NetworkingNexus.net

Ransomware for Mac is nothing to worry about — for now

Apple computers haven't been impacted by ransomware, a pervasive and insidious class of malware that encrypts files on a computer in exchange for a ransom.That's not because Apple's operating system is any more secure than Windows; it's more that malware writers haven't gotten around to writing ransomware for OS X since infecting Windows machines has been so profitable.However, a Brazilian security researcher, Rafael Salema Marques, decided to show how easy it would be for malware writers to target OS X in a polished experiment that took him a couple of days.To read this article in full or to leave a comment, please click here

CenturyLink Picks Nuage Networks’ SDN Overlay

Nuage unifies virtualized network services on CenturyLink's Programmable Services Backbone.

ProtonMail comes back online, shores up DDoS defenses

ProtonMail, the Switzerland-based encrypted email service, has found its footing again after a wild ride over the past week.The free service has said it was hit by two different groups using distributed denial-of-service attacks (DDoS) that took it offline.Now it has partnered with Radware, which offered its DDoS mitigation service for a "reasonable price," allowing service to resume, ProtonMail wrote in a blog post on Tuesday."The attackers hoped to destroy our community, but this attack has only served to bring us all together, united by a common cause and vision for the future," the company wrote.To read this article in full or to leave a comment, please click here

A Handy CLI Tool for Working with JSON

While I was at Kubecon this past week, one of the presenters showed off a handy CLI tool for working with JSON. It’s called jq, and in this post I’m going to show you a few ways to use jq. For the source of JSON output, I’ll use the OpenStack APIs.

If you’re not familiar with JSON, I suggest having a look at this non-programmer’s introduction to JSON. Also, refer to this article on using cURL to interact with a RESTful API for a bit more background on some of the commands I’m going to use in this post.

Let’s start by getting an authorization token for OpenStack, using the following curl command:

curl -d '{"auth":{"passwordCredentials":
{"username": "admin","password": "secret"},
"tenantName": "customer-A"}}' 
-H "Content-Type: application/json" 
http://192.168.100.100:5000/v2.0/tokens

This will return a pretty fair amount of JSON in the response, and it presents the first opportunity to use jq. Let’s say you only wanted the authorization token, and not all the other output. Simply add the following jq command to the end of your curl request:

curl -d '{"auth":{"passwordCredentials":
{"username": "admin","password": "secret"},
"tenantName": "customer-A"}}' 
-H "Content-Type: application/json" 
http://192.168.100.100:5000/v2.0/tokens | 
 Continue reading

Anycast For DMVPN Hubs

Dynamic assignment of DMVPN spoke tunnel addresses isn't just a matter of convenience. It provided the foundation for a recent design which included the following fun requirements:

There are many hub sites.
Spokes will be network-near exactly one hub site.
Latency between hub sites is high.
Bandwidth between hub sites is low.
Spoke routers don't know where they are in the network.
Spoke routers must connect only to the nearest hub.

The underlay topology in this environment¹ made it safe for me to anycast the DMVPN hubs, so that's what I did. This made the "connect to the nearest hub" problem easy to solve, but introduced some new complexity.

Hub Anycast Interface
Each DMVPN router has a loopback interface with address 192.0.2.0/32 assigned to the front-door VRF. It's configured something like this:

 interface loopback 192020
  description DMVPN hub anycast target  
  ip vrf forwarding LTE_TRANSIT  
  ip address 192.0.2.0 255.255.255.255

The 192.0.2.0 /32 prefix was redistributed into the IP backbone. If this device were to fail, then the next-nearest instance of 192.0.2.0 would be selected by the IGP.

Spoke Configuration
Spokes look pretty much exactly like Continue reading

Worth Reading: Net Neutrality

The core conceit and fallacy of ‘neutrality’ has been to create a doctrine of fairness to packets at the local mechanism level. I hate to have to tell you this, but packets don’t have feelings. They don’t get irate when they are in a queue too long and other packets jump ahead of them. via circleid

CCIE Three Months Later

A short take on my journey to becoming CCIE #49800. This wouldn't be possible without the so very important people in my life. Thank You!...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Patch Tuesday November 2015: Microsoft releases 12 fixes, 4 rated critical

For Patch Tuesday November 2015, Microsoft released 12 security bulletins, four rated as critical and the remaining 8 rated as important.Rated CriticalMS15-112 is the cumulative fix for remote code execution flaws in Internet Explorer. Microsoft lists 25 CVEs, most of which are IE memory corruption vulnerabilities. 19 are called Internet Explorer memory corruption vulnerabilities, with three CVEs labeled slightly different as Microsoft browser memory corruption vulnerabilities. Of the remaining CVEs, one involves Microsoft browser ASLR bypass, one is for an IE information disclosure flaw, and one is a scripting engine memory corruption vulnerability. You should deploy this as soon as possible.To read this article in full or to leave a comment, please click here

The NCM Connector for Cisco Devices

post by: matt.raio Greetings fellow GNS3ers and SolarWinds Gurus! This guide is to present to you a new feature that utilizes

Startup Radar: Niara Uses Machine Learning To Spot Malicious Activity

Startup Niara applies machine learning to security logs and network packets and flows to find anomalous behavior that may indicate malicious activity.

