Big Switch Networks has released an open-source software platform for Ethernet switches, a move that hints at OpenFlow’s potential to subvert the infrastructure market by enabling the replacement of proprietary systems with generic, off-the-shelf SDN-friendly hardware.
Category Archives: Networking
MultiPath TCP
MultiPath TCP (MPTCP) is an effort towards enabling the simultaneous use of several IP-addresses/interfaces by a modification of TCP that presents a regular TCP interface to applications, while in fact spreading data across several subflows. Benefits of this include better resource utilization, better throughput and smoother reaction to failures. Slides – explaining MultiPath TCP – are available in .pdf and .pptx format. You can also have a look at our Google Techtalk about MPTCP.
via MultiPath TCP – Linux Kernel implementation : Main – Home Page browse.
US National Vulnerability Database Down Following Malware Infestation
According to the email, some suspicious activity was detected by NIST firewalls following which steps were taken “to block the unusual traffic from reaching the Internet.”
Photonics Fire Up Radical Core Router Startup
Compass-EOS claims it can eliminate that step and just keep throwing routers at the problem, so to speak. Each router treats neighboring Compass-EOS routers as if they were its own line cards.
There’s a distance limitation, of course: about 200 meters. That’s still long enough that two routers, working in conjunction, can be on different floors of a building.
via Light Reading – Photonics Fire Up Radical Core Router Startup.
Five Ways To Better Hunt The Zebras In Your Network
There are a lot of decent threat sources out there today, and inexpensive tools that can be used to combine them with firewall data, he says.
“For someone that is low on budget, you can perform this with existing log aggregation tools, but I would not try to do this by hand,” Brazil says, who is a big proponent of security information and event monitoring (SIEM) systems.
via Five Ways To Better Hunt The Zebras In Your Network – Dark Reading.
What is AP Isolation Mode and why should I disable it on my router?
In the computer networking world, AP stands for Access Point, or in this case, a wireless access point. AP Isolation effectively creates a “virtual” network among wireless clients, in which each device is an individual entity that cannot communicate with other wireless devices on the same Wi-Fi access point. This configuration can be useful for public Wi-Fi hotspots to separate potentially malicious network traffic from other.
The tomato router has this option. Other APs do not.
Tomato Firmware/Menu Reference
The following is a listing of all of the available menu options in the Tomato GUI, and their functions.
As settings on a page are edited the Save button at bottom of page must be clicked before navigating to another page otherwise the newly entered settings are not saved.
via Tomato Firmware/Menu Reference – Wikibooks, open books for an open world.
Attribution Is Much More Than A Source IP
What seems to be happening in many intrusion cases is that an IP located in China has been associated with the attack. The immediate assumption, often by inexperienced persons involved in the investigation, is that someone in China, most likely state-sponsored, targeted their incredibly important information.
via Tech Insight: Attribution Is Much More Than A Source IP – Dark Reading.
AlcaLu Gets Smart With Mobile Data
The concept isn’t new, but the AlcaLu team believes its system, which includes its patent-pending Agile Rules Technology (ART), enables service providers to develop new mobile service offers more quickly, efficiently and accurately by giving them greater control over the process using a single system.
via Light Reading – AlcaLu Gets Smart With Mobile Data.
Not sure what this actually means. What kind of “service” can a service provider provide for data other than blindly routing IP packets and counting them? I’ll await a powerpoint presentation on this.
Welcome to DenyHosts
DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).
If you’ve ever looked at your ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc…) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn’t it be better to automatically prevent that attacker from continuing to gain entry into your system?
via Welcome to DenyHosts.
Not me. If I let ssh into the network I only allow it for the IP address I’m going to be accessing the network from. These brute force attacks are annoying. This little app may prove useful. Will look into this.