Scapy may be the most powerful tool available to network admins. It is an interactive program for packet manipulation that uses simple operations like sending and receiving packets or capturing and cloning them as building blocks for creating advanced network management tools.
Link aggregation is a great networking trick to achieve network scalability and fault tolerance. Let’s take a look at the general concepts of how link aggregation is setup and the benefits and restrictions that apply.
Read More…
Traditional defenses against malware have been rendered ineffective. Corporations are being breached on a daily basis, and major ones weekly. A FireEye whitepaper states that the average per-incident cost of a breach was $7.2 million in 2010. The next generation cyberthreat is here.
Signature-based malware protection will no longer suffice. Data signatures for advanced malware aren’t consistent enough to find patterns. These new threats, as outlined in a FireEye white paper, use “techniques like camouflage, multi-stage packaging, targeting and other advanced persistent threat (APT) tactics.”
The report notes RSA’s EMC division which was hacked earlier this year. Employees were targeted under a spear phishing attack where emails are sent with data that appears to be from a legitimate source. One employee opened an infected spreadsheet that contained a trojan virus called Poison Ivy. After the program was installed the attackers had access to RSA’s internal network where they obtained some 40 million SecurID keys.
As one article cites a report by Symantec which shows that the volume of spam has decreased by 90% over the past year, from 225 billion emails a day to 25 billion, and certainly much of this can be accredited to corporate and governmental action. Even so, the botnet business is lucrative one.
Millions of online accounts have been compromised so far this year alone. The growth of data stored online is unprecedented, but data security is not keeping pace. The data breach deluge of 2011 is swelling larger than ever before and calls for better security measures to be implemented by all online services from gaming to banking.
Just how bad is it? Really bad. I will include links to references so that you can see for yourself the impact and nature of these breaches. Let’s take a look at breaches just in the past few months:
This list doesn’t even include the numerous other sites and companies that have been attacked in this time period as well: the Labour Party, CNN, Automatic Data Processing (ADP), Lockheed Martin, the US Senate, the CIA, the IMF, PBS, Epic Games, L-3 Communications, Google, and almost 50 others.
The personal information compromised in these breaches include anything from social security numbers to credit card numbers to just email addresses, usernames, and passwords. Covering up these blunders costs companies millions. The case of the Texas comptroller alone has already cost $1.8 million. As one states, 2011 is set to be the worst year ever for security breaches.
The groups Anonymous and LulzSec have been linked to a number of recent attacks, though certainly the network of hackers is much larger. In response to the significant amount of online plundering, legislation known as the Data Security and Breach Notification Act will require companies to notify authorities and customers within 24 hours of a breach. Hopefully, new legislation will be a catalyst to better security policies.
It has been said that the only secure computer is one that is not on a network. Though it is true that most businesses could not sustain sophisticated attacks, like the one on EMC’s RSA, most of the attacks are not sophisticated. The majority of attacks focus on basic loopholes like SQL injection, security loopholes in servers that haven’t been upgraded (Sony), unencrypted data (Sony, Citigroup, etc), and passing data insecurely through URLs (Citigroup).
Even keeping up to date on the latest security breaches on Yahoo Pipes, the Web Hacking Incident Database, or the DataLossDB, can give network administrators insight into what security loopholes to look for in their own networks. To avoid a PR nightmare and a huge cleanup bill, organizations need to take their online security much more serious.
Riverbed overtook CACE in October of 2010 and has since been working to merge CACE’s Shark packet capture and Pilot software technologies with Riverbed’s Cascade products. Riverbed has announced their Cascade Shark Appliance and Cascade Pilot which give real-time views of network performance.
Read More…
Coming off of a successful InterOp 2011 debut of their FlexNetwork suite of products as last reported by Network Newz, Hewlett-Packard has undergone a surge of successive executive changes. The loss of Marius Haas, the head of networking and senior VP, might mean there will be a delay with the roll-out of FlexNetwork technology, but HP should be able to overcome any setbacks. Despite being a potential blow to HP; Kohlberg, Kravis & Roberts stands to acquire a varied technology portfolio with the hiring of Martin Haas, former senior vice president at HP.
