Solving Microservices Connectivity Issues with Network Logs

The network is foundational to distributed application environments. A distributed application has multiple microservices, each running in a set of pods often located on different nodes. Problem areas in a distributed application can be in network layer connectivity (think network flow logs), or application resources unavailability (think metrics), or component unavailability (think tracing). Network layer connectivity can be impacted by various factors such as routing configuration, IP pool configuration, network policies, etc. When service A cannot talk to service B over the network, or an external application cannot connect to service A, network logs become an essential source of historical data needed for troubleshooting connectivity issues. Just like in a traditional network, network logs enable cluster administrators to monitor the Kubernetes microservices network.

 

 

Network Logs Can Address Multiple Use Cases

Network logs can be used to serve the unique requirements of different teams (DevOps, SecOps, Platform, Network). The value of Kubernetes network logs resides in the information collected, such as detailed context about endpoints (e.g., pods, labels, namespaces) and the network policies deployed in configuring the connection. Within the IT estate, DevOps, SecOps, Network and Platform teams can use network logs to address use cases that Continue reading

Yes, we can validate leaked emails

When emails leak, we can know whether they are authenticate or forged. It's the first question we should ask of today's leak of emails of Hunter Biden. It has a definitive answer.

Today's emails have "cryptographic signatures" inside the metadata. Such signatures have been common for the past decade as one way of controlling spam, to verify the sender is who they claim to be. These signatures verify not only the sender, but also that the contents have not been altered. In other words, it authenticates the document, who sent it, and when it was sent.

Crypto works. The only way to bypass these signatures is to hack into the servers. In other words, when we see a 6 year old message with a valid Gmail signature, we know either (a) it's valid or (b) they hacked into Gmail to steal the signing key. Since (b) is extremely unlikely, and if they could hack Google, they could a ton more important stuff with the information, we have to assume (a).

Your email client normally hides this metadata from you, because it's boring and humans rarely want to see it. But it's still there in the original email document. An email Continue reading

Best of Fest: AnsibleFest 2020

Thank you to everyone who joined us over the past two days for the AnsibleFest 2020 virtual experience. We had such a great time connecting with Ansible lovers across the globe. In case you missed some of it (or all of it), we have some event highlights to share with you! If you want to go see what you may have missed, all the AnsibleFest 2020 content will be available on demand for a year. 

 

Community Updates

This year at AnsibleFest 2020, Ansible Community Architect Robyn Bergeron kicked off with her keynote on Tuesday morning. We heard how with Ansible Content Collections, it’s easier than ever to use Ansible the way you want or need to, as a contributor or an end user. Ansible 2.10 is now available, and Robyn explained how the feedback loop got us there. If you want to hear more about the Ansible community project, go watch Robyn’s keynote on demand

 

Product Updates

Ansible’s own Richard Henshall talked about the Red Hat Ansible Automation Platform product updates and new releases. In 2018, we unveiled the Ansible certified partner program and now we have over 50 platforms certified. We are bridging traditional Continue reading

Sponsored Post: IP2Location, Ipdata, StackHawk, InterviewCamp.io, Educative, Triplebyte, Stream, Fauna

Who's Hiring? 

  • InterviewCamp.io has hours of system design content. They also do live system design discussions every week. They break down interview prep into fundamental building blocks. Try out their platform.

  • Triplebyte lets exceptional software engineers skip screening steps at hundreds of top tech companies like Apple, Dropbox, Mixpanel, and Instacart. Make your job search O(1), not O(n). Apply here.

  • Need excellent people? Advertise your job here! 

Cool Products and Services

  • IP2Location is IP address geolocation service provider since 2002. The geolocation database or API detects location, proxy and other >20 parameters. The technology has been cited in more than 700 research papers and trusted by many Fortune 500 companies. Try it today!

  • ipdata is a reliable IP Address Geolocation API that allows you to lookup the approximate location of any IP Address, detect proxies and identify a company from an IP Address. Trusted by 10,000+ developers. Try it now!

  • Developers care about shipping secure applications. Application security products and processes, however, have not kept up with advances in software development. There are a new breed of tools hitting the market that enable developers to take the lead on AppSec. Learn how Continue reading

Evolution of Excel 4.0 Macro Weaponization – Continued

Introduction 

The evolution of the Excel 4.0 (XL4) macro malware proceeds apace, with new variations and techniques regularly introducedTo understand the threat landscape, the VMware NSBU Threat Analysis Unit extended its previous research on XL4 macro malware (see the previous blog) to analyze new trends and techniques.  

Against analysis engines, the new samples have some novel evasion techniques, and they perform attacks more reliably. These variants were observed in June and July. Figure 1 depicts the Excel 4.0 macro malware wave.  

