0

Apple brings down malware-infected apps from store

Apple has brought down a large number of apps from its store after it was found that around 40 iOS apps had been infected by a modified version of the company's software for developers.Christine Monaghan, an Apple spokeswoman, told news outlets that the company removed apps from the App Store that it knows have been created with the counterfeit software, to protect its customers.Palo Alto Networks reported last week that a new malware, called XcodeGhost, modified the Xcode integrated development environment for building apps for the Mac, iPhone and iPad.To read this article in full or to leave a comment, please click here

0

DHS CISO: Revoke security clearance of feds who keep falling for phishing scams

Numerous federal agencies rely on legacy systems that have security bolted on as an afterthought instead of security “being deeply embedded” in the systems. It is unsurprising that such older hardware, software and operating systems are vulnerable to intrusions. But sometimes security problems have more to do with human vulnerabilities – stupid PEBKAC and ID10T errors committed by the person behind the keyboard – than legacy systems. If the same people who handle sensitive government information also keep falling for phishing scams, should they have their security clearance revoked? Indeed they should, according to DHS chief security officer Paul Beckman.To read this article in full or to leave a comment, please click here

0

Merchant Processes and CID/CVV2

I recently received a letter from the company that monitors my home alarm. It basically stated that to avoid a $3US surcharge that I must opt out of receiving bill in the mail (which is fine) and that I must set up automatic transactions.  I also found this form attached.

This is not the first time that I have seen a payment option that includes a requirement for the CVV2  or CID value from my credit card. However with a little knowledge of PCI, I have to ask myself the following question, “What exactly are they going to do with this information?” According to PCI-DSS, this information must not be stored (even in an encrypted format) after authorization.

• PCI DSS Data Storage Do’s and Don’ts

That raises the following questions for the merchant requiring this information–

1. Is this truly only for the first transaction authorization and the physical form will be securely destroyed?
2. In this particular case, this is for a monthly transaction. So their relationship with their provider is such that CID/CVV is optional (and not used) for secondary transactions?
3. Or is this information being stored, electronically or physically, allowing for the possibility of later transactions?

In this Continue reading

0

How to map OpenFlow switch TCP ports in Mininet SDN simulations

When testing SDN functions in the Mininet network emulator and viewing captured OpenFlow messages in a packet analyzer such as Wireshark, it is difficult to identify which SDN switch is the source or destination of each captured message.

The only reliable way to identify which SDN switch sent or received an OpenFlow message is to look at the source or destination TCP port of the OpenFlow packets. This is because most OpenFlow messages exchanged between switches and the controller do not contain any other information that helps identify the sending or receiving switch. Neither Mininet nor the Open vSwitch database provides information that might be used to identify the TCP ports used by each switches to communicate with the OpenFlow controller in the network.

This post describes a procedure to map which TCP ports are used on each switch to communicate with the SDN controller in the Mininet network simulation. This procedure will enable researchers or students to study the interactions between SDN controller and switches in a more detailed and accurate way.

Summary of procedure

To map which TCP ports are used on each switch to communicate with the SDN controller in the Mininet network simulation, execute the steps Continue reading

0

HP VSR E0321 Release: IRF has arrived for NFV!

HP has released version E0321 for the Virtual Services Router (VSR) platform. This is a major new release, which includes some very cool new features, such as IRF for the virtual platform. Download here: https://h10145.www1.hpe.com/Downloads/SoftwareReleases.aspx?ProductNumber=JG811AAE&lang=en,en&cc=us,us&prodSeriesId=5443163 In the upcoming posts I … Continue reading →

0

Site Upgrades for September 2015

First, I want to apologize for not doing my job. Over the past couple years I’ve let this site become slightly stagnant. I won’t attempt to make excuses, but I will say that I’m in a much better place now. Hopefully inspiration will continue to strike, and I will continue to put pen to paper… or finger to keyboard?

Over the past couple weeks I’ve put a fair amount of time and monetary resources into RouterJockey. I’ve fixed quite a few CSS bugs, without hopefully creating more. I purchased an SSL certificate and moved the site to HTTPS, which helps me more than it really does you… but in doing so, I’ve also enabled SPDY 3.1. SPDY should help load times, but Nginx was already doing a pretty good job. Oh, in order to get SPDY up to 3.1 I was forced to migrate away from the Ubuntu repo for Nginx.. but that’s not a huge deal.

I’ve also spent some time redesigning the menu bar, adding new links, removing some useless ones, and writing an all new disclaimer. Please be sure to read and understand everything posted on that page before attempting to read any of my Continue reading

0

TM Forum Keeps its Head Above the Weeds on NFV Technology

Operators don't want TM Forum to get lost in NFV technicalities. They want the focus on making money.

0

Some notes on NSA’s 0day handling process

The EFF got (via FOIA) the government's official policy on handling/buying 0days. I thought I'd write up some notes on this, based on my experience. The tl;dr version of this post is (1) the bits they redacted are the expected offensive use of 0days, and (2) there's nothing surprising in the redacted bits.


