Cisco warns of default SSH keys shipped in three products

Cisco Systems said Thursday it released a patch for three products that shipped with default encryption keys, posing a risk that an attacker with the keys could decrypt data traffic.The products are Cisco’s Web Security Virtual Appliance, Email Security Virtual Appliance and Security Management Virtual Appliance, it said in an advisory. Versions downloaded before Thursday are vulnerable.Cisco said it “is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.”The three products all shipped with preinstalled encryption keys for SSH (Secure Shell), which is used to remotely log into machines. It’s considered a bad security practice to ship products that all have the same private keys.To read this article in full or to leave a comment, please click here

Cisco warns of default SSH keys shipped in three products

Cisco Systems said Thursday it released a patch for three products that shipped with default encryption keys, posing a risk that an attacker with the keys could decrypt data traffic.The products are Cisco’s Web Security Virtual Appliance, Email Security Virtual Appliance and Security Management Virtual Appliance, it said in an advisory. Versions downloaded before Thursday are vulnerable.NEW CISCO CEO: Meet the Real Chuck RobbinsTo read this article in full or to leave a comment, please click here

Scott McNealy on privacy: You still don’t have any

Scott McNealy is best known for his role as cofounder and long-serving CEO at Sun Microsystems, but some remember him even better for a few choice comments he made about privacy back in 1999.Consumer privacy issues are a “red herring,” McNealy told a group of reporters that year. “You have zero privacy anyway. Get over it.”The statement seemed shocking all those years ago, but its pertinence has only increased over time. Privacy is the hot-button issue in this era of social profiling and mass surveillance, and concern among consumers is growing—with good reason.To read this article in full or to leave a comment, please click here

Here’s how Facebook wants to make sharing links easier on mobile

Sharing links with friends in Facebook’s mobile app is a pain that requires—gasp—leaving Facebook and copying and pasting URLs. Now there’s a feature that simplifies the process.Facebook has added a new button in its iOS app that appears when you’re composing a status update. It appears as a link icon in the lower bar. Tap it, and you’ll be able to search for videos, articles and other links that have previously been shared on Facebook. The feature, called “add a link,” will let you view the articles and embed one in your status update with a single tap.It’s not clear how many links are in Facebook’s database, but they’re culled from the company’s index of roughly one trillion posts, wrote Facebook engineering manager Tom Whitnah.To read this article in full or to leave a comment, please click here

Yahoo spruces up mobile search with related content

Yahoo is updating its search service on mobile devices, taking a leaf out of Google’s book and highlighting content such as images, videos and reviews ahead of regular search results.The changes, announced Thursday, apply to Yahoo search on the mobile web in the U.S., in browsers such as Safari and Chrome. Yahoo’s mobile app and desktop site already provide some additional content within results.A search on the mobile web for Barack Obama, for instance, displays information about him from Wikipedia, such as his height and birth date, as well as links to news, images and YouTube videos. In one search Thursday, the videos included some curious choices, including “Barack Obama is Illuminati.”To read this article in full or to leave a comment, please click here

Satya Nadella’s new mission for Microsoft: help people ‘achieve more’

Microsoft CEO Satya Nadella laid out his new mission for the company in an email sent out Thursday to all employees.“Our mission is to empower every person and every organization on the planet to achieve more,” he wrote.It’s a much briefer mission statement than the one he unveiled when he took over the top job last year, and indicative of the changes Nadella has made since he took Microsoft’s helm. During his tenure, Microsoft has focused on broadening the reach of its services and applications across platforms and has pushed ahead with a new version of its Windows operating system.To read this article in full or to leave a comment, please click here

Enterprise disaggregation is inevitable

Back in March, the issue was raised whether disaggregation – decoupling network software from hardware for lower cost, choice and flexibility – could play in the enterprise as well as the service provider realm.The answer, judging by recent events, is that it can. But currently to a lesser extent than it does with service providers, who will still reap most of the benefits of initial enterprise deployments.Announcements by Pica8, Ciena and AT&T that they plan to offer bare metal and white box switches, and virtual network functions as customer premises equipment, do signal that enterprises are indeed a target for disaggregation. But penetration is currently limited to that – CPE supplied and managed by service providers for the purpose of connecting that enterprise to its service network.To read this article in full or to leave a comment, please click here

WAN optimization using real-time traffic analytics

TATA Consultancy Services white paper, Actionable Intelligence in the SDN Ecosystem: Optimizing Network Traffic through FRSA, demonstrates how real-time traffic analytics and SDN can be combined to perform real-time traffic engineering of large flows across a WAN infrastructure.
The architecture being demonstrated is shown in the diagram (this diagram has been corrected - the diagram in the white paper incorrectly states that sFlow-RT analytics software uses a REST API to poll the nodes in the topology. In fact, the nodes stream telemetry using the widely supported, industry standard, sFlow protocol, providing real-time visibility and scaleability that would be difficult to achieve using polling - see Push vs Pull).

The load balancing application receives real-time notifications of large flows from the sFlow-RT analytics software and programs the SDN Controller (in this case OpenDaylight) to push forwarding rules to the switches to direct the large flows across a specific path. Flow Aware Real-time SDN Analytics (FRSA) provides an overview of the basic ideas behind large flow traffic engineering that inspired this use case.