Marin Haas’ departure, as first reported by Bloomberg, comes during the loss of three other senior executives. HP had a strong showing at InterOp 2011 when their innovative FlexNetwork technology impressed the crowd. They should not be impeded by corporate restructuring. The generated buzz should not be reduced as the FlexNetwork technology proves to be HP’s networking challenge to Cisco’s dominance, and as “the only converged networking architecture,” HP’s FlexNetwork technology is set to compete with Cisco’s similar offerings. Although Martin Haas had been present for a period of substantial growth in their networking product-line, HP has the momentum and wherewithal to continue unfazed.
Last week at Interop 2011 in Las Vegas HP unveiled their new FlexNetwork technology, “the industry’s first holistic converged network architecture.” FlexNetwork is a converged infrastructure composed of FlexFabric, FelxCampus, and FlexBranch which are controlled under the FlexManagement umbrella.
Each component of the FlexNetwork architecture integrates to create a holistic infrastructure, as HP’s Kash Shaikh illustrates. FlexFabric is a new data center solution that eliminates the need for rewiring a network by virtualizing I/O, which allows servers and virtual machines to be added dynamically, see HP’s white paper for more. FlexCampus offers a new line of high performance switches for wired and unwired networks. Finally, FlexBranch consists of WAN routers and edge switches.
The new FlexNetwork technology comes with new high performance equipment. The A10500, in their new lineup, outperforms Cisco’s Catalyst switch, with 3 microsecond latency and 128 wire-speed 10GbE ports. Michael Callahan at HP noted that its TippingPoint 6100N IPS “can inspect 8 Gbps of traffic and can be clustered in a pair to inspect up to 16 Gbps of traffic.”
FlexNetwork includes plug-and-play technology allowing multiple switches to be controlled as a single switch. The HP Intelligent Management Center (IMC) controls the network in a single-pane-of-glass model, smoothing over the dated disjoint network management models. This feature keys on standardizing network architechture. FlexNetwork, and Cisco’s FabricPath, implements the TRILL protocol which replaces the spanning tree model and uses RBridges that are invisible to IP routers.
Since the first announce announcement of 100GigE back in 2008 equipment providers have been anticipating and releasing compatible products that allow the the technology to function and the full speeds realized. Demos and fully functioning networks soon followed. With the fully ratified IEEE 802.3ba that came in 2010, Internet Service Providers began rolling out the long-haul transmission capabilities that 100GbE offers. Companies that provide the capable network equipment, such the pioneer Juniper Networks, Alcatel-Lucent, and Cisco, continue to fight for the space for their equipment on Internet Service Provider’s networks.
Even Fujitsu, now, seemingly wants a piece of the next network. As companies migrate to faster networks based on 100GbE, Fujitsu is aiming to disrupt the more well-known, and entrenched network equipment manufacturers by providing a lower “bit cost” with their newly announced transponder and muxponder cards for their FLASHWAVE 9500 Packet Optical Networking Platform. These support up to 88 channels and up to 8.8 Terabits of network capacity. Many ISPs, Fujitsu says, typically only use single-channel 100GbE networks or combine groups of single-channels into pseudo multi-channel networks. This capacity increase and cheapened cost will speed up the adoption-rate of 100GbE networks.
As the backbone of the Internet continues to grow in accordance to increasing bandwidth demands of users at home and at work and when they’re mobile, Internet service providers are looking to deploy more massive amounts of 100GbE in 2011. Network equipment providers that jumped on the opportunity with their first-round devices are finding competition with the latecomers who are discovering more economical ways of implementing the technology. As the needs increase, companies will release cheaper and more complete solutions for 100GbE migrations.
People responsible for selecting and maintaining network firewalls might want to revisit their choices sometime soon. New information from NSS Labs indicates that five out of six mainstream firewall options failed to keep out hackers when subjected to an attack called the TCP Split Handshake spoof.