10 cutting-edge security threats

New tech, new bugs, new headachesWhen you think of security vulnerabilities, the first thing that likely comes to your mind are flaws in Windows or apps like Adobe Reader that let hackers wreak havoc on your PC. But computers are everywhere these days, and with more computers come more security headaches.Join us as we look at ten hacks and vulnerabilities that take threats to the next level. Somehow, things have gotten even crazier since our last look at shocking security exploits.To read this article in full or to leave a comment, please click here

Cumulus Linux Base Technologies

Dinesh Dutt started his part of the Data Center Fabrics Update webinar with “what is Cumulus Linux all about” and “what data center architectures does it support” and then quickly jumped into details about the base technologies used by Cumulus Linux: MLAG and IP routing.

Not surprisingly, the MLAG part generated tons of questions, and Dinesh answered all of them, even when he had to say “we don’t do that”.

Watch the video

Embedded packet capture and interface ACLs and Zone Based Firewall

Cisco IOS Embedded packet capture is a great tool for trouble shooting. Very similar to the ASA capture command.

It could be better, as it won't parse the packets as good as tpcdump, but it is way better than nothing.

However I couldn't figure out what the order of operation, with regards to ACLs and ZBF.

So I labbed it up, with IOU 15.4, and here are the results:

  • For incoming ACL, packets are captured before ACL is evaluated
  • For incoming ZBF policy, packets are captured before the policy is checked.

So it looks like the embedded packet capture is placed at the right place, right before incoming ACL/ZBF check. However more testing needed to be done: NAT, outgoing ACL/ZBF, IPS drops,  encryption, sanity checks

I wish Cisco would have published an official and full "order of operation". Here is the best I have found so far.

FYI....

MikroTik CCR1072-1G-8S+ Review – update on Part 3 – Throughput

[adrotate banner=”4″]

Breaking the 80 Gbps barrier!!!

799px-Bell_X-1_46-062_(in_flight)

The long wait for real-world 1072 performance numbers is almost over – the last two VMWARE server chassis we needed to push the full 80 Gpbs arrived in the StubArea51 lab today. Thanks to everyone who wrote in and commented on the first two reviews we did on the CCR-1072-1G-8S+.  We initially began work on performance testing throughput for the CCR1072 in late July of this year, but had to order a lot of parts to get enough 10 Gig PCIe cards, SFP+ modules and fiber to be able to push 80 Gbps of traffic through this router.

Challenges

There have been a number of things that we have had to work through to get to 80 Gbps but we are very close. This will be detailed in the full review we plan to release next week but here are a few.

  • VMWARE ESXi – LACP Hashing – Initially we built LACP channels between the ESXi hosts and the 1072 expecting to load the links by using multiple source and destination IPs but we ran into issues with traffic getting stuck on one side of the LACP channel and had to move to Continue reading

MikroTik CCR1072-1G-8S+ Review – update on Part 3 – Throughput

[adrotate banner=”4″]

Breaking the 80 Gbps barrier!!!

799px-Bell_X-1_46-062_(in_flight)

The long wait for real-world 1072 performance numbers is almost over – the last two VMWARE server chassis we needed to push the full 80 Gpbs arrived in the StubArea51 lab today. Thanks to everyone who wrote in and commented on the first two reviews we did on the CCR-1072-1G-8S+.  We initially began work on performance testing throughput for the CCR1072 in late July of this year, but had to order a lot of parts to get enough 10 Gig PCIe cards, SFP+ modules and fiber to be able to push 80 Gbps of traffic through this router.

Challenges

There have been a number of things that we have had to work through to get to 80 Gbps but we are very close. This will be detailed in the full review we plan to release next week but here are a few.

  • VMWARE ESXi – LACP Hashing – Initially we built LACP channels between the ESXi hosts and the 1072 expecting to load the links by using multiple source and destination IPs but we ran into issues with traffic getting stuck on one side of the LACP channel and had to move to Continue reading

IDG Contributor Network: 5 myths about data encryption

It's a heartache, nothing but a heartache. Hits you when it's too late, hits you when you're down. It's a fools' game, nothing but a fool's game. Standing in the cold rain, feeling like a clown.When singer Bonnie Tyler recorded in her distinctive raspy voice "It's A Heartache" in 1978, you'd think she was an oracle of sorts, predicting the rocky road that encryption would have to travel.Just a year earlier in 1977 the Encryption Standard (DES) became the federal standard for block symmetric encryption (FIPS 46). But, oh, what a disappointment encryption DES would become. In less than 20 years since its inception, DES would be declared DOA (dead on arrival), impenetrable NOT.To read this article in full or to leave a comment, please click here

Are your biggest security threats on the inside?

