on 06-Jan-2014 13:01
New year. New calendar. New resolutions and all that. Same ole’ Top5. Here’s hoping that that’s a good thing, though! Ringing in the new year, this Top5 brings you more goodness from DevCentral ranging from some DNS-y fun to the sad story of a tragic break-up. Drama, intrigue and technology…what’s not to love? If you’ve been browsing the glorious halls of DevCentral you may have be keen on what’s going on, assuming you can keep up. If not, however, here’s your chance to get a concentrated dose of hawesome, right when you need it most. I give you this week’s Top5:
The Internet of Things and DNS
DNS makes the (internet)world go ‘round. I swear, it really does. I’ve mentioned before, I believe, my affinity for DNS. It is near and dear and I will always have a soft spot for it for many reasons, not the least of which is that it is the first thing about which I started really learning when I began digging into the technology that makes the internet tick. It is, however, not just my belief that it is hugely important and powerful. Without DNS we’d all be trying to make IP references for everything we ever connect to, we couldn’t do things nearly as dynamically as we currently do, multi-IP named solutions would be non-existent…really the internet would be a dramatically different place. It’s fitting, then, that Lori goes into some details on not only why DNS as a technology is so important and powerful, but also some specific ways in which you might want to plan for the future of your deployment’s DNS offerings. Take a look at her prognostications and see for yourself, this one is worth the read and some thought.
Carrying on with the DNS theme (sure, theme, let’s call it that) so far this Top5, Jason’s up to his usual tricks again, I see. That is to say building awesome stuff that is likely super useful to many and then making it amazingly easy to follow. That’s a good trick, amirite? This time around he’s chosen to tackle an intriguing DNS issue. Stemming from some work the amazing and powerful wizard Joel Moses posted to the codeshare, Jason takes this a slightly different direction. Pairing it down and simplifying he makes this a bit easier to approach, although more specifically use case driven. Mind you when I say “simplifying” we’re still talking about binary converted data being dealt with in an iRule, so perhaps not for the faint of heart, but still not as bad as it could be, certainly. For this one if you want more details you should really do yourself the service of going into the article and reading the great walk through Jason has for you, complete with big animal pictures to make things coherent. Suffice to say that if you have any curiosity about dealing with DNS in an iRule, this is an excellent place to see just what iRules can do in that arena.
Breaking up with your identity: it’s not me, it’s you!
For those of you that have experienced some discomfort around personal internet security matters, this one may hit a bit close to home. For most, though, Nathan’s entertaining and informative narrative will be a welcome addition to their daily reading. Nathan details his experience with identity confusion (not theft, per se) and some of the twisty paths down which it can travel. He’s got a good story to tell followed up with some useful information. What more could you ask for? Don’t get greedy, go read this already awesome post. Also feel free to share any fun “ermagerdz, this happened!” stories. We (I) love that stuff, and will happily eat it up. It almost certainly won’t end up distributed to thousands of people. Almost. Certainly. Honest…
The F5 DDoS Reference Architecture-Enterprise Edition
Do you know David Holmes? You should probably know him. If you don’t, David’s one of our rock-star security folk here around F5. Once developer turned security evangelist, he spreads the good word about all things security to the corners of the globe. One of the many things he often discusses is DDoS. Distributed Denial of Service attacks can be nasty little buggers to stomp out and thwart. They are, fortunately, something we are comfortable taming ‘round these parts. We offer some reference architectures on just how to go about preventing / mitigating them. These architecture are tailored to particular personas, and this one is aimed squarely at our beloved enterprise users out there. David goes through and draws you a map of how you can keep yourself, and your apps and users, safe, as well as discussing the important differences that make this particular architecture tailored for the enterprise. When David speaks, I tend to listen, and I recommend you do the same. If you get a chance to see him present, do it. Until then, check out his awesome blog and this handy dandy post.
The BIG-IP Application Security Manager Part 10: Event Logging
John continues his helpful series on ASM. In this final installment of his 10 part series John details event logging. He covers the what, how and why, as well as giving you some examples of how to set this up in your environment. If you’re not familiar, event logging is the perhaps less than sexy but quite necessary feature that does exactly what the name implies: log events. If you’re going to be setting up ASM at all this should be required reading, in my opinion, as should this entire series, really. This one is absolutely worth the time, so go take a look and hand it out to all of your security minded friends like candy on Halloween. Except for you folks that give out toothpaste. No one wants your hand-outs.