IETF IPv6 Home Network Mulls

The Internet Engineering Task Force plans to establish a working group to ease some of the issues with the imminent creation and maintenance of Internet connections based on IPv6 at home.

"A collection of protocols should be agreed, so suppliers of equipment used in home networks will be interoperable set of protocols available," said Ralph Droms, a distinguished engineer at Cisco and those who want to join the IETF working group.

This group, if one accepts the IETF, it should be clear how IPv6 can be used at home in a simple and consistent, using protocols developed by the IETF.

Commercial network providers and large organizations are beginning to see how to use IPv6, which is a continuation of today's principal communication protocol for the Internet Protocol Version 4 Labour not much has been done to address the use of IPv6 to go home, anyway.

Home networking is a relatively new area of ​​the IETF. Many of the standards were designed for large organizations, networks, and home use.

"Home networking has grown, on-demand, by chance," said Droms. Before consumer Internet connections are often relying on a single dynamic IP address to your computer every time a user could dial a modem from your service provider.

As people add more computers and peripherals to Internet connections, they - or their devices - based on the NAT (Network Address Translation) as a means to develop informal networks internally. NAT can be problematic because it does not allow direct Internet access, requires device manufacturers and software providers like Skype to get complicated and prone to circumvention problems.

IPv6 requires a completely different approach to the creation of end-nodes is commonly used today, Droms said. In particular, the end devices can access the Internet, and can be read directly from the Internet, rather than the movement of the NAT. Internet home router or cable modem to get an IPv6 prefix, and every appliance in the home can be found on the IPv6 address prefix.

"All devices in the home will have a global route-to answer. I do not have to do something to make these devices accessible to the rest of the Internet," said Drom.

"End-to-end communication is both an opportunity and a concern, as it enables new applications, but also exposes the internal network nodes to receive unsolicited traffic from the Internet," read the proposal to the IESG (Internet Engineering Steering Group), which oversees the IETF.

IPv6 brings other problems and opportunities and what the group would face. Most home networks are usually only a subnet. But the ability to easily create multiple subnets can be useful to allow users to allow their guests, a dedicated channel to the Internet, while the sensitive material in the second, a private subnet.

In addition, network connections are now mostly taking place is an Ethernet data link layer of seven-layer OSI (Open Systems Interconnection) stack. But, as more low-power sensor devices will be commercialized, the devices in the home network works with the Ethernet communication protocols, the use of these devices.

Finally, if the group is approved, it is suggested a set of existing protocols that vendors use to secure your computer works perfectly in a home environment. The working group plans to establish common procedures for the use of IPv6, as the prefix for routers configuration, perform domain name resolution, routing management, service discovery and network security.

Existing protocols should be sufficient to handle these cases, although they need some minor improvements such as additional options or defects Drom said.

A particular challenge for this work is that the user base will not have a lot of manual configuration, the interaction between routers and between routers and terminals are to take place automatically.

"All this is with the little administrative input as possible," said Droms. "And 'the disc itself."

Read more »

Broadcom Chip To Accelerate FCoE

Broadcom processor first FCoE (Fibre Channel over Ethernet) is now in the market for network adapters qualified by EMC, claims is supported by 80 percent faster than any other part FCoE.

FCoE capabilities are integrated Broadcom NIC last convergent platform, a single ASIC (Application-Specific Integrated Circuit) processor with a speed of more than 1.7 million IOPS (I / O operations per second), according to Broadcom. It can be used in the dedicated server adapters and LOM (LAN on motherboard) products, said Tagizad page, product line director for high-speed controllers. Posted to the Cisco Live user conference in Las Vegas on Monday, it will also be shown at the fair.

FCoE is designed to create connections through Ethernet to 10 Gbps Fibre Channel, enabling companies to deploy an interest rate of the network through its LAN and SAN (Storage Area Networks). You can reduce the cost of connecting servers and storage by eliminating the need for separate adapters and ports for each technology. This kind of consolidation of the network also can reduce space and power requirements in data centers.

Data centers require high performance of the new Broadcom chip as the growing number of virtual servers is accelerating the flow of packets in and out of physical servers, Tagizad said. Although most servers use Gigabit Ethernet today, 10-Gigabit Ethernet can be mastered in the coming years, he said.

FCoE products transfers are fast growing, though not necessarily all of the buyers use the skills yet, Seamus Crehan Crehan research analyst said. More than 300,000 adapters and LOM products shipped in the first quarter of this year, compared to approximately 500,000 full-year 2010, he said. About a third of all 10-Gigabit Ethernet and FCoE now include LOM, Crehan said.

