有个足球雷竞技app世界核心网络

2017年的网络和安全趋势

斯科特·霍格 — 星期五，09年12月12日12:32:00 -0800

‘Tis the season for tech bloggers to prognosticate and pontificate about the trends for the next year. This is also the time of year when we fondly reflect on the amazing rate of innovation during the past year and try to imagine how the pace of new technology will continue to accelerate.

When publicly making these types of predictions, it is prudent to write about trends that are probable, and it is unwise to write about things that are too far-reaching. Along these lines, here are six network and security technology predictions that are probable for 2017.

1. Malware will continue to evolve

Malware has been the most effective way for attackers to reach targets globally. Malware propagation has been the definitive attack method for the past few years, and now the effectiveness of most antivirus products is called into question. More and more security vendors offer malware defenses, but not all of these vendor’s solutions are completely effective as malware continues to metamorphize.

To read this article in full, please click here

资源比比云服务更安全

斯科特·霍格 — 2016年3月7日星期一10:18:00 -0800

More and more enterprise organizations are planning and deploying into cloud platforms. This trend is occurring despite organizations' historical push-back on cloud services claiming that they are less secure than private on-premises data centers. Even though there is evidence to suggest that cloud application attacks are on the rise, there are best practice methods to secure cloud services.

To read this article in full, please click here

Arin终于用完了IPv4地址

斯科特·霍格 — 星期二，2015年9月22日07:25:00 -0700

It is often said, "the Internet is running out of phone numbers," as a way to express that the Internet is running out of IPv4 addresses, to those who are unfamiliar with Internet technologies. IPv4 addresses, like phone numbers are assigned hierarchically, and thus, have inherent inefficiency. The world’s Internet population has been growing and the number of Internet-connected devices continues to rise, with no end in sight. In the next week, the American Registry for Internet Numbers (ARIN) will have exhausted their supply of IPv4 addresses. The metaphorical IPv4 cupboards are bare. This long-predicted Internet historical event marks opening a new chapter of the Internet’s evolution. However, it is somehow anti-climactic now that this date has arrived. The Internet will continue to operate, but all organizations must now accelerate their efforts to deploy IPv6.

To read this article in full, please click here

SDN交换机是防火墙的新形式吗?

斯科特·霍格 — 星期三，2015年4月1日16:38:00 -0700

Many people anticipated that enterprise organizations would adopt Software Defined Network (SDN) technologies later than service providers or multi-tenant data centers and cloud service providers. We are now seeing more use of Network Functions Virtualization (NFV) within enterprises and some enterprises are starting SDN pilot projects. As enterprises consider how to utilize SDN technologies in their data center environments, they start to consider what new security capabilities SDN can provide. SDN switches can drop packets for flows that are not permitted by the controller. This article explores if SDN switches can behave like a traditional firewall.

To read this article in full, please click here

年度安全报告预测2015年我们可以期待的内容

斯科特·霍格 — 2015年1月12日星期一17:47:00 -0800

In order to gain intelligence about the threats that may be directed to our organizations we need to tune into what is happening on the Internet. By reading the latest annual security reports we can learn from what others have experienced and broaden our perspective on the current threat landscape. Security practitioners should be sharing information about threats and attacks just as readily as the attackers share information, exfiltrated data and access to botnets. We can learn from recent security reports and anticipate what we can expect to occur in 2015 and try to adapt our defensive strategies to protect our enterprises.

IT Security is Like Dental Floss

Parallels can be drawn between IT security and using dental floss. We know that using dental floss can add years to your life expectancy but it requires discipline and a small time commitment every day. Similarly, IT security requires a relatively small capital investment and a relatively small investment in time to configure granular policies and be vigilant. Good security is a result of taking time to configure prudent security and then spending the time to establish situational awareness of the environment. The papers are full of news about companies that have not invested enough time into their security programs.

