Does EIGRP need defending? Can this protocol even be defended? Ethan Banks and Zig Zsiga debate the case for EIGRP and discuss major use cases, design considerations, scaling tips, and more.
The post Heavy Networking 565: In Defense Of EIGRP appeared first on Packet Pushers.
We made it through the year that was March 2020. Here were are on the other side trying to find out whatever this normal is supposed to look like. We’re not out of the woods yet but we do know that things aren’t going to be back to the way they were any time soon. That includes the events that we enjoyed traveling to and hanging out at.
Cisco Live has made the decision to go virtual again this year. One can’t blame them to be honest. Travel uncertainty and the potential liability of having a huge event just didn’t make sense. If you thought the old Conference Crud was bad you really don’t want this new-and-improved version! Cisco has also decided that one global event makes more sense than several events scattered across the calendar. That means that Cisco Live Europe and Cisco Live US are now global and happening at the end of March instead of January or June.
With the announcement that everything will be virtual again this year it also means that the social aspect of the event is going to be virtual as well. As much as we would have liked to hang out at Continue reading
Safe learning: The Nigeria Chapter of the Internet Society celebrated Safer Internet Day with workshops about online safety at schools across the country. Chapter representatives talked to students about several topics, including fake news, online scams, phishing, and clickbait. The two-day workshops included in-person events that complied with COVID-19 social distancing rules, and an online discussion.
Internet to the village: The Kyrgyzstan Chapter has been working to bring Internet access to the village of Zardaly, in a remote and mountainous region of the southwest region of the country. The project has begun with a detailed study of the area, after which radio translators will be ordered and installed. The chapter has also posted an update about its Ilimbox project, an Internet-in-a-box device that, contains basic educational materials available without an Internet connection. The device has now been installed in 20 schools.
No registration required: The Hong Kong Chapter is among a coalition of groups opposing a proposal from the Chinese government that would require users of smartphones to register using their real names. Real-time registration won’t be effective in fighting crime and could hinder scientific research, the chapter said. “The real-name system cannot prevent crimes committed by using overseas calls Continue reading
My name is Alice Bracchi, and I’m the technical and UX writer for Cloudflare for Teams, Cloudflare's Zero Trust and Secure Web Gateway solution.
Today I want to talk about product voice — what it is, why it matters, and how I set out to find a product voice for Cloudflare for Teams.
On the Cloudflare for Teams Dashboard (or as we informally call it, “the Teams Dash”), our customers have full control over the security of their network. Administrators can replace their VPN with a solution that runs on Zero Trust rules, turning Cloudflare's network into their secure corporate network. Customers can secure all traffic by configuring L7 firewall rules and DNS filtering policies, and organizations have the ability to isolate web browsing to suspicious sites.
All in one place.
As you can see, a lot of action takes place on the Teams Dash. As an interface, it grows and changes at a rapid pace. This poses a lot of interesting challenges from a design point of view — in our early days, because we were focused on solving problems fast, many of our experiences ended up feeling a bit disjointed. Sure, users were able to Continue reading
In the previous video in this series, I described how path discovery works in source routing and virtual circuit environments. I couldn’t squeeze the discussion of hop-by-hop forwarding into the same video (it would make the video way too long); you’ll find it in the next video in the same section.
In the previous video in this series, I described how path discovery works in source routing and virtual circuit environments. I couldn’t squeeze the discussion of hop-by-hop forwarding into the same video (it would make the video way too long); you’ll find it in the next video in the same section.
Curiefense is a new, open source Web application firewall designed for cloud-native environments. Currently a "sandbox" project in the Cloud Native Computing Foundation, Curiefense is now generally available.
The post Curiefense, A New Open Source Web App Firewall, Tackles Cloud-Native Security appeared first on Packet Pushers.
Martez Reed, Director of Technical Marketing at Morpheus Data, joins the Day Two Cloud podcast for a discussion. To hear this entire conversation, GO HERE. And hey, have a great day. You’re doing an outstanding job. ? You can subscribe to the Packet Pushers’ YouTube channel for more videos as they are published. It’s a […]
The post What Is Technical Marketing??? – Video appeared first on Packet Pushers.
