Prior to planning or funding 5G rollouts, technology implementers must rigorously question 5G claims and look for substantiated evidence. IWL issued a caution today that some of the claims made by investors in 5G technology are exaggerated or lead to overly-naïve conclusions …

While many open source TCP/IP implementations are available via standard operating system distributions, some applications require changes and customization to TCP/IP. Hence, the requirement to track best practices and the current status of the protocol’s evolution. What has changed? A lot, really! …

Info Security recently published an article about the Payment Card Industry's final push to force the adoption of TLS 1.1 or higher. This article provides a good summary of the evolution of SSL/TLS, the pitfalls of earlier versions, and advantages of the most recent standards …

Open source advocates have long proclaimed the intrinsic quality and security of open source code. They argue that because the code is open it is inspected by many eyes and tested by many hands. I dispute that argument. Code will become better through more inspection, and improved testing, no matter whether that code is "open", "free", or "proprietary" …

IWL today announced a new addition to its family of network test suites: the IWL MQTT Test Suite. Cloud platform providers using MQTT can enhance their solutions to help clients test their apps before launching. IoT implementers can test their apps and devices with a high quality, commercial test suite in their lab or in the cloud …

The cost of computer security breaches is no longer hypothetical. According to the Cisco 2018 Annual Cybersecurity Report (page 46), more than half (53 percent) of all attacks resulted in financial damages of more than US$500,000 (for each organization), including, but not limited to, lost revenue, customers, opportunities, and out-of-pocket costs. Interestingly, about 19% of the attacks resulted in financial damages of more than US$2.5 Million per organization! …

In 2013, Google announced a new transport protocol, the QUIC protocol (Quick UDP Internet Connections). QUIC’s original goal was to reduce transport latency, particularly with users of web apps (that use HTTP over TCP). The goal was later expanded to provide a reliable, connection-oriented, low-latency, fully encrypted transport layer. Approximately 0.9% of all websites use QUIC …

Newcomers to IT network operations are often confounded by the complexity of managing, controlling, monitoring, diagnosing and repairing their networks. As we are all inclined to select the simplest tool, to a networking newcomer, the simplest tool for staying on top of network operations would be an event report …

Fuzz testing is a form of brute-force testing - every possibility is thrown at the target in hopes that eventually something bad will happen and a flaw revealed. Fuzz testing is a plausible technique if the number of variations is small enough that all the possibilities can be tried in the time before the target product becomes obsolete. But with some modern network protocols the time to test all the combinations could run into years - or, in many cases, eons …

Despite what one might read in certain techno-marketing publications, IPv4 is very much alive; it has not by any stretch yet been replaced by IPv6. So it remains important that vendors of networking products do IPv4 and do it correctly.

But some vendors appear to be getting lazy …

Cisco Systems recently announced a patch for a vulnerability in Simple Network Management Protocol (SNMP) functions of some Cisco routers. This vulnerability could allow an authenticated, remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to an incorrect initialized variable …

IWL provides the SilverCreek SNMP Test Suite, Libraries and APIs for engineers to find and fix bugs in their SNMP agent implementations. Often developers and quality assurance engineers will need to test the SNMP management application to be used with a new SNMP agent. Verifying SNMP-based network management applications requires an SNMP agent simulator …