To read this article in full, please click here

SDN安全攻击向量和SDN硬化

斯科特·霍格 — 星期二，2014年10月28日16:33:00 -0700

As enterprises look to adopt Software Defined Networking (SDN), the top of mind issue is the concern for security. Enterprises want to know how SDN products will assure them that their applications, data and infrastructure will not be vulnerable. With the introduction of SDN, new strategies for securing the control plane traffic are needed. This article will review the attack vectors of SDN systems and share ways to secure the SDN-enabled virtualized network infrastructure. This article will then discuss the methods currently being considered to secure SDN deployments.

To read this article in full, please click here

OpenFlow支持IPv6流

斯科特·霍格 — 星期四，2014年7月31日15:11:00 -0700

OpenFlow is a Software-Defined Networking (SDN) protocol used for southbound communications from an SDN controller to and from a network device. OpenFlow is the protocol used to inform the topology of network switches on which flows should be added to their flow tables and advise switches how they should handle traffic flows that are not in the current flow tables. Initially, OpenFlow did not have any definition for handling IPv6 communications. Now, newer OpenFlow versions have IPv6 capabilities and more vendors are deploying products that use the newer OpenFlow versions. This article goes over the IPv6 functions within the OpenFlow protocol and describes how these are being used.

To read this article in full, please click here

承诺理论

斯科特·霍格 — 星期二，2014年7月01日07:10:00 -0700

The way we have created IT systems over the years has been very linear with each individual component being statically configured. If a human makes an error in any one of the many configurations, then the whole system breaks down. Over the years, IT systems have become increasingly complex with multiple layers of abstraction and virtualization making it difficult to enforce stability and gain scalability. Promise theory provides a new way to think about how IT systems rely on each other to form an entire system that businesses can depend. This article will cover the foundation concept of promise theory and give examples of how it is used.

To read this article in full, please click here

软件容器:比大多数人意识到的使用更频繁

斯科特·霍格 — 星期一，2014年5月26日22:30:40 -0700

您是否考虑过将应用程序置于“沙箱”中以确保其安全，或者想知道SaaS(软件即服务)提供商如何使您的应用程序和数据与其他客户隔离，您一直在考虑软件容器。容器是一种越来越流行的方法，用于将应用程序与操作系统及其用于连接网络的物理基础设施分离。容器在操作系统的内核中实例化，并虚拟化应用程序的实例。大多数人没有意识到容器已经变得多么流行，以及它们现在在哪里被使用。< p class="jumpTag">

ARIN进入IPv4耗尽的第4阶段

斯科特·霍格 — 2014年4月23日星期三10:35:13 -0700

<文> <节类= "页面" > < p > < a href = " http://www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml " >后IANA < / >最后的IPv4地址分配给五个区域互联网注册机构(rir) 2月3日,2011年,rir已经耗尽IPv4地址在过去三年。APNIC ran out on April 15 2011;成熟NCC ran out on September 14 2012;现在ARIN已达到2014年4月23日的最终/8地址数量。LACNIC将在今年某个时候耗尽，而AFRINIC可能在几年内都不会耗尽。现在，加拿大、美国和附近一些岛屿的组织将遇到越来越多的障碍，以获得更多的IPv4地址分配。别太惊慌，你还有其他选择。

Windows XP：再见和良好的riddance

斯科特·霍格 — 2014年3月31日星期一19:37:31 -0700

<文章>

最近关于 Windows XP的支持结束了很多关于支持结束在 2014年4月8日。 There are concerns about security vulnerabilities that will be used after Microsoft stops patching the operating system. However, if your organizations is still using Windows XP 13 years after its initial release, you have some more serious issues to address. The hardware XP computers have could not support a more modern operating system. It is more likely that people just need to buy a new computer and “get with the times”.

Windows XP Capable Hardware

If you have a computer running Windows XP, it probably came with between 512MB and 1GB of memory. It could possibly have 2GB or memory if it is “newer” (~2005 to ~2009), but that is less likely. If you have a computer that is 8 to 13 years old, it is surprising that the hardware is even still functional. If it is a desktop/mid-tower, it is amazing that the power supply, fans, and floppy disk are functional. If it is a laptop, that is even more miraculous because it is likely that the battery is completely useless and unable to hold a decent charge.

