NetworkingNexus.net

Google Cloud offers security scanning for customer apps

Google has released a security scanner to help its cloud customers guard against attacks on their Web applications.Google Cloud Security Scanner, now available as a free beta for Google App Engine users, is designed to overcome a number of limitations often found in commercial Web application security scanners, noted Google security engineering manager Rob Mann in a blog post announcing the new service.Commercials scanners can be difficult to set up. They can over-report issues, leading to too many false positives. They are designed more for security professionals than developers.To read this article in full or to leave a comment, please click here

Startup makes LibreOffice, OpenOffice available for Firefox smartphones

A startup that uses the cloud to bring desktop applications to mobile devices has expanded its offerings for Mozilla’s Firefox OS.LibreOffice and OpenOffice are now available to people with smartphones running Firefox OS. The office suites can be found in Mozilla’s Marketplace app store along with other programs offered by rollApp, a venture capital-backed company based in Palo Alto, Calif.With the addition of LibreOffice and OpenOffice, rollApp has made 18 applications available for Firefox OS users.RollApp hosts copies of software on its servers and allows people to access the applications via browsers.The software hosted by rollApp cover a range of applications including computer-aided design, worker productivity and software development. The 130 apps offered also include games. However, don’t expect to find any popular proprietary programs like Microsoft Office. For now, all of rollApp’s software-as-a-service offerings are for free and open source applications.To read this article in full or to leave a comment, please click here

NSA, UK’s GCHQ reportedly hacked encryption of SIM card maker

U.S. and U.K. intelligence agencies have reportedly hacked into the computer network of giant SIM card maker Gemalto and taken smartphone encryption keys potentially used by customers of hundreds of mobile phone carriers worldwide.The Gemalto hack, by the U.S. National Security Agency and the U.K. Government Communications Headquarters (GCHQ), allowed the two spy agencies to monitor a large portion of the world’s mobile phone voice and data traffic, according to a story in The Intercept.The hack was detailed in a 2010 GCHQ document leaked by former NSA contractor Edward Snowden, the story said.To read this article in full or to leave a comment, please click here

NSA, UK’s GCHQ reportedly hacked encryption of SIM card maker

Docker Project Announces Open-Source-a-thon to Support Whale and Marine Wildlife Conservation

Docker Project Announces Open-Source-a-thon to Support Whale and Marine Wildlife Conservation Partnering with Oceanic Society to link open source contributions to driving “blue” conservation SAN FRANCISCO – February 19, 2015 – The Docker Project, the open platform for distributed applications, … Continued

BGP Weight Attribute

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
The BGP weight attribute is the first on the list in the BGP best path algorithm Prefer the path with the highest WEIGHT. Note: WEIGHT is a Cisco-specific parameter. It is local to the router on which it is configured. So if you want to influence your BGP routing outbound on a cisco router you... [Read More]

Other pages of interest:

Post taken from CCIE Blog

Original post BGP Weight Attribute

NFD9: Cumulus Networks

Cumulus Networks gave a great presentation at Network Field Day 9. They presented their vision of how they’re working to improve networking. But they were also clear about what they don’t do, and where they will instead enable others.

Linux on a switch? Seems natural to me

Many network engineers started out running cables, and doing low-level networking. They build up to designing & running more complex networks. I came at it from a different direction. I first ran Linux systems in 1999. My first professional job was working with HP-UX in 2000, and I later moved into running Check Point firewalls on Nokia IPSO. I was well-used to working with Unix-like systems, and it was completely natural to me to run tcpdump on a network device.

To become an effective network security engineer, I had to learn more about routing & switching. But because I had that *nix background, I was always frustrated by the limited capabilities offered by IOS. “| include” is a poor substitute for grep. Yes, you can do some stuff with TCL, but would you want to? Packet capture was a poor joke until recently.

So when I first heard about Cumulus, it made a Continue reading

Nokia, Korea Telecom plan to demo 4G for machines, cars

A slower but more frugal version of LTE that has been customized for the Internet of Things will be demoed at Mobile World Congress next month.LTE was developed to provide high-speed transmission for smartphones and tablets, and has been a success in that regard. But with the growing popularity of connected wearables, smart meters and vehicles, the telecom industry has had to rethink LTE specifications to make it a better fit for related applications.At Mobile World Congress, Nokia and KT (Korea Telecom) will demonstrate a prototype of a customized version, which has been dubbed LTE-M. The alterations include changes to increase battery life and decrease the cost of devices that use it. The latter is in part achieved by decreasing bandwidth, which means less expensive components can be used.To read this article in full or to leave a comment, please click here

You broke the network. Do you confess?

