Looking back: Viruses that led to a path of destruction

VirusesImage by BixentroThe world of computer viruses has changed drastically over the last 25 or so years. In the early days, internet users were very naïve towards email attachments, contributing to the alarming speed that viruses could spread across the globe. These days, viruses very rarely land in our inboxes due to preconfigured firewalls and strict measures from the likes of Gmail and Outlook. SSLs.com compiled this list in looking at the destructive viruses that wreaked havoc on the Internet.To read this article in full or to leave a comment, please click here

How to uncover the Dark Web

One of the best ways to understand your enemy – what he’s up to, what his capabilities are and how he can damage you – is to spy on him.And according to some cybercrime experts, one of the easier and more effective ways to do that is to hang out where the bad guys do – on the Dark Web.In a recent post on Dark Reading, Jason Polancich, founder and chief architect of SurfWatch Labs, asserted that, “most businesses already have all the tools on hand for starting a low-cost, high-return Dark Web intelligence operations within their own existing IT and cybersecurity teams.”To read this article in full or to leave a comment, please click here

Engineering Sense

Why_Didn't_They_Ask_Evans_First_Edition_Cover_1934Why didn’t they ask Evans?

For those who haven’t read the famous Agatha Christie novel, the entire point revolves around a man uttering these words just before dying. Who is Evans? What does this person know that can lead to the murderer of the man on the golf course? Bobby and Frankie, the heroes of the story, are led on one wild goose chase after another, until they finally discover it’s not what Evans knows but who Evans knows that really matters.

Okay… But this isn’t a blog about mysteries, it’s about engineering. What does Evans have to do with engineering? Troubleshooting, as Fish says, is often like working through a mystery novel. But I think the analogy can be carried farther than this. Engineering, even on the design side, is much like a mystery novel. It’s often the context of the question, or the context of the answer to the question, that solves the mystery. It’s Poirot straightening the items sitting on a mantelpiece twice, it’s the dog that didn’t bark, and it’s the funny footprints and the Sign of Four.

Just like the detective in a mystery novel, the engineer can only solve the problem if they can Continue reading

Well Known Intervals

planet-oceanListed below are many events which occur on network devices at well-known intervals. The list is provided to serve as an aid while troubleshooting recurring network disruptions. Please consider helping to expand this list by adding other recurrent issues you encounter not already listed.

This list was generated by Jeremy Stretch from PacketLife, but lost after he took his wiki down. Luckily I had previously saved it, as I found it useful, and with his permission I’ve reposted it here.

Contents

Short (<=5 minutes)

1 Second

  • Default VRRP hello timer
  • Default EAP-Identity-Request Timeout (Unified WLAN)
  • Default EAP-Request Timeout (Unified WLAN)
  • Default EAPOL-KEY Timeout (Unified WLAN)
  • CleanAir AP Sampling Interval (Unified WLAN)
  • Default Group Specific Query interval (Maximum Response Time of 10) for IGMPv2

2 Seconds

New products of the week 08.10.2015

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Newly Observed Domains and HostnamesKey features: Newly Observed Domains and Hostnames tracks new hostnames, or fully qualified domain names, when first seen on Internet. This real-time knowledge allows organizations to discover malicious hostnames targeting users. More info.To read this article in full or to leave a comment, please click here

A10 Health Monitors

This post is an equivalence check of A10 vs ACE probes/health monitors.

