I’ve shared a lot of security knowledge in my tenure as InfoWorld’s Security Advisor. But what I’ve never shared before is that much of my initial computer security defense knowledge, which I turned into my first book, came from trying to stop my teenage stepson from being a malicious hacker.

I was newly dating his mother and he was a precocious 15-year-old who liked messing around with electronics and computers. He and his closest friends also flirted with malicious hacking, including harassing “ignorant” users, DoS-ing popular computer networks, making malware, and all sorts of unquestionably illegal and unethical hacking behavior.

His neighborhood computer hacking club eventually suffered a big takedown by the authorities. Luckily for him, and us, he had dropped out of illegal hacking activity a year before — but not before he fought against me and his mom’s rules and disguised his continuing hacking activities for many months. It was a daily (and nightly) battle of my latest defense against his new workaround. His mom and I even found previously unknown network cabling run through the attic and several hidden servers, proxy servers, and VPN switches. I learned a lot about hacking by trying to defeat his methods, and he learned that new potential stepdads trying to impress his mother were just as persistent — and at times smarter.

His mom and I recently celebrated 16 years of marriage, and we’re a happy family. In the years since fighting my stepson, I have detected many teenage hackers and have been asked by readers to counsel their hacking kids. No doubt a fairly substantial percentage of teenagers are maliciously hacking on a daily basis under the radar of their parents, who usually think their children are simply exploring what their computers can do and innocently conversing with their computer friends.

Hacking can provide a new world of acceptance and empowerment, especially for smart teenagers who are not doing all that well in school, are bored, or are getting harassed by other teens or by their parents because they “aren’t working to their full potential.” In the hacking world, they can gain the admiration of their peers and be mini-cyber rock stars. It’s like a drug for them, and a good percentage can turn permanently to the dark side if not appropriately guided.

The following signs can help you ascertain whether a young person in your life is involved in unethical, illegal hacking. Some of the signs may be typical teenage behavior, given their grave interest in privacy, but enough of these signs together can point toward something more problematic. If you do find suspicious malicious activity, rest assured that you can turn a young hacker onto using their hacking skills for ethical, positive purposes, as I outline below.

1. They flat out tell you (or brag about how easy it is to hack)

It may be hard to believe, but many parents hear their children make direct claims about their hacking activity, often multiple times, and blow it off. They either don’t know what “hacking” means, or they assume good little Johnny isn’t doing anything stupid. Well, they might be.

Most hacking is easy: You read a hack how-to and then do it. Often it’s as easy as downloading a tool and pushing the GO button. On TV, hackers are always portrayed as masterminds. In reality, they’re usually more ordinary than genius. They read and learn. Persistence is their most outstanding trait.

Kids who get into malicious hacking often feel guilty about crossing the ethical line early on. Telling close friends and even their parents about their newly gained skills can be a way of reaching out and communicating that sense of guilt. Though most don’t realize it, they often want their parents to offer guidance at this critical junction. Sadly, most parents and friends who hear these claims and confessions don’t know what to make of them, leaving their child or friend to sort out the conflict on their own. The results aren’t always for the best.

2. They seem to know a little too much about you

Kids who hack often start with those closest to them: Their parents. If your child seems to know something they could know only by reading your email or other online activities, your radar should be up.

It’s not uncommon for hacking kids to monitor their parents’ online activities, usually in hopes of capturing admin passwords or to learn how to turn off any anti-hacking devices, such as firewalls and parental controls, that you may have set up. (And you thought the monitoring was the other way around.) But then curiosity gets the best of them and they end up reading their parents’ emails or social media chats.

I’ve had more than one parent tell me they couldn’t figure out how their kids were getting around parental blocks, until they looked into the logs and saw that their parental blocks were being disabled and re-enabled frequently. Or their child made a snide remark or alluded to something they could have known only by reading a parent’s confidential communications. If your hacking kids seem to know more about you than you’ve shared, it’s a sign. Pay attention.

