Using local tcpdump for transit traffic

I was wondering if I can use the embedded tcpdump of Junos to monitor transit traffic. I found a way to do it and this short post explains how to do that. This tip works only on TRIO Line cards. My setup has been tested on Junos 12.3. I used several features:...

Evaluation Guide: Encryptors for Metro and Carrier Ethernet

Christoph Jaggi, the author of Metro Ethernet and Carrier Ethernet Encryption Market Overview published an awesome follow-up document: an evaluation guide that lists most of the gotchas one has to be aware of when considering encryption gear, from deployment scenarios, network overhead and key exchange details to operational considerations. If you have to deal with any aspect of network encryption, this document is a must-read.

Download the document

Xiaomi’s fitness tech to help power smart shoes

After releasing a fitness smartband, China’s Xiaomi is helping to bring the technology to smart shoes.Chinese athletic footwear maker Li-Ning is tapping into Xiaomi’s ecosystem by using the smartphone company’s mobile exercise app on two of its running shoe products. Li-Ning is also working with Huami Technology, a Xiaomi-invested company that designed its fitness smartband, to develop the shoes.Unveiled back in July, the “Mi Band” can synch with Android phones, and tracks exercise stats, such as steps taken, calories burnt, and hours slept. But perhaps its major draw is its cheap price, at about US$13.To read this article in full or to leave a comment, please click here

OpenSSL mystery patches due for release Thursday

New versions of OpenSSL will be released on Thursday to patch several security vulnerabilities, one of which is considered highly serious, according to the OpenSSL Project Team.An advisory published on Monday did not give further details of the vulnerabilities, presumably so as to not tip off hackers and perhaps to give some organizations time to patch in the meantime.The updates will be included in OpenSSL versions 1.0.2a, 1.0.1m, 1.0.0r and 0.9.8zf, the advisory said.A number of serious problems have been found over the last year in OpenSSL, which is widely used open-source software that encrypts communications using the SSL/TLS (Secure Sockets Layer/Transport Layer Security) protocol, a cornerstone of Web security.To read this article in full or to leave a comment, please click here

Researchers find same RSA encryption key used 28,000 times

What if the key to your house was shared with 28,000 other homes?That’s essentially what researchers with Royal Holloway of the University of London discovered last week while scanning the Internet to see how many servers and devices are still vulnerable to the Web security flaw known as “FREAK.”Revealed on March 3, the FREAK flaw can let an attacker weaken a connection that uses the SSL/TLS (Secure Sockets Layer/Transport Security Layer) protocol, making it much easier to break the encryption and view the traffic. It was the latest in a string of flaws found over the last year in widely used open-source software.To read this article in full or to leave a comment, please click here

What, me worry? Despite Snowden leaks, Americans’ use of the ‘Net largely unchanged

Don’t worry, be happy. That seems to be the attitude most Americans have toward widespread government snooping on their Internet activities.Numerous leaks illuminating the massive scale of government surveillance programs have not rattled Americans. Relatively few people have made major changes to better secure their online communications and activities, even after the alarming revelations in Edward Snowden’s leaked NSA documents, according to the results of a Pew Research Center survey published Monday.Snowden, a former contractor for the NSA, blew the lid off government monitoring programs starting in mid-2013, leaking documents that reportedly showed how the U.S. government monitored and collected people’s personal data held by Internet and telecom companies.To read this article in full or to leave a comment, please click here

Intel doesn’t want Curie wearable computer making fashion statements

Intel wants wearable device technology to be inconspicuous, so it’s making its Curie wearable computer available through a button-sized board or as part of a chip package. The Curie, slated to ship in the second half of the year, was first shown at CES in the form of a button-sized computer on Intel CEO Brian Krzanich’s suit. The almost invisible Curie had technology that could read heart rates, and transfer the data wirelessly using Bluetooth. Blending technology discreetly into wearables is Intel’s goal with Curie, which will go into a wide range of tiny coin battery devices that can run for days and months without a recharge. The wearable computer is for non-technical customers, such as companies outside of the IT industry, that want to plug and play technology into devices, clothes and accessories.To read this article in full or to leave a comment, please click here