Figure 1: Malicious XL4 submission: May-Aug 2020 

Broadly, the samples can be categorized into three clusters. Based on the variation of the samples in these three clustersthe weaponized documents can be grouped into multiple variants. 

Cluster 1: Relative Reference   

The samples in this cluster appeared in the month of June. They use FORMULA.FILL for obfuscation and to move the payload around the sheet. The formula uses relative references to access values stored in the sheet. There are variations in this category; Continue reading

Where Service Mesh and SmartNICs Meet

Intel sponsored this post. Smart Network Interface Controllers (SmartNICS) puts the service mesh at center stage where the network and the application layer meet. The new dimensions that come with the integration of hardware and software is ushering in a new generation of capabilities such as cryptographic operations and new approaches to resource utilization. At VMworld last month, VMware featured SmartNICs as part of

Member News: Haitian Chapter Calls for More Community Networks

From the community: The Haiti Chapter of the Internet Society recently posted a video advocating for more community networks in the country. Internet access is a necessity during the COVID-19 health emergency, the Chapter said. Still, there is a challenge of providing access in rural areas of the country. The Chapter wants a plan that allows communities to build their own networks “where it is not yet economically viable for Internet service providers” to offer broadband service.

Going to school: The Kyrgyzstan Chapter has provided an update about its very active ilimBox project, which provides an Internet-in-a-box service to schools in the country. In late August, the ilimBox team, with the financial support of the European Union, installed 22 ilimBox devices in the border villages of Batken region.

Don’t split the Internet: The Greater Washington, D.C., Chapter has voiced opposition to U.S. President Donald Trump’s plans to ban Chinese apps TikTok and WeChat from the U.S. The Chapter is “against breaking the Internet,” it wrote. The proposed ban “undermines the foundations of the Internet.” The Chapter’s statement echoes the position of the Internet Society as a whole.

Safety first: The St. Vincent and the Grenadines Continue reading

Introducing Cloudflare One Intel

Introducing Cloudflare One Intel
Introducing Cloudflare One Intel

Earlier this week, we announced Cloudflare One, a single platform for networking and security management. Cloudflare One extends the speed, reliability, and security we’ve brought to Internet properties and applications over the last decade to make the Internet the new enterprise WAN.

Underpinning Cloudflare One is Cloudflare’s global network - today, our network spans more than 200 cities worldwide and is within milliseconds of nearly everyone connected to the Internet. Our network handles, on average, 18 million HTTP requests and 6 million DNS requests per second. With 1 billion unique IP addresses connecting to the Cloudflare network each day, we have one of the broadest views on Internet activity worldwide.

We see a large diversity of Internet traffic across our entire product suite. Every day, we block 72 billion cyberthreats. This visibility provides us with a unique position to understand and mitigate Internet threats, and enables us to see new threats and malware before anyone else.

At the beginning of this month, as part of our 10th Birthday Week, we launched Cloudflare Radar, which shares high-level trends with the general public based on our network’s aggregate data. The same data that powers that view of the Internet also Continue reading

The OSI model explained and how to easily remember its 7 layers

The Open Systems Interconnect (OSI) model is a conceptual framework that describes networking or telecommunications systems as seven layers, each with its own function.The layers help network pros visualize what is going on within their networks and can help network managers narrow down problems (is it a physical issue or something with the application?), as well as computer programmers (when developing an application, which other layers does it need to work with?). Tech vendors selling new products will often refer to the OSI model to help customers understand which layer their products work with or whether it works “across the stack”. [ Related: What is IPv6, and why aren’t we there yet? ] The 7 layers of the OSI model The layers are: Layer 1—Physical; Layer 2—Data Link; Layer 3—Network; Layer 4—Transport; Layer 5—Session; Layer 6—Presentation; Layer 7—Application.To read this article in full, please click here

The OSI model explained (and how to easily remember) the 7-layer network model

When most non-technical people hear the term “seven layers”, they either think of the popular Super Bowl bean dip or they mistakenly think about the seven layers of Hell, courtesy of Dante’s Inferno (there are nine). For IT professionals, the seven layers refer to the Open Systems Interconnection (OSI) model, a conceptual framework that describes the functions of a networking or telecommunication system.The model uses layers to help give a visual description of what is going on with a particular networking system. This can help network managers narrow down problems (Is it a physical issue or something with the application?), as well as computer programmers (when developing an application, which other layers does it need to work with?). Tech vendors selling new products will often refer to the OSI model to help customers understand which layer their products work with or whether it works “across the stack”.To read this article in full, please click here

Introducing WARP for Desktop and Cloudflare for Teams

Introducing WARP for Desktop and Cloudflare for Teams
Introducing WARP for Desktop and Cloudflare for Teams

Cloudflare launched ten years ago to keep web-facing properties safe from attack and fast for visitors. Cloudflare customers owned Internet properties that they placed on our network. Visitors to those sites and applications enjoyed a faster experience, but that speed was not consistent for accessing Internet properties outside the Cloudflare network.