3. Their (technical) secrecy is off the charts

Every teenager wants 100 percent confidentiality on their online activities, regardless of whether they are hacking. But sophisticated protection, including encryption of all communications, files, folders, chats, and applications, may be a sign there’s something else going on besides garden-variety teen secrecy.

The tip-off? If you get on your child’s computer and can’t see any of their activity. If they always clear their log files and browser history, every time, and use special programs to encrypt files and folders, that’s a possible sign. Or if encryption settings on their applications are set to a level stronger than the program’s defaults. Any indication that they feel the built-in disk encryption and separate user profile protections aren’t enough should have you asking, for what kind of activity?

4. They have multiple accounts you can’t access

Many kids have multiple email and social media accounts. That’s normal. But if your child has a main email and social media account they don’t mind you reading and you come across signs that they have other accounts and log-ons they will not share, make a note of it. It may not be malicious hacking; it could be porn or some other activity you would not approve of (talking to strange adults, buying alcohol, purchasing weapons, etc.). But any sort of absolute privacy should be investigated.

My stepson and his hacking friends had a half-dozen account names. I could see them when I read through the firewall and packet filtering logs. I knew he had them, even when he was denying it. He was surprised to learn that PGP (Pretty Good Privacy) encryption didn’t encrypt the whole email. I explained how all email encryption had to allow the email headers to remain in the clear so they could be appropriately routed and handled. After that conversation, all the “secret” accounts disappeared from my future log captures. He didn’t stop using them; he just downloaded a new email encryption program, which did perform complete, end-to-end encryption. (Refer to the previous sign about encryption, above.)

5. You find hacking tools on their computer

If you suspect your kid is hacking, take inventory of all the programs and tools you can find on their system. If your kid doesn’t think you’ll do it or doesn’t know you’ve done it, you might get lucky and they might not be encrypted — yet. In fact, if you find lots of encrypted files and programs, that’s a red flag, too.

Port scanners, vulnerability scanners, credential theft programs, denial-of-service tools, folders of stored malware — these are strong signs your kid is hacking. If you’re not computer-savvy enough to recognize these tools, note the file names and search the internet. If more than one of the unknown programs points back to a hacker (or a computer security defender) website, you probably have a problem.

Why are tools to help defend against hackers a red flag? Isn’t that a sign your child wants to become a high-paid computer security consultant when they grow up? Sadly, not usually. I’ve yet to meet the kid who decided to become a computer security expert before college, unless they’d been defending themselves against other aggressive hackers as a teen.

Young hackers usually end up getting hacked by others, either from their own hacking groups or other hacking groups. Once they’ve been actively targeted and broken into once or twice, they will often concentrate on their own defenses. You’ll see firewalls they’ve downloaded and configured (the built-in ones aren’t enough in their eyes) and proxies (to hide their IP address or ports), and they will be scanning all the computers in the house for vulnerabilities, which they will admonish you to fix.

My stepson even let us know he had called the cable company and gotten us a new IP address. When I asked why, he told me that hackers were attacking us. I wondered why that might be, but then again the firewall was always showing hundreds to thousands of unauthorized probes and packets every day anyway. What I didn’t know was that he was engaged in an all-out cyberwar with a competing hacking group.

Review Supermicro has a neat new product it calls “Microblades”. Supermicro has made blade servers for some time, and Microblades are blade servers, but smaller. Supermicro sent a chassis and a pair of blades over for review.

Each vendor has its own approach to server management, be that blade management or baseband management controllers, and Supermicro has chosen an interesting balance between features and cost. Supermicro has always focused on affordability by cutting back on what it sees as niche features while still maintaining the most in demand feature sets.

For baseband management controllers, this has worked to Supermicro’s advantage. If you buy a Supermicro server (or blade) with a baseband management controller, you’ll get an IPMI and Redfish compatible server management plane that doesn’t require you to pay extra for an IPKVM licence.

While the IPKVM licence to allow remote control of a server through the baseband management controller might not be a big expense on a 4 CPU server with 3TB of RAM, they get noticeable at the small end. Think about having to pay $500 to enable IPKVM functionality in iLO on your $500 HP Microserver. (I’m not bitter, really.)

