Hacking Team’s malware uses UEFI rootkit to survive OS reinstalls

Surveillance software maker Hacking Team has provided its government customers with the ability to infect the low-level firmware found in laptops and other computers that they wanted to spy on.The company developed a tool that can be used to modify a computer’s UEFI (Unified Extensible Firmware Interface) so that it silently reinstalls its surveillance tool even if the hard drive is wiped clean or replaced.UEFI is a replacement for the traditional BIOS (Basic Input/Output System) and is meant to standardize modern computer firmware through a reference specification. But there are multiple companies that develop UEFI firmware, and there can be significant differences between the implementations used by PC manufactures.To read this article in full or to leave a comment, please click here

Plexxi Announces New Network Switch Series to Power the Next Era of IT

Plexxi_Switch_#2-01

Its not very often that something comes along that has the potential to be transformative through a new and truly differentiated approach. With Plexxi’s announcement this morning of our new Switch 2 Series , coupled with Plexxi Control and Plexxi Connect, we’re making strides to change the way networks function to support the business. Based on the needs of individual data and application workloads, the Switch 2 Series uses the innovation of Plexxi Control to dynamically change fabric topology in real time, intelligently forwarding traffic and delivering needed network capacity.

The next era of IT is being forged by the evolution of virtualization, hyperconvergence, Big Data and scale-out applications. Storage and compute have rapidly evolved over the last decade to keep pace but networking architectures have remained relatively unchanged.

Plexxi_Switch_#2-06

Here is the evolution of networking, as we see it:

Platform One:

The network has, for decades, been built in the same multi-tier (core, leaf/spine) approach making it static and defined by it’s physical cabling.  This architecture was perfectly suited for stationary users and non-mobile applications, which created predictable north/south traffic. The traditional approach for introducing new applications in platform 1 was to “pour” them into the static network, and then Continue reading

‘Morpho’ group goes after corporate IP

Symantec has identified a group of cybercriminals, whom they've named "Morpho," as targeting corporate intellectual property for financial gains, with Twitter, Facebook, Apple and Microsoft among those hit."Attackers going after intellectual property is not that usual," said Vikram Thakur, senior manager at Symantec.However, those attackers tend to be state-sponsored and target information or military or other strategic importance.MORE ON CSO: How to spot a phishing email "That kind of intellectual property is of high value to nations across the board," he said.To read this article in full or to leave a comment, please click here

Workday bets on machine learning with new venture fund

There’s no shortage of software vendors paying lip service to data science in this analytics-infused era, but Workday is putting its money where its mouth is.On Tuesday, the company is announcing the launch of Workday Ventures, a new fund it will use to identify, invest in and partner with young startups that apply data-science and machine-learning in the areas of analytics, applications, security and platform technologies.“We believe the last 10 years of enterprise software have been about migration to the cloud,” said Dan Beck, senior vice president of technology products at Workday. “We think the next 10 years is going to be about machine learning and companies making sense of data.”To read this article in full or to leave a comment, please click here

Can You Avoid Networking Software Bugs?

One of my readers sent me an interesting reliability design question. It all started with a catastrophic WAN failure:

Once a particular volume of encrypted traffic was reached the data center WAN edge router crashed, and then the backup router took over, which also crashed. The traffic then failed over to the second DC, and you can guess what happened then...

Obviously they’re now trying to redesign the network to avoid such failures.

Read more ...

Checking Faulty Cables

I recently had to work with a 3rd part to diagnose a link between our devices and came across this handy command. The link in question was a pretty hefty (75m-ish) UTP cable run between a Cisco and HP switch. I have visibility of the Cisco switch, into the structured cabling into the patch panel, and the 3rd parties cable. Unfortunately I didn’t have a DC Operations tech with access to a Fluke, or the ability to interpret the output of a Fluke, but they did have a laptop with a 100Mbps NIC (this becomes important later on).

