0

Reliability of SD-WAN and Hybrid WAN Solutions

My Business Case for SD-WAN blog post received numerous comments pointing out the potential pitfalls of hybrid WAN, including reduced security, unreliable Internet services and denial-of-service attacks.

While all those comments are perfectly valid, I still think hybrid WAN (whether implemented with traditional technologies or SD-WAN products) makes perfect sense.

Read more ...

0

An Update on the UrlZone Banker

UrlZone is a banking trojan that appeared in 2009. Searching its name or one of its aliases (Bebloh or Shiotob) reveals a good deal of press from that time period along with a few technical analyses in 2009 [1] [2], 2012 [3], and 2013 [4]. Despite having a reputation of evolution, there doesn’t seem to be very many recent updates on this malware family though. Is UrlZone still a threat and if so, how has it changed?

To explore that, this post takes a look at a recent UrlZone malware sample to see if it is still an active threat. It then gives an update on the command and control (C2) communications as they have changed since being previously documented. These are then put together in some proof of concept code that downloads and decrypts the webinject configuration file (the bread and butter of any banker malware) to see what financial institutions are being targeted.

Sample

The sample analyzed for this post has an MD5 of:

01fd0f1ad59ad5403c9507bfb625fe0c

For the “stop using md5 now” converts, it has the following SHA256:

39bbde33922cd6366d7c2a252c4aadd4dfd7405d5271e3652940a7494b885e88

The sample’s compilation date is 2015-06-12 12:01:03. This date seems legit as Continue reading

0

Facebook, Amazon, Apple pick up spending on lobbying

Apple, Facebook and Amazon.com have increased their expenses on trying to influence U.S. politicians and policy at the federal level, but Google still outstrips them in spending though it reduced expenditure in the second quarter.Amazon’s spending on lobbying increased by 103 percent to a record US$2.15 million in the second quarter of 2015, according to data collated by advocacy group Consumer Watchdog from filings by the company. Facebook’s expense rose to $2.69 million in the quarter, up 27 percent from $2.12 million in the second quarter of 2014. The social networking company outstripped its first quarter spending of $2.44 million by 10 percent.To read this article in full or to leave a comment, please click here

0

Add Brocade MLX & VDX Support to HP IMC

HP IMC 7.1 E0303P13 does not support configuration backups for Brocade MLX & VDX devices. But they do have an extensible model, so it’s easy to add support. Here’s how to do it, and how to fix the Brocade ICX support.

Here’s the steps to add support for MLX & VDX devices to HP IMC:

1. Download the current set of adapters from GitHub.
2. Unpack the zip file, and copy the adapters into place.
3. Add Device Series & Device Model definitions.
4. Restart IMC, re-synchronise, and check file transfer modes.

Going into a bit more detail:

NetOps Custom Adapters

This GitHub repository maintains a set of 3rd-party developed adapters for HP IMC. You can download individual files, create a local copy of the repo using Git, or just download a zip file containing all current scripts from here.

On the IMC server, adapters are stored at (IMC)/server/conf/adapters/ICC. You’ll see directories for all supported vendors there:

[root@imc ~]# cd /opt/iMC/server/conf/adapters/ICC
[root@imc ICC]# ls
3Com    Alcatel-Lucent  Aruba Networks  Avocent  Cabletron  Dell  Enterasys         F5       Fortigate  H3C              Hillstone  IBM                Continue reading

0

My BIS/Wassenaar comment

This is my comment I submitted to the BIS on their Wassenaar rules:

----
Hi.

I created the first “intrusion prevention system”, as well as many tools and much cybersecurity research over the last 20 years. I would not have done so had these rules been in place. The cost and dangers would have been too high. If you do not roll back the existing language, I will be forced to do something else.

After two months, reading your FAQ, consulting with lawyers and export experts, the cybersecurity industry still hasn’t figured out precisely what your rules mean. The language is so open-ended that it appears to control everything. My latest project is a simple “DNS server”, a piece of software wholly unrelated to cybersecurity. Yet, since hackers exploit “DNS” for malware command-and-control, it appears to be covered by your rules. It’s specifically designed for both the distribution and control of malware. This isn’t my intent, it’s just a consequence of how “DNS” works. I haven’t decided whether to make this tool open-source yet, so therefore traveling to foreign countries with the code on my laptop appears to be a felony violation of export controls.

Of course you don’t intend Continue reading

0

Open Governance and Collaboration in the Ecosystem is #Trending

Docker is a Founding Member of the Cloud Native Computing Foundation (CNCF) written by Ben Golub, CEO of Docker, Inc. The past four weeks has been unparalleled in terms of open, collaborative activity among the ecosystem around container-based technologies. It … Continued

0

Google to begin closing Google+ Photos on Aug. 1

The end is near for Google+ Photos, the photo sharing service that’s part of the company’s social network.Google will begin closing down the service on Aug. 1 on Android, with the Web and iOS devices to follow soon after.For a time, Google touted the service as a key element in Google+, with a range of editing tools and image enhancement technologies rolled out over the years.But Google hinted that its days might be numbered when the company rolled out its new Google Photos service at Google I/O in May.To read this article in full or to leave a comment, please click here

0

Show 246 – Design & Build #4 – Data Center Migration

Join us for a step-by-step discussion of what's involved in a data center migration, including new builds, cloud/hybrid options, power & cooling, team preparation and planning, and execution.