Today we’re taking a deep look into mindset of the network professional – his or her soul -- when it comes to breaking something and owning up to the mistake … or not.Posted to Reddit’s section that is devoted to networking: “Have you ever accidentally broken something then fixed it immediately to find your colleagues praising your skills even though it (was) your lack of skills? How do you react?”The inquisitor answers his own question: “Generally speaking I've always let the peasants (end users) think I'm a wizard while I tell my boss what actually happened. What have you guys done in similar situations?”To read this article in full or to leave a comment, please click here

IDG Contributor Network: An LTE over Wi-Fi spectrum grab is coming

Unlicensed spectrum would be the logical place to expand traffic if, as mobile networks are finding, their licensed spectrum is running out.Why not shift over to unlicensed spectrum? It's unlicensed, after all, so anyone can use it. Who would object?Well, the answer to that question may be a bunch of Wi-Fi users, like you and me, if it doesn't work as promised and stomps on existing use, such as Wi-Fi.Wi-Fi at 5 GHzThe new piggy-backing technology uses the same Wi-Fi band that mobile device users are beginning to take advantage of in the home and workplace. That is 5 GHz—the free-to-use band you'll find in newer routers and mobile devices, like tablets and recent phones.To read this article in full or to leave a comment, please click here

Uber increases funding round by $1B to meet investor demand

The prospect of government oversight and steady stream of security issues facing Uber haven’t scared investors from the ride-hailing company, which will expand its latest round of venture funding by US$1 billion.In December, Uber initially raised $1.2 billion during a funding round. At that time, Uber estimated there was room for an additional $600 million in investments.Investor interest, though, proved greater. To meet the demand, Uber will expand that round and issue approximately 30 million additional shares valued at $33.31, according to documents filed Wednesday with the Delaware secretary of state. Uber is based in San Francisco and incorporated in Delaware.To read this article in full or to leave a comment, please click here

Show 224 – HTTP2. Its The Biggest (Network) Thing Happening on the Internet Today – Repost

HTTP/2 is now submitted to the RFC Editor and will bring major changes to networking. Efficient design means smaller firewalls, less bandwidth and faster response times for users. And the default to encryption means that transparent caches, proxies, IDS/IPS and other network security systems will be seriously impacted.

Author information

Greg Ferro

Greg Ferro is a Network Engineer/Architect, mostly focussed on Data Centre, Security Infrastructure, and recently Virtualization. He has over 20 years in IT, in wide range of employers working as a freelance consultant including Finance, Service Providers and Online Companies. He is CCIE#6920 and has a few ideas about the world, but not enough to really count.

He is a host on the Packet Pushers Podcast, blogger at EtherealMind.com and on Twitter @etherealmind and Google Plus.

The post Show 224 – HTTP2. Its The Biggest (Network) Thing Happening on the Internet Today – Repost appeared first on Packet Pushers Podcast and was written by Greg Ferro.

How to remove the dangerous Superfish adware preinstalled on Lenovo PCs

Lenovo’s been caught going a bit too far in its quest for bloatware money, and the results have put its users at risk. The company has been preloading Superfish, a "visual search" tool that includes adware that fakes the encryption certificates for every HTTPS-protected site you visit, on its PCs since at least the middle of 2014. Essentially, the software conducts a man-in-the-middle attack to fill the websites you visit with ads, and leaves you vulnerable to hackers in its wake.MORE ON NETWORK WORLD: Free security tools you should try You can read all the sordid details here. This article is dedicated to helping you discover whether your Lenovo PC is infected with Superfish, and how to eradicate it if you are.To read this article in full or to leave a comment, please click here

How to remove the dangerous Superfish adware preinstalled on Lenovo PCs

Network Dictionary – Whitebrand Ethernet

Whitebrand is a term used to describe a type of Ethernet switch that is a whitebox or generic manufacture but sold by a known IT brand. Juniper OCX1100, HP Open Network Switches are example. White-Box Switching + Vendor Branding = Whitebrand switching. The other term used is “britebox” but this sounds like dishwashing liquid or something you […]

The post Network Dictionary – Whitebrand Ethernet appeared first on EtherealMind.