To read this article in full, please click here

不是你父亲的流输出协议(第二部分)

斯科特·霍格 — 2014年3月19日星期三19:52:24 -0700

在前一篇文章中，我们介绍了如何使用NetFlow, IPFIX和其他流量导出协议为我们提供一些应用程序流量可见性。然而，没有什么比原始数据包解码提供更多的细节。一个名为AppFlow的新协议可能会给管理员提供他们需要的数据，同时仍然在混合拓扑环境中工作。如果与IPFIX兼容，AppFlow将提供这些应用程序协议细节，随着越来越多的供应商接受该协议，它将变得更加流行。AppFlow可能在提供应用程序层细节与流导出协议的性能和灵活性之间取得了正确的平衡。

你父亲的流输出协议(第一部分)

斯科特·霍格 — 星期五，2014年3月14日11:34:11 -0700

<文章>

您可能熟悉 netflow ，和其他类似的协议，如j流和sflow。 These protocols provide useful insight into traffic mix and communities of interest. However, these protocols do not contain the application-layer details that some administrators desire. IT administrators need more application-level visibility to be able to perform Application Performance Management (APM) and troubleshoot application-layer issues. Current flow-based protocols lack application-layer details that are needed to perform deeper analysis and troubleshooting.

To read this article in full, please click here

IT业中产阶级的衰落

斯科特·霍格 — 星期二2014年2月18日11:46:14 -0800

<文章>

随着新技术继续出现网络，对高技能IT管理资源的需求也会增长。

然而，出现软件定义的网络（SDN），云系统和编排软件意味着许多平凡的任务将变得自动化。如果你的一天主要由那些平凡的任务组成，那么你应该担心你的职业生涯的未来。

在不久的将来，IT团队当然需要高级工程师，但会有仍然需要较低技能的资源。然而，这种新兴的IT环境威胁着它的中间层中的那些。

<强>在IT环境中增加复杂性

读取本文完整，请点击这里

clos网络：什么是新的再次

斯科特·霍格 — 2014年1月11日星期六13:29:00 -0800

Clos networks were first created in the mid-1950s as a method to switch telephone calls. Clos networks evolved into crossbar topologies and eventually into chassis-based Ethernet switches using a crossbar switching fabric. Now Clos networks are being used in modern data center networking architectures to achieve high performance and resiliency. This concept has been around for many years and it is now a key architectural model for data center networking. It is fascinating how concepts reemerge again and again in the history of networking.

Origin of the Clos Network

Charles Clos was a researcher at Bell Laboratories in the 1950s. He published a paper titled "A Study of Non-blocking Switching Networks" in the Bell System Technical Journal in 1953. In this paper he described how telephone calls could be switched with equipment that used multiple stages of interconnection to allow the calls to be completed. The switching points in the topology are called crossbar switches. Clos networks were designed to be a three-stage architecture, an ingress stage, a middle stage, and an egress stage. The concept is that there are multiple paths for the call to be switched through the network so that calls will always be connected and not "blocked" by another call. The term fabric came about later because the pattern of links looks like threads in a woven piece of cloth.

To read this article in full, please click here

使用SDN创建数据包监控系统

斯科特·霍格 — 太阳，2013年12月15日09:31:15 -0800

<文章>

由于SPAN / MONITION端口在交换机上的限制，组织已转向使用TAPS和数据包监控交换机SDN). This solution uses lower-cost network switches with a SDN controller to allow for simple and dynamic configuration of a packet monitoring and analysis system.

Limitations of SPAN and Monitor Ports:

Lack of visibility into Information Technology (IT) systems is a major issue. Network administrators have struggled with monitoring their data-plane traffic flowing across their networks. NetFlow can provide some high-level visibility into the flow data, but lacks the packet decode details required for some analysis or troubleshooting. Network administrators have suffered from the limitations of Switch Port Analyzer (SPAN) and port-mirroring technology within the Ethernet switches. Further exacerbating the problem is other IT groups that also want to be able to perform packet captures on the network. The security administrators and the systems administrators are often competing for the limited SPAN capabilities in the switches.

