

NetDevOps: Networking Methods with a DevOps Mindset

DevOps brings together software developers and IT operations through mutual and organic cooperation and collaboration. In legacy IT shops, the roles of developers and IT operations are logically segregated, which stifles progress and prohibits progressive integration efforts. Products that leverage DevOps provide developers self-service capabilities they’ve never had before — eliminating provisioning bottlenecks and adapting to changes quickly. The platform becomes highly scalable and flexible, removing much of the “red tape” in getting things done.

This is all well and good, and is often sufficient for most, but networking is often neglected as a part of the DevOps model. Common questions that arise include the following:

• Is your current networking strategy holding you back from scaling new projects quickly?
• Is your network topology designed to quickly add and remove compute infrastructure?
• How can your network integrate in a DevOps orchestrated world?

This is where including DevOps for networking comes in, or “NetDevOps.” Traditional networking infrastructure can be difficult to manage when requiring agility with updated tools. If your organization is already implementing DevOps principles or has an organization that is flat or non-siloed, integrating networking into your framework may be right for you.

NetDevOps extends what you’re already doing Continue reading

0

Feature Spotlight: System Tracking

During the second installment of our webinar series about Ansible Tower features, we highlighted system tracking, a functionality which was just added to Tower with our 2.2. release.

System Tracking was created to give administrators the necessary tools to audit and verify that machines are in compliance. Use the tool to see how a machine has changed over time, or compare machines in your cluster to see how they are different.

For example, you may need to determine whether a set of machines had a security patch applied, or determine when a patch was applied. The System Tracking tools can help you do that. They can also help you evaluate your infrastructure for compliance against specific requirements, and periodically examine machines for unexpected changes.

When you run a scan, you’ll be able to see packages, services, and Ansible facts side-by-side for comparison. All differences in Ansible facts are highlighted in red for easy reference.

You can also expand this function by writing your own Ansible module that gathers the custom facts you want to see. Simply implement a module that returns the “ansible_facts” key, as described in the Ansible documentation.

Our goal with system tracking was to empower you Continue reading

0

SHA-1 hashing algorithm could succumb to $75K attack, researchers say

Researchers have found a new way to attack the SHA-1 hashing algorithm, still used to sign almost one in three SSL certificates that secure major websites, making it more urgent than ever to retire it, they said Thursday.SHA-1 is a cryptographic hashing function designed to produce a fingerprint of a document, making it easy to tell if a document has been modified after the fingerprint was calculated.Weaknesses had already been identified in SHA-1, and most modern Web browsers will no longer accept SSL certificates signed with it after Jan. 1, 2017. That date was chosen based on the ever-decreasing cost of the computing power required to attack the algorithm.To read this article in full or to leave a comment, please click here

0

Lyft’s CTO accused of hacking Uber

Uber recently submitted new court filings seeking more information on an IP address believed to be involved in a hack that was made public in February, in which the names and email addresses of 50,000 of its drivers were stolen. And two anonymous sources reportedly told Reuters that the IP address points to Chris Lambert, the chief technology officer of Uber's main competitor, Lyft.In court papers, Uber claims the Comcast IP address was used to access a security key in the breach, and is seeking more information to identify who was using the address. U.S. Magistrate Judge Laurel Beeler has said that the information Uber is seeking with the subpoena is "'reasonably likely' to help reveal the 'bad actor' responsible for the hack," according to Reuters.To read this article in full or to leave a comment, please click here

0

PQ 58: Alibi Routing With UMD’s Dave Levin

In this podcast, Packet Pushers co-host Ethan Banks gets a bit into the weeds with University of Maryland's Dave Levin in this detailed discussion of Alibi Routing, a privacy-driven research project to prove that traffic flowing between a particular source and destination did not traverse a specific geographic region.

The post PQ 58: Alibi Routing With UMD’s Dave Levin appeared first on Packet Pushers.

0

Worth Reading: Outsourcing Security

That is not to say, however, that outsourcing has no downsides. In the area of IT security, in particular, the potential threat of data mishandling and breaches have tempered many companies’ willingness to invest all-out in outsourcing IT security. That fear is legitimate, but it’s not something that can’t be dealt with. -via infosec buddy

Continue reading

0

Banks Bet Their Money On Private Cloud

As banks move toward a cloud-based infrastructure, they must protect their assets while understanding that the network is a fundamental contributor to the cloud and to their customers' quality of experience.

0

Why have most merchants missed the EMV deadline?

Last Friday’s Oct. 1 deadline for so-called EMV or “chip-and-PIN” credit card technology to replace the 1960s-vintage “swipe-and-signature” magnetic stripe card system should not have been a surprise to any of the major players in the payment card industry (PCI) – merchants, card issuers and banks.Visa, one of the three developers of the EMV standard (along with Europay and MasterCard) announced in August 2011 – more than four years ago – that it would be moving to EMV in the U.S. (it has been in use in Europe for more than a decade). The EMV Migration Forum was created by the Smart Card Alliance in July 2012.To read this article in full or to leave a comment, please click here

0

Doubling the speed of jpegtran with SIMD

It is no secret that at CloudFlare we put a great effort into accelerating our customers' websites. One way to do it is to reduce the size of the images on the website. This is what our Polish product is for. It takes various images and makes them smaller using open source tools, such as jpegtran, gifsicle and pngcrush.

