I did some work recently assessing how Microsft’s Hypervisor (Hyper-V) addresses (or doesn’t address) some common network security based threats in a multi-tenant public cloud environment. I then set out to test whether there are controls in place to mitigate those threats. I would have liked to compare different Hypervisors and their capabilities, but I have yet to do that comparison. If you’re interested in testing independently, there are several good tools out there including nmap, yersinia, hping and scapy. Those four tools will allow you to test every scenario in this document. Some detail on the test case is provided in each section. First, some basic definitions that I use in this post: TOR switch: Top of rack switch Switch: Generally references the network [&hellip

Read More...

It is undeniable if you read the news these days – many enterprises are moving data centers applications to the public cloud. In my experience, many security organizations aren’t prepared for the fundamental shift in security models that comes with the cloud. They may opt to build a WAN into the cloud provider to extend their existing and traditional security controls. They may opt for a premium cloud service provider that offers managed security services. Or, they may run software based network function virtualization such as Cisco’s Nexus 1000V. The reality is, with this movement comes a new paradigm in perimeter security. Major cloud providers leave network security to the Enterprise and don’t offer any more capability than security groups or SLB endpoints. A natural [&hellip

Read More...

I ran into an issue recently where I was using Linux as a router and forwarding wasn’t working between two interfaces. I could see packets entering eth0, but they weren’t forwarding out eth1. The routing table was fine and IP forwarding was enabled. I couldn’t even ping by sourcing a packet from eth0 destined for eth1 – both locally connected interfaces. My basic topology is below. Essentially, I was forwarding packets through Linux with no return route – basically “direct server return” kind of a setup where traffic flowed in asynchronous paths. In the topology below, breakingpoint is a 3064 switch with a default router to the MX240 with a default route str-ubuntuddos-02 with a default route out a second interface in a different VRF [&hellip

Read More...

I’ve been running Cloudera’s Hadoop offering on Ubuntu since December, 2013 and I thought after 6 months it was time to record some of my experiences. First, my setup has ranged from 5-7 nodes on three different hypervisor platforms – XCP, Hyper-V and VMWare. Each node is provisioned with one (1) 3.4ghz core and 4gig of memory. The first 5 nodes ran on VMWare and Hyper-V, the 6th and 7th were added on XCP. My configuration requires data exist on three different nodes. I ran a daily cron job to select count(*) using Hive – record the number of rows and the time taken to perform the query. The number of rows has ranged from 9million to close to 40 million. The source data is netflow [&hellip

Read More...

In previous posts I’ve written about how to install Hadoop on Ubuntu in under 20 minutes, how to configure NetFlow export into Hadoop and how to add multiple nodes to your Hadoop cluster. In this post, I’ll outline how to start querying Netflow data via Hive so it can be analyzed in Excel. The expectation is that you’ve followed the previous posts in this series so that your current Hadoop installation is in a predictable state. Here are the foundational things you need to know to accomplish this task: I highly suggest shutting down your netflow collector in advance. There are parts of this procedure that may be complicated by introducing new files while the metastore is in the middle of transition Hive’s metadata store [&hellip

Read More...

Sustainability is a topic I’m interested in both inside and outside of work. I’ve been doing a lot of research lately regarding data centers and energy efficiency so that I can apply my interest to my day job.  In particular, while probably the smallest source of power consumption within the data center, I’ve spent most of my time researching the power consumption and energy efficiency of network equipment. This research has led me to represent my company on The Green Grid as a voting member in the Network working group. The article below is a summary of several days of research on the topic of “Green Ethernet”. Why you should care about sustainability Data Centers today use about 3% of all energy within the United [&hellip

Read More...

I recently  guest blogged for my friends health and food website WhyFoodWorks. Here is her post and my original post below: http://whyfoodworks.com/2014/01/25/how-to-juice-5-guidelines/ Why would you try a fad diet? I had a New Years resolution to once and for all confront every other resolution I’ve made over the past two years but haven’t accomplished. One of those resolutions, was getting my weight in check. My weight has fluctuated over the years, but going into the end of the 2013, I was around 208lbs at 6’2″ and an age of 36 years old. My goal is 190lbs and the closest I have gotten was 198/199lbs about a year ago. The highest I’ve seen in the last 5 years is probably around 218-219lbs. Sitting at home over [&hellip

Read More...

Ever work with a protocol and delve into its inner-workings more than you ever wanted, more than you ever thought you needed to? That’s how I feel about NVGRE after the past two weeks. I guess that is reality when you’re dealing with a new feature, newish protocol, not well documented and that runs on top of an operating system also going under lots of innovation (Hyper-V). Overview Let me just say that most NVGRE implementation guides are based on Hyper-V 2012 syntax — and, to be blunt, they’re outdated and didn’t even work for me on 2012 let alone 2012 R2. For example, none of these examples will work on 2012 R2. http://luka.manojlovic.net/ http://gallery.technet.microsoft.com/scriptcenter/Simple-Hyper-V-Network-d3efb3b8/view/Discussions http://hikmatkanaan.wordpress.com/2013/03/28/windows-2012-hyper-v-3-0-network-virtualization/ They also are based on a single interface server, [&hellip

Read More...

List of things that don’t support Flowspec: 1) Quagga does not support flowspec 2) Juniper SRX does not support flowspec 3) ExaBGP supports flowspec but is not a listening service – it establishes connections only (note as of 1/13/2014 ExaBGP does support listening services but I have not yet tested it) 4) Cisco does not support flowspec So – if you want to play with FlowSpec — it looks like a high end Juniper router and ExaBGP are two good choices. Maybe an olive vm would also work? #fail

Read More...


Warning: file_get_contents(/opt/httpd/sites/rickmayberry.com/gpslogger.txt): failed to open stream: No such file or directory in /var/sites/rickmayberry.com/wp-content/plugins/google-maps-widget/google-maps-widget.php on line 150