In January, Intel announced a free FCoE software package and is offered as an upgrade to the Intel 10 Gigabit Ethernet Family Adapter X520 Server. The software, called Open-FCoE has been qualified for use with Windows and some Linux platforms, and platforms from EMC and NetApp storage. Although still Emulex, QLogic FCoE and components in the company Intel, Broadcom, is not too late to thrive in a very young market, Crehan said.



New Broadcom chip can be used for 10 Gigabit Ethernet NAS (network-attached storage) and iSCSI and FCoE and unloading of the TCP / IP processing from the server, Broadcom Tagizad said. It 'also available in the volume of Broadcom in January and has been shipping since March, 57 712 Dell Broadcom-k Converged Network daughter card, he said. This card has been sold, "FCoE ready", but starting this month, users can download the software from the card to give him a chance FCoE. 57712-D will pay $ 499, at no additional cost FCoE.

The chip also came on the market this month in Cisco 10-Gigabit Ethernet Network Adapter BCM57712. Both Cisco and Dell will work with Windows and Linux with VMware support and the same with the next version of vSphere in the near future, Tagizad said. The cards have been qualified to work with Cisco UCS C-Series blade servers and Dell PowerEdge M915 servers and M710HD with Cisco, Dell and Brocade and a wide range of EMC storage systems. The CLARiiON AX4 and CX, the Celerra NS VNX and platforms are included.

Read more »

Bots Ruin Memories, Make Us Smarter

By now you've probably heard that Google and other search engines make us think differently. Columbia University researcher said he remembers Betsy Sparrow less information is available online, but remember that we can find that information on the Internet.

This raises the question: And 'this new research means that we are lazy and stupid, or is the web changes the external memory stick?

Sparrow Research shows that the way our memory by using the Internet is not unlike how we would have relied on others in the past.

"Since the advent of search engines, we are reorganizing the way we remember things," Sparrow said in his report. "Our brains are dependent on the Internet for memory in the same way they rely on memory of a friend, family member or colleague. We remember less useful to know the information themselves, by knowing where the information can be found. "

I do not know about you but I'm pretty sure that the Internet has much more information than jumping in the minds of my friends, family members and employees. (No offense, guys!) It's almost like being friends with the Oxford English Dictionary, and several sets of encyclopedias. The tricky part is knowing what sources of reliable information and what does not. A lot of waste out there posing as truth or fact. If we do not have discerning minds, we can easily think that we have an answer when we really misinformation and half-truths.

I like to think that the results of Sparrow means that are more like research librarians that students lazy we can not know everything, but we have a pretty good idea of ​​where to find information when needed. This does not mean we should not commit things to memory. The fact that we have calculators do not mean we should not be able to do some basic numeric calculations in our heads.

I believe that the weakness would be if we are able to leverage the network to mundane tasks and free up more brain power of critical thinking and creativity - two things that can not easily complete computers.

Read more »

PayPal Account Hacked Twitter UK

Twitter UK PayPal account was breached late on Tuesday and is used to send messages to attack the online payment company.

The messages, apparently from an angry customer, said the company "froze all my money for no reason." The hacker uses the PayPal account to criticize offensive language of a subsidiary of eBay, including its lack of security, and the people who run aims PayPal, a website that aims to expose "the nightmare of doing business" through PayPal.

The trick is about a day after another high-profile hacking Twitter on behalf of Fox News has been compromised Monday with reports of fake messages that the U.S. President Barack Obama had been shot twice in a restaurant during the Iowa campaign

PayPal confirmed in a statement via email that one of the Twitter accounts in the UK has been hacked. Twitter works separately on behalf of PayPal UK site and no customer data was affected, he added.

In a tweet after regaining control of the account, PayPal apologized and said he had the account under control. PayPal UK also deleted the messages of the attacker.

Twitter is increasingly used in companies, news agencies, governments and politicians to communicate with people, and two high-profile make-up this week is likely to raise doubts about the safety of the platform Twitter to such communication.

Twitter has not responded to the request for comment e-mail about the incident.

Read more »

DDoS Attacks North Korea Likely In March Of Work, Says McAfee

Network attacks that paralyzed a handful of large sites in South Korea earlier this year were almost certainly made in North Korea or parties allied with the country, security company McAfee said on Tuesday the report.

The analysis of the company, which is done through the South Korean and U.S. governments, is a comprehensive yet published in Mars Attacks, and details on how they were carried out, and why they were so difficult to combat.

To investigate the incident, the report draws a clear parallel with a similar attack that hit South Korea and U.S. Web sites offline in 2009 and reached an uncomfortable conclusion: the attacks were likely to test the defense of Korea South cyber and response, and it could be the prelude to a much larger attack in the future.