BlackBerry teams with Samsung on locked-down, high-priced tablet

This past weekend, at the CeBIT show in Hannover, Germany, BlackBerry announced its next tablet computer ... sort of. The Secusmart SecuTABLET is a customized version of Samsung's popular Galaxy Tab S 10.5 Wi-Fi + LTE tablet, with secure software from Secusmart and IBM. BlackBerry acquired Secusmart, a company that makes software and services for secure communications, last July.To read this article in full or to leave a comment, please click here

State Dept. expects email back online later Monday

The U.S. Department of State expects its main unclassified email system to be back in operation later Monday after security upgrades, but wider Internet access could take longer to get back online.The department, which says it fights off “thousands” of hacking attacks each day, took its system offline over the weekend “to ensure the integrity” of the network.“It was about further enhancing our security capabilities,” State Dept. spokeswoman Jen Psaki said at a regular briefing on Monday.She said it would take some time for the entire Internet system to be back online at the government department, but email would be the first step and is expected to return on Monday night.To read this article in full or to leave a comment, please click here

Microsoft Dynamics CRM gets an analytics-infused update

Following the launch of Dynamics CRM 2015 last November, Microsoft on Monday announced a Spring update to the software that promises new social, mobile and analytics capabilities along with closer integration with Office 365.On the social front, for instance, the Spring ‘15 release of Microsoft’s customer relationship management suite offers a new social center where marketing, sales and service teams can monitor social topics and engage directly with communities. Companies can create end-to-end customer engagements from social posts, while social analytics tools now offer text mining, cloud visualization and a social activity map. Tying it all together, Microsoft said, is a redesigned user interface.To read this article in full or to leave a comment, please click here

VMware opens up on Cisco

As Cisco and VMware run virtually neck-and-neck in the SDN market, the two continue the war of words on the mindshare battlefield. Cisco posted another blog item last month which included points critical of VMware’s NSX network virtualization platform -- Cisco believes VMware imposes restrictions on which version of Open vSwitch to use with the product and limits VTEP integration:To read this article in full or to leave a comment, please click here

Networking’s open at last. Now what?

Networking hardware and spontaneous applause don’t often go together, but Facebook’s Omar Baldonado set off a round of cheering this week when he told engineers there’s finally an open-source hardware design that they can use to build switches.It was a goal the Open Compute Project had been working toward since mid-2013, and though the breakthrough happened late last year, Baldonado’s speech at the organization’s summit in San Jose, California, was a occasion for line-rate, no-packets-barred celebration.OCP had done the same thing for networking that it did for computing: Make hardware designs openly available, so vendors can build lots of different boxes easily and cheaply, and promote open software development to give IT teams a choice of what to deploy.To read this article in full or to leave a comment, please click here

Apple Watch app development pales in comparison to Android Wear

When compared side-by-side, the Apple Watch and Android Wear platforms have some similarities, but not many. A look at Apple's WatchKit, the programming tools used to create apps, gives a first impression that the Apple Watch's capabilities are currently limited.The first release of Google Glass gave developers limited access for building their apps, which captured developers' imaginations. Nine months later, Google released a comprehensive software development kit (SDK.) After listening to Augmate senior engineer Mike DiGiovanni's talk comparing WatchKit and Android Wear at the Wearable Tech Conference, the Apple Watch-like early Google Glass appears incomplete, and will likely get a comprehensive SDK update after Apple has field-tested WatchKit with its developer community.To read this article in full or to leave a comment, please click here

USB-C: What you need to know about Apple’s newest port

Apple's special media event last week wasn't solely focused on the upcoming Apple Watch. Per usual, Apple had a few tricks up its sleeve. Specifically, Apple surprised almost everyone when it introduced a new and incredibly thin 12-inch Retina MacBook. What makes Apple's new MacBook so fascinating is that it only comes with one port – USB-C. Just one solitary USB port to rule them all, as many people have jokingly characterized it. In other words, there's no MagSafe, there's no Thunderbolt, and there are no additional USB ports. All of the ports we've come to know and love are nowhere to be found on Apple's new super light and stylish MacBook.To read this article in full or to leave a comment, please click here