Vendors lay groundwork for 5G with greener and faster mobile networks

A new generation of mobile network equipment comes with lofty promises of better coverage and performance for subscribers, by making it easier for operators to add more capacity and support for new radio technologies.Mobile operators are facing a number of challenges, starting with building networks that won’t get overwhelmed by traffic growth mainly driven by video. The most straightforward way of doing this is adding more spectrum—or lanes, if you will—to their networks. It isn’t a coincidence that the recent AWS (Advanced Wireless Service) spectrum auction in the U.S. was a blockbuster and that operators want to use Wi-Fi frequencies for LTE.To read this article in full or to leave a comment, please click here

Extracting the SuperFish certificate

I extracted the certificate from the SuperFish adware and cracked the password ("komodia") that encrypted it. I discuss how down below. The consequence is that I can intercept the encrypted communications of SuperFish's victims (people with Lenovo laptops) while hanging out near them at a cafe wifi hotspot. Note: this is probably trafficking in illegal access devices under the proposed revisions to the CFAA, so get it now before they change the law.

I used simple reversing to find the certificate. As reported by others, program is packed and self-encrypted (like typical adware/malware). The proper way to reverse engineer this is to run the software in a debugger (or IDApro), setting break point right after it decrypts itself. The goal is to set the right break point before it actually infects your machine -- reversers have been known to infect themselves this way.

The ghetto way is to just to run this on a machine, infecting yourself, and run "procdump" (by @markrussinovich) in order to dump the process's memory. That's what I did, by running the following command:

procdump -ma VisualDiscovery.exe super.dmp

The proper reversing is to actually tear apart the memory structures, such Continue reading

Sprint and T-Mobile defend unlocking policies

Sprint and T-Mobile separately defended their smartphone and tablet unlocking policies on Wednesday following criticism from independent researcher Sina Khanifar.Sprint in a short statement said that as of Feb. 11, it had "implemented all six of the principles contained in the CTIA [Consumer Code] unlocking agreement, and we appreciate the FCC's recognition that the country's major providers have met their commitment."The FCC last week applauded carriers for meeting voluntary unlocking principals by the Feb. 11 deadline.To read this article in full or to leave a comment, please click here

The Cisco CNPES Cert, First Exam (600-504) and Course

Do you think of yourself as a network engineer? Cisco’s Network Programmability Engineer Specialist (CPNES) certification represents Cisco’s first crack at a certification focused on network engineering in an SDN world. Today’s post begins to examine this certification by looking at the first of the two required exams: the 600-504 NPENG exam. We’ll look at both the exam and a related video course.

Overview

First, to set the stage, Cisco currently offers four network programmability certifications. Loosely you can think of these as two networking-focused certs, and two development-focused certs, based on job roles. For the two networking-focused certs, one focuses on design, while one (the one discussed here) looks at engineering and implementation.

Figure 1: Overview of Cisco SDN Certifications

Today’s post focuses on the cisco network programmability engineering specialist (CNPES) cert, and specifically the first exam: the 600-504 NPENG exam. Basically, the NPENG exam covers SDN implementation but excludes ACI, while the second required exam, 600-512 NPENGACI, includes ACI.

This list provides the links for more details – for the certification, each of the two exams, and each of Cisco’s two Continue reading

Lenovo PCs ship with adware that puts computers at risk

Some Windows laptops made by Lenovo come pre-loaded with an adware program that exposes users to security risks.The software, Superfish Visual Discovery, is designed to insert product ads into search results on other websites, including Google.However, since Google and some other search engines use HTTPS (HTTP Secure), the connections between them and users’ browsers are encrypted and cannot be manipulated to inject content.To overcome this, Superfish installs a self-generated root certificate into the Windows certificate store and then acts as a proxy, re-signing all certificates presented by HTTPS sites with its own certificate. Because the Superfish root certificate is placed in the OS certificate store, browsers will trust all fake certificates generated by Superfish for those websites.To read this article in full or to leave a comment, please click here

« Previous 1 … 3,475 3,476 3,477 3,478 3,479 … 3,694 Next »