Scott Lowe

JANUARY 15, 2021

Networking. The popular open source cryptography library known as Bouncy Castle has uncovered a severe authentication bypass vulnerability. Heidi Howard and Ittai Abraham illustrate some of the challenges of the Raft consensus protocol when there is a network partition. Operating Systems/Applications.

Linux 60

Linux Firewall Open Source Vmware 60

Scott Lowe

MAY 27, 2022

Networking. Along those lines, one of their latest articles discusses how to achieve identity-based mutual authentication leveraging eBPF. network virtualization). Is the relationship between network virtualization and service mesh closer than some folks might wish to admit? Operating Systems/Applications.

Virtualization 79

Virtualization Storage Programming Network 79

Scott Lowe

APRIL 19, 2019

Networking. Part 2 of Stark and Wayne’s container-to-container networking for Cloud Foundry and Kubernetes dig deep into CNI workings. Milind Gunjan shares some tips for troubleshooting Linux bridged networking on a KVM host. This article discusses four open source secrets management tools. configurations.

Open Source 60

Open Source Tools Policies Cloud 60

Scott Lowe

JUNE 18, 2021

Networking. The first is a post on Cilium and F5 load balancer integration , while the second discusses implementing Kubernetes network policies with Cilium and Linkerd. The first is a post on Cilium and F5 load balancer integration , while the second discusses implementing Kubernetes network policies with Cilium and Linkerd.

Vmware 60

Vmware Hardware Load Balancer Apple 60

Scott Lowe

MAY 17, 2019

Networking. This article by Bob Killen provides a good foundation of information on understanding Kubernetes authentication (AuthN) and authorization (AuthZ; implemented via RBAC). Operating Systems/Applications. Cindy Sridharan has a good article on health checks and graceful degradation in distributed systems.

Linux 60

Linux Dell Open Source Licensing 60

Scott Lowe

MARCH 2, 2020

Networking. Said van de Klundert has a post on screen scraping basics for network engineers. For network engineers just getting started with network automation, I suspect that the information shared here may prove quite useful. For readers who may be new to networking, Daniel Wray has a write-up on network cabling.

Linux 60

Linux Windows Hardware Network 60

Scott Lowe

JULY 5, 2019

Networking. As would be expected with any maturing open source project that is starting to see increased adoption, Kubernetes has seen its share of security vulnerabilities over the last couple of months. Lennart Koopmann provides a guide to Yubikey authentication in the real world. Operating Systems/Applications.

Storage 60

Storage Hardware Open Source Vmware 60

Linux Academy

MARCH 28, 2019

It is important to use security tooling such as OpenSCAP, the open source version of the Security Content Automation Protocol, to harden virtual machine images prior to their deployment in virtual private clouds. Vulnerabilities at the operating system level may be exploited by rogue container workloads if not hardened.

Policies 68

Policies Linux Security Virtualization 68

Scott Lowe

JANUARY 14, 2016

Networking. NAPALM (Network Automation and Programmability Layer with Multivendor support) looks like a really cool tool. Gabriele (the author of that post) also has a nice article on some resources to get you started with network automation. Operating Systems/Applications. Good stuff Juan!

Vmware 60

Vmware Devops Storage Linux 60

ForAllSecure

DECEMBER 17, 2021

As I produce this episode, there's a dangerous new vulnerability known informally as Log4Shell, it’s a flaw in an open source Java logging library developed by the Apache Foundation and, in the hands of a malicious actor, could allow for remote code injection. Vamosi: The idea behind Open Source is great.

Open Source 52

Open Source Software Software Applications 52

Scott Lowe

JANUARY 14, 2016

Networking. NAPALM (Network Automation and Programmability Layer with Multivendor support) looks like a really cool tool. Gabriele (the author of that post) also has a nice article on some resources to get you started with network automation. Operating Systems/Applications. Good stuff Juan!