Before 2008, you could sell 0days to the government many times, to different departments ranging from the NSA to Army to everybody else. These government orgs would compete against each other to see who had the biggest/best cyber-arsenal.

In 2008, there came an executive order to put a stop to all this nonsense. Vuln sellers now only sold 0days once to the government, and then the NSA would coordinate them with everyone else.

That's what this "VEP" (Vuln Equities Process) document discusses -- how the NSA distributes vulnerability information to all the other "stakeholders".

I use "stakeholders" loosely, because there are a lot of government organizations who feel entitled to being part of the 0day gravy train, but who really shouldn't be. I have the impression the NSA has two processes, the real one that is tightly focused on buying vulns and deploying them in the field, Continue reading

0

Intent-Based Networking Seeks Network Effect

What's the latest on intent-based networking--the hot new topic in SDN.

0

SDxCentral Weekly News Roundup — September 18, 2015

Intel boosts IoT for cars; former Cisco and Time Warner CTOs intersect; Khosla Ventures funds Gitlab.

0

iPexpert’s Newest “CCIE Wall of Fame” Additions 9/18/2015

Please join us in congratulating the following iPexpert students who have passed their CCIE lab!

This Week’s CCIE Success Stories

• Ajay Edara, CCIE #36424 (R&S & Wireless)
• Shiv Shankar, CCIE #43675 (Routing & Switching)
• Andy Harrison, CCIE #50052 (Routing & Switching)
• Mike Burk, CCIE #50207 (Wireless)
• Tony Ilorah, CCIE #50210 (Security)
• Ahmad Nawid Azizi, CCIE #50254 (Routing & Switching)

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

0

Starbucks On Dune, WiFi Allergies: This Week On The Internet

From pumpkin spice on Dune to WiFi allergies to a giant robot fight and more, here's some interesting stories that crossed my browser this week.

The post Starbucks On Dune, WiFi Allergies: This Week On The Internet appeared first on Packet Pushers.

0

Featured Interview: Brocade’s Jon Hudson on the Current & Future State of SDN, NFV, & DevOps

Brocade's Jon Hudson sat down with SDxCentral to discuss the current and future state of SDN, NFV, and DevOps.

0

Optimize Open NX-OS with Cisco’s Network Programmability Tools

Join the September 25th Cisco DemoFriday and learn how you can benefit from network programmability as you transition from legacy systems to open standard interfaces.

0

F5 Certification Path – How to become F5 Certified

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
The F5 certification path is a series of exams administered by pearsonvue where you start of by passing 2 exams to become an F5 Certified Administrator and then depending on your specialist area you can add to that by becoming an F5 Certified Technology Specialist. The certification cost is $135 per exam which would be $170 […]

Post taken from CCIE Blog

Original post F5 Certification Path – How to become F5 Certified

0

Docker Global Hack Day #3: How to Submit Hacks

Thank you to everyone who already submitted awesome Docker hacks for Docker Global Hack Day #3 – we’re super excited to see the final submissions! Still looking for a project to join? Head to the Docker Global Hack Day #3 … Continued

0

Why DevOps Is the Imperative Companion to SDN & NFV

Achieve the “big bang” transformation.

0

Startup Cato Networks Calls SD-WAN ‘Short-Sighted’

Is it the end for MPLS? Cato claims it's got a way to give MPLS-like performance to Internet links.

0

Stuff The Internet Says On Scalability For September 18th, 2015

Hey, it's HighScalability time:

• terabits: Facebook's network capacity; 56.2 Gbps: largest extortion DDoS attack seen by Akamai; 220: minutes spent usings apps per day; $33 billion: 2015 in-app purchases; 2334: web servers running in containers on a Raspberry Pi 2; 121: startups valued over $1 billion


• Quotable Quotes:
  • A Beautiful Question: Finding Nature's Deep Design: Two obsessions are the hallmarks of Nature’s artistic style: Symmetry—a love of harmony, balance, and proportion Economy—satisfaction in producing an abundance of effects from very limited means
  • @Carnage4Life: ad blocking Apple has done to Google what Google did to MSFT. Added a feature they can't compete with without breaking their biz model
  • @shellen: FWIW - Dreamforce is a localized weather system that strikes downtown SF every year causing widespread panic & bad slacks. 
  • @KentBeck: first you learn the value of abstraction, then you learn the cost of abstraction, then you're ready to engineer
  • @doctorow: Arab-looking man of Syrian descent found in garage building what looks like a bomb 
  • @kixxauth: Idempotency is not something you take a pill for. -- ZeroMQ
  • Continue reading

0

What Does It Mean When A Project Has Been Forked?

Open source projects that involve lots of folks sometimes run into conflicts. Should the project go in direction X, or direction Y? Is feature A more important, or feature B? And so on. Sometimes the concerns around an open source project are more pragmatic than pedantic. Should we, as a commercial entity, continue to use this open source project as is, or go in our own direction with it? The keyword to look for in these circumstances is fork.