The Supermicro approach to blades

Supermicro has taken a similar approach to the feature capabilities of its blades. The result is remarkable affordability. The flip side is that one of the major use cases for blades – the automation and centralisation of management – isn’t possible with software from Supermicro itself.

A Supermicro blade enclosure is really not that different from anyone else’s. It’s a box into which you place blade servers. On the other end of the unit are power supplies, and the ability to connect one or more management and switch modules, depending on the size of the chassis you purchased.

In the case of the Microblade chassis you can have three basic configurations. The first is a 3U chassis that can support up to 14 blades, with one management module and two switch modules. The second configuration is a 6U chassis that can support one management module and up to 4 switch modules. The last is a 6U chassis that can support up to two management modules and up to two switch modules.

Microblade CMM UI looks a lot like the standard SMCI UI

The management module offers control over the whole of the chassis through a web interface. From here one can control basic elements of the various connected devices. This includes powering on or off, updating firmware, remote controlling and monitoring.

One of the little things that really tickled me was the awareness of power that the management module had. It is aware of how much power devices can consume and, for example, refused to let me power up both blades until I had plugged in at least two of the power supplies. Supermicro’s blades also have the ability to set power policy if too many power supplies fail. You can power off certain blades or throttle most of them. You can even set a power cap on a per-blade basis.

To me, this is pretty neat stuff, but it’s all pretty basic as far as blades go. (Which just goes to show how often I work with blade chassis.) Supermicro’s offering here are where Dell, HP and Cisco were several years ago, and for most use cases that’s perfectly fine.

What Supermicro doesn’t offer is a multi-chassis management software solution. Each chassis is its own universe in Supermicro’s world. The lack of that management solution also means there is Supermicro software for provisioning blades. If you want to load up operating systems or configure the switches you have to do that manually or through third party software.

This lack of management software won’t win a lot of friends in the hard-boiled legacy infrastructure community, but it’s not really much of an impediment to the hyperscale types. They’re all about provisioning through PXE booting and are used to working with “dumb nodes”.

For hyperscalers IPKVM capability combined with the chassis-based power management and monitoring is already a cut above what they’re used to. Normally, hyperscalers won’t want to pay for the extra gubbins. They won’t be buying Supermicro’s traditional blade solutions.

But they just might buy these Microblades.

A dense mass

For reasons I will never fully understand, Supermicro sent me a 6U chassis to test two blades. This gave us lots of opportunity to appreciate just how damned huge this Microblade chassis is. And it’s huge. It’s bigger than huge.

At 265mm x 449mm x 875mm (10.43″ x 17.67″ x 34.45″), it may be the single largest thing you can put onto a rack, and it probably isn’t going to fit onto most racks. The chassis alone, with just power supplies and no blades, is over 90kg (200lbs).

Moving a Supermicro server is a two-man job unless you employ Hodor, or if your organisation takes the term “forklift upgrade” literally.

And then you add blades. The blades themselves are compact at 1.2″ x 4.94″ x 23.2″ (30.48mm x 125.48mm x 589.28mm). Up to 28 blades can be put into a 6U chassis.

The blades come in flavours. One variant crams 4x Intel Avoton Atom nodes into a single blade. Each Avoton node can have 32GB of RAM each and 1x 2.5″ drives per node. That’s 112 Avoton nodes (896 cores) crammed into 6U.

MicroBlade UI with iKVM open, screenshot by Supermicro to show how dual-node blades are represented.

The two blades Supermicro sent me were 2x Xeon-based blades, one with Xeon v4 chips and one with Xeon v3 chips. These blades will support Xeon E5 2695 CPUs with have 18 cores (36 threads) per chip.

28 blades each with 2 Xeon E5 2695 CPUs, 256GB of RAM and 2x 4TB 2.5″ SSDs would provide 2016 logical cores, 7,168TB of RAM and 448TB of storage in 6U. I don’t want to know the cost because I’d bet it rivals my house.