To read this article in full, please click here

Gogonet Live 4！IPv6会议回顾

斯科特·霍格 — 孙，2013年11月17日18:55:57 -0800

<文章> <第Class =“页面”>

在过去十年中有许多IPv6相关的会议，研讨会和事件。这些事件旨在教育关于IPv6的与会者以及成熟的互联网协议的潜力。今年的 gogonet IPv6会议显示这些事件已经到了多远。 Gogonet Live！事件也进化为混合现场和虚拟事件，将会议诉讼程序带到最广泛的受众。This article cover’s this year’s event and how you can freely access the conference materials.

gogoNET:

The gogoNET social networking site for IPv6-related discussions and knowledge sharing was started by gogo6. gogo6 is a manufacturer of IPv6 transition products using a server platform (gogoSERVER), a small CPE device (gogoCPE), and client software (gogoCLIENT). These products allow organizations and individuals to connect to the IPv6-enabled Internet when they are trapped behind IPv4-only access networks.

To read this article in full, please click here

用覆盆子pi进行双协议路由

斯科特·霍格 — 星期二，2013年11月12日00:04:35 -0800

网络工程师总是在寻找新的方法来获得一些低成本的网络测试能力。很少有公司会为网络实验室提供足够的资金，以便他们的网络团队在部署之前进行学习。许多人使用图形网络模拟器(GNS3)， Dynagen和Dynamips在笔记本电脑上使用思科IOS管理程序，允许实验和学习。当你等待思科的虚拟互联网路由实验室 (VIRL)发布时，你可以使用树莓派作为一个低成本路由器进行测试。

RASPBERRY PI作为网络监控节点

斯科特·霍格 — 2013年10月30日星期三16:07:00 -0700

raspberry pi 是一个惊人的小型廉价的Linux基础计算机。它已经取得了非常成功，已经过了 100万覆盆子系统销售。Raspberry PI也可以是传统IT环境中的有用工具，并且可以是执行远程网络监控的廉价方式。在本文中，我们涵盖了如何获得Raspberry PI Up并进行，以及如何为网络监控目的配置它。少于50美元，您可以使用远程访问网络设备，用于测试和故障排除并在不到30分钟内工作。

要全面阅读本文，请单击此处（内幕故事）

理解并遵守网络的法律

斯科特·霍格 — 2013年10月05日星期六16:09:33 -0700

<文章>

网络世界上有几个普遍的法律，我们必须遵守。Understanding these laws gives us deeper insight into the connected world we live in. Like civil law, in some cases these laws are not necessarily meant to be broken. Other laws just beg to be broken in an attempt to innovate network technologies. Here are the laws of the physical networking universe that is continually expanding.

Metcalfe's Law

Bob Metcalf's insight into networking is legendary. His law states that "the value of a network is proportional to the square of the number of connected users." For example, when a network is just a point-to-point link between two users the network has a value of 4 (2^2). However, when the network allows full-mesh connectivity between 100 users then the value is 10,000 (100^2). Now the Internet has about 2.7 billion users so its value is approximately 7X10^18.

To read this article in full, please click here

OSPFv3 for IPv4和IPv6

斯科特·霍格 — 2013年9月2日星期一11:17:00 -0700

Many enterprises use OSPF version 2 for their internal IPv4 routing protocol. OSPF has gone through changes over the years and the protocol has been adapted to work with IPv6. As organizations start to contemplate how they will deploy IPv6 at their Internet perimeters and within their enterprise networks they should be aware of OSPF version 3 and how it differs from what they are familiar with. This article reviews the differences between OSPF version 2 and OSPF version 3 and how they can be configured to work with IPv4, IPv6 and both protocols.

To read this article in full, please click here

IPv6网络管理

斯科特·霍格 — 2013年7月24日星期三13:41:17 -0700

Good engineering practices dictate that when we prepare to build something we must plan for the long-term operations. Having the ability to properly manage the technology after it is deployed will ensure its longevity. If the system is neglected, it will become unreliable and eventually fail. There are many organizations that have deployed IPv6 at their Internet perimeters, yet they lack the ability to manage the usage of this new protocol. Having the right IPv6-capable management tools will give us the visibility to our IPv6 deployments.

