Building an OpenStack Practice

In Q4 2013 at Dasher, we began our journey to create an OpenStack ecosystem that helps our clients as they transform their business and IT infrastructure. For years, Dasher has been helping clients move from physical to virtual environments. As business and IT needs evolved, more customers started evaluating moving from virtual to cloud environments and building their own private cloud. Dasher saw OpenStack becoming the de facto standard for private cloud, but proprietary black box network switches remained a misfit, giving rise to open networking — the disaggregation of network hardware from software.

A couple of our clients along with one of our senior solution architects, Ryan Day, suggested we explore Cumulus Networks® and learn about their Cumulus® Linux® offering. The results are highlighted below and we will attempt to answer: Why do we think the Cumulus Linux OS is a logical step in the evolution of network operating systems?

Cumulus Linux enables software-defined everything (SDE). SDE may be the cool new fad of 2015, but adopting SDE because it is what all the cool kids are doing is certainly not a reason to move to a new technology. Let’s explore Dasher’s reasons for recommending Cumulus Continue reading

Deploy to Metal? No sweat with RackN new Ansible Dynamic Inventory API

Untitled_designAt Ansible, we’ve been talking quite a bit with our friends at RackN about the work they’ve been doing to make things easier to stand up complex system configurations from bare metal. We’re happy to share some of what they’ve accomplished.

Deploy to Metal? No sweat with RackN new Ansible Dynamic Inventory API: by Greg DeK + Dan Choquette

The RackN team takes our already super easy Ansible integration to a new level with added SSH Key control and dynamic inventory with the recent OpenCrowbar v2.3 (Drill) release. These two items make full metal control more accessible than ever for Ansible users.

The platform offers full key management.  You can add keys at the system, deployment (group of machines) and machine levels. These keys are operator settable and can be added and removed after provisioning has been completed.  If you want to control access to groups on a servers or group of server basis, OpenCrowbar provides that control via our API, CLI and UI.

We also provide a API path for Ansible dynamic inventory.  Using the simple Python client script (reference example), you can instantly a complete upgraded node inventory of your system.  The inventory data includes items Continue reading

Performing Ping Sweeps with IOS TclSh

It’s been a while since I’ve gotten a blog post up, but with my CCIE recertification out of the way I’m hoping to ramp some volume back up. We’re talking about some sexy stuff today… Ping sweeps! First off, let’s cover why you’d need to sweep up your pings. Some people use the ping sweep as a means to “find” hosts on the network. The problem with this is, devices with host-based firewalls active may not respond to an ICMP ping. If you’re pinging from off the local subnet, there are other reasons you might not get a response back as well, like a host having a mis-programmed default gateway or subnet mask, or an interface ACL on the routing device. That said, ping sweeps are still incredibly useful for helping to find vacant IP addresses on a LAN. Or, at least, IP addresses that are not currently active. Always consult your properly maintained IP documentation to find IPs you can safely use for new deployments (yes, I’m laughing at that one too…).

Anyway, how do ping sweeps help identify active IPs if we can’t trust the ping responses? Well, just because a device may not respond to the ICMP Continue reading

Big Data for Social Engineering

First, it integrates with corporate directories such as Active Directory and social media sites like LinkedIn to map the connections between employees, as well as important outside contacts. Bell calls this the “real org chart.” Hackers can use such information to choose people they ought to impersonate while trying to scam employees. From there, AVA users can craft custom phishing campaigns, both in email and Twitter, to see how employees respond. via wired

This is a white hat tool, of course, a form of social engineering penetration testing. Two points of interest, though.

First, you can be pretty certain hackers are already using this sort of tool today to find the right person to contact, how to contact them, and to discover the things they know people will respond to. The rule of thumb you should keep in mind is — at least 80% of the time, hackers are already using the tools researchers come up with to do penetration testing. Remember all those fake people inhabiting the world of twitter, facebok, and the like? Some of them might not be just another click farm — some of them might be clickbait for hackers to find out who you Continue reading

Vulnerability in enterprise-managed iOS devices puts business data at risk

A vulnerability in the iOS sandbox for third party applications, like those installed by companies on their employees' devices, can expose sensitive configuration settings and credentials. The flaw was discovered by researchers from mobile security firm Appthority and impacts apps deployed on iOS devices through mobile device management (MDM) or enterprise mobility management (EEM) products. These products allow administrators to automatically push applications, configuration settings and data access rules to enterprise mobile devices. Before a new iOS device is brought inside the network of a company that uses a mobile management system, an MDM account is created for it and a client application is installed. The MDM client is used to install corporate apps and to enforce access policies for corporate data and email.To read this article in full or to leave a comment, please click here