    ACE

ACE-A# show probe

probe : tcp-3121-probe-1
type : TCP
state : ACTIVE
----------------------------------------------
port : 3121 address : 0.0.0.0 addr type : -
interval : 10 pass intvl : 30 pass count : 2
fail count: 2 recv timeout: 5
--------------------- probe results --------------------
probe association probed-address probes failed passed health
------------------- ---------------+----------+----------+----------+-------
serverfarm : vip-11.95.79.90_3121
real : ip-11.95.79.68[3121]
11.95.79.68 1286028 1104 1284924 SUCCESS

interval – the time period health checks for a healthy server are sent
pass intvl – the time period health checks for a server marked “DOWN” are sent
pass count – the number of successful probes required to mark a server as “UP”
fail count – the number of unsuccessful probes required to mark a server as “DOWN”
recv timeout – timeout before a probe fails


a10-1[test-1]#show health monitor
Idle = Not used by any server In use = Used by server
Attrs = Attributes G = GSLB
Monitor Name Interval Retries Timeout Up-Retries Method Status Attrs
---------------------------------------------------------------------------------
tcp-443-monitor-1 30 2 5 2 TCP In use

Interval – the time period Continue reading

IPv6 and the Swinging Technology Pendulum

35 years ago, mainframes, single-protocol networks (be it SNA or DECnet), and centralized architectures that would make hard-core SDN evangelists gloat with unbridled pride were all the rage. If you’re old enough to remember IBM SNA, you know what I’m talking about.

A few years later, everything changed.

Read more ...

Foxconn to invest $5B to set up first of up to 12 factories in India

As part of its plan to set up to 12 manufacturing facilities in India by 2020, contract manufacturer Foxconn Technology Group is investing US$5 billion in a factory and other facilities in the western Indian state of Maharashtra.The Indian government has been coaxing foreign companies, including smartphone makers, to set up manufacturing units in India under its “Make in India” program.A number of smartphone makers are planning to make the devices in the country, with Chinese maker Xiaomi expected to announce its first phone manufactured in India on Monday.The government recently gave security approval to Huawei Technologies’ plans to set up a manufacturing facility for network equipment in the country, though the facility still needs final approval from the ministry of commerce as it is a Chinese company, according to sources close to the matter. India and China have a border dispute.To read this article in full or to leave a comment, please click here

Writing a Custom IPAM Application

Four years ago, I lamented the lackluster selection of IPAM applications available for service providers. Unfortunately, it seems not much has changed lately. I was back to exploring IPAM offerings again recently, this time with the needs of a cloud hosting provider in mind. I demoed a few tools, but none of them seemed to fit the bill (or they did, but were laughably overpriced).

So, I decided to write my own. In my rantings a few years back, I had considered this option:

Could I create a custom IPAM solution with everything we need? Sure! The problem is that I'm a network engineer, not a programmer (a natural division of labor which, it seems, is mostly to blame for the lack of robust IPAM solutions available). Even if I had the time to undertake such a project, I have little interest in providing long-term maintenance of it.

My opinion has not changed, but I've come to realize that if I want a tool that fits my requirements, I will need to build it. And after surprisingly little time, I'm happy to report that I have now have a kick-ass IPAM tool that does exactly what I want it to.

Continue reading

Writing a Custom IPAM Application

Four years ago, I lamented the lackluster selection of IPAM applications available for service providers. Unfortunately, it seems not much has changed lately. I was back to exploring IPAM offerings again recently, this time with the needs of a cloud hosting provider in mind. I demoed a few tools, but none of them seemed to fit the bill (or they did, but were laughably overpriced).

So, I decided to write my own. In my rantings a few years back, I had considered this option:

Could I create a custom IPAM solution with everything we need? Sure! The problem is that I'm a network engineer, not a programmer (a natural division of labor which, it seems, is mostly to blame for the lack of robust IPAM solutions available). Even if I had the time to undertake such a project, I have little interest in providing long-term maintenance of it.

My opinion has not changed, but I've come to realize that if I want a tool that fits my requirements, I will need to build it. And after surprisingly little time, I'm happy to report that I have now have a kick-ass IPAM tool that does exactly what I want it to.

Continue reading

Writing a Custom IPAM Application

Four years ago, I lamented the lackluster selection of IPAM applications available for service providers. Unfortunately, it seems not much has changed lately. I was back to exploring IPAM offerings again recently, this time with the needs of a cloud hosting provider in mind. I demoed a few tools, but none of them seemed to fit the bill (or they did, but were laughably overpriced).