Devops 60

Devops Vmware Storage Open Source 60

Scott Lowe

OCTOBER 5, 2012

Networking. I think this three-part series on new network models for cloud computing ( part 1 , part 2 , and part 3 ), while almost a year old, is quite good. Erik Smith, notably known for his outstanding posts on storage and FCoE, takes a stab at describing some of the differences between SDN and network virtualization in this post.

Storage 92

Storage Vmware Linux Virtualization 92

ForAllSecure

DECEMBER 2, 2021

Vamosi: So you’re CISO at a major corporation and all of sudden there’s been a ransomware attack in your network, and it’s spreading throughout your infrastructure. You’ll want someone with years of pen testing experience, some one who knows the operating system like no other.

Examples 52

Examples Operating Systems Course System 52

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. Problem is, MAC addresses are not great for authentication. So what then makes IoT hacking different from say traditional network hacking. And it's not just stories from the authors themselves.

Internet 52

Internet Research Security Tools 52

ForAllSecure

APRIL 22, 2021

In 2013, researcher Nitesh Dhanjani found that a popular brand used simple MD5 hashes of the device's MAC addresses for authentication. Problem is, MAC addresses are not great for authentication. So what then makes IoT hacking different from say traditional network hacking. And it's not just stories from the authors themselves.

Internet 52

Internet Research Security Tools 52

Phil Windley

DECEMBER 28, 2020

Zittrain masterfully describes the extreme generativity of the internet and its attached PCs, explains why openness of both the network and the attached computers is so important, discusses threats to the generativity nature of the internet, and proposes ways that the internet can remain generative while addressing some of those threats.

Internet 135

Internet Network Architecture Security 135

Scott Lowe

MARCH 20, 2020

Networking. Dinesh Dutt of Cumulus Networks writes about the effect of switch port count in Clos topologies. This blending of “traditional” network engineering with containers, Linux, and DevOps tooling is how Matt is setting new trends and directions for the networking industry. Good stuff here!

Linux 60

Linux Vmware Authentication Storage 60

Phil Windley

JANUARY 8, 2022

But Microsoft figured out how to recentralize the industry around a proprietary operating system. Identity is the ability to recognize, remember, and react to people, organizations, systems, and things. In the current web, companies employ many ponderous technological systems to perform those functions.

Applications 52

Applications System Software Software 52

ForAllSecure

OCTOBER 29, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. It also lead to even more testing of election system devices in other states.

System 52

System Open Source Security Software 52

ForAllSecure

OCTOBER 29, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. It also lead to even more testing of election system devices in other states.

System 52

System Open Source Security Software 52

ForAllSecure

OCTOBER 20, 2020

Vamosi: Bowen’s public inquiry revealed findings of multiple buffer overflows, software updates without authentication, and inadequate randomization of the ballots so that valid secrecy can be compromised -- among other vulnerabilities. It also lead to even more testing of election system devices in other states.

System 40

System Open Source Security Software 40

Scott Lowe

APRIL 21, 2016

Networking. Michael Ryom has a nice (but short) article on using Log Insight along with a NetFlow proxy to help provide more detailed visibility into traffic flows between VMs on NSX logical networks. BGP seems to be emerging as an early front-runner for a standards-based control plane for software networking. Servers/Hardware.

Vmware 60

Vmware Linux Hardware Network 60

Scott Lowe

APRIL 17, 2017

One use case mentioned is Intuit’s use of Docker, and Golub points out that the person responsible for running Intuit’s systems is confident enough in their systems that they’re attending DockerCon on Tax Day (when as many as 25 million tax returns are expected to be processed). will use Moby for all of its own open source development.

Linux 60

Linux Open Source Windows Security 60

ForAllSecure

MARCH 30, 2022

So I started intercepting all the traffic on your network. Elliot Alderson: You are using Tor networking to keep the server's anonymous. Fast, GB wifi leads Elliot to discover a TOR network which leads him to the onion routing protocol. Part that doesn't allow good to exist without condition. Then I decided to hack you.

Firewall 52

Firewall Virtualization Authentication Linux 52