However those tools are computationally expensive, and making them go faster, makes our servers go faster, and subsequently our customers' websites as well.

Recently, I noticed that we spent ten times as much time "polishing" jpeg images as we do when polishing pngs.

We already improved the performance of pngcrush by using our supercharged version of zlib. So it was time to look what can be done for jpegtran (part of the libjpeg distribution).

Quick profiling

To get fast results I usually use the Linux perf utility. It gives a nice, if simple, view of the hotspots in the code. I used this image for my benchmark.

CC BY 4.0 image by ESO

perf record ./jpegtran -outfile /dev/null -progressive -optimise -copy none test.jpeg

And we get:

perf report 54.90% lt-jpegtran libjpeg.so.9.1.0 [.] encode_mcu_AC_refine Continue reading

0

Douglas Comer on the Future of Networking

Jim Small asked me what I thought about the Future of Networking Packet Pushers podcast with Douglas Comer. I decided to listen to it while driving toward one of my recent hikes, and it was a great decision– it was the best Packet Pushers podcast I listened to in a long while.

Read more ...

0

Journalist convicted of helping Anonymous hack the LA Times

A journalist accused of helping a rogue hacking group briefly take control of the LA Times' website was convicted by a federal jury in California on Wednesday.Matthew Keys, 28, of Vacaville, California, was convicted of conspiracy to make unauthorized changes to a computer, transmitting malicious code and attempted transmission of malicious code, according to the Department of Justice.One of Keys' attorneys, Jay Leiderman, wrote on Twitter that "we'll proceed forward to sentencing and look forward to appealing this verdict."To read this article in full or to leave a comment, please click here

0

Dell said to be talking with EMC about possible blockbuster merger

Dell is reportedly in talks to buy all or part of enterprise storage powerhouse EMC, which would mark a bold and unexpected new chapter in the PC maker's history.A total merger would be one of the biggest deals ever in the technology industry, with EMC holding a market value of about US$50 billion. It would also bring together two of the most important vendors to enterprise IT departments. MORE ON MERGERS: 2015 Networking & IT M&A Tracker The report about the deal Wednesday in the Wall Street Journal cited unnamed sources, and cautioned that the the companies might not finalize any agreement. To read this article in full or to leave a comment, please click here

0

Android malware hammers phones with unwanted ads

Android users in more than 20 countries have been infected with a particularly aggressive malware program that bombards devices with unwanted advertisements.Researchers from FireEye found that the malicious component, nicknamed Kemoge, has been seeded inside what appear to be legitimate apps offered on third-party application stores."This is another malicious adware family, possibly written by Chinese developers or controlled by Chinese hackers, spreading on a global scale that represents a significant threat," wrote Yulong Zhang, a staff research scientist with FireEye.To read this article in full or to leave a comment, please click here

0

Dell & EMC Reportedly Mulling a Merger

Does Dell have an appetite for the biggest acquisition in tech history?

0

Cisco Opens the Door to DevNet Labs

Cisco opens a developer community hub, taking aim at speeding innovation.

0

Amazon makes it easier to lock down the cloud

If there's a common refrain in enterprise security these days, it's that nobody wants to become the next Sony, Experian, Scottrade, Target or Home Depot. Moving workloads to a public cloud service means that companies can leave some of the day-to-day work of securing their infrastructure to professionals who manage those services. To read this article in full or to leave a comment, please click here

0

Amazon makes it easier to lock down the cloud

If there's a common refrain in enterprise security these days, it's that nobody wants to become the next Sony, Experian, Scottrade, Target or Home Depot. Moving workloads to a public cloud service means that companies can leave some of the day-to-day work of securing their infrastructure to professionals who manage those services. To read this article in full or to leave a comment, please click here

0

A10 DemoFriday Q&A + Video: Delivering Advanced Security & Application Policies with Cisco ACI & Thunder ADC

The A10 and Cisco teams answer advanced security questions following their presentation on the Thunder ADC and Cisco ACI.

0

Hackers who targeted Samsung Pay may be looking to track individuals

The security breach at Samsung subsidiary LoopPay was probably more about spying than about gathering consumer data for profit, and the worst could be yet to come, a security analyst said Wednesday. Samsung acknowledged the attack on LoopPay, which it acquired in February for technology that it uses in its Samsung Pay service. It said hackers only breached LoopPay's office network, not systems used by Samsung Pay. The affected servers have been isolated and no personal payment information was put at risk, according to Samsung.To read this article in full or to leave a comment, please click here

0

Avoid Rapid Time-To-Failure With SDN

Software-defined networking introduces a great deal of agility to the network, which also introduces risk. Nathan Pearce, Principal Technologist at F5 Networks, offers advice for ensuring the programmable network provides a reliable platform for enterprise applications.