background preloader

Next-Generation Security Platform - Firewalls, Endpoint, Threat Prevention by Palo Alto Networks

Next-Generation Security Platform - Firewalls, Endpoint, Threat Prevention by Palo Alto Networks
Related:  Data Center Operating System (DCOS)Networking

linkerd - Running in DC/OS This guide will walk you through getting linkerd running in DC/OS, routing requests to an example web service, and monitoring your cluster. Deploy the webapp We are going to deploy a sample app that responds with “Hello world”. We’ll use a webapp.json config file from the linkerd-examples repo: dcos marathon app add Install the linkerd DC/OS Universe package with the following command, note instances should match the total number of nodes in your DC/OS cluster, both public and private: Note that linkerd boots two servers, outgoing on port 4140, and incoming on 4141. Making sure it works The linkerd DC/OS Universe package comes preconfigured to route traffic as an http proxy. $ http_proxy=$PUBLIC_NODE:4140 curl -s Hello world Finally, to reach the admin service, make a request on port 9990: $ curl $PUBLIC_NODE:9990/admin/ping pong Application groups dcos package install linkerd-viz That’s it!

MobileIron | The Platform for Mobile IT ARRIS Cable Modem has a Backdoor in the Backdoor A couple of months ago, some friends invited me to give a talk at NullByte Security Conference. I started to study about some embedded device junk hacking hot topics and decided to talk about cable modem security. Braden Thomas keynoted at Infiltrate 2015 discussing about Practical Attacks on DOCSIS so, yeah, cable modem hacking is still mainstream. On November 21st I'll be at Salvador speaking on "Hacking cable modems: The Later Years". It's not a talk about theft of service and getting free Internet access. Securing cable modems is more difficult than other embedded devices because, on most cases, you can’t choose your own device/firmware and software updates are almost entirely controlled by your ISP. While researching on the subject, I found a previously undisclosed backdoor on ARRIS cable modems, affecting many of their devices including TG862A, TG862G, DG860A. ARRIS Backdoors ARRIS password of the day is a remote backdoor known since 2009. Vulnerability, Disclosure and Marketing

Connect to an Azure Container Service cluster | Microsoft Docs The DC/OS, Kubernetes, and Docker Swarm clusters that are deployed Azure Container Service all expose REST endpoints. For Kubernetes, this endpoint is securely exposed on the internet and you can access it directly from any machine connected to the internet. For DC/OS and Docker Swarm you must create an SSH tunnel in order to securely connect to the REST endpoint. Note Kubernetes support in Azure Container Service is currently in preview. Connecting to a Kubernetes cluster. To connect to a Kubernetes cluster, you need to have the kubectl command line tool installed. az acs kubernetes install cli [--install-location=/some/directory] Alternately, you can download the client directly from the releases page Once you have kubectl installed, you need to copy the cluster credentials to your machine. az acs kubernetes get-credentials --dns-prefix=<some-prefix> --location=<some-location> This will download the cluster credentials into $HOME/.kube/config where kubectl expects it to be located.

VPN Service: Download Hotspot Shield Free & Elite VPN Client Arris password of the day generator | Já não vou salvar o mundo Do you need an Arris modem password? Are you stuck with your Arris modem, in a message that says “in order to access advanced features you must enter the password of the day”? Well then, you came to the right place! Donations Was this useful to you? Donate Description This is a an Arris password of the day generator for various Arris cable modems. I created this because a cable modem died on me and my ISP, Cabovisão (if you’re in Portugal, I highly recommend them), brought me a new one: an Arris TM602A. As usual when I receive a new technological gadget, I had to explore it. A bit of googling provided the answers I needed: a couple of pages with a list of passwords of the day (this device has a different password every day) and a page with a password generator for the TM501A model but seems to work fine for the TM602A. That gave me access to the protected page but I didn’t want to have to resort to a couple of pages every time I wanted to access my modem’s protected page. Tested modems

