NetworkingNexus.net

RFC 7454: BGP Operations and Security

After almost exactly three years of struggles our BGP Operations and Security draft became RFC 7454 – a cluebat (as Gert Doering put it) you can use on your customers and peers to help them fix their BGP setup.

Without Jerome Durand this document would probably remain forever stuck in the draft phase. It’s amazing how many hurdles one has to jump over to get something published within IETF. Thanks a million Jerome, you did a fantastic job!

TrueCrypt audit back on track after silence and uncertainty

An effort to search for cryptographic flaws in TrueCrypt, a popular disk encryption program, will resume even though the software was abandoned by its creators almost a year ago.For years TrueCrypt has been the go-to open-source tool for people looking to encrypt files on their computers, especially since it’s one of the few solutions to allow encrypting the OS volume.In October 2013, cryptography professor Matthew Green and security researcher Kenneth White launched a project to perform a professional security audit of TrueCrypt. This was partly prompted by the leaks from former U.S. National Security Agency contractor Edward Snowden that suggested the NSA was engaged in efforts to undermine encryption.To read this article in full or to leave a comment, please click here

Apple, Japan Display said to discuss new iPhone screen plant

Apple is in talks with iPhone screen maker Japan Display that could result in the construction of a new screen factory in Japan, Japanese media reported Friday.Apple would take on most of the ¥200 billion (US$1.6 billion) investment for the factory in Ishikawa Prefecture in central Japan, according to reports in Nikkan Kogyo Shimbun and Jiji Press, which did not name any sources.The plant in Hakusan City could begin operations in 2016, producing LCD panels for Apple and other manufacturers. But Apple is also in talks with other suppliers including Foxconn, and the situation is fluid, the reports said.To read this article in full or to leave a comment, please click here

Using sipcalc The Great and Powerful Subnet Calculator

In the CCNA days we all had to learn how to subnet and work with binary. This was either on paper or in your head if you were quick enough to do it. This really is an invaluable skill when speaking,...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Using sipcalc The Great and Powerful Subnet Calculator

Using Python’s Virtual Environments with Git For More Than Coding

Most think of python virtualenv as a way to create isolated development environments within a single PC, Laptop, Server, whatever their choice is...

[[ Summary content only, you can read everything now, just visit the site for full story ]]

Using sipcalc The Great and Powerful Subnet Calculator

Yahoo courts developers at its first mobile conference

Mobile users have become a vital part of Yahoo’s recovery effort, and on Thursday it tried to woo developers with new tools to help them build better apps using its services.The company held its first-ever mobile developer conference in San Francisco on Thursday, where it unveiled tools that help developers collect data about their apps and make money from them using Yahoo advertising services.Many of the tools come courtesy of Flurry, a mobile analytics and advertising company Yahoo acquired last year. Flurry now has more than 200,000 developers using it’s tools, Yahoo CEO Marissa Mayer said Thursday. Yahoo hopes to get even more developers on board by giving them new ways to see how their apps are performing and by baking Yahoo advertising options directly into Flurry.To read this article in full or to leave a comment, please click here

Android malware fakes phone shutdown to steal data

Next time you turn off your Android phone, you might want take the battery out just to be certain.Security vendor AVG has spotted a malicious program that fakes the sequence a user sees when they shut off their phone, giving it freedom to move around on the device and steal data.When someone presses the power button on a device, a fake dialog box is shown. The malware then mimics the shutdown animation and appears to be off, AVG’s mobile malware research team said in a blog post.“Although the screen is black, it is still on,” they said. “While the phone is in this state, the malware can make outgoing calls, take pictures and perform many other tasks without notifying the user.”To read this article in full or to leave a comment, please click here

Lenovo admits to Superfish screw-up, will release clean-up tool

Lenovo has admitted it “messed up badly” by pre-loading software on some consumer laptops that exposed users to possible attack, and said it will soon release a tool to remove it.“I have a bunch of very embarrassed engineers on my staff right now,” Lenovo CTO Peter Hortensius said in an interview Thursday. “They missed this.”Users have been complaining since September about the third-party program, called Superfish, which injects product recommendations into search results. But it only emerged Wednesday that the program also opens a serious security hole.To read this article in full or to leave a comment, please click here

Google Cloud offers security scanning for customer apps

Google has released a security scanner to help its cloud customers guard against attacks on their Web applications.Google Cloud Security Scanner, now available as a free beta for Google App Engine users, is designed to overcome a number of limitations often found in commercial Web application security scanners, noted Google security engineering manager Rob Mann in a blog post announcing the new service.Commercials scanners can be difficult to set up. They can over-report issues, leading to too many false positives. They are designed more for security professionals than developers.To read this article in full or to leave a comment, please click here

