What’s the Most Secure Network of Them All?

You’re standing in front of three doors. Door number one is big, tall, and sturdy. Nothing fancy, but seemingly safe. Door number two has more bells and whistles, fancy engravings, and twice the number of locks. Elevated security for sure, but you suspect more form over function, so you’re not entirely sold. Door number three features a winning combination of practicality and advanced locks. This one has to be the best choice, right?

You can’t see behind any door, so your choice is limited to inference. That’s frustrating. Today, choosing the right security solution for your business is no different. Bells and whistles can distract us from our core objective of ultimate, unwavering security. And old reliable doesn’t seem capable of repelling an onslaught of modern threats and distributed exposures.

Organizations need to make the right network security choice to successfully secure their networks in a highly dynamic, distributed world where it’s not a matter of if intruders will get in, but when. Turns out, the right approach is as much about philosophy as it is about technology: trust no one. But, before we get into the relationship between trust and better security, let’s begin with a review of how Continue reading

Friday Thoughts on Going Back To the Office

EmptyOffice

We’re halfway through 2021 and it’s been going better than last year. Technology seems to be rebounding and we’re seeing companies trying to find ways to get employees to come back into the office. Of course, that is being met head on by the desire to not go back at all and continue to do the job from home that has been done over the past year. Something is going to have to give and I don’t know what that might be.

Working from home is comfortable for sure. And the lack of schedule means that people are unknowingly putting in hours beyond what they normally would at the office. At least in the office you can walk away from your desk at the end of the day.
Unlimited PTO and flexible work schedules sound great in theory. Except not tracking your PTO hours also means you don’t accrue them. You don’t get paid for time you don’t take off. And a flexible work schedule sounds great in theory but reality says that you’re not likely to get much support if you suddenly decide you want to work noon to 10pm Hawaiian time. Flexible really means “work longer than normal”.
Continue reading

Weekend Reads 070221

Many ISPs in the Asia Pacific region use MikroTik RouterOS to provide access to their customers via PPPoE (please get on board with IPv6!), and some use MikroTik for their edge/core routers as well.

In the reorganization that relatively new chief executive officer and formerly not only Intel’s first chief technology officer (in 2001) and also the first general manager (in 2005) of its Digital Enterprise Group, the company’s first implementation of Data Center Group.

Let’s begin with the obvious, uncontested fact: the number of ransomware attacks is going up because companies are paying the ransoms.

The 2020 calendar year will long be remembered as an annus horribilis for most, except for a handful of technology companies that reaped the rewards of a global shift to remote work with successful initial public offerings (IPOs).

In 2021, the high-end TV landscape is just as confusing to new buyers as ever. There’s a bunch of new televisions to consider, a raft of technical-sounding features — 8K, HDR, Ultra HD 4K, 120Hz and HDMI 2.1 — and a stable of familiar brand names competing for your dollar.

Windows 11 adds several unexpected new features, including Android apps, a revised Start Menu Continue reading

What’s AWS Conveying With Its Acquisition of Wickr?

As it looks to differentiate its service, AWS focuses on privacy and encryption with its acquisition of Wickr, which is known for its privacy features

Heavy Networking 586: Virtualizing And Accelerating 5G RAN With 3rd Gen Intel® Xeon (Sponsored)

Today's Heavy Networking, sponsored by Intel, dives into 5G, virtualization, and AI. Intel's 3rd Gen Xeon processors can support a variety of use cases, including running virtualized network functions in the data center, at the edge, and in the cloud. They also have built-in acceleration for AI and cryptography, giving organizations a flexible platform for a variety of workloads, including service providers building out 5G networks. Our guest is Cristina Rodriguez, Vice President Data Center Group General Manager Wireless Access Network Division at Intel.

Heavy Networking 586: Virtualizing And Accelerating 5G RAN With 3rd Gen Intel® Xeon (Sponsored)

The post Heavy Networking 586: Virtualizing And Accelerating 5G RAN With 3rd Gen Intel® Xeon (Sponsored) appeared first on Packet Pushers.

Restart VMware Network Adapters From PowerShell

I have an annoying issue. After my laptop goes to sleep, the network adapters for my VMware virtual machines stop working. In this post i'll show you how to use PowerShell to kick them in the guts and get them going again. How Open up a PowerShell window as Administrator and run the ...continue reading

How to Build a Better Security Posture Post-Pandemic

What a whirlwind of a year it has been! Covid has accelerated digital transformation — but also made painfully obvious the data center’s continuing security vulnerabilities. We’ll explore VMware’s data center security insights and solutions at RSA Conference 2021.

Ah, 2020, a year we won’t soon forget. Initially, I know a lot of us had planned to work from home more frequently, given our ability to be physically anywhere with internet access, but who would have thought we would be forced to? I’m thankful we are in an industry that supports and encourages us to be mindful of our health and safety. And so, while conferences like Black Hat and DEFCON (“hacker summer camp”) are moving towards a hybrid model allowing a limited number of attendees to be physically present, I am choosing to stay home and participate remotely.

Why We’re Here

I am confident the underlying theme of the ’cons this year will be how the global pandemic, by requiring us to socially isolate, has forced innovation in the way we work. This has had a profound impact on the industry — accelerating us into a digital transformation that relies on cloud and other technologies. A transformation a lot Continue reading

CDNs and Centrality

There are a couple of issues with the global CDN market that the June outages in Akamai and Fastly have highlighted. It's time we talked about them.