Flexibility is a kind of strength. It is just more subtle than brute force. …
The Future Of Infrastructure Is Fluid was written by Timothy Prickett Morgan at The Next Platform.
Combining, or stitching together, open source projects to build something unique for your network is becoming more common. What does this look like in the real world? What are some of the positive and negative aspects of building things this way? How do open source projects interact with the commercial world? Daniel Teycheney joins Tom Ammon, Jett Tantsura, and Russ White to discuss open source software in networking, particularly around network monitoring and management.
Next week, on Thursday March 11th, 2021 (8am PST/5pm CET) we’ll be hosting our next quarterly Docker Community All-Hands. This free virtual event, open to everyone, is a unique opportunity for Docker staff and the broader Docker community to come together for company and product updates, live demos, community presentations and a live Q&A.
As luck would have it, this All-Hands will coincide almost to the day with Docker’s 8th birthday (yay!). To mark the occasion, we’re going to make this event extra special by introducing :
We’re also really excited about the new video platform we’ll be using that makes it much easier for attendees to engage/connect/share with each other.
Seismic processing and analysis at scale take scalable HPC resources but also need an analytics backend that can scale with massive datasets. …
ConocoPhillips Sparks Tooling For Seismic HPC, Cloud, AI/ML was written by Nicole Hemsoth at The Next Platform.
We have been working with conntrack, the connection tracking layer in the Linux kernel, for years. And yet, despite the collected know-how, questions about its inner workings occasionally come up. When they do, it is hard to resist the temptation to go digging for answers.
One such question popped up while writing the previous blog post on conntrack:
“Why are there no entries in the conntrack table for SYN packets dropped by the firewall?”
Ready for a deep dive into the network stack? Let’s find out.
We already know from last time that conntrack is in charge of tracking incoming and outgoing network traffic. By running conntrack -L we can inspect existing network flows, or as conntrack calls them, connections.
So if we spin up a toy VM, connect to it over SSH, and inspect the contents of the conntrack table, we will see…
$ vagrant init fedora/33-cloud-base
$ vagrant up
…
$ vagrant ssh
Last login: Sun Jan 31 15:08:02 2021 from 192.168.122.1
[vagrant@ct-vm ~]$ sudo conntrack -L
conntrack v1.4.5 (conntrack-tools): 0 flow entries have been shown.
… nothing!
Even though the conntrack kernel Continue reading
A few months ago I described how you could use JSON Schema to validate your automation data models, host/group variable files, or even Ansible inventory file.
I had to use a weird toolchain to get it done – either ansible-inventory to build a complete data model from various inventory sources, or yq to convert YAML to JSON… and just for the giggles jsonschema CLI command requires the JSON input to reside in a file, so you have to use a temporary file to get the job done.
A few months ago I described how you could use JSON Schema to validate your automation data models, host/group variable files, or even Ansible inventory file.
I had to use a weird toolchain to get it done – either ansible-inventory to build a complete data model from various inventory sources, or yq to convert YAML to JSON… and just for the giggles jsonschema CLI command requires the JSON input to reside in a file, so you have to use a temporary file to get the job done.
Phishing attacks have become more prominent and prevalent in recent years. In particular, our research into the cyber threat landscape over the last few months has shown a dramatic increase in the volume of phishing campaigns observed by our customers.
The most basic way to detect phishing is by using blacklists of phishing URLs. However, our research showed that, in many cases, the lifetime of phishing URLs is less than 24 hours, which renders the blacklist approach largely ineffective.
At VMware, we use multiple approaches to detect phishing attacks. The one we’ve found to be the most promising uses visual representation of the website to recognize phishing. In this blog post, we’ll discuss how this approach works in greater detail. If you need an overview of the more general idea behind phishing detection using image similarity, visit our previous blog post.
As one part of VMware’s phishing detection, we store information about the visual representation of every analyzed URL: that is, we calculate perceptual hashes of the screenshots Continue reading