While OpenDaylight is used in this example, an interesting alternative for this use case would be the ONOS SDN controller running the Segment Routing application. ONOS Continue reading

OPM’s efforts to fix IT security are criticized by auditor

Efforts to fix cybersecurity problems at the U.S. Office of Personnel Management (OPM) may be doomed because the agency is moving too quickly and ignoring some best practices, an auditor said Thursday.Even before two recently disclosed breaches at OPM, agency director Katherine Archuleta pushed to improve cybersecurity at the agency, which still runs several mainframe systems.But a “massive” agency-wide effort to update decades-old systems is not following proper IT project management procedures, including a cost-benefit analysis, and the agency does not have a firm estimate on the cost of the project, said Patrick McFarland, OPM’s inspector general.To read this article in full or to leave a comment, please click here

Interning with Rocket Turtle at Cumulus Networks

Julien-Blog Image

My amazing California journey as a French undergrad software engineer.

Most days, the first thing I do in the morning is wake up and check my email. That’s normal, but on March 2014, I received a special email that would change my life forever. This email was from the Cumulus Networks VP of Engineering, Shrijeet Mukherjee, offering me an internship on the Cumulus Networks engineering team. I was so thrilled that I literally jumped out of bed and started the victory dance (which by the way is much stronger than a cup of coffee).

I could have ended up interning at a less “cool” random French consulting company, but I wasn’t really passionate about this option anymore now that I had the opportunity to join the hottest startup in the networking industry in Mountain View, California.

I’m so excited to share my experience!

My time at Cumulus Networks, May through September 2014, was the final internship of my bachelor program at EPITECH in Rennes, France, where I’ve been pursuing a 5-year Bachelor/Masters degree in Software Engineering. I had several internship offers in various parts of the world (Germany, Philippines, Estonia and of course, France) but I turned down all of them to Continue reading

VLAN Trunking with Cumulus Linux

Following up on my earlier post on Cumulus Linux networking concepts, I wanted to build on that information with a guide on configuring VLAN trunking. This would be useful in a number of different scenarios: supporting multiple (VLAN-backed) port groups on vSphere hosts, or connecting an Open vSwitch (OVS) bridge on a KVM or Xen hypervisor to multiple VLANs. You might also need to use a VLAN trunking configuration to connect a Cumulus Linux-powered switch to another switch.

For this configuration, I’m going to use the new VLAN-aware bridging functionality introduced in Cumulus Linux 2.5. There are two pieces involved in making this work:

  1. The configuration for VLAN-aware bridge itself
  2. The configuration for the individual port(s)

Let’s look at each of these pieces individually.

The VLAN-Aware Bridge

In order to provide layer 2 (switched) connectivity between front-panel ports on a Cumulus Linux-powered switch, the ports have to be part of a bridge. In this case, we’ll create a VLAN-aware bridge, which simplifies the configuration (in my opinion). It’s a bit less “true” to the Linux way of doing things, but simpler.

Owing to its Debian roots, you’ll configure the bridge by either adding a stanza to /etc/network/interfaces or Continue reading

New Salesforce line helps enterprises deliver in-app customer support

Companies large and small are scrambling to keep up with the demands of an increasingly mobile world, and on Thursday Salesforce unveiled a new line of tools that’s designed to help.Salesforce Service for Apps taps the CRM giant’s Service Cloud to let any organization to embed multichannel customer service—including live video chat with a customer-service agent—directly into the mobile apps they offer their customers.Salesforce SOS is the first to arrive in the new line. Similar to the Amazon “Mayday” button, it provides live, personalized and interactive video support, on-screen guided assistance and screen-sharing with an agent.To read this article in full or to leave a comment, please click here

5G networks look to new frequencies to deliver gigabit speeds

If operators are to build 5G mobile networks with download speeds at 10Gbps and above, they are going to need a lot more spectrum—but getting it won’t be easy.The amount of spectrum allocated to 5G will determine how fast networks based on the technology will eventually become. Until recently, only frequencies below 6GHz have been considered for mobile networks, mostly because they are good for covering large areas. But there’s now a growing need to unlock new spectrum bands in the 6GHz to 100GHz range too, attendees at the LTE and 5G World Summit conferences in Amsterdam heard this week.The use of spectrum in these bands is immensely important for 5G networks to be able to offer multiple gigabits per second, Robert DiFazio, chief engineer at wireless R&D company InterDigital Communications, said. By raising communication speeds, they are also expected to help lower latency in mobile networks.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Keeping up with demand in an instant gratification economy

We've lost our collective ability to be patient. What used to be a virtue is now anathema because we have become so accustomed to having what we want when we want it, that we've simply forgotten what it's like to "wait it out."Need proof? We shifted our viewing habits to over-the-top video services quicker than it ever took us to walk to the nearest Blockbuster – yet many have already forgotten the formerly inconvenient task of walking, and now complain that an instance of buffering while streaming video means the service is "too slow." To wit, recent industry-sponsored research found that a poor experience such as buffering or poor-quality video drives almost 75% of viewers to give up in watching within the first four minutes of playback.To read this article in full or to leave a comment, please click here

Trojan that hides inside images infects healthcare organizations

A computer Trojan that hides its malicious code inside PNG image files counts healthcare organizations in the U.S. among its primary targets.The Stegoloader Trojan uses digital steganography techniques to sneak past computer and network defenses. It originally appeared in 2012, but has seen a resurgence over the past several months.According to a recent report from Dell SecureWorks, the Trojan is designed to steal files, information and passwords from infected systems, but has additional modules that extend its functionality.To read this article in full or to leave a comment, please click here

Last Call for the Cisco DemoFriday: Solving the Lab Equipment Challenge with VIRL

VIRL-CISCO-DemoFriday This is it. Your last shot to register for the Cisco VIRL DemoFriday. Can your organization keep up with the increasing demand to provide new network services while still making significant changes to test and deploy networks consistently? If not, then the Cisco DemoFriday may be just for you. In this DemoFriday, Cisco will take us through VIRL (Virtual Internet Read more >

1 3,433 3,434 3,435 3,436 3,437 3,855