The attack began on March 4, when thousands of computers began to bomb 14 sites with traffic. The sites include government agencies of the leading companies in South Korea and the home page of U.S. forces in Korea. The method, called DDoS (Distributed Denial of Service) is designed to flood sites with many applications that are overloaded. For actual users, who seem very slow, or in many cases, disconnected.

The teams that participated in the attack had been infected with malware that is expected from the instructions of the latency control servers, which were infected computers. In the case of the attack in March, these servants of the middle layer consists of infrastructure and were controlled by an additional level of control equipment.

Encryption is used throughout the system makes it difficult to analyze the messages and the computer code. In trouble to do the analysis even more difficult, the key algorithms used in the various phases of the system.

The attacks lasted up to 10 days, after which the file has been programmed to destroy itself. Key files have been removed and replaced, then the master boot record on the disc, where they were stored were damaged. That would leave the disk unusable, even for the recipient of the computer used.

After analyzing the attack and how it was implemented, the researchers had one big question: Why would you build the sophistication both in software designed to make an attack rather primitive?

"DDoS can be done with the software from your local cyber-criminals," said Dmitri Alperovitch, research vice president at McAfee Labs threats in a telephone interview. "The level of effort in which far outweighs any DDoS botnets to date."

The attack does not seek to evade detection - by taking the major websites are guaranteed to attract attention - but it seeks to interfere with the analysis of the attack, said Alperovitch. The researchers concluded that the attack was political and had a particular, narrowly focused.

"It 'was to test the response of the South Korean government," he said. "When you look at who could make a player jumps off the page. North Korean government would like to see if future conflict could have an impact on the cyber and real life impact."

McAfee did not find any concrete evidence to link the attacks on North Korea, but Alperovitch said that the company has convinced the government offensive was a solitary Asian nation, or group of closely allied with it.

The same conclusion was reached by an investigation by the South Korean government in the attacks.

North Korea and South are still technically at war, having never signed a peace agreement to end the Korean War in 1953. The border between the two neighboring countries is one of the most fortified in the world.

In 2011, the attack showed a further degree of sophistication than the 2009, attacks, says McAfee. In March incident involved 14 target sites, less than a third of the 40 affected sites in 2009, and this time make no U.S. sites

"This time they dropped all American targets," he said. "They know how to end WhiteHouse.gov is useless, and having at NYSE.com not affect the U.S. economy because they are hitting the site, not the trading system."

A narrower range of targets and improvements in systems of command and control show the attackers have learned several lessons on their first attempt in 2009, said Alperovitch. Experience at this time could still be developed to ensure better success next time.

Read more »

Minnesota Goes For 75% Of Staff In The Midst Of Closing

Many IT employees in Minnesota have been on leave due to a state government shutdown was caused by a budget impasse.

The State Agency of Enterprise Technology (OET) has furloughed about 75% of its 338 workers following the closure Cathy de Moll, Director of Planning, Communications and marketing technology in the office.

The state government has 1,800 IT employees in the executive branch, including staff OET, but it is uncertain how much higher is capable of layoff.

"I believe that most of the staff of national agencies is limited, with the exception of some important applications, such as unemployment insurance and the new ERP system, which went live on closing day one," said de Moll .

Shutdown started on 1 July.

According to the rules imposed during a stop, government agencies are allowed to continue to "critical" services, which for her has been defined as the safety nets they provide, hosting and communications services.

There will be no "break / fix" work, updates or corrections for non-critical applications and services, officials said in a note.

If the struggle is prolonged, it could be a loss of some non-critical services, as well as response times longer than usual to support issues.

The federal government has issued similar warnings in April, before the possible closure, which has been avoided.

OET is responsible for applications, communications, data centers, desktops, network, security and web, and delivery of services.

"OET makes emergency patching of only those services that are considered important, as well as some of the security patches for large state systems and networks," said de Moll. "We can not predict the impact of prolonged closure of non-critical, but expect that, without the usual maintenance and updates, you may experience difficulty over time."

National governments, on the whole, was injured by falling tax revenues.

Computer Economics, in its annual IT spending and the study of personal reference, said he expects public sector spending on IT operations, which excludes capital expenditures will decrease by 3% this year.

Patrick Thibodeau covers SaaS and enterprise applications, outsourcing, government IT policy, data centers and IT workforce issues of Computerworld.

