NetworkingNexus.net

Announcing API Abuse Detection

APIs are incredibly important. Throughout the 2000s, they formed the backbone of popular web services, helping the Internet become more useful and accessible. In the 2010s, APIs played a larger role in our lives, allowing personal devices to communicate with the digital world. Many of our daily activities, like using rideshare services and paying for lattes, are dependent on this form of modern communication. Now we are approaching a post-pandemic world in which APIs will be more important than ever.

Unfortunately, as any technology grows, so does its surface area for abuse. APIs are no exception. Competing rideshare services might monitor each other’s prices via API, spawning a price war and a waste of digital resources. Or a coffee drinker might manipulate an API for a latte discount. Some companies have thousands of APIs — including ones that they don’t even know about. Cloudflare can help solve these problems.

Today, we are announcing early access to API Discovery and API Abuse Detection.

Background

Before going further, it’s important to explain why we need a solution for APIs. Traditional security tools, including Rate Limiting and DDoS Protection, can be wonderfully useful. But these approaches were not built to act Continue reading

Mitigating Bot Attacks against Cloudflare

The word “bots” on the Internet is a fairly loaded one. My earliest ‘bot’ experience was on IRC, where bots were quite helpful in making sure your favorite channel didn’t get taken over by malicious users and allowed for fun games of trivia. Around five years ago, “bots” were often referencing text chats in combination with AI and messaging platforms/apps as a new way to interact with customers. Today most of the connotations around bots on the Internet, particularly in the security space, are negative and we have a number of vendors offering new ways to detect and block bots.

In its most simple form, a bot is an automated piece of software that replaces human interaction. In the examples above, this is done so we can scale a process to be faster or more extensive than a single manual action. Search Engine bots exist because it is impossible (or at the very least, impractical) to crawl the Internet one curl at a time. The benefit of scale can be used for both good and for bad, by attacking a property on the Internet. Bots are used for attacks at scale — they can be deployed to attack an Continue reading

Interview: Will AI Replace the Networking Engineers?

In the second half of my chat with David Bombal we focused on automation and AI in networking. Even though we discussed many things, including the dangers of doing a repeatable job, and how to make yourself unique, David chose a nice click-bait headline Will AI Replace the Networking Engineers?. According to Betteridge’s law of headlines the answer is still NO, but it’s obvious AI will replace the low-level easy-to-automate jobs (as textile workers found out almost 200 years ago).

While pondering that statement, keep in mind that AI is more than just machine learning (the overhyped stuff). According to one loose definition, “Artificial intelligence (AI) refers to the simulation of human intelligence in machines that are programmed to think like humans and mimic their actions”

Full disclosure: the web site with this definition had and ad for Lego Friends set next to it, making it extra-trusty. I couldn’t find a similarly oversimplified definition on Wikipedia… probably for a good reason.

Interview: Will AI Replace the Networking Engineers?

Deep Dive Into AMD’s “Milan” Epyc 7003 Architecture

The “Milan” Epyc 7003 processors, the third generation of AMD’s revitalized server CPUs, is now in the field, and we await the entry of the “Ice Lake” Xeon SPs from Intel for the next jousting match in the datacenter to begin. …

Deep Dive Into AMD’s “Milan” Epyc 7003 Architecture was written by Timothy Prickett Morgan at The Next Platform.

Finding the Right Balance of On-Site and At-Home IT Workers

Some IT staffers don't want to come back to the office, while others can't wait to return. Here's how IT leaders can plan for a split workforce in a post-pandemic workplace.

How to Find Reviews on Amazon?

Amazon, the company that formerly started as an online book store, has become one of the most influential companies around the globe. Over the last decade, the company has managed to expand its dealership by stepping into different sectors. Today, Amazon is recognized, as one of the leading e-commerce stores that have outshined Walmart, thus taking away its title as Americas most valued retailer. From creating a mega e-market to boosting digital streaming and AI, it has positioned itself as one of the most prominent profit-making megacorps, followed by Facebook and Google.

The speedy delivery system and product credibility are two factors that have won amazon roughly around hundred million followers universally. With the advancement in technology and high availability of online marketplaces, people find it convenient to order stuff online than buying it physically. In this case, Amazon has become the most preferred and trusted e-commerce site among the masses.

