Improve Your Open Networking Experience with Cumulus® VX™

In past jobs, when I was responsible for the architecture and engineering of networks, my peers and I would often spend measurable time working in the lab and testing out the setup of new network designs or approaches that we were looking to implement.

As anyone who has had to build a lab themselves will attest, you never have enough gear, power or space to do all of the testing you would like.  Between the problems of having to build the network from gear that’s been cast-off from the production network to not being able to run the latest software, you can end up questioning your testing results.  From being limited on cooling and power to having to find and run the cables to connect it all together, it can be a lot of work that may not answer everything you need for production.

In the compute space, this has been less of an issue in recent years. With the introduction of accessible virtualization, the application teams could simulate entire solution stacks on their desktop.  While you wouldn’t want to run your production environment on many of them, you could at least simulate all of the components in the solution and verify what you were doing different was viable. Continue reading

MikroTik unveils new RouterOS development cycle

 

[adrotate banner=”4″]

 

As we all patiently await the release of RouterOS (RoS) v7 beta, MikroTik has announced a change in the way RoS development is organized.  There will now be three different tracks of development:

Bugfix only – When a current build is released, only fixes to known bugs will be added to this branch of development

Current – Current release will contain bugfixes and new features

Release Candidate – The release candidate will remain the development build for the next “current” release.

 

Graphical Overview of the new development cycle

MikroTik-bugfix-map

Image and notes below are from here

A small addendum: the Bugfix only will only contain verified fixes, and no new features. The Current release contains the same fixes but also new features and other improvements, sometimes also less critical fixes than in Bugfix. And finally the Release Candidate is more likely to a nightly build. We will not to intensive testing before publishing these, only quick check if upgrade can be done and if most features work fine.

Origin

The idea originally came out of this thread and after a flurry of positive commentary, it became a working practice shortly therafter.

We plan to make sub-version releases Continue reading

MikroTik unveils new RouterOS development cycle

 

[adrotate banner=”4″]

 

As we all patiently await the release of RouterOS (RoS) v7 beta, MikroTik has announced a change in the way RoS development is organized.  There will now be three different tracks of development:

Bugfix only – When a current build is released, only fixes to known bugs will be added to this branch of development

Current – Current release will contain bugfixes and new features

Release Candidate – The release candidate will remain the development build for the next “current” release.

 

Graphical Overview of the new development cycle

MikroTik-bugfix-map

Image and notes below are from here

A small addendum: the Bugfix only will only contain verified fixes, and no new features. The Current release contains the same fixes but also new features and other improvements, sometimes also less critical fixes than in Bugfix. And finally the Release Candidate is more likely to a nightly build. We will not to intensive testing before publishing these, only quick check if upgrade can be done and if most features work fine.

Origin

The idea originally came out of this thread and after a flurry of positive commentary, it became a working practice shortly therafter.

We plan to make sub-version releases Continue reading

Windows 10 is possibly the worst spyware ever made

The usual bumps of an OS launch are understandable and forgivable, but some of the terms of the end user service agreement for Windows 10 put the NSA to shame.Microsoft is already getting heat after it was found that Windows 10 was being auto-downloaded to user PCs without warning, and more seriously, that it was using the Internet connections of Windows 10 users to deliver Windows 10 and updates to others.But there are worse offenders. Microsoft's service agreement is a monstrous 12,000 words in length, about the size of a novella. And who reads those, right? Well, here's one excerpt from Microsoft's terms of use that you might want to read:To read this article in full or to leave a comment, please click here

TECH.unplugged And Being Present

techunplugged-logo

I wanted to let everyone know that I’m going to be taking part in an excellent event being put on by my friend Enrico Signoretti (@ESignoretti) this September. TECH.unplugged is a jam-packed day of presentations from people that cover storage, computing, and in my case networking. We’re getting together to share knowledge and discuss topics of great interest to the IT community. As excited as I am to be taking part, I also wanted to take a few moments to discuss why events like this are important to the technology community.

WORM Food

There’s no doubt that online events are becoming the standard for events in recent years. It’s much more likely to find an event that offers streaming video, virtual meeting rooms, and moderated discussions taking place in a web browser. The costs of travel and lodging are far higher than they were during the recession days of yore. Finding a meeting room that works with your schedule is even harder. It’s much easier to spin up a conference room in the cloud and have people dial in to hear what’s going on.