So, I decided to write my own. In my rantings a few years back, I had considered this option:

Could I create a custom IPAM solution with everything we need? Sure! The problem is that I'm a network engineer, not a programmer (a natural division of labor which, it seems, is mostly to blame for the lack of robust IPAM solutions available). Even if I had the time to undertake such a project, I have little interest in providing long-term maintenance of it.

My opinion has not changed, but I've come to realize that if I want a tool that fits my requirements, I will need to build it. And after surprisingly little time, I'm happy to report that I have now have a kick-ass IPAM tool that does exactly what I want it to.

Continue reading

MacKeeper customers can file a claim to get their money back

Customers of the oft-criticized security and performance program MacKeeper have until Nov. 30 to file a claim for reimbursement, the result of a proposed class-action suit settlement.Those who bought MacKeeper before July 8 are eligible, according to the settlement website where claims can be filed.The class action suit accused MacKeeper’s original developer, ZeoBIT, of deceptively advertising the program and making false claims about what it could fix. It was filed in May 2014 in the U.S. District Court for the Western District of Pennsylvania.To read this article in full or to leave a comment, please click here

$32 RollJam Device can break into most cars and garage doors

When car manufacturers hear Samy Kamkar’s name, they likely cringe as Kamkar has been on a car-cracking spree. About a week after he unveiled OwnStar, Kamkar was at Def Con 23 presenting “Drive It Like You Hacked It: New Attacks and Tools to Wirelessly Steal Cars.”At the end of July, Kamkar revealed his $100 OwnStar device that could “locate, unlock and remote start any vehicle with OnStar RemoteLink after intercepting communications between the RemoteLink mobile app and OnStar servers.” GM quickly patched the OnStar app.To read this article in full or to leave a comment, please click here

Internal LTE/3G modems can be hacked to help malware survive OS reinstalls

With their own dedicated processor and operating system, LTE/3G modems built into new business laptops and tablets could be a valuable target for hackers by providing a stealthy way to maintain persistent access to an infected device.In a presentation Saturday at the DEF CON security conference in Las Vegas, researchers Mickey Shkatov and Jesse Michael from Intel’s security group demonstrated how a malware program installed on a computer could rewrite the firmware of a popular Huawei LTE modem module that’s included in many devices.The module runs a Linux-based OS, more specifically a modification of Android, that is completely independent from the computer’s main operating system. It’s connected to the computer through an internal USB interface, which means that it could be instructed to emulate a keyboard, mouse, CD-ROM drive, network card, or other USB device. Those would appear connected to the primary OS.To read this article in full or to leave a comment, please click here

Many to Many Multicast – PIM BiDir

Introduction

This post will describe PIM Bidir, why it is needed and the design considerations for using PIM BiDir. This post is focused on technology overview and design and will not contain any actual configurations.

Multicast Applications

Multicast is a technology that is mainly used for one-to-many and many-to-many applications. The following are examples of applications that use or can benefit from using multicast.

One-to-many

One-to-many applications have a single sender and multiple receivers. These are examples of applications in the one-to-many model.

Scheduled audio/video: IP-TV, radio, lectures

Push media: News headlines, weather updates, sports scores

File distributing and caching: Web site content or any file-based updates sent to distributed end-user or replicating/caching sites

Announcements: Network time, multicast session schedules

Monitoring: Stock prices, security system or other real-time monitoring applications

Many-to-many

Many-to-many applications have many senders and many receivers. One-to-many applications are unidirectional and many-to-many applications are bidirectional.

Multimedia conferencing: Audio/video and whiteboard is the classic conference application

Synchronized resources: Shared distributed databases of any type

Distance learning: One-to-many lecture but with “upstream” capability where receivers can question the lecturer

Multi-player games: Many multi-player games are distributed simulations and also have chat group capabilities.

Overview of PIM

PIM has Continue reading

1 3,319 3,320 3,321 3,322 3,323 3,796