NetworkingNexus.net

NATs, PATs, and Network Hygiene

While reading a research paper on address spoofing from 2019, I ran into this on NAT (really PAT) failures—

In the first failure mode, the NAT simply forwards the packets with the spoofed source address (the victim) intact … In the second failure mode, the NAT rewrites the source address to the NAT’s publicly routable address, and forwards the packet to the amplifier. When the server replies, the NAT system does the inverse translation of the source address, expecting to deliver the packet to an internal system. However, because the mapping is between two routable addresses external to the NAT, the packet is routed by the NAT towards the victim.

The authors state 49% of the NATs they discovered in their investigation of spoofed addresses fail in one of these two ways. From what I remember way back when the first NAT/PAT device (the PIX) was deployed in the real world (I worked in TAC at the time), there was a lot of discussion about what a firewall should do with packets sourced from addresses not indicated anywhere.

If I have an access list including 192.168.1.0/24, and I get a packet sourced from 192.168.2.24, Continue reading

Heavy Networking 588: Exploring The Hidden Realms Of Subsea Cables With Telstra (Sponsored)

Subsea communications cables are an essential part of the global Internet. On today's Heavy Networking, sponsored by Telstra, we dive into the realms of undersea cables to learn how they are laid, signalling methods, POPs and landing stations, how they can be damaged (and repaired), and more. Our Telstra guests are Andy Lumsden, Head of Network Engineering and Operations; and Jeff McHardy, General Manager, Network Development and Commercial Management.

Heavy Networking 588: Exploring The Hidden Realms Of Subsea Cables With Telstra (Sponsored)

The post Heavy Networking 588: Exploring The Hidden Realms Of Subsea Cables With Telstra (Sponsored) appeared first on Packet Pushers.

The Data Driven Enterprise

The rise of cloud migration for enterprises with mission critical applications is redefining the data center. The reality for any enterprise: a systematic approach balancing workloads in the cloud and premises while securing data. Data and applications must be managed as critical assets in the 21^stcentury.

The Data Driven Enterprise

Installing fonts on your Linux system

Linux systems generally start out with a large number of fonts available, especially once you've installed LibreOffice. Even so, you might find yourself craving some highly distinctive or unusual fonts to add a special tone to some of your projects. If so, you're in luck. You're likely to find many thousands of free fonts available online – bold, italic, calligraphy, modern, script, hand lettering, cursive, brush lettering, symbolic and more.Here's a small sampling of popular sites that provide free fonts for easy downloading: dafont.com fontzone.net fonts.google.com fontspace.com You can also type "free fonts" into your favorite search engine. Expect to see a huge number of responses. Keep in mind that not all fonts are free, but plenty of free fonts are available, and they're easy to view, download and install.To read this article in full, please click here

Installing fonts on your Linux system

Tech Bytes: An IT Punch List For Reopening The Office (Sponsored)

If IT thinks it can take the office network out of mothballs and expect everything to be fine when employees show up, think again. On today's Tech Bytes podcast, sponsored by Netskope, guest Hansang Bae shares a punch list of tasks IT should complete before end users get back to the office.

Tech Bytes: An IT Punch List For Reopening The Office (Sponsored)

The post Tech Bytes: An IT Punch List For Reopening The Office (Sponsored) appeared first on Packet Pushers.

JFrog’s Private Distribution Network For Developers

DevOps platform provider JFrog is touting its new Private Distribution Network (PDN) as an “industry first,” because it allows DevOps teams to accelerate application updates through a lightweight solution that combines two network acceleration and optimization technologies —

Demo: Cloud Networking with Overlapping CIDR, L7 Firewalls, Segmentation, and Flow visibility

I created a live demo showing some cool capabilities of the Aviatrix Cloud Networking Platform. In this demo I play the role of a SaaS provider that onboards new customers via VPN, and needs to meet the following requirements:

Easily onboard new customers even if their IP addressing overlaps with the SaaS provider.
Provide secure segmentation and isolation between customers.
Easily insert next gen firewalls between the customers and the SaaS for deep packet inspection and threat analysis.
Have complete flow level visibility of customer network traffic, and operation tools to diagnose and troubleshoot problems.
Provide end-to-end encryption to secure sensitive data in flight.
And be able to meet all of these requirements using any cloud provider.