USB C – What you need to know about Apple’s newest port

Apple's special media event wasn't all about the upcoming Apple Watch. Per usual, Apple had a few tricks up its sleeve. Specifically, Apple surprised almost everyone when they introduced a new and incredibly thin 12-inch Retina MacBook.What makes Apple's new MacBook so fascinating is that it only comes with one port -- USB C. Just one solitary USB port to rule them all, as many people have jokingly characterized it. In other words, there's no MagSafe, there's no Thunderbolt, and there are no additional USB ports. All of the ports we've come to know and love are nowhere to be found on Apple's new super light and stylish MacBook.But just what is USB C, exactly, and why are so many people exceedingly excited about its inclusion on the soon to be released MacBook?To read this article in full or to leave a comment, please click here

EU Parliamentarians visit U.S. to talk data protection, mass surveillance

Data protection and mass surveillance are high on the agenda for talks between members of the European Parliament (MEPs) and their U.S. counterparts in Washington, D.C., this week.A delegation of 11 MEPs, all members of the Parliament’s Civil Liberties, Justice and Home Affairs Committee (LIBE), are in Washington to discuss major issues. One of them is the renewal of the so-called Safe Harbor deal that regulates the transfer of personal data of EU citizens to the U.S.In the wake of Edward Snowden’s 2013 revelations about U.S. government spying, the European Commission—the E.U.’s executive branch—gave the U.S. 13 demands that it wanted met in order for the Safe Harbor deal to continue. So far, however, no agreement has been reached. A summer 2014 deadline was postponed and the Commission now hopes to conclude talks on the deal by the end of May.To read this article in full or to leave a comment, please click here

Ansible and MindPoint Group Deliver Automation for Government STIG Compliance

Ansible has teamed with security consultancy MindPoint Group to develop, release, and support a set of Ansible Roles that will save IT organizations considerable amounts of time when applying and maintaining security baselines such as the DISA STIG or CIS benchmark to IT environments.

Why MindPoint Group? That answer is simple. MindPoint Group has a singular focus which has led to an excellent reputation for delivering end-to-end security solutions to commercial and government clients alike.  This focus, coupled with their love of Ansible, made MindPoint Group a natural choice for partnering on the development of free-and-open security baseline roles and playbooks.

The best part? This relationship is already helping Ansible users.

STIG

The first Role is for the DISA STIG on RHEL 6 (and variant systems) and is now available in Ansible Galaxy. This Role enables customers to automate the application and management of STIG-compliant systems in their environments, all the while leveraging Ansible’s agentless management framework.  When applied using Ansible, the RHEL 6 STIG Role automates a significant amount of the manual and redundant scripting and remediation that IT organizations often rely on to ensure they meet the STIG OS requirements.

Releasing this important Role is just the beginning. Continue reading

IDG Contributor Network: Understanding mood is the next task for the Internet of Things

A few years ago, I can remember the disbelief from friends of the rapidly appearing slew of free internet services being bandied around. Facebook was free. Google Maps was free. "How can that be?" We all though. "Why don't the sites cost anything?"The smart ones delved in a bit deeper and found the answer: analytics.We all know the answer now. It took a few years, but pretty much the entire world now knows that the answer is simply that free isn't free. There's no such thing as a free lunch. We are in fact selling our souls for free Facebook and its ilk.TradeThat unfettered gift bag of online collectanea is provided through a trade: you give the online service insight into your behavior, which it can sell, and it'll give you free stuff, to keep you performing more behavioral actions. In other words, analytics.To read this article in full or to leave a comment, please click here

Yahoo’s new on-demand password system is no replacement for two-factor authentication

In an effort to simplify authentication for its services, Yahoo has introduced a new mechanism that allows users to log in with temporary passwords that are sent to their mobile phones.If this sounds like a two-factor authentication system where users need to provide one-time codes sent to their mobile phones in addition to their static passwords, it’s not. Yahoo already had that option.Instead, the new log-in mechanism, which is based on what Yahoo calls on-demand passwords, still relies on a single factor, the user’s phone number.Yahoo users—only those based in the U.S. for now—can turn on the new feature from their account security settings on Yahoo’s site. They will need to provide a phone number and then confirm that they have access to it by inputting a verification code sent to them via SMS.To read this article in full or to leave a comment, please click here

1 3,495 3,496 3,497 3,498 3,499 3,754