How to Find My Reviews on Amazon?

To have full access on the website, like any other user you must have created an Amazon account to make your purchases. Also, upon quick package delivery and blue ribbon product quality, it is a common practice to do the five-star rating. Continue reading

5G: Time to get real about what it will be used for

We all know the old saw about pushing a strand of spaghetti uphill, and I’ve got to wonder whether that’s what we’re now doing with 5G. 5G resources What is 5G? Fast wireless technology for enterprises and phones How 5G frequency affects range and speed Private 5G can solve some problems that Wi-Fi can’t Private 5G keeps Whirlpool driverless vehicles rolling 5G can make for cost-effective private backhaul CBRS can bring private 5G to enterprises First, 5G is going to happen because of the orderly process of modernizing wireless networks. It doesn’t need “justifying”. The problem is that vendors want 5G to be revolutionary and transformational, rather than orderly. Second, that need to seem revolutionary has pushed 5G stories to the boundaries of sensibility.To read this article in full, please click here

IDC: Moving to the cloud could save 1B+ metric tons of CO2 emissions

IDC has released a new study, the first of its kind, that predicts that cloud computing could help to prevent more than one billion metric ton of carbon dioxide (CO2) emissions in the next three years.The forecast uses IDC data on server distribution and cloud and on-premises software use along with third-party information on data center power usage, carbon dioxide emissions per kilowatt-hour, and emission comparisons of cloud and non-cloud data centers.[Get regularly scheduled insights by signing up for Network World newsletters.] IDC's forecast includes upper and lower bounds for the estimated reduction in emissions. If the percentage of green cloud data centers today stays where it is, just the migration to cloud itself could save 693 million metric tons over the four-year time period.To read this article in full, please click here

IDC: Moving to the cloud could save 1B+ metric tons of CO2 emissions

A Tale of Two Network Automation Surveys

The 2020 results of the NetDevOps Survey are out! This was the third time the survey was conducted and was targeted to the network automation community. But first, a huge shout out to the team that led this effort again (Damien Garros and Francois Caen). The survey was 100% community-driven, and I thank them for allowing me to be a part of the team, and to provide feedback to existing and new questions.

This survey is a good representation of how network operators and network engineers are utilizing automation to get their jobs done, but largely without management buy-in or a proactive automation strategy. This blog is largely my hot take on the results, as seen through the lens of my history at Red Hat as an Ansible Product Manager helping to get network automation as an official commercial use case off the ground. I’m going to compare and contrast the survey questions and results between the most recent NetDevOps survey and the Enterprise Management Associates (EMA) Enterprise Network Automation for 2020 and Beyond results that Red Hat sponsored back in 2019.

Here are the main ideas I gleaned:

Ansible continues to be the de-facto network (and more) automation language.
Continue reading

In Yucatán, Mexico, IXSY Gets Its Watershed Moment

Despite being the second-most populated country in Latin America, with significant Internet consumption, by the end of 2019 Mexico only had one established Internet exchange point (IXP) – CITI, in three locations (Mexico City, Querétaro, and Tultitlán). In comparison, Argentina and Brazil have more than 30 points each.

In Mexico’s southeastern region – which has the country’s highest poverty rates and lowest connectivity – there were none. This prompted a committed group of people in the State of Yucatán to set out to create an IXP in 2014.

Their efforts intensified in April 2018, with the signing of the founding act for the Internet Exchange Services Yucatán (IXSY), a nonprofit association to administer the node in Yucatán.

In May 2018, the First National IXP Forum was organized. There, IXSY gained the support of Yucatan’s state government. But in July, that government lost the state elections, putting the project on pause.

Still, the new government didn’t take long to see the project’s relevance, says Carmen Denis Polanco, director of the IXSY. “It is beautiful and valuable that it did not become a political issue, but something that was important for the state. A new team of people was formed that could Continue reading

The World Has Changed – Why Haven’t Database Designs?

It seems like a question a child would ask: “Why are things the way they are?” …

The World Has Changed – Why Haven’t Database Designs? was written by Avishai Ish-Shalom at The Next Platform.