Author information

The post Show 246 – Design & Build #4 – Data Center Migration appeared first on Packet Pushers Podcast and was written by Ethan Banks.

0

Microsoft patches Windows zero-day found in Hacking Team’s leaked docs

Microsoft today issued one of its sporadic emergency, or "out-of-band," security updates to patch a vulnerability in Windows -- including the yet-to-be-released Windows 10 -- that was uncovered by researchers sifting through the massive cache of emails leaked after a breach of Italian surveillance vendor Hacking Team. The Milan-based vendor sells surveillance software to governments and corporations, and markets zero-day vulnerabilities that its clients can use to silently infect targets with the firm's software. Researchers have found several zero-days -- flaws that were not fixed before they went public -- in the gigabytes of pilfered documents and messages, including three in Adobe's Flash Player, since July 5.To read this article in full or to leave a comment, please click here

0

IBM’s Q2 sales slide 13 percent on sale of low-end server unit

IBM has reported another quarter of declining revenue and profit, though sales of its new mainframe gave it a lift.Revenue for its second quarter was $20.8 billion, down from $24 billion a year earlier, IBM announced Monday.The big drop is partly from IBM selling its x86 server business to Lenovo, as well as the impact of the strong U.S. dollar. Without those factors, revenue would have declined one percent, IBM said.Net income was $3.45 billion, down 16.6 percent.Revenue from IBM’s giant Global Technology Services segment were down 10 percent to $8.1 billion. Factoring out the currency effect and the sale of the x86 server business, revenues were up one percent, IBM said.To read this article in full or to leave a comment, please click here

0

Yet Another Blog About Segment Routing, Part2 : TI-LFA

In this post we will be looking at Topology Independent LFA aka TI-LFA. We will also compare TI-LFA with LFA, rLFA and TE-FRR.

The post Yet Another Blog About Segment Routing, Part2 : TI-LFA appeared first on Packet Pushers.

0

Virtually Artificial

Our embrace of the virtually artificial and how it's holding us back.

The post Virtually Artificial appeared first on Packet Pushers.

0

You Decide

You decide; a strong view on the the future of careers in networking and the choice we all face.

The post You Decide appeared first on Packet Pushers.

0

Google slams proposed export controls on security tools

A proposed set of software export controls, including controls on selling hacking software outside the U.S., are “dangerously broad and vague,” Google said Monday.Google, commenting on rules proposed by the U.S. Department of Commerce (DOC), said the proposed export controls would hurt the security research community.A DOC Bureau of Industry and Security (BIS) proposal, published in May would require companies planning to export intrusion software, Internet surveillance systems and related technologies to obtain a license before doing so. Exports to Canada would be exempt from the licensing requirement.To read this article in full or to leave a comment, please click here

0

Google slams proposed export controls on security tools

A proposed set of software export controls, including controls on selling hacking software outside the U.S., are "dangerously broad and vague," Google said Monday.Google, commenting on rules proposed by the U.S. Department of Commerce (DOC), said the proposed export controls would hurt the security research community.A DOC Bureau of Industry and Security (BIS) proposal, published in May would require companies planning to export intrusion software, Internet surveillance systems and related technologies to obtain a license before doing so. Exports to Canada would be exempt from the licensing requirement.To read this article in full or to leave a comment, please click here

0

Dual Stack Routed Access Layer With OSPF Design Guide

This is a design guide for an enterprise deployment of a dual stack, routed access layer using OSPF as the routing protocol, with a fully routed ECMP core.

The post Dual Stack Routed Access Layer With OSPF Design Guide appeared first on Packet Pushers.

0

Interviewing for the “Ideal Candidate”: Looking for “Nerdvana”

My ideal job candidate would be someone who ends up being an all around win/win/win. A win for them, a win for their future co-workers and the team as a whole, and a win for the customers.

The post Interviewing for the “Ideal Candidate”: Looking for “Nerdvana” appeared first on Packet Pushers.

0

Startup Radar: Fiber Mountain Blends Optics & SDN For Data Center Efficiency

The startup Fiber Mountain aims to make data center networks more flexible and efficient using a combination of fiber optics and SDN.

The post Startup Radar: Fiber Mountain Blends Optics & SDN For Data Center Efficiency appeared first on Packet Pushers.

0

Knowing Stuff

Knowledge comes from many sources. If you're curious and persistent, you can learn what you need to know

The post Knowing Stuff appeared first on Packet Pushers.

0

Report: Microsoft paying $320 million for cloud security provider Adallom

Microsoft is said to be paying $320 million to acquire Adallom, a cloud security provider whose services might help Microsoft in its new push toward becoming a “cloud-first” company.Adallom provides back-end security tools that gather usage data and detect suspicious activity. Its services are used by Netflix, SAP and Hewlett-Packard, according to the company’s website. The acquisition was reported Monday by the Calcalist financial newspaper.A spokesman for Adallom declined to comment, and Microsoft did not immediately respond to a request for comment.Adallom could help boost the defenses of Microsoft products including Office 365 and Yammer. Adallom’s tools can give businesses more granular control over who has access to Office 365, or identify anomalies in usage patterns for the cloud suite, according to Adallom’s website. An acquisition would bring those tools under Microsoft’s umbrella.To read this article in full or to leave a comment, please click here