Security for the New Battlefield

What will be our security challenge in the coming decade? Running trusted services even on untrusted infrastructure. That means protecting the confidentiality and integrity of data as it moves through the network. One possible solution – distributed network encryption – a new approach made possible by network virtualization and the software-defined data center that addresses some of the current challenges of widespread encryption usage inside the data center.

VMware’s head of security products Tom Corn recently spoke on the topic at VMworld 2015 U.S., noting, “Network encryption is a great example of taking something that was once a point product, and turning it into a distributed service—or what you might call an infinite service. It’s everywhere; and maybe more importantly it changes how you implement policy. From thinking about it through the physical infrastructure—how you route data, etcetera—to through the lens of the application, which is ultimately what you’re trying to protect. It eventually becomes really a check box on an application.”

VMware NSX holds the promise of simplifying encryption, incorporating it directly so that it becomes a fundamental attribute of the application. That means so as long as it has that attribute, any packet will be Continue reading

IDG Contributor Network: How the tech industry could overtake the auto industry

Processing power may be more important than horsepower in future cars, consultant firm KPMG said in a recent report on the rapidly changing auto industry.KPMG's report on automotive innovation, released last week, says that many "aggressive players are now entering the connectivity space."That list includes "not only makers of chips, pipes, receivers, and software, but also data aggregators and content providers."Changing landscape Two big ones are Apple and Google. Their investment capacity and economies of scale are significantly larger than the incumbent automakers, KPMG thinks. That means auto-makers risk being trampled.To read this article in full or to leave a comment, please click here

BlackBerry quits Pakistan over government surveillance demands

BlackBerry has decided not operate in Pakistan after Nov. 30, rather than let the local government intercept communications on its enterprise services, the company said Monday.The Pakistani government wanted the ability to monitor all BlackBerry Enterprise Service traffic in the country, including every BES e-mail and BES BBM (BlackBerry Messenger) message, BlackBerry's Chief Operating Officer Marty Beard wrote in a blog post on Monday. BlackBerry has been under pressure in many countries including neighboring India to provide access to data on its enterprise services to law enforcement.To read this article in full or to leave a comment, please click here

KVM Performance Limits for virtual CPU cores

When using open-source network simulators that use KVM as a virtualization tool, each node in the network simulation is actually a KVM virtual machine so the maximum supported number of nodes in a network simulation is the same as the maximum number of KVM virtual machines that can run on the host computer.

Unfortunately, there seems to be no single authoritative statement about the maximum number of KVM virtual machines that can run on a host computer. Most information I could find about KVM limits does not publish absolute limits but, instead, recommends best practices.

In this post, I will synthesize the information available from many different sources into a single recommendation for the maximum number of KVM-based nodes that can run in an open-source network simulator running on a single host computer.

Continue reading

Collecting MAC and IP Adresses of Hosts Connected to Cisco Switches Using SNMP

The goal of this article is to introduce a script that automates a process of collecting MAC and IP address of hosts connected to Cisco switches using Simple Network Management Protocol (SNMP). We will configure SNMP version 2c and 3 on Cisco switches and create a BASH script that collects required data for us. For this purpose I have created a test network lab using GNS3. The topology consists of three Cisco virtual switch appliances running vIOS-L2 and one network management station (NMS) based on Kali Linux. Network hosts are simulated by Core Linux appliances connected to Cisco vIOS-l2 switches.

1. GNS3 Lab

1.1 List of software used for creating GNS3 lab

  • Host OS
    x86-64 Linux Fedora with installed GNS3 1.3.11 and Qemu1.4.0
  • Network Management Station
    Linux Kali 3.18.0-kali3-amd64
  • Swiches
    Cisco vIOS l2 Software (vios_l2-ADVENTERPRISEK9-M), Version 15.2
    Cisco Catalyst 3550 (C3550-IPSERVICESK9-M), Version 12.2(55)SE9
  • Network Host (End device)
    Linux Core 3.16.6-tinycore64

1.2 Network Topology Description

All virtual network and host devices are running inside GNS3 project and they are emulated by Qemu emulator and virtualizer. The only exception is a Cisco Catalyst 3550 switch that is connected to topology via GNS3 network Continue reading

Walmart hired Lockheed Martin for employee surveillance, allegedly got help from FBI

It’s not unusual for companies to monitor social media in order to ‘protect’ their brands; Microsoft, for example, makes dossiers on journalists who write about the company. Yet Walmart allegedly “is always watching” and went the extra distance to spy on employees by hiring defense contractor Lockheed Martin and allegedly even received help from the FBI.Walmart was most interested in gathering surveillance of employees involved with the group OUR Walmart which planned Black Friday protests in 2012. OUR Walmart was advocating for higher wages, predictable schedules, better healthcare coverage, and the right to unionize. Walmart’s surveillance efforts were described in over 1,000 pages of “emails, reports, playbooks, charts, and graphs as well as testimony,” according to Bloomberg Businessweek which reviewed the documents. The testimony, which was given earlier this year to the National Labor Relations Board, claims Walmart hired Lockheed Martin and received help from the FBI Joint Terrorism Task Force.To read this article in full or to leave a comment, please click here

How I made my custom keyboard layout on Linux and Windows

This post explains how to set up a keyboard layout the way I like it. It may not fit you at all, but it may give you ideas that would work for you.

In short: I remap Caps Lock to add some extra keys.

First a description of what my preferred keyboard layout is: I type Dvorak, but also want to occasionally use Swedish letters. There are a couple of Dvorak versions for Swedish, but since most of my typing is in English or programming I think they compromise too much on the accessibility of other keys to add these three Swedish characters.

Picture of my keyboard

So for decade or so I’ve been remapping Caps Lock to AltGr and holding down AltGr to add new keys. Typing “ö” quickly became fluent and easy, since it involves holding down one key with my left hand and pressing a key with another.

I used this method even before I switched to Dvorak, because if you’ve ever coded on a Swedish keyboard you should know how terrible it is. I know several Swedish programmers who use US keyboard layout all the time because of this, and simply live without being able to type proper Swedish.

Continue reading

How I made my custom keyboard layout on Linux and Windows

This post explains how to set up a keyboard layout the way I like it. It may not fit you at all, but it may give you ideas that would work for you.

In short: I remap Caps Lock to add some extra keys.

First a description of what my preferred keyboard layout is: I type Dvorak, but also want to occasionally use Swedish letters. There are a couple of Dvorak versions for Swedish, but since most of my typing is in English or programming I think they compromise too much on the accessibility of other keys to add these three Swedish characters.

Picture of my keyboard

So for decade or so I’ve been remapping Caps Lock to AltGr and holding down AltGr to add new keys. Typing “ö” quickly became fluent and easy, since it involves holding down one key with my left hand and pressing a key with another.

I used this method even before I switched to Dvorak, because if you’ve ever coded on a Swedish keyboard you should know how terrible it is. I know several Swedish programmers who use US keyboard layout all the time because of this, and simply live without being able to type proper Swedish.

Continue reading

Building pov-ray on raspberry pi

This is just notes in case I need to do this again. It’s for my QPov project.

sudo apt-get install autoconf libboost-all-dev libjpeg-dev libtiff-dev libpng-dev
git clone https://github.com/POV-Ray/povray.git
cd povray
git checkout --track -b 3.7-stable origin/3.7-stable
cd unix
./prebuild.sh
cd ..
./configure --prefix=$HOME/opt/povray COMPILED_BY="My_Name on RPi"
make
make install
1 3,243 3,244 3,245 3,246 3,247 3,853