Startup makes LibreOffice, OpenOffice available for Firefox smartphones

A startup that uses the cloud to bring desktop applications to mobile devices has expanded its offerings for Mozilla’s Firefox OS.LibreOffice and OpenOffice are now available to people with smartphones running Firefox OS. The office suites can be found in Mozilla’s Marketplace app store along with other programs offered by rollApp, a venture capital-backed company based in Palo Alto, Calif.With the addition of LibreOffice and OpenOffice, rollApp has made 18 applications available for Firefox OS users.RollApp hosts copies of software on its servers and allows people to access the applications via browsers.The software hosted by rollApp cover a range of applications including computer-aided design, worker productivity and software development. The 130 apps offered also include games. However, don’t expect to find any popular proprietary programs like Microsoft Office. For now, all of rollApp’s software-as-a-service offerings are for free and open source applications.To read this article in full or to leave a comment, please click here

NSA, UK’s GCHQ reportedly hacked encryption of SIM card maker

U.S. and U.K. intelligence agencies have reportedly hacked into the computer network of giant SIM card maker Gemalto and taken smartphone encryption keys potentially used by customers of hundreds of mobile phone carriers worldwide.The Gemalto hack, by the U.S. National Security Agency and the U.K. Government Communications Headquarters (GCHQ), allowed the two spy agencies to monitor a large portion of the world’s mobile phone voice and data traffic, according to a story in The Intercept.The hack was detailed in a 2010 GCHQ document leaked by former NSA contractor Edward Snowden, the story said.To read this article in full or to leave a comment, please click here

NSA, UK’s GCHQ reportedly hacked encryption of SIM card maker

Docker Project Announces Open-Source-a-thon to Support Whale and Marine Wildlife Conservation

Docker Project Announces Open-Source-a-thon to Support Whale and Marine Wildlife Conservation Partnering with Oceanic Society to link open source contributions to driving “blue” conservation SAN FRANCISCO – February 19, 2015 – The Docker Project, the open platform for distributed applications, … Continued

BGP Weight Attribute

Original content from Roger's CCIE Blog Tracking the journey towards getting the ultimate Cisco Certification. The Routing & Switching Lab Exam
The BGP weight attribute is the first on the list in the BGP best path algorithm Prefer the path with the highest WEIGHT. Note: WEIGHT is a Cisco-specific parameter. It is local to the router on which it is configured. So if you want to influence your BGP routing outbound on a cisco router you... [Read More]

Other pages of interest:

Post taken from CCIE Blog

Original post BGP Weight Attribute

NFD9: Cumulus Networks

Cumulus Networks gave a great presentation at Network Field Day 9. They presented their vision of how they’re working to improve networking. But they were also clear about what they don’t do, and where they will instead enable others.

Linux on a switch? Seems natural to me

Many network engineers started out running cables, and doing low-level networking. They build up to designing & running more complex networks. I came at it from a different direction. I first ran Linux systems in 1999. My first professional job was working with HP-UX in 2000, and I later moved into running Check Point firewalls on Nokia IPSO. I was well-used to working with Unix-like systems, and it was completely natural to me to run tcpdump on a network device.

To become an effective network security engineer, I had to learn more about routing & switching. But because I had that *nix background, I was always frustrated by the limited capabilities offered by IOS. “| include” is a poor substitute for grep. Yes, you can do some stuff with TCL, but would you want to? Packet capture was a poor joke until recently.

So when I first heard about Cumulus, it made a Continue reading

Nokia, Korea Telecom plan to demo 4G for machines, cars

A slower but more frugal version of LTE that has been customized for the Internet of Things will be demoed at Mobile World Congress next month.LTE was developed to provide high-speed transmission for smartphones and tablets, and has been a success in that regard. But with the growing popularity of connected wearables, smart meters and vehicles, the telecom industry has had to rethink LTE specifications to make it a better fit for related applications.At Mobile World Congress, Nokia and KT (Korea Telecom) will demonstrate a prototype of a customized version, which has been dubbed LTE-M. The alterations include changes to increase battery life and decrease the cost of devices that use it. The latter is in part achieved by decreasing bandwidth, which means less expensive components can be used.To read this article in full or to leave a comment, please click here

You broke the network. Do you confess?

Today we’re taking a deep look into mindset of the network professional – his or her soul -- when it comes to breaking something and owning up to the mistake … or not.Posted to Reddit’s section that is devoted to networking: “Have you ever accidentally broken something then fixed it immediately to find your colleagues praising your skills even though it (was) your lack of skills? How do you react?”The inquisitor answers his own question: “Generally speaking I've always let the peasants (end users) think I'm a wizard while I tell my boss what actually happened. What have you guys done in similar situations?”To read this article in full or to leave a comment, please click here

« Previous 1 … 3,634 3,635 3,636 3,637 3,638 … 3,855 Next »