Running Cassandra on DC/OS Mesophere recently opened sourced their DataCenter Operating System (DC/OS), a platform to manage Data Center resources. DCOS is built on Apache Mesos which provides tooling to “Program against your datacenter like it’s a single pool of resources”. While Mesos provides primitives to request resources from a pool, DC/OS provides common applications as packages in a repository called the Universe. It also provides a web UI and a CLI to manage these resources. One helpful way to understand Mesos and DC/OS is imagine if you were to package an application as a container: You want tools to deploy and configure this container without having to deal directly with provisioning and system level configuration. Apache Cassandra is a good example of an application that can be managed with DC/OS. Setting up DCOS For this blog we installed DC/OS using the DCOS on AWS Documentation, however as you would expect it supports multiple deployment scenarios. Installing Cassandra Wrap up

Advanced Persistent Threat (APT) Attack & Zero-Day Protection | FireEye Malware Protection System How to Use Microsoft NPS for Wireless Authentication with a Ruckus ZoneDirector | Eric Rochow I’ve already discussed using a FreeRADIUS server for wireless authentication, so now I’m going to address using Microsoft NPS, Microsoft’s implementation of RADIUS. The main reason to do this would be Active Directory integration, but other organizations may have other reasons. NPS is bundled with all versions of Windows Server starting with Server 2008. Prior to 2008, Windows Server used IAS, which may or may not conform to these directions. The compony I work for sells IT support for commercial customers in addition to the Internet services we sell. Corporate-owned laptops should be able to access corporate dataEmployees should be able to connect their own devices to the Internet, but not to access corporate dataGuests should be able to connect to the Internet, but with limited speeds, limited available ports, and must be forced to agree to an acceptable use policy I’m going to address solutions to the first two requirements here, and the third will be the subject of a future post.

Datacenter Operating System - Wikipedia This article is about software based on Apache Mesos. For the discontinued UNIX software, see DC/OSx. For operating systems across datacentres, see Distributed operating system. Origins[edit] The term datacenter operating system was first coined in the paper The Datacenter Needs an Operating System,[5] published at the University of California, Berkeley. Resource SharingData SharingProgramming AbstractionsDebugging and Monitoring The paper cites the Mesos project as an attempt to tackle the problem of resource sharing amongst frameworks on a shared compute cluster. Architecture[edit] The Datacenter Operating System categorizes components as being in user space or kernel space.[6] Kernel space includes the Mesos master and agents while user space includes various system components of the Datacenter Operating System. History[edit] See also[edit] Data center References[edit] Jump up ^ "Terms of Service". 19 April 2016.

SlickLogin | Security People Love Five free network analyzers worth any IT admin's time If you work on a network, you then know the value of information. Solid information leads to a strong and worry-free network (or at least as worry-free as you can manage). In order to gather that information, you need the right tools. But which of these tools are the best? This blog post is also available as a TechRepublic Photo Gallery. Five Apps 1. Wireshark is one of the most powerful network protocol analyzers on the market (free or paid). NAST (Network Analyzer Sniffer Tool) is an ncurses-based tool that has, admittedly, not been under development for quite some time. 3. Zenmap is the official GUI for the Nmap Security Scanner. 4. Angry IP Scanner is another open source, cross platform scanner that is designed, from the ground up, to be incredibly fast and very simple to use. 5. JDSU Network Analyzer Fast Ethernet has a long name and is long in features. Bottom line Also read:

DCOS - Kubernetes Edit This Page This guide will walk you through installing Kubernetes-Mesos on Datacenter Operating System (DCOS) with the DCOS CLI and operating Kubernetes with the DCOS Kubectl plugin. About Kubernetes on DCOS DCOS is system software that manages computer cluster hardware and software resources and provides common services for distributed applications. Among other services, it provides Apache Mesos as its cluster kernel and Marathon as its init system. Another feature of the DCOS CLI is that it allows plugins like the DCOS Kubectl plugin. Further information about the benefits of installing Kubernetes on DCOS can be found in the Kubernetes-Mesos documentation. For more details about the Kubernetes DCOS packaging, see the Kubernetes-Mesos project. Since Kubernetes-Mesos is still alpha, it is a good idea to familiarize yourself with the current known issues which may limit or modify the behavior of Kubernetes on DCOS. Resources Prerequisites Install Uninstall Create an Issue Edit this Page