The now infamous Ashley Madison website has had a pretty successful run at helping its clientele be disloyal. So perhaps some would view it as poetic justice if the website became one of the most scandalous breaches in history at the hands of one of its own. At least that is the conclusion of IT security analyst John McAfee, who noted recently “yes, it is true. Ashley Madison was not hacked – the data was stolen by a woman operating on her own who worked for Avid Life Media.” If true, the fact that the Ashley Madison breach was due to an internal, and not external, threat shouldn’t come as too big a surprise. Many IT security studies this year have pointed to the growing threat of insider data theft and corporate breaches. To read this article in full or to leave a comment, please click here

Facebook goes down and Twitter lights up

Facebook crashed for at least 10 minutes today and then struggled to fully come back online.When users tried to open or refresh their Facebook pages a little after 12:30 p.m. ET today, they were greeted not with their news feed but with a largely blank screen that simply said, "Sorry, something went wrong. We're working on it and we'll get it fixed as soon as we can."The site began to come back online around 12:50 p.m., though some users reported still having trouble loading the site until about 1 p.m.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers Facebook did not return a request for information on what caused the problem.To read this article in full or to leave a comment, please click here

IDG Contributor Network: IoT security will soon be common in the enterprise, Gartner says

A fifth of all businesses will have deployed IoT-related security by the end of 2017, analyst Gartner thinks.Dedicated digital security services that are committed to "protecting business initiatives using devices and services in the Internet of Things" will be in place by then, the research and advisory company says.Gartner made the statement in a press release on its website in relation to a security and risk management summit earlier this month in Mumbai.'Reshape IT' "The IoT redefines security," Ganesh Ramamoorthy, research vice president at Gartner, said in the press release.To read this article in full or to leave a comment, please click here

Docker containers vs. OpenStack clouds

Matt Asay has a smart piece over on InfoWorld about some ongoing struggles with OpenStack, as evidenced by Red Hat’s most recent earnings call.+MORE AT NETWORK WORLD: What broke Amazon's cloud +It begs the question: Are containers to blame?Here’s Asay: As big as the community behind OpenStack has been, [Red Hat CEO Jim] Whitehurst declared Docker the “single biggest topic that comes up among ... [Red Hat’s] leading [customers].” In fact, Whitehurst noted that he hears more from customers about Docker than OpenStack.To read this article in full or to leave a comment, please click here

ZingBox: Startup brings Cisco, Stanford pedigree to IoT security

ZingBox, an Internet of Things security startup whose founders have ties to Cisco and Stanford University, is working on software that guards IoT devices from threats on the Internet. May Wang The year-old company’s focus is upgrading routers and gateways with intelligence to detect when IoT devices are behaving abnormally, indicating that they might be compromised, says May Wang, CTO of the company and a co-founder who spent 14 years at Cisco in its office of the CTO where she was a principal architect.To read this article in full or to leave a comment, please click here

Real Jobs for Real Robots

Real Jobs for Real RobotsImage by REUTERS/Issei KatoIt’s quite possible someday soon that robots may deliver food to your table in a restaurant or gather up your laundry and bring it to the laundry room – that is if some of the machines featured in this slideshow make it out of the research labs and into the real world. Here we take a look at 18 robots that are already functioning in a variety of real life jobs.To read this article in full or to leave a comment, please click here

The 25 most powerful enterprise networking companies

The bosses are here It’s the 25 companies that have the biggest effects on how U.S.-based enterprise networks operate. They’re a diverse bunch – some make switches, others chips. Some are big carriers, others are big fish in little ponds. And plenty aren’t, technically speaking, networking companies at all. Nevertheless, these are our picks for the biggest influencers on the network.To read this article in full or to leave a comment, please click here

New malware program infects ATMs, dispenses cash on command

Security researchers have discovered a new malware program that infects automated teller machines (ATMs) and allows attackers to extract cash on command.The program is dubbed GreenDispenser and was detected in Mexico. However, it's only a matter of time until similar attacks are adopted by cybercriminals in other countries, researchers from security firm Proofpoint said in a blog post.GreenDispenser is not the first malware program to target ATMs. In October 2013, security researchers from Symantec warned about a backdoor called Ploutus that could infect ATMs when a new boot disk is inserted into their CD-ROM drives.To read this article in full or to leave a comment, please click here

1 3,241 3,242 3,243 3,244 3,245 3,773