Read more »

10 Tips To Prevent Hackers

Hackers have been too long, usually associated with dark themes and the "wrong side", which represent a minority of IT gurus who are simply too much time on their hands, and a touch of perversity.
Usually represented in the skull, or "shocking" the Internet is an icon in the endless fighting crime.Provider should set up a server with a certain degree of safety built. However, there is much you can do to ensure your site will remain undisturbed.
Pirates are "undesirable" still an important role in the network, which creates thousands if not millions of jobs in the IT field, but are a threat for webmasters like you and me.Not to worry, as the following list of "ten tips" aims to tell a little 'how hackers work, and some of the ways to protect the sites and, inevitably, to maintain the privacy of visitors.

Use Strong Passwords

The only technique number can possibly be done. Hackers are computer experts to program their way through the amount of data very quickly. And 'why are not more secure passwords, a number of possible combinations increases exponentially with each character is added.

Hackers use a technique called "dictionary attack" where we constantly seek combinations username and password browsing through hundreds of common words, phrases, numbers and combinations until you get the chance. It is important to use random strings like "@ j m13s (!)" Instead of the best "jamie123"

Finally, there can be a "trick" instead of a mandatory step to establish your online community. Make sure. "Htaccess" and ". Htpasswrd" has the correct format with insurance CHMOD 644. What is important and adds most of the layer of protection for you and your visitors.

Update Security Updates 

If your web host has not done so, make sure that all latest security patches for the various aspects of the service is correctly installed. As you know, Wordpress (self hosted) is one of most popular content management systems on the market.

It 'used by millions of people, so it is not surprising to see many of the hackers work day / night trying to change it. Updates and patches are released regularly, so keep an eye on all the files plug-ins/core.

Securing your Ports

To put in simple words, a "port" is used to access data from outside the server. He also used to transfer data in both directions, and also in the outgoing mail server. Most of this activity is private and is done automatically, and only trained professionals tend to play with those details.

Yet, the doors are always open and close at hand, as programs such as FTP (File Transfer Protocol). This can be beneficial for any of the hackers are trying to use sensitive files, so make sure the doors are not required "close".

Don’t use Generic Usernames

By using common words such as usernames "admin", "administrator" or "Site Owner" can cause many implications, because you're only doing the work of hackers is much easier. Using these common words to your username, which are incredibly increase the success rate of the intruder, at least a few percentage points, which is considered a country where an answer may be only a wide unlimited combinations.

Make Sure Your Files Area Correct By Using The CHMOD

File permissions CHMOD to determine a value for each file / folder, which allows access a.Chmod range from 000 (no access) to 777 (full access), you must decide which files are permitted, but keep in mind that some third party programs require higher permissions to work properly. You need to balance security features and make an informed decision.

Through FTP, you can change the permissions to each file / folder on the server. This is vital to ensure unauthorized access to their content is completely denied.

Note - Make sure your workplace with your current host CHMOD. Some hosts prevent 777 for security reasons.

Prevent illegal Farmers' From "Harvesting" your List

Hacking techniques are used to "harvest" e-mail addresses, which are then used by hackers, spammers and other hostile activity. If you store your e-mail the information on your site, what ever is necessary in September, make sure it is stored in a protected format, such as the MySQL database.

Most top-CMS like WordPress and Joomla to make it mandatory, but there are many self-written CMS is for. If your script simply writes the data from a text called "emails.txt" it will not be long before someone smells.

Clear The Cokies!!

I use a lot of public computers in my blog and do network activity, perhaps because it is convenient or unreliable my ISP crashed into me. Inevitably, there are many, many webmasters like me who use public services, either fast or regular access to work.

Just do not forget to clean your cache and cookies before leaving! Even if the service provider maintains a "no follow-up of privacy," or something to that effect, the Clean Quick before departure does not hurt anyone.

Avoid Scam/ Spammy Websites
In a desperate attempt to get visitors, you can try to consider the extensive viral marketing and other ways to attract attention, this may cause some people in the wrong to raise a few eyebrows.

The last thing you need a web-master will cause a stir among the wrong people. Stay away from Web sites that include forums that provide "information" or "quickly get traffic" using lists and illegal spam.

Unsolicited Installation Of Scripts

It can be dangerous to install third party scripts and programs on your website if you understand what they actually do. Even if you do not fully understand programming, you can read the code and look for telltale signs, such as references to URLs.You can also visit forums like SitePoint and Digital Point to seek the best advice.

Comment Attacks

The comments are one of the most valuable blogs, and help create a good relationship between author and reader, between readers and the wider community. It would also be easy to add HTML code that causes problems.

It is necessary to "strengthen" the form input before it is approved, to take away everything, but the basic HTML tags, for example, and even if you use WordPress - you can take advantage of the block 'Keyword Filter' all the harsh words that might raise a few questions.

Read more »