For factual information, such as teaching courses, this approach works rather well. That’s Continue reading

Organizations should focus data sharing post-incident, not attribution

LAS VEGAS - There have been several notable security incidents in the news this year, from healthcare and retail breaches, to financial; even security firms themselves have been targeted.In each instance, attribution seems to take the lead during incident response, something organizations should resist. The key is collecting the right information and passing it on to the right people. When it comes to figuring out who did it and where they are, authorities are the ones who should take the lead – organizations that focus on this area first are wasting resources and time.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers US Attorney Ed McAndrew (DE), who has years of experience working cases dealing with Internet-based crimes under his belt, recently spoke to CSO Online and offered some unique insight into the federal side of incident response and what organizations can to do better prepare for law enforcement involvement.To read this article in full or to leave a comment, please click here

Black Hat 2015: Ransomware not all it’s cracked up to be

All ransomware is not created equal and therefore should not be universally feared, a researcher will tell the Black Hat 2015 conference this week. Engin Kirda In fact, some ransomware – which locks up infected computers until a demanded sum is paid – makes false claims about the damage it is capable of doing, and some of the data it purports to seize can be recovered, says Engin Kirda, the cofounder and chief architect at Lastline Labs.To read this article in full or to leave a comment, please click here

Black Hat 2015: Attackers use commercial Terracotta VPN to launch attacks

RSA researchers have discovered a China-based VPN network dubbed Terracotta that is used extensively to launch advanced persistent threat (APT) attacks and that hijacks servers of unsuspecting organizations in order to add new nodes to its network.The Terracotta VPN provides the infrastructure that anchors several anonymizing VPN services that are commercially marketed to the public in China, according to a briefing delivered today at the Black Hat conference.The services are pushed as a means for individuals to hide their Internet activity from prying government eyes, but are used as well by criminals seeking to cloak the origins of their attacks, RSA researchers will tell the conference.To read this article in full or to leave a comment, please click here

A deep look at CVE-2015-5477 and how CloudFlare Virtual DNS customers are protected

Last week ISC published a patch for a critical remotely exploitable vulnerability in the BIND9 DNS server capable of causing a crash with a single packet.

CC BY 2.0 image by Ralph Aversen

The public summary tells us that a mistake in handling of queries for the TKEY type causes an assertion to fail, which in turn crashes the server. Since the assertion happens during the query parsing, there is no way to avoid it: it's the first thing that happens on receiving a packet, before any decision is made about what to do with it.

TKEY queries are used in the context of TSIG, a protocol DNS servers can use to authenticate to each other. They are special in that unlike normal DNS queries they include a “meta” record (of type TKEY) in the EXTRA/ADDITIONAL section of the message.

CC BY 2.0 image by Ralph Aversen

Since the exploit packet is now public, I thought we might take a dive and look at the vulnerable code. Let's start by taking a look at the output of a crashing instance:

03-Aug-2015 16:38:55.509 message.c:2352: REQUIRE(*name == ((void*)0)) failed, back trace  
03-Aug-2015 16:38:55.510 #0 0x10001510d in  Continue reading

The Upload: Your tech news briefing for Tuesday, August 4

Google has already started its own car companyTurns out that even while Google has been sweet-talking automakers to get its software platform into their cars, it had set up a subsidiary to compete with them, the Guardian reports. Google Auto LLC is registered as a passenger vehicle manufacturer, and was licensed last year as a carmaker in California. It’s run by Chris Urmson, project lead for Google’s self-driving cars. Google wouldn’t talk to the Guardian, which uncovered the company registration via documents it requested under the public records act.To read this article in full or to leave a comment, please click here

Can Virtual Routers Compete with Physical Hardware?

One of the participants of the Carrier Ethernet LinkedIn group asked a great question:

When we install a virtual-router of any vendor over an ordinary sever (having general-purpose microprocessor), can it really compete with a physical-router having ASICs, Network Processors…?

Short answer: No … and here’s my longer answer (cross-posted to my blog because not all of my readers participate in that group).

Read more ...

Microsoft updates program to encourage diversity in partner law firms

Microsoft has overhauled a program for promoting diversity at the law firms it works with, to promote higher representation for lawyers of different minority groups in the firms’ leadership ranks.The company’s Law Firm Diversity Program has been changed to offer bonuses to 15 law firms it works with, based on how many attorneys in positions of power are female, from racial and ethnic minorities, openly LGBT, people with disabilities or military veterans.Microsoft started the program 7 years ago and originally offered firms a 2 percent bonus on their billings if a set percentage of the hours they billed to the company were worked by diverse attorneys.To read this article in full or to leave a comment, please click here

1 3,310 3,311 3,312 3,313 3,314 3,779