Memory Forensics for Virtualized Hosts

Detecting In-Memory Malware Threats

Memory analysis plays a key role in identifying sophisticated malware in both user space and kernel space, as modern threats are often file-less, operating without creating a file system artifact.

The most effective approach to the detection of these sophisticated malware components is to install on the protected operating system an agent that continuously monitors the OS memory for signs of compromise. However, this approach has a number of drawbacks. First, the agent introduces a constant overhead in the monitored OS — caused by both the resources used by the agent process (e.g., CPU, memory) and the instrumentation used to capture relevant events (e.g., API hooking). Second, a malware sample can detect the presence of an agent and attempt to either disable the agent or evade detection. Third, depending on how it is deployed, the agent not have access to specific portions of the user-space and kernel-space memory, and, as a consequence, may miss important evidence of a compromise. Finally, deploying, maintaining, and updating agents on every endpoint can be challenging, especially in heterogeneous deployments where multiple versions of different operating systems and architectures coexist.

A complementary approach to the detection of Continue reading

IPv6 Buzz 072: NIST And Testing IPv6 Interoperability

Today's IPv6 Buzz guest, Doug Montgomery, is manager of Internet and scalable systems research at the National Institute of Standards and Technology (NIST), which has been critical in helping standardize IPv6 interoperability standards and testing.

IPv6 Buzz 072: NIST And Testing IPv6 Interoperability

The post IPv6 Buzz 072: NIST And Testing IPv6 Interoperability appeared first on Packet Pushers.

Open source, programmability, and as-a-service to play a big role in future networks

Networks of the not-to-distant future could feature many more open-source software components, advanced programmability, and be delivered as-a-service, according to experts speaking at the Future:Net 2021 symposium.Attendees of the virtual event heard predictions from vendors such as Cisco, Google, and Microsoft as well as academics and analyst firms such as Gartner and 451 Research. Who's selling SASE, and what do you get? A key theme from many of the speakers was that networks and networking technology of the future will feature way more software controls and programmability than most enterprise customers see in their environments today. To read this article in full, please click here

Open source, programmability, and as-a-service to play a big role in future networks

Page Shield: Protect User Data In-Browser

Today we're excited to introduce Page Shield, a client-side security product customers can use to detect attacks in end-user browsers.

Starting in 2015, a hacker group named Magecart stole payment credentials from online stores by infecting third-party dependencies with malicious code. The infected code would be requested by end-user browsers, where it would execute and access user information on the web page. After grabbing the information, the infected code would send it to the hackers, where it would be resold or used to launch additional attacks such as credit card fraud and identity theft.

Since then, other targets of such supply chain attacks have included Ticketmaster, Newegg, British Airways, and more. The British Airways attack stemmed from the compromise of one of their self-hosted JavaScript files, exposing nearly 500,000 customers’ data to hackers. The attack resulted in GDPR fines and the largest class-action privacy suit in UK history. In total, millions of users have been affected by these attacks.

Writing secure code within an organization is challenging enough without having to worry about third-party vendors. Many SaaS platforms serve third-party code to millions of sites, meaning a single compromise could have devastating results. Page Shield helps customers monitor these potential Continue reading

Protecting Cloudflare Customers from BGP Insecurity with Route Leak Detection

Border Gateway Protocol (BGP) route leaks and hijacks can ruin your day — BGP is insecure by design, and incorrect routing information spreading across the Internet can be incredibly disruptive and dangerous to the normal functioning of customer networks, and the Internet at large. Today, we're excited to announce Route Leak Detection, a new network alerting feature that tells customers when a prefix they own that is onboarded to Cloudflare is being leaked, i.e., advertised by an unauthorized party. Route Leak Detection helps protect your routes on the Internet: it tells you when your traffic is going places it’s not supposed to go, which is an indicator of a possible attack, and reduces time to mitigate leaks by arming you with timely information.

In this blog, we will explain what route leaks are, how Cloudflare Route Leak Detection works, and what we are doing to help protect the Internet from route leaks.

What are route leaks and why should I care?

A route leak occurs when a network on the Internet tells the rest of the world to route traffic through their network, when the traffic isn’t supposed to go there normally. A great example of this Continue reading

« Previous 1 … 799 800 801 802 803 … 3,878 Next »