External Visibility

Many organizations have deployed IPv6 at their Internet perimeter. Other organizations may have IPv6 traffic traversing their DMZs and they do not even realize it. There could be 6in4 tunnels in use that allows the IPv6 traffic to be transported within IPv4 encapsulation. Both of these types of organizations have a need to be able to maintain their IPv6-enabled systems and be able to troubleshoot IPv6-related problems. These organizations will be operating a dual-protocol environment for many years and they must develop in the capability to maintain both protocols.

To read this article in full, please click here

移动设备和BYOD正在推动IPv6的采用

斯科特·霍格 — 2013年6月24日星期一12:50:17 -0700

<第> <章集类=“页面”>

2013年，预计移动设备的数量将超过人数。这些设备中的每一个都需要IP地址以在Internet上达到内容。带上自己的设备（byod）运动正在推动需要更无处不在的连接来支持移动劳动力。尽管一些内容提供商部署了IPv6，但绝大多数内容仍然可以通过IPv4-ops达到。随着更多全球社区加入Internet和东西互联网（物联网）继续增长IP地址的可用性将变得至关重要。

全面阅读本文，请点击这里

巨型框架

斯科特·霍格 — 星期一，03日6月12日12:51:25 -0700

Many networks use 1500-byte MTU size, but the MTU size can be reduced by encapsulation, tunneling or other overlay network protocols. These situations reduce the end-to-end effective MTU size which reduces throughput and network efficiency and sometimes causes application problems. Many network devices now support larger sizes of Ethernet frames and use of Jumbo Frames is becoming more common. This article covers how to determine if your network is capable of using Jumbo Frames and if you should enable this feature.

Compensate by Increasing the MTU Size

A previous article on "MTU Size Issues" discussed the issues of MTU size, how Path MTU Discovery (PMTUD) is performed and the results of fragmentation. Today, the vast majority of data networks use a default 1500-byte MTU size. This is because this is the default Ethernet MTU size for hosts and switches. Frequently, links between enterprise routers and the upstream ISP routers only support 1500-byte MTU. This is also true on the links between MPLS CE routers and PE routers. The primary issue with MTU size occurs when encapsulation is taking place between sites that only support 1500 byte MTU.

To read this article in full, please click here

MTU大小问题

斯科特·霍格 — 2013年5月18日星期六14:07:00 -0700

The Maximum Transmission Unit (MTU) is the largest number of bytes an individual datagram can have on a particular data communications link. When encapsulation, encryption or overlay network protocols are used the end-to-end effective MTU size is reduced. Some applications may not work well with the reduced MTU size and fail to perform Path MTU Discovery. In response, it would be nice to be able to increase the MTU size of the network links.

MTU Size

The Maximum Transmission Unit (MTU) is the largest possible frame size of a communications Protocol Data Unit (PDU) on an OSI Model Layer 2 data network. The size is governed based on the physical properties of the communications media. Historical network media were slower and more prone to errors so the MTU sizes were set smaller. For most Ethernet networks this is set to 1500 bytes and this size is used almost universally on access networks. Ethernet Version 2 networks have a standard frame size of 1518 bytes (including the 14-byte Ethernet II header and 4-byte Frame Check Sequence (FCS)). It should also be mentioned that other communications media types have different MTU sizes. For example, T3/DS3 (or E3) and SONET/SDH interfaces have an MTU size of 4470 bytes (4474 with header).

To read this article in full, please click here

在双重堆栈世界中的生活

斯科特·霍格 — 星期二，2013年4月23日21:47:37 -0700

<文章>

上周是2013 北美IPv6峰会会议。This was the 6th year of the IPv6 conference held in Denver, CO. One of the items that all attendees received at the registration booth was an IPv6 Buddy keypad. This got people thinking about what other changes we might expect to experience as we move into a dual-protocol Internet world.

Picture of my new little IPv6 Buddy.