The post Startup Radar: Niara Uses Machine Learning To Spot Malicious Activity appeared first on Packet Pushers.

Nerd Knobs Are Career Limiting

Redefining the term Nerd Knobs as Wanker Knobs

The post Nerd Knobs Are Career Limiting appeared first on EtherealMind.

Deploy and Manage Any Cluster Manager with Docker Swarm

written by Sam Alba, Sr. Director of Engineering at Docker, Inc. and Andrea Luzzardi, Software Engineer at Docker, Inc. As you have seen, last week Docker Swarm reached 1.0, and now is ready for production use. Swarm is native clustering … Continued

Three indicted in JPMorgan hacking case

On Tuesday, Manhattan US Attorney Preet Bharara's office unsealed an indictment against three individuals charged with hacking several financial institutions, financial news publishers, and other companies.In a statement to Reuters, JPMorgan confirmed that the recently unsealed indictment is connected to last year's hack, which impacted 83 million households.Monday's indictment focuses on Gery Shalon, Joshua Samuel Aaron, and Ziv Orenstein.In court documents shared with CSO Online, the prosecutors say that between 2012 and 2015, the three pulled off "the largest theft of customer data from a U.S. financial institution in history" by stealing the personal information of more than 100 million people.To read this article in full or to leave a comment, please click here

ARM is bringing some much needed security to the Internet of Things

If you believe what the tech industry tells us, everything is coming online. From pacemakers to washing machines to street lights, all will be networked together and feeding data into the cloud. If this Internet of Things comes to pass, we're going to need a lot more security than we have today.Chip design company ARM announced plans Tuesday for a new line of chips intended to help secure those devices. ARM is best known for designing the microprocessors in smartphones and tablets, but it also designs smaller chips, called microcontrollers, that feature heavily in IoT. Some four billion ARM microcontrollers were shipped by ARM licensees last year.To read this article in full or to leave a comment, please click here

Who's Hiring?

Senior Devops Engineer - StatusPage.io is looking for a senior devops engineer to help us in making the internet more transparent around downtime. Your mission: help us create a fast, scalable infrastructure that can be deployed to quickly and reliably.

Digit Game Studios, Irish’s largest game development studio, is looking for game server engineers to work on existing and new mobile 3D MMO games. Our most recent project in development is based on an iconic AAA-IP and therefore we expect very high DAU & CCU numbers. If you are passionate about games and if you are experienced in creating low-latency architectures and/or highly scalable but consistent solutions then talk to us and apply here.

As a Networking & Systems Software Engineer at iStreamPlanet you’ll be driving the design and implementation of a high-throughput video distribution system. Our cloud-based approach to video streaming requires terabytes of high-definition video routed throughout the world. You will work in a highly-collaborative, agile environment that thrives on success and eats big challenges for lunch. Please apply here.

As a Scalable Storage Software Engineer at iStreamPlanet you’ll be driving the design and implementation of numerous storage systems including software services, analytics and video Continue reading

HL: The Art of Network Architecture

The post HL: The Art of Network Architecture appeared first on 'net work.

IDG Contributor Network: How magnetic ID cards are becoming indestructable

One of the problems with traditional magnetic storage has always been that, because it's written with magnetic fields, it can be wiped by those fields too.That makes for a pretty unstable medium—though convenient and more efficient than many.Magnetic storage is used in ID and credit cards too, but the environments that the cards encounter are brutal on the media.So is space travel, and indeed the residential living rooms with magnet-containing home theatre speakers, for example. Remember the mysteriously deteriorating cassette tape?Yet magnetic media has its favorable qualities—it's more secure than Radio Frequency (RF) chips, for example.To read this article in full or to leave a comment, please click here

Stay tuned for important news in December!!

I’ve got some important news which I will reveal in the beginning of December!

So stay tuned

Gathering No MOS

mossBall1

If you work in the voice or video world, you’ve undoubtedly heard about Mean Opinion Scores (MOS). MOS is a rough way of ranking the quality of the sound on a call. It’s widely used to determine the over experience for the user on the other end of the phone. MOS represents something important in the grand scheme of communications. However, MOS is quickly becoming a crutch that needs some explanation.

That’s Just Like Your Opinion

The first think to keep in mind when you look at MOS data is that the second word in the term is opinion. Originally, MOS was derived by having selected people listen to calls and rank them on a scale of 1 (I can’t hear you) to 5 (We’re sitting next to each other). The idea was to see if listeners could distinguish when certain aspects of the call were changed, such as pathing or exchange equipment. It was an all-or-nothing ranking. Good calls got a 4 or even rarely a 5. Most terrible calls got 2 or 3. You take the average of all your subjects and that gives your the overall MOS for your system.

voip-qualitypbx

When digital systems came along, MOS took Continue reading

Five Functional Facts about TACACS+ in ISE 2.0

The oft-requested and long awaited arrival of TACACS+ support in Cisco’s Identity Services Engine (ISE) is finally here starting in version 2.0. I’ve been able to play with this feature in the lab and wanted to blog about it so that existing ISE and ACS (Cisco’s Access Control Server, the long-time defacto TACACS+ server) users know what to expect.

Below are five facts about how TACACS+ works in ISE 2.0.

« Previous 1 … 3,252 3,253 3,254 3,255 3,256 … 3,842 Next »