SSH over bluetooth – cleanly

In my previous two posts I set up a login prompt on a bluetooth serial port and then switched to running SSH on it.

I explicitly did not set up an IP network over bluetooth as I want to minimize the number of configurations (e.g. IP address) and increase the chance of it working when needed.

E.g. firewall misconfiguration or Linux’s various “clever” network managers that tend to wipe out network interface configs would have more of a shared fate with the primary access method (SSH over normal network).

This post is about how to accomplish this more properly.

The problems now being solved are:

  • It wasn’t entirely reliable. The rfcomm tool is pretty buggy.

  • There was no authentication of the Bluetooth channel. Not as much a problem when doing SSH, but if there are passwords then there could be a man-in-the-middle attack.

  • The server side had to remain discoverable forever. So anyone who scans for nearby bluetooth devices would see your servers, and would be able to connect, possibly brute forcing passwords. Not as much of a problem if running SSH with password authentication turned off, but why broadcast the name of a server if you don’t Continue reading

No, a researcher didn’t find Olympics app spying on you

For the Beijing 2022 Winter Olympics, the Chinese government requires everyone to download an app onto their phone. It has many security/privacy concerns, as CitizenLab documents. However, another researcher goes further, claiming his analysis proves the app is recording all audio all the time. His analysis is fraudulent. He shows a lot of technical content that looks plausible, but nowhere does he show anything that substantiates his claims.

Average techies may not be able to see this. It all looks technical. Therefore, I thought I'd describe one example of the problems with this data -- something the average techie can recognize.

His "evidence" consists screenshots from reverse-engineering tools, with red arrows pointing to the suspicious bits. An example of one of these screenshots is this on:


This screenshot is that of a reverse-engineering tool (Hopper, I think) that takes code and "disassembles" it. When you dump something into a reverse-engineering tool, it'll make a few assumptions about what it sees. These assumptions are usually wrong. There's a process where the human user looks at the analyzed output, does a "sniff-test" on whether it looks reasonable, and works with the tool until it gets the assumptions correct.

That's the red flag Continue reading

Tech Bytes: Embedding Network Security Into Your Cloud Network (Sponsored)

Today on the Tech Bytes podcast we’re talk network security at scale. That is, in a cloud environment, how can you build security capabilities and features into the network while also being able to keep up with security policies, operations, compliance, and more. Our sponsor is Aviatrix, which provides multi-cloud networking software for public clouds.

The post Tech Bytes: Embedding Network Security Into Your Cloud Network (Sponsored) appeared first on Packet Pushers.

Network Break 367: New Custom ASICs For Juniper Routers; Regulators, NVIDIA Arm Wrestle

This week's Network Break looks at new router silicon from Juniper, why NVIDIA's acquisition bid for Arm is running into headwinds, a new LiveAction service that inspects encrypted traffic for threats, financial results from Juniper and Extreme, and more tech news.

The post Network Break 367: New Custom ASICs For Juniper Routers; Regulators, NVIDIA Arm Wrestle appeared first on Packet Pushers.

China finally green lights AMD–Xilinx merger

AMD has been given the green light by the Chinese government to acquire FPGA giant Xilinx. No formal announcement has been made, but eagle-eyed writers spotted the detail in an 8-K filing with the U.S. Securities and Exchange Commission.The deal was first announced in October 2020. The U.S. and EU have already approved the acquisition, but in late December, AMD said it had to delay closing as China's regulators slow-walked the deal. Then came the filing this week:To read this article in full, please click here

China finally green lights AMD–Xilinx merger

AMD has been given the green light by the Chinese government to acquire FPGA giant Xilinx. No formal announcement has been made, but eagle-eyed writers spotted the detail in an 8-K filing with the U.S. Securities and Exchange Commission.The deal was first announced in October 2020. The U.S. and EU have already approved the acquisition, but in late December, AMD said it had to delay closing as China's regulators slow-walked the deal. Then came the filing this week:To read this article in full, please click here

China finally green lights AMD/Xilinx merger

AMD has been given the green light by the Chinese government to acquire FPGA giant Xilinx. No formal announcement has been made, but eagle-eyed writers spotted the detail in an 8-K filing with the U.S. Securities and Exchange Commission.The deal was first announced in October 2020. The U.S. and EU have already approved the acquisition, but in late December, AMD said it had to delay closing as China's regulators slow-walked the deal. Then came the filing this week:To read this article in full, please click here

Cloudflare Partner Program Now Supports SASE & Zero Trust Managed Services

Cloudflare Partner Program Now Supports SASE & Zero Trust Managed Services
Cloudflare Partner Program Now Supports SASE & Zero Trust Managed Services

The importance of the Cloudflare Partner Network was on full display in 2021, with record level partner growth in 2021 and aiming even higher in 2022. We’ve been listening to our partners and working to constantly strengthen our ability to deliver value for businesses of all types. An area we identified we could do better, is a program to support “service partners” that want to wrap managed and professional services around Cloudflare products. Today, we are excited to announce the next evolution of the Cloudflare Channel and Alliances Partner Program to specifically enable partners that provide services around Cloudflare products with recurring revenue streams as they equip businesses of all sizes and types with Cloudflare’s leading Zero Trust and SASE solutions.