Over the last few years, we began building products that could help deliver a faster and safer Internet to everyone, not just visitors to sites on our network. We started with the first step to visiting any website, a DNS query, and released the world’s fastest public DNS resolver, 1.1.1.1. Any Internet user could improve the speed to connect to any website simply by changing their resolver.

While making the Internet faster for users, we also focused on making it more private. We built 1.1.1.1 to accelerate the last mile of connections, from user to our edge or other destinations on the Internet. Unlike other providers, we did not build it to sell ads.

Last year we went one step further to make the entire connection from a device both faster and safer when we launched Cloudflare WARP. With the push of a Continue reading

Cloudflare Gateway now protects teams, wherever they are

Cloudflare Gateway now protects teams, wherever they are
Cloudflare Gateway now protects teams, wherever they are

In January 2020, we launched Cloudflare for Teams—a new way to protect organizations and their employees globally, without sacrificing performance. Cloudflare for Teams centers around two core products - Cloudflare Access and Cloudflare Gateway.

In March 2020, Cloudflare launched the first feature of Cloudflare Gateway, a secure DNS filtering solution powered by the world’s fastest DNS resolver. Gateway’s DNS filtering feature kept users safe by blocking DNS queries to potentially harmful destinations associated with threats like malware, phishing, or ransomware. Organizations could change the router settings in their office and, in about five minutes, keep the entire team safe.

Shortly after that launch, entire companies began leaving their offices. Users connected from initially makeshift home offices that have become permanent in the last several months. Protecting users and data has now shifted from a single office-level setting to user and device management in hundreds or thousands of locations.

Security threats on the Internet have also evolved. Phishing campaigns and malware attacks have increased in the last six months. Detecting those types of attacks requires looking deeper than just the DNS query.

Starting today, we’re excited to announce two features in Cloudflare Gateway that solve those new challenges. First, Continue reading

Equinix launches bare metal cloud service

Having completed its purchase of bare-metal cloud specialist Packet in March, Equinix is announcing the availability of Equinix Metal, an automated and interconnected bare metal cloud service in four major regions.A bare metal service means the customer provides the operating environment, not just the apps. Typical IaaS/PaaS includes the operating system (either Linux or Windows) plus developer tools and middleware. In a bare metal environment, there's no operating system or virtual machine. All you get are cores, memory, storage, and networking. READ MORE: Why a bare-metal cloud provider might be just what you need | Google Cloud's bare-metal initiative | Rackspace offers bare-metal cloud offeringTo read this article in full, please click here

IBM expands the role of its hybrid-cloud security package

IBM is expanding the role of its security-software package for hybrid-cloud deployments by improving the gathering of security data collected within customer networks and drawing on third-party threat-intelligence feeds, among other upgrades.IBM’s Cloud Pak for Security, which features open-source technology for hunting threats and automation capabilities to speed response to cyberattacks, can bring together on a single console data gathered by customers’ existing security point products.IBM Cloud Paks are bundles of Red Hat’s Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.To read this article in full, please click here

Equinix launches bare metal cloud service

Having completed its purchase of bare-metal cloud specialist Packet in March, Equinix is announcing the availability of Equinix Metal, an automated and interconnected bare metal cloud service in four major regions.A bare metal service means the customer provides the operating environment, not just the apps. Typical IaaS/PaaS includes the operating system (either Linux or Windows) plus developer tools and middleware. In a bare metal environment, there's no operating system or virtual machine. All you get are cores, memory, storage, and networking. READ MORE: Why a bare-metal cloud provider might be just what you need | Google Cloud's bare-metal initiative | Rackspace offers bare-metal cloud offeringTo read this article in full, please click here

IBM expands the role of its hybrid-cloud security package

IBM is expanding the role of its security-software package for hybrid-cloud deployments by improving the gathering of security data collected within customer networks and drawing on third-party threat-intelligence feeds, among other upgrades.IBM’s Cloud Pak for Security, which features open-source technology for hunting threats and automation capabilities to speed response to cyberattacks, can bring together on a single console data gathered by customers’ existing security point products.IBM Cloud Paks are bundles of Red Hat’s Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.To read this article in full, please click here

1 816 817 818 819 820 3,785