Upgrading my desktop PC

I built my current desktop PC in 2014. A second SSD was added in 2015. The motherboard and the power supply were replaced after a fault¹ in 2016. The memory was upgraded in 2018. A discrete AMD GPU was installed in 2019 to drive two 4K screens. An NVMe disk was added earlier this year to further increase storage performance. This is a testament to the durability of a desktop PC compared to a laptop: it’s evolutive and you can keep it a long time.

While fine for most usage, the CPU started to become a bottleneck during video conferences.² So, it was set for an upgrade. The table below summarizes the change. This update cost me about 800 €.

	Before	After
CPU	Intel i5-4670K @ 3.4 GHz	AMD Ryzen 5 5600X @ 3.7 GHz
CPU fan	Zalman CNPS9900	Noctua NH-U12S
Motherboard	Asus Z97-PRO Gamer	Asus TUF Gaming B550-PLUS
RAM	2×8 GB + 2×4 GB DDR3 @ 1.6 GHz	2×16 GB DDR4 @ 3.6 GHz
GPU	Asus Radeon PH RX 550 4G M7	←
Disks	500 GB Crucial P2 NVMe 256 GB Samsung SSD 850 256 GB Samsung SSD 840	←
PSU	be quiet! Pure Power CM L8 @ 530 W	←
Case	Antec P100	←

According to some Continue reading

Cracking WPA/WPA2 Pre-shared Key Using GPU

The WPA/WPA2 4-way authentication handshake between AP (authenticator) and client (supplicant) is used to generate encryption keys. These keys are then used to encrypt data sent over wireless medium. In the previous tutorial, we installed the aircrack-ng suite to capture and crack the 4-way authentication handshake to obtain passphrase needed to access a wireless network. […]
Continue reading...

10 competitors Cisco just can’t kill off

In compiling this iteration of our list of competitors Cisco can’t kill off, one thing is clear: The competition is fierce amongst the bigger players.Nearly all the networking giant’s competitors have refreshed their product lines or bought into technology to compete more closely with Cisco. But that’s not to say Cisco has been sitting still by any means.The 10 most powerful companies in enterprise networking 2021 The company has expanded and refreshed its core Catalyst, Nexus and Silicon One networking gear and made major strides in security and software. Going forward, it wants to lead the industry in network-as-a-service.To read this article in full, please click here

10 competitors Cisco just can’t kill off

IPv6 Buzz 079: IPv6 In The Data Center

In this week's IPv6 Buzz podcast, we explore IPv6 in the data center with guest Jeff Tantsura. Jeff is formerly head of Network Strategy with Juniper/Apstra, and now with Microsoft Azure. We explore IPv6 use cases in the data center, reasons for and challenges of assigning a /64 per host, leveraging IPv6 flow labels to improve data center fabric performance, and more.

IPv6 Buzz 079: IPv6 In The Data Center

The post IPv6 Buzz 079: IPv6 In The Data Center appeared first on Packet Pushers.

Rethinking Broadband Access Options as Operators Drive 10G PON Deployments

IT managers stand to gain faster, symmetric services as fiber network spending climbs.

Service Mapping with BGP Classful Transport – Kaliraj Vairavakkalai, Principal Engineer @ Juniper Networks

In this episode Kaliraj will explain to us what BGP Classful Transport (BGP-CT) is and how it works. BGP-CT is a mechanism, referred to as “service mapping”, to express association of overlay routes with underlay routes satisfying a certain SLA, using BGP. It is a framework for classifying underlay routes into transport classes, and mapping service routes to specific transport class.
The “Transport class” construct maps to a desired SLA, and can be used to realize the “Topology Slice” in 5G Network slicing architecture.

BGP-CT is still work in progress in IETF. The draft can be found here: https://datatracker.ietf.org/doc/draft-kaliraj-idr-bgp-classful-transport-planes/
The authors welcome feedback and input for the draft.

Graphcore Right on the Money in First MLPerf Appearance

When it comes to a silicon startup bringing a product to market in a tough competitive landscape, nothing is easy. …

Graphcore Right on the Money in First MLPerf Appearance was written by Nicole Hemsoth at The Next Platform.

Nginx reverse proxy and Webmin

Before going into “How” you may wonder “Why” I need a reverse proxy in front of Webmin. First, and most important, is laziness. Yes, you read it right. I have in my home lab a one page html listing all http(s) resources I have in my IT lab. Instead of typing numerous URLs I just … Continue reading

It’s Raining Beacons: Automated Generation of Cobalt Strike Traffic

Introduction

Cobalt Strike [1] is a tool to support red teams in attack simulation exercises. To this end, Cobalt Strike provides several techniques that allow a red team to execute targeted attacks to compromise a target network, established a bridge head on a host, and then move laterally to gain additional access to computers, accounts, and, eventually, data.

While the goal of Raphael Mudge, the author of Cobalt Strike, was to provide a framework to test network defenses to support the development of effective detection mechanisms and incident response procedures, the power provided by the tools was not lost on malicious actors (see, for example, [2]).

Soon, Cobalt Strike was copied, modified, and included in the toolset used in attacks against targets of all kinds. For example, recently Cobalt Strike was used as part of both the SolarWinds supply-chain attack [3] and the ransomware attacks against Colonial Pipeline [4]. The tool is so popular that there are Telegram channels and GitHub repositories dedicated to obtaining or producing modified, pirated copies of the Cobalt Strike software [5].

Given its “dual nature” and wide adoption by both sides of the security battlefield, it is not surprising that security teams struggle to develop Continue reading

« Previous 1 … 695 696 697 698 699 … 3,835 Next »