SolarWinds Trojan: Affected enterprises must use hot patches, isolate compromised gear

Hot patching and isolating potentially affected resources are on the IT response schedule as enterprises that employ SolarWinds Orion network-monitoring software look to limit the impact of the serious Trojan unleashed on the platform.The supply-chain attack, reported early this week by Reuters and detailed by security researchers at FireEye and Microsoft involves a potential state-sponsored, sophisticated actor gained access to a wide variety of government, public and private networks via Trojanized updates to SolarWind’s Orion network monitoring and management software. This campaign may have begun as early as spring 2020 and is ongoing, according to FireEye and others.To read this article in full, please click here

SolarWinds Trojan: Affected enterprises must use hot patches, isolate compromised gear

Hot patching and isolating potentially affected resources are on the IT response schedule as enterprises that employ SolarWinds Orion network-monitoring software look to limit the impact of the serious Trojan unleashed on the platform.The supply-chain attack, reported early this week by Reuters and detailed by security researchers at FireEye and Microsoft involves a potential state-sponsored, sophisticated actor gained access to a wide variety of government, public and private networks via Trojanized updates to SolarWind’s Orion network monitoring and management software. This campaign may have begun as early as spring 2020 and is ongoing, according to FireEye and others.To read this article in full, please click here

Supercharge CoreDNS with Cluster Addons

Infoblox sponsored this post. Sandeep Rajan Sandeep is a software engineer at Infoblox focussing on open source contributions to the Cloud Native Computing Foundation (CNCF) projects CoreDNS and Kubernetes. There has been an increasing demand from users to be able to manage the health, status, rollout, rollback, etc., of CoreDNS in a Kubernetes cluster; and not just rely on CoreDNS being managed by the cluster management tools. Since the use of Operators in Kubernetes is now generally accepted, the aim of the

The History of EARN, RARE, and European Networks (part 2)

European networks from the mid-1980’s to the late 2000’s underwent a lot of change, bolstered by the rise and fall of America Online, the laying of a lot of subsea cables, and the creation of several organizations, including EARN and RARE, to bolster the spread and use of the Internet. Daniele Bovio joins Donald Sharp and Russ White on this episode of the History of Networking to give us a good overall perspective of this history.

You can find more information about the history of EARN at https://earn-history.net.

download

Trojan in SolarWinds security has far-reaching impact

SolarWinds says a compromise of its widely used Orion network-monitoring platform endangers the networks of public and private organizations that use it and that the problem should be remediated right away.In a security advisory, SolarWinds said customers should upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible to ensure their environment is safe. An additional hotfix release that both replaces the compromised component and provides several additional security enhancements is expected in the next day or two.The company’s managed services tools appear to be uncompromised, and the company said it isn’t aware of any similar issues with its non-Orion products, like RMM, N-Central, and SolarWinds MSP products.To read this article in full, please click here

Trojan in SolarWinds security has far-reaching impact

SolarWinds says a compromise of its widely used Orion network-monitoring platform endangers the networks of public and private organizations that use it and that the problem should be remediated right away.In a security advisory, SolarWinds said customers should upgrade to Orion Platform version 2020.2.1 HF 1 as soon as possible to ensure their environment is safe. An additional hotfix release that both replaces the compromised component and provides several additional security enhancements is expected in the next day or two.The company’s managed services tools appear to be uncompromised, and the company said it isn’t aware of any similar issues with its non-Orion products, like RMM, N-Central, and SolarWinds MSP products.To read this article in full, please click here

Full Stack Journey 049: Kubernetes Backup And Data Protection With Open-Source Velero

Have you developed a backup/restore strategy for your Kubernetes clusters? In this Full Stack Journey episode, we discuss why Kubernetes operators should be planning for backup/restore functionality, and debunk some myths that say you don't need it in Kubernetes. We also dive into the open-source Velero project, a tool for backup/restore and data protection of Kubernetes cluster resources. Our guests are Carlisia Thompson and Nolan Brubaker.

Full Stack Journey 049: Kubernetes Backup And Data Protection With Open-Source Velero

Have you developed a backup/restore strategy for your Kubernetes clusters? In this Full Stack Journey episode, we discuss why Kubernetes operators should be planning for backup/restore functionality, and debunk some myths that say you don't need it in Kubernetes. We also dive into the open-source Velero project, a tool for backup/restore and data protection of Kubernetes cluster resources. Our guests are Carlisia Thompson and Nolan Brubaker.

The post Full Stack Journey 049: Kubernetes Backup And Data Protection With Open-Source Velero appeared first on Packet Pushers.

Ode to Networking 0x00000010

Ode to Networking 0x00000010 The internet is distributed Clouds are not The internet is edge design Clouds are not The internet is quite resilient Clouds are not The internet is cheap Clouds are not - Greg Ferro

Creating your own cowsay messenger

One of the sillier, but still fun, tools available on Linux is called "cowsay". It's used to display a phrase along with an ASCII art image of a cow.The cowsay command allows you to create messages that are less likely to be overlooked and might come across as just a little friendlier than the other thousand or so messages most of us get every day. For example:$ cowsay This is cowsay! _________________ < This is cowsay! > ----------------- \ ^__^ \ (oo)\_______ (__)\ )\/\ ||----w | || || Once cowsay is installed on your system, you can create cute little messages – and you're not limited to displaying a cow! In fact, if you wander over to the cowsay's directory –  /usr/share/cowsay/cows – you'll see that there's a fairly large collection of files available. Each includes a different image. You can choose from images as diverse as a snowman and a stegosaurus. If you want to greet your Australian friends using cowsay, you might try using the koala.To read this article in full, please click here

Call for Presentations: Networking in Public Clouds

In early November we organized a 2-day network automation event as part of our Network Automation course and the participants loved the new format… so we decided to use the same approach for the Spring 2021 Networking in Public Clouds course.

This time we’re trying out another bit of the puzzle: while we have plenty of ideas whom to invite, we’d love to get the most relevant speakers with hands-on deployment experience. If you’ve built an interesting public cloud solution, created a networking focused automation or monitoring tool, helped organizations migrate into a public cloud, or experienced a phenomenal failure, we’d like to hear from you. Please check out our Call for Papers and send us your ideas. Thank you!

Opengear Cheat Sheet

Opengear is a terminal server that is commonly used to connect to infrastructure devices via an out of band network or console/serial port. This post covers some of the common commands and operations that I usually undertake with opengear devices. Connecting SSH to an opengear and open...

Tech Bytes: Securing Remote Work For 2021 And Beyond With Zscaler (Sponsored)

On today's Tech Bytes podcast, sponsored by Zscaler, we explore securing a distributed workforce for 2021 and further, the role of Zero Trust Access, how Zscaler secures access to applications rather than networks, and more. Our guest is Pam Kubiatowski, Sr. Director of Transformation Strategy at Zscaler.

The post Tech Bytes: Securing Remote Work For 2021 And Beyond With Zscaler (Sponsored) appeared first on Packet Pushers.

DNS Oblivion

The problem with both DoH and DoT is that neither is all that satisfactory from a privacy standpoint. It is more of a compromise approach that poses a difficult question to me, as the end user. If I have to compromise my privacy to a third party and expose the combination of my identity and the DNS queries I make, then who should be privy to this information? Which third party DNS provider represents the least risk to me now and in the future? It's a tough question, and the best answer not having to compromise my privacy at all.
1 818 819 820 821 822 3,832