So I started by running the diagnostic on the production connection. It’s not working, so I don’t have to worry about taking stuff down. This gives me the following:

test cable-diagnostics tdr interface gi7/21
TDR test started on interface Gi7/21
A TDR test can take a few seconds to run on an interface
Use 'show cable-diagnostics tdr' to read the TDR results.

switchA#show cable-diagnostics tdr interface gi7/21

TDR test last run on: July 09 10:30:20
Interface Speed Pair Cable length Distance to fault Channel Pair status
——— —– —- ——————- ——————- ——- ————
Gi7/21 auto 1-2 77 +/- 6 m N/A Invalid Continue reading

The Upload: Your tech news briefing for Tuesday, July 14

As partner conference kicks off, Microsoft details Win10 launch plans and moreWith Windows 10 set to roll out in just two weeks, Microsoft on Monday shed some light on the marketing support it will put behind the launch: a worldwide, year-long “upgrade your world” ad campaign. And at its annual Worldwide Partner Conference that started in Orlando, Microsoft rolled out a new analytics tool that aims to democratize access to big data using the Cortana voice interface, as well as Project Gigjam, which can pull data from multiple applications into a shared workspace.To read this article in full or to leave a comment, please click here

The Upload: Your tech news briefing for Tuesday, July 14

As partner conference kicks off, Microsoft details Win10 launch plans and moreWith Windows 10 set to roll out in just two weeks, Microsoft on Monday shed some light on the marketing support it will put behind the launch: a worldwide, year-long “upgrade your world” ad campaign. And at its annual Worldwide Partner Conference that started in Orlando, Microsoft rolled out a new analytics tool that aims to democratize access to big data using the Cortana voice interface, as well as Project Gigjam, which can pull data from multiple applications into a shared workspace.To read this article in full or to leave a comment, please click here

IPv6 Multicast

These are my notes for IPv6 multicast for the CCDE exam. Overview

  • Prefix FF::/8 reserved for multicast
  • Multicast Listener Discovery (MLD) replaces IGMP
    • MLD is part of ICMPv6
    • MLDv1 equivalent to IGMPv2
    • MLDv2 equivalent to IGMPv3
  • ASM, SSM and Bidir supported
  • PIM identified by IPv6 next header 103
  • BSR and static RP supported
  • No support for MSDP
    • Anycast supported through PIM, defined in RFC4610
  • Any Source Multicast (ASM)
    • PIM-SM, PIM-BiDir
    • Default for generic multicast and unicast prefix-based multicast
    • Starts with FF3x::/12
  • Source Specific Multicast (SSM)
    • PIM-SSM
    • FF3X::/32 is allocated for SSM by IANA
    • Currently prefix and plen is zero so FF3X::/96 is useable for SSM
  • Embedded RP groups
    • PIM-SM, PIM-BIDir
    • Starts with FF70::/12

IPv6 Multicast Addressing

IPv6 multicast address format includes variable bits to define what type of address it is and what the scope is of the multicast group. The scope can be:

1 – Node

2 – Link

3 – Subnet

4 – Admin

5 – Site

8 – Organization

E – Global

The flags define if embedded RP is used, if the address is based on unicast and if the address is IANA assigned or not (temporary). The unicast based IPv6 multicast address allows an organization to Continue reading

9 things you didn’t know about Google’s undersea cable

Undersea cables carry virtually all transoceanic Internet data these days, replacing satellites as the preferred medium. Google and some telecom companies invested in one of them, called FASTER, that will stretch 9,000 kilometers between the U.S. and Japan and is due to go into operation next year.With six fiber-pairs in the cable, each carrying 100 wavelengths at 100 gigabits per second, it will have a peak capacity of 60 terabits per second (Tbps). That’s about 10 million times faster than a standard cable modem.Here are some facts about undersea cables and about the FASTER system in particular.To read this article in full or to leave a comment, please click here

Dual Stack Routed Access Layer With OSPF Design Guide

This is a design guide for an enterprise deployment of a dual stack, routed access layer using OSPF as the routing protocol, with a fully routed ECMP core.