This is a small USB keypad that is specially made for entering IPv6 addresses. It contains "0" through "9", "A" through "F" and special characters like ":", "::", and "/". It is intended to speed up the entering of IPv6 addresses rather than use a standard keyboard and number pad.

To read this article in full, please click here

Kali Linux:下一个倒退

斯科特·霍格 — 太阳，2013年3月24日14:53:37 -0700

<文章>

安全专业人员一直依赖于回溯安全分布多年帮助他们进行评估。该行业一直在等待后续回溯释放。但是，Backtrack的创建者已经进入了一个新的方向，并创建了 kali linux 。

相关： Linux的视觉历史记录

Kali Linux在许多方面类似于回溯，但它奠定了一个新的基础，并进行了大量改进，使其在未来几年内将更有用对渗透测试者更有用。

全面阅读本文，请点击这里

利用双协议实现SIEMs规避

斯科特·霍格 — 太阳，2013年2月24日12:51:36 -0800

It is just a fact of life that attackers and defenders are now operating in a dual-protocol world. With the addition of IPv6, attackers are learning new tricks and defenders will need to anticipate and protect against those new attacks. Attackers will try to use IPv4 and IPv6, each alone or in combination, for their exploits. We can predict that attacks will use a combination of IPv4 and IPv6 in a way that could allow an attacker to avoid detection by today's protection mechanisms.
Attackers commonly use a specific methodology when using malware propagation and command-and-control networks for exploitation. However, attackers use a different standard methodology when performing a targeted attack. Attackers start with reconnaissance, exploring and scanning, exploitation, maintaining access, covering up tracks, and leveraging access to expand to other systems. When an attacker is performing reconnaissance, they may only focus on the IPv4 addresses of the target. However, a sophisticated attacker would recognize when a target is reachable over IPv6 transport. If a victim only uses IPv4 then they are reachable only over that one protocol, but if a victim is reachable over both, then the "attack surface" has effectively doubled. An attacker will perform reachability testing and scanning over IPv4 and IPv6, thus doubling their workload. Both attackers and defenders must now do everything twice; once for IPv4 and once for IPv6. Every activity that the attacker performs will use IPv4 and IPv6 to determine if one protocol is less fortified than the other. Then the attacker will leverage the weakest of the two connection protocols.
To read this article in full, please click here

核心网络和安全第100个博客帖子

斯科特·霍格 — 2013年2月3日星期日18:34:58 -0800
<文章>

这是我的 100th博客文章为网络世界思科有个足球雷竞技app子网社区。正如我反映了过去四年写下这件博客的那样，我想到了我与你分享了想法并听到你的反馈的乐趣。在本博客中，我列出了最受欢迎的文章和审查多年来IPv6采用的改变。我与您分享我的写作过程并询问您对未来博客的输入。
最流行的博客主题
有很多有才华的有个足球雷竞技app网络世界博主分享他们与世界的洞察力，并因此分享他们的博客非常受欢迎。此博客可能没有最有吸引力的标题或在新闻工作者编写的新闻报道。我的博客并不是最受欢迎，但它可以在计算机网络和安全性上获得一个专栏的体现。该博客占据了所有网络世界博客访问的1％和2％。有个足球雷竞技app我的文章往往有一个“长尾”，并在张贴后几个月击中。我的博客在所有网络世界博客接收的百万或更多的命中率为10,000到20,000次点击。
要全面阅读本文，请单击此处

IPv6认证

斯科特·霍格 — 2013年1月26日星期六10:48:35 -0800
<文章>

许多网络，系统和安全工程师已经学习 IPv6 -相关主题多年。您可能会想知道您是否可以获得您在学习IPv6的所有时间和努力的证明。IPv6已被纳入供应商认证和其他非供应商IPv6特定认证。您可以努力实现这些认证，以显示您拥有IPv6知识和技能的当前或未来的雇主。
供应商特定的IPv6认证：
很多供应商都拥有IPv6并在其产品的功能中包含它。这些供应商为其产品提供了培训计划，该计划涵盖了IPv6相关主题和伴随测试您的IPv6知识以及它的知识。
全面阅读本文，请单击此处