Listening is crucial in the design phase of a project. In this video clip, Angela Andrews joined the Day Two Cloud podcast to explain why.
The post If You Don’t Listen, Your Design Will Fail (Video) appeared first on Packet Pushers.
The Project Calico community is one of the most collaborative and supportive communities in the open-source space. Our community has shown great engagement through the years, which has helped us maintain and grow the project.
Thanks to our 200+ contributors from all over the world, Calico Open Source (the solution born out of the project) is powering 1.5M+ nodes daily across 166 countries. Our engineering team is committed to maintaining Calico Open Source as the leading standard for container and Kubernetes networking and security!
Given our community’s passion for Project Calico, we wanted to give its members a chance to inspire others by telling their stories. To this end, we are very excited to announce our new Calico Big Cats ambassador program!
Calico Big Cats is an ambassador program that provides a platform for our community to talk about their experiences with Calico. The goal is to help community members connect, inspire, and share common challenges and ways to overcome these challenges using Calico and other tools.
If you have experience with Project Calico, recognize its value in the open-source networking and security domain, and are passionate about sharing Continue reading
New networking myths are continuously popping up. Here’s a BGP one I encountered a few days ago:
You don’t need IBGP sessions between BGP route reflectors
In general, that’s clearly wrong, as illustrated by this setup:
New networking myths are continuously popping up. Here’s a BGP one I encountered a few days ago:
You don’t need IBGP sessions between BGP route reflectors
In general, that’s clearly wrong, as illustrated by this setup:
In my previous two posts I set up a login prompt on a bluetooth serial port and then switched to running SSH on it.
I explicitly did not set up an IP network over bluetooth as I want to minimize the number of configurations (e.g. IP address) and increase the chance of it working when needed.
E.g. firewall misconfiguration or Linux’s various “clever” network managers that tend to wipe out network interface configs would have more of a shared fate with the primary access method (SSH over normal network).
This post is about how to accomplish this more properly.
The problems now being solved are:
It wasn’t entirely reliable. The rfcomm tool is pretty buggy.
There was no authentication of the Bluetooth channel. Not as much a problem when doing SSH, but if there are passwords then there could be a man-in-the-middle attack.
The server side had to remain discoverable forever. So anyone who scans for nearby bluetooth devices would see your servers, and would be able to connect, possibly brute forcing passwords. Not as much of a problem if running SSH with password authentication turned off, but why broadcast the name of a server if you don’t Continue reading
Whenever one company buys another, every product line, every research project, and every employee is ultimately in play. …
Cray’s Slingshot Interconnect Is At The Heart Of HPE’s HPC And AI Ambitions was written by Timothy Prickett Morgan at The Next Platform.
For the Beijing 2022 Winter Olympics, the Chinese government requires everyone to download an app onto their phone. It has many security/privacy concerns, as CitizenLab documents. However, another researcher goes further, claiming his analysis proves the app is recording all audio all the time. His analysis is fraudulent. He shows a lot of technical content that looks plausible, but nowhere does he show anything that substantiates his claims.
Average techies may not be able to see this. It all looks technical. Therefore, I thought I'd describe one example of the problems with this data -- something the average techie can recognize.
His "evidence" consists screenshots from reverse-engineering tools, with red arrows pointing to the suspicious bits. An example of one of these screenshots is this on:
Today on the Tech Bytes podcast we’re talk network security at scale. That is, in a cloud environment, how can you build security capabilities and features into the network while also being able to keep up with security policies, operations, compliance, and more. Our sponsor is Aviatrix, which provides multi-cloud networking software for public clouds.
The post Tech Bytes: Embedding Network Security Into Your Cloud Network (Sponsored) appeared first on Packet Pushers.
This week's Network Break looks at new router silicon from Juniper, why NVIDIA's acquisition bid for Arm is running into headwinds, a new LiveAction service that inspects encrypted traffic for threats, financial results from Juniper and Extreme, and more tech news.
The post Network Break 367: New Custom ASICs For Juniper Routers; Regulators, NVIDIA Arm Wrestle appeared first on Packet Pushers.