Author information

Matt Love

Matt Love

Matt is a network engineer in Greenville, SC, USA. He enjoys solving complex routing, data center, and security (ish) problems, and writes about those when he can. When not at work, Matt can be found traipsing around Greenville on a road bike, or at home with his wife and two study-preventing kids.
TwitterLinkedIn

The post Dual Stack Routed Access Layer With OSPF Design Guide appeared first on Packet Pushers Podcast and was written by Matt Love.

Book review: The Book of GNS3

GNS3coverNo Starch Press recently offered me a preview copy of a new book about the GNS3 network simulator, titled The Book of GNS3 written by Jason Neumann. This book covers the new version of GNS3, GNS3 1.x. Here is my review of The Book of GNS3.

The Book of GNS3 effectively serves as a user manual for GNS3. It offers detailed installation and configuration information for GNS3 1.x in one easy-to-access volume. Experienced users will find some new information in this book, especially about the new features available in GNS3 1.x. However, I think the main beneficiaries will be new or inexperienced users of GNS3.

GNS3 is usually used by people who wish to emulate networks of commercial routers from vendors such as Cisco and Juniper. Understandably, Mr. Neumann spends most of the book discussing how to set up GNS3 to run commercial routers and, as much as is possible, switches.

How does this book help those who want to use open-source routers in GNS3? Read the rest of my review to find out.

Coverage of Open-Source Routing topics

While I read through this book, I looked for the parts that are relevant to my interests in Continue reading

ProxyHam conspiracy is nonsense

This DEF CON conspiracy theory is about a canceled talk about "ProxyHam", which has been canceled under mysterious circumstances. It's nonsense.

The talk was hype to begin with. You can buy a 900 MHz bridge from Ubquiti for $125 (or MicroTik device for $129) and attach it to a Raspberry Pi. How you'd do this is obvious. It's a good DEF CON talk, because it's the application that important, but the technical principles here are extremely basic.

If you look careful at the pic in the Wired story on ProxyHam, it appears they are indeed just using the Ubuiti device. Here is the pic from Wired:


And here is the pic from Ubquiti's website:


I don't know why the talk was canceled. One likely reason is that the stories (such as the one on Wired) sensationalized the thing, so maybe their employer got cold feet. Or maybe the FBI got scared and really did give them an NSL, though that's incredibly implausible.

Anyway, if DEF CON wants a talk on how to hook up a Raspberry Pi to a UbiQuiTi NanoStation LOCOM9 in order bridge WiFi, I'll happily give that talk. It's just basic TCP/IP configuration, and if you Continue reading

CIA: Julia Child and the shark repellant recipe

CIA Sometimes some of the coolest stories get lost in history. The CIA recently noted one of them – famous French food chef and author Julia Child’s critical involvement in developing a shark repellent recipe for military personnel and explosives during WWII.+More on Network World: The hot art in the CIA’s cool art collection+To read this article in full or to leave a comment, please click here

IBM, Nvidia rev HPC engines in next-gen supercomputer push

Hard on the heels of the publication of the latest Top 500 ranking of the world’s fastest supercomputers, IBM and Nvidia on Monday announced they have teamed up to launch two new supercomputer centers of excellence to develop the next generation of contenders.Created as part of IBM’s supercomputing contract with the U.S. Department of Energy, the new centers will be located at Lawrence Livermore National Laboratory and Oak Ridge National Laboratory and will focus on development of the forthcoming Summit and Sierra supercomputer systems, which are expected to be delivered in 2017. The Summit supercomputer will be housed at Oak Ridge, while the Sierra will be situated at Lawrence Livermore; both are due to become operational in 2018.To read this article in full or to leave a comment, please click here

US to begin talks on drone privacy standards

A U.S. government agency will start its third attempt to develop voluntary privacy standards for an emerging area of technology, this time with a series of meetings on drone privacy scheduled to begin Aug. 3.The U.S. National Telecommunication and Information Administration has already hosted similar discussions on mobile app privacy and facial recognition privacy but with mixed results. Privacy groups pulled out of the facial recognition discussions in June, saying the process wouldn’t lead to enough protections for consumers.To read this article in full or to leave a comment, please click here

1 3,406 3,407 3,408 3,409 3,410 3,849