To enable the ability to capture traffic sent and received on other switch ports, Cisco Catalyst switches include a feature called the switch port analyzer feature (SPAN), as well as remote SPAN (RSPAN) and VLAN access control lists (VACLs).
SPAN is the traditional method of monitoring LAN traffic on Cisco switches. SPAN uses the concept of mirroring traffic from a set of source ports to a single destination port, which has a network capture tool connected to it.
Now, a new study of online video viewing (via GigaOm) provides more evidence of how advances in media and networking technology reduce the patience of human beings. The researchers, Shunmuga Krishnan and Ramesh Sitaraman, studied a huge database from Akamai Technologies that documented 23 million video views by nearly seven million people. They found that people start abandoning a video in droves after a two second delay and that the abandonment rate increases 5.8 percent for every second of further delay:
Reconnaissance, while commonly overlooked and discounted, is a key phase providing successful targeted attackers (and penetration testers) with information about the target, the target’s server and application technologies in use, employees, location, and much more. Often called OSINT, or open-source intelligence because it uses publicly available sources, the recon phase is anything that can help the attacker obtain his goal. Security pros can leverage the same tools and techniques as the attackers to identify unintentionally exposed devices on the Internet and users leaking sensitive information via social networking sites, and address those issues before they’re used during an actual attack.
via Tech Insight: Better Defense Through Open-Source Intelligence – Dark Reading.
There’s also the excellent Shodan computer search engine that contains service banners from Internet-accessible servers all over the world. Security pros can find all sorts of juicy information, like internal network and host names exposed through DNS, or unintentionally exposed services that Shodan has found without scanning or touching the target network.
So what does SHODAN index then? Good question. The bulk of the data is taken from ‘banners’, which are meta-data the server sends back to the client. This can be information about the server software, what options the service supports, a welcome message or anything else that the client would like to know before interacting with the server.
via SHODAN – Computer Search Engine.
What ports does SHODAN index?
The majority of data is collected on web servers at the moment (port 80), but there is also some data from FTP (23), SSH (22) and Telnet (21) services. There are plans underway to expand the index for other services. Let me know if there are specific ports you would like to see included.
Meraki boasts a number of cloud-related offerings, from Ethernet switches and security appliances to a mobile device management platform and wireless LAN. Founded in 2006 and subsequently funded by a number of prominent firms, including Sequoia Capital and Google, Meraki touts itself as a shop for “easy-to-manage wireless, switching, and security solutions.” Business segments include supporting Bring Your Own Device (BYOD) shops, retail analytics, and massive networks managed from a central point.
via Cisco Acquires Meraki to Strengthen Cloud Networking.
Service Provider Information Technology (SPIT) player Cloupia calls itself a “a leading data center orchestration and cloud management software provider” and has worked with Cisco and NetApp Inc. (Nasdaq: NTAP), providing management for Cisco switches and NetApp storage appliances. The company’s speciality is providing provisioning, monitoring and management for physical, virtual, and cloud environments.
The interface for Orca was a mobile Web application connected to a set of mirrored databases of voter rolls. When a user logged in, the app would load a page with a scrollable list of all the registered voters in the precinct they were assigned to. By swiping a checkbox next to a voter’s name, they could record them as having voted; the entry was then transmitted back to Orca’s application server. A back-up call response system—similar in nature to the Houdini system used by the Obama campaign in 2008 (a system which also ran into trouble)—provided a way for volunteers to report possible voting irregularities into the system even if their data connectivity failed. Using information gathered through the campaign’s digital outreach and pulled from the campaign’s voter contact vendor, FLS Connect, the system was supposed to give volunteers in Boston a complete view of Romney supporters in swing states who hadn’t yet voted. It would then prompt phone calls asking supporters to vote.
via Which consultants built Romney’s “Project Orca?” None of them | Ars Technica.
Just show me one learner’s book where error handling is rigorously designed from the start and consequently used through all the examples, without being left out for brevity and readability and as exercise for the reader. If this is applicable from an educational POV, that is another question, but it’s no surprise that error handling is often enough a second or third thought when it should be the very first.
via What’s preferable: Exceptions or explicit error testing? | Ars Technica.
The compromise is believed to have occurred due to the leak of an SSH key from a developer who legitimately had access to the machines in question, and was not due to any vulnerability or code exploit within FreeBSD.
via FreeBSD.org intrusion announced November 17th 2012.
We unfortunately cannot guarantee the integrity of any packages available for installation between 19th September 2012 and 11th November 2012, or of any ports compiled from trees obtained via any means other than through svn.freebsd.org or one of its mirrors. Although we have no evidence to suggest any tampering took place and believe such interference is unlikely, we have to recommend you consider reinstalling any machine from scratch, using trusted sources.
Verizon is in the middle of a legal fight against the open Internet rules the Federal Communications Commission adopted in 2010. In addition to arguing that Congress never gave the FCC authority to regulate network neutrality, Verizon also claimed that forcing Verizon to abide by network neutrality rules violated the firm’s First Amendment right to free speech.
via Verizon called hypocritical for equating net neutrality to censorship | Ars Technica.
But CDT says Verizon can’t have it both ways. If Verizon is going to claim ISPs are “passive conduits” for copyright purposes, then in CDT’s view that implies that its routing decisions cannot be “active” enough to deserve protection under the First Amendment.
The low-power chip makes it possible to interact with mobile devices and a host of other consumer electronics using hand gesture recognition, which today is usually accomplished with camera-based sensors. A key limitation is that it only recognizes motions, such as a hand flick or circular movement, within a six-inch range.
The controller comes with the ability to recognize 10 predefined gestures, including wake-up on approach, position tracking, and various hand flicks, but it can also be programmed to respond to custom movements. Similar to the programming of voice recognition software, Microchip Technology built the gesture library using algorithms that learned from how different people make the same movements. These gestures can then be translated to functions on a device, such as on/off, open application, point, click, zoom, or scroll.