Intel’s five (not very) big announcements from IDF this week

If you’ve paid any attention to Intel’s developer event in San Francisco this week, you’ve probably gathered already that there’s almost no chip news at the show. Intel has moved up the food chain, so to speak, and is showing developers what they can build with its technologies rather than focusing on new components.It makes sense, since with PCs on the wane Intel needs developers to get creative with its products. It can no longer flash a faster Core i7 chip and expect them to go do something interesting with it, because PCs nowadays just aren’t that interesting. Instead, it needs to show them what else they can do with its latest chips.+ ALSO FROM THE SHOW: IDF 2015's coolest demos | Intel’s big plan to seed the private cloud market +To read this article in full or to leave a comment, please click here

IDF 2015’s coolest demos

The best of Intel Developer Forum 2015Image by Mark HachmanEach year, Intel holds its Developer Forum to lead the PC industry into the direction Intel wants it to go: powerful new PCs, connected devices, touchscreens, and the like. Well, a bunch of stale PowerPoint foils won’t do the job. So Intel and its partners seed IDF with some amazing, awe-inspiring demos, all in a bid to get the developer community behind this year’s technological focus. What sort of demos, you ask? We have some of the best in the following pages. To read this article in full or to leave a comment, please click here

Review: 4 powerline kits step in when Wi-Fi fails

Are there places in your home or office where your Wi-Fi signal doesn't reach? You're not alone. Because of Wi-Fi's limited range -- and old-school building construction techniques like thick plaster, brick or masonry walls -- even the best Wi-Fi networks have dead zones. If you have that problem, you have several options.You can start drilling holes in your walls so you can run network cabling. You can try a Wi-Fi range extender (which might help, depending on the strength of your Wi-Fi and the efficiency of the extender). Or you can use a powerline kit, which routes data over your electric cables by piggybacking the data on top of the electrical current's 60-hertz wave and then extracting the data at the other end.To read this article in full or to leave a comment, please click here

Walled Gardens and Other Overlay Networks

Russ White wonders if the resurgence of Walled Gardens on the Internet is bad or a good thing. The long-term rise of Facebook, WeChat, Snapchat and other applications seems to be a sustaining trend. Overlay Network Previous walled gardens like AOL and CompuServe have been composting for many years. Their unique value was that they […]

The post Walled Gardens and Other Overlay Networks appeared first on EtherealMind.

How Did You Learn So Much About Networking?

One of my readers sent me a heartfelt email that teleported me 35 years down the memory lane. He wrote:

I only recently stumbled upon your blog and, well, it hurt. It's incredible the amount of topics you are able to talk about extensively and how you can dissect and find interesting stuff in even the most basic concepts.
May I humble ask how on earth can you know all of the things you know, with such attention to detail? Have you been gifted with an excellent memory, magical diet, or is it just magic?

Short answer: hard work and compound interest.

Read more ...

Trump is right about the 14th Amendment

Trump sucks all the intelligence out of the room, converting otherwise intelligent and educated pundits into blithering idiots. Today's example is the claim that Trump said:
"The 14th Amendment is unconstitutional."
Of course he didn't say that. What he did say is that the 14th Amendment doesn't grant "birthright citizenship" aka. "anchor babies". And he's completely correct. The 14th Amendment says:
"All persons born or naturalized in the United States, and subject to the jurisdiction thereof, are citizens of the United States"
The complicated bit is in parentheses. If you remove that bit, then of course Trump would be wrong, and anchor babies would be guaranteed by the constitution, since it would clearly say that being born in the U.S. grants citizenship.

But the phrase is there, so obviously some babies born in the U.S. aren't guaranteed (by the constitution) citizenship. Which babies are those?

The immigration law 8 U.S.C. § 1401(a) lists some of them: babies of ambassadors, heads of state, and military prisoners.

It's this law that currently grants anchor babies citizenship, not the constitution. Laws can be changed by Congress. Presumably, "illegal aliens" could easily be added to the list.

This Continue reading
1 3,353 3,354 3,355 3,356 3,357 3,844