Well its easy really, you let them buy some new toys to play with like 10Gb Switches and fiber cards which is our current little project (10Gb to our desktop workstations should be nice).
Shell-shocked by shell shock? Bash vulnerability explained.
Having recovered from the recent Heartbleed vulnerabilities we now have another headline grabbing vulnerability to keep us all busy. First let me say that our product should be perfectly safe and secure unless you’ve already shared your passwords or forgotten to run “lbsecure”
Enhanced Microsoft IIS health checks using VBscript
By default, the load balancer uses a TCP connect to the port defined in the Virtual Service to verify the health of the real (backend) servers. For IIS this would typically be port 80. In many cases this kind of health check is adequate but for IIS this if often not the case.
Windows NLB (WNLB) and its disadvantages
Whilst Windows Network Load Balancing (WNLB) has been constantly improved in each version of Windows since it’s introduction in Windows 2000, it still has a fairly extensive list of disadvantages when compared to a hardware or virtual based loadbalancer.
Source IP Addresses, STunnel, Haproxy and Server Logs
When using proxies such as STunnel and HAProxy it’s easy to loose track of the client source IP address. This occurs for example when HAProxy is used in it’s default configuration to load balance a number of back-end web servers. By default, the source IP address of the packet reaching the web servers is the IP address of the load balancer and not the IP address of the client
Heartbleed 2.0? Not exactly but more OpenSSL issues have been found
In the wake of the recent Heartbleed Bug another series of OpenSSL vulnerabilities have been found. Whilst the Heartbleed bug was relatively easy to exploit, the latest batch of bugs are not. However if successfully exploited, there is potential for eavesdropping and traffic manipulation (CVE-2014-0224) as well as running arbitrary code on the vulnerable client or server (CVE-2014-0195)
Loadbalancer.org releases patch for the Openssl heartbleed vulnerability CVE-2014-0160
Vulnerability Description The bug is in OpenSSL’s implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520). When it is exploited it leads to the leak of memory contents from the server to the client and from the client to the server. For more details, please refer to: http://heartbleed.com/ 1) Updating the Hardware & Virtual Appliance Appliance Software Versions Affected : v7.5, v7.5.1, v7.5.2, v7.5.3, v7.5.4 Hotfix Details : The hotfix includes a recompiled version of OpenSSL with the compile option “-DOPENSSL_NO_HEARTBEATS” which mitigates the vulnerability
Load Balancing Exchange 2013
You Can Learn More About the LoadBalancer.org’s Product Line By Going to www.LoadBalancerSolutions.com/LoadBalancer-org The original article/video can be found at Load Balancing Exchange 2013
Load Balancing Exchange 2010
You Can Learn More About the LoadBalancer.org’s Product Line By Going to www.LoadBalancerSolutions.com/LoadBalancer-org The original article/video can be found at Load Balancing Exchange 2010
Load Balancing RSA SecurID
You Can Learn More About the LoadBalancer.org’s Product Line By Going to www.LoadBalancerSolutions.com/LoadBalancer-org The original article/video can be found at Load Balancing RSA SecurID