In the demo I show how easy it is to meet requirements like this using Aviatrix. And best of all, no matter which cloud provider(s) you’re using, the solution and architecture is exactly the same. This SaaS provider can use the services and global footprint of any or all cloud providers, and do it with consistent repeatable architecture.

You can leave comments on this post here: where I posted this on LinkedIN.

Is there a particular scenario you want to see in a Continue reading

The UEFA EURO 2020 final as seen online by Cloudflare Radar

Last night’s Italy-England match was a nail-biter. 1-1 at full time, 1-1 at the end of extra time, and then an amazing penalty shootout with incredible goalkeeping by Pickford and Donnarumma.

Cloudflare has been publishing statistics about all the teams involved in EURO 2020 and traffic to betting websites, sports newspapers, streaming services and sponsors. Here’s a quick look at some specific highlights from England’s and Italy’s EURO 2020.

Two interesting peaks show up in UK visits to sports newspapers: the day after England-Germany and today after England’s defeat. Looks like fans are hungry for analysis and news beyond the goals. You can see all the data on the dedicated England EURO 2020 page on Cloudflare Radar.

But it was a quiet morning for the websites of the England team’s sponsors.

Turning to the winners, we can see that Italian readers are even more interested in knowing more about their team’s success.

And this enthusiasm spills over into visits to the Italian team’s sponsors.

You can follow along on the dedicated Cloudflare Radar page for Italy in EURO 2020.

Visit Cloudflare Radar for information on global Internet trends, trending domains, attacks and usage statistics.

Designing Networks: From Tricycles to Aircraft Carriers

I planned to take my summer break seriously and stop blogging until late August, but then I shouldn’t have looked at my Twitter feed (my bad), where the AI algorithms selected just the right morsel to trigger the maximum rantiness. I would strongly recommend you read the original tweet and all the responses first – it looks like it was a serious suggestion, not a trolling exercise (here’s a copy of the original idea in case the tweets get lost in the mists of time).

Designing Networks: From Tricycles to Aircraft Carriers

Network Break 341: Ransomware Clobbers Kaseya Customers; HPE Buys Zerto For Cloud Data Protection

This week Network Break examines the fallout of the Kaseya breach, HPE's acquisitions of Zerto and Ampool to extend the value of its Greenlake platform, and Fortinet's purchase of a secure software development tool. We also discuss FTC accusations against Broadcom and what a court ruling could mean for Netflix and other content providers in South Korea.

Network Break 341: Ransomware Clobbers Kaseya Customers; HPE Buys Zerto For Cloud Data Protection

The post Network Break 341: Ransomware Clobbers Kaseya Customers; HPE Buys Zerto For Cloud Data Protection appeared first on Packet Pushers.

The Week in Internet News: Trump Sues Social Media Giants

A big-league lawsuit: Former U.S. President Donald Trump has filed a lawsuit against Facebook, Twitter, and YouTube for being kicked off the social media outlets for violating their terms of service, the Washington Post reports. Most legal experts say the lawsuit has little chance of success; the U.S. First Amendment protects people like Trump against […]

The post The Week in Internet News: Trump Sues Social Media Giants appeared first on Internet Society.

Survey: AIOps-driven network management can make your business run better

(Editor’s note: EMA has published “Revolutionizing Network Management with AIOps,” a report based on a survey of 309 network infrastructure and operations professionals who have experience with applying AIOps to network management. This article by EMA Vice President of Research Networking Shamus McGillicuddy further details the results of that report.)Enterprise network infrastructure and operations teams are increasingly recognizing the value of applying AIOps to network management, according to new market research from Enterprise Management Associates (EMA).To read this article in full, please click here

Survey: AIOps-driven network management can make your business run better

Practicing DevSecOps: Source Code Security Analysis

Developers need to think not only about the security of the digital infrastructure in use but also about the security of the code.

« Previous 1 … 688 689 690 691 692 … 3,832 Next »