Cloudflare Partner Program Now Supports SASE & Zero Trust Managed Services

Core to enabling Services Partners are some exciting enhancements:

  • New Program Paths
  • New Managed Services Partner (MSP) Accreditation.
  • New Support & Go-To-Market Motions

New Program Paths

We have seen a 29% increase in ransom DDoS attacks over the past year and a 175% increase just last quarter. Partners continue to be on the front lines helping mitigate and prevent disruption from these events as they extend our services. Our goal for 2022 is to arm our partners with the Continue reading

Cisco Brings Webex Collaboration to SD-WAN Cloud Program

The dramatic shift to remote work brought on two years ago by the onset of the COVID-19 pandemic forced companies to almost overnight not only adapt their business models but also to focus on technologies that would allow them and their employees to operate productively and securely. That included embracing connectivity solutions to ensure access to the applications and data critical for getting the job done and collaboration tools to enable employees to more easily work together even if they were located many miles apart. All that has accelerated the growth in such markets at software-defined networking (SD-WAN) and video conferencing and remote communications offerings like Microsoft Teams, Cisco System’s Webex and Zoom. Reliance on such technologies will only grow, given that many companies expect to continue a hybrid work environment even after the pandemic lifts. blog post this week pointed to numbers from Gartner that showed that 48% of employees are expected to work remotely post-pandemic and that hybrid workplaces will become commonplace. “In this new norm, seamless communication and collaboration will be the bare minimum for enterprises to achieve workforce productivity Continue reading

How and why to adopt SDN despite its dark side

Five enterprise network operations managers told me they were very concerned about recent cloud outages. Why? Because every one of the outages were caused by network problems. Four of the five managers admitted that in their own containerized data centers, their problems came more often from networks than from servers. Why is this happening? Answer, according to enterprises: more isn’t better.Complexity is the enemy of efficient operations and management. The sheer volume of things going on can swamp management centers and even management tools. If you add in multiple vendors and multiple technologies that create differences in operations practices, you get something very messy. But it’s more than just size or technology scope that’s making network operations complicated, it’s the way networks work.To read this article in full, please click here

Top 10 outages of 2021

The biggest outages of 2021 had one thing in common: they affected major infrastructure or services providers and, as a result, affected large numbers of enterprises and end users. The lesson? Companies need to be careful about putting all their infrastructure eggs in one basket, or, if they must, to prepare for downtime if that particular service goes down."There needs to be a plan in place," says Angelique Medina, head of product marketing at ThousandEyes, a Cisco-owned network intelligence company that tracks internet and cloud traffic. "Organizations don't need to be at the mercy of the availability of any one particular service."To read this article in full, please click here

My Journey to Getting AWS Certified Advanced Networking – Specialty Certified

Last week I took and passed the AWS Certified Advanced Networking – Specialty exam on my first attempt. In this post I will describe the study materials that I used and talk about my experience of taking this test.

What type of skills does this exam test? This is a quote from AWS:

Earning AWS Certified Advanced Networking – Specialty validates expertise in designing and maintaining network architecture for the breadth of AWS services.

The key here I think is “for breadth of AWS services”. It’s not enough to only understand general networking in AWS, you need to understand how to do networking for different AWS services such as S3, WorkSpaces, Lambda, storage gateway, and so on. There is no actual prerequisite to take the exam but it definitely doesn’t hurt if you already have the Solutions Architect Associate (this was previously a prereq) as it will help you in understanding what services are available.

The following is also listed as recommendations for who should take this exam:

  • Professional experience using AWS technology, AWS security best practices, AWS storage options and their underlying consistency models, and AWS networking nuances and how they relate to the integration of AWS services.
  • Knowledge Continue reading

Cisco DCAUTO exam study resources

I just passed the Cisco DevNet DCAUTO (300-635) exam (Yay!). This is my 3rd Cisco exam on network automation after NPDESI in 2018 (replaced now by the DevNet program), and DevNet CORE (DEVCOR) in 2020. But this time, I documented everything I read, so I could report it here and build a Cisco DCAUTO exam study resources. By doing this, I hope to help anyone who wants to study for this certification. And, as I have already passed the DevNet CORE exam, I am now Cisco certified DevNet Professional.  …

The post Cisco DCAUTO exam study resources appeared first on AboutNetworks.net.

1 549 550 551 552 553 3,808