I remember when that kind of compute would have taken half a continent. Now it fits under my testlab table.

Practical considerations

Other than the size of the Microblade chassis (did I mention it’s enormous and heavy?) I was able to glean a few useful impressions from my time reviewing the device. Perhaps the most important thing to remember is that the switch modules don’t automatically power on when you plug in the device.

I realize it is probably revealing of my personal idiocy, but I banged away at that thing for a day before I realised the reason I couldn’t see any of the nodes was that the dang switch wasn’t turned on. The command module doesn’t use the switch. It has its own NIC. So you can cheerfully log into the management UI and even remote control blades all without the switch being turned on.

Without the switch turned on, the unit isn’t all that loud. No more than my 10GbE switch, for example. When we turned on the switch module, however, the unit was so loud that the lab’s cat jumped three feet straight into the air, kicked in the warp drive, and disappeared in a howl of protest.

Do not engage Microblade chassis switch without hearing protection. Do not do.

Swapping blades around is pretty easy, and the unit seems to remember settings for them. If I configured power thresholds for a blade they seemed to bind to the blade, not the slot in the chassis, so when I started moving the blades about the settings followed.

The chassis seems to be perfectly okay with you playing musical power supplies while the thing is lit up. I didn’t have redundant command modules or switches, so I can’t tell you anything about how it deals with changing those out.

Parting thoughts

Overall, my impression of the Microblade solution is good. To be honest, I’d like to see a multi-chassis management platform with some way to provision blades in a reasonably automated fashion. Given how Supermicro works, that will likely come from a third party, but perhaps Supermicro should get busy on partnering and listing those partners on its blade chassis webpages.

Other than that niggle, however, it does what it says on the (very large) tin. If you want to cram a whole lot of oomph into a very small space, this will do. It doesn’t quite have the density of HP’s Moonshot chassis, but it has more flexibility as regards the type of blades.

In all, it’s very Supermicro. It is just that little bit more than good enough and it’s up to you fill in the rest. And with that, I must be off: I really should go find the cat. ®

Sponsored:
Best practices for writing a successful NSF MRI grant proposal

Azure HDInsight is an Apache Hadoop distribution powered by the cloud. This means that it handles any amount of data, scaling from terabytes to petabytes on demand. Spin up any number of nodes at any time – we charge only for the compute and storage that you use.

We are pleased to announce an easy way to distribute, discover and install solutions or applications that you have built for the Apache Hadoop ecosystem. These solutions can span a variety of scenarios from data ingestion, data wrangling, monitoring, visualization, optimizing performance, security, analyzing, visualization, reporting, and many more.

The following are some key highlights of this experience:

Ease of authoring, deploying and management

• You can install these apps on an existing HDInsight cluster as well as while creating new clusters. 

Native access to cluster

• The apps are installed on the Edge node and have access to the entire cluster.

Ease of configuring the app on the cluster

• End users of these applications do not have to install or manage packages on each and every node and configure the application.

Install solutions on existing HDInsight clusters.

• Solution providers can make their solutions available to users who already have an HDInsight cluster running. This allows users to use these solutions easily and increase their productivity.

As a user, you can select the Applications blade to discover and install apps on your cluster.

In the following screenshot, I had an existing cluster and I can discover the Datameer application. I can then click on the Datameer application for fast, easy installation on my existing cluster.

Once I’ve installed Datameer on my cluster, I can now see it on my list of Installed Apps.

With Datameer installed, I can now access the Datameer Studio from the Installed Apps blade to let me start a new project with Datameer’s end-to-end, self-service big data analytics platform running on HDInsight. The following screen shot shows the Datameer Studio:

You can also delete an installed application. In this screen shot, I had installed the Hue application, which I can easily delete by right-clicking on the application. Learn more about installing Hue here.

The following screenshot shows how to delete an application:

This is a super easy way of discovering and installing solutions that help an end-user to be more productive with Hadoop. Using the same approach, you can create custom applications and share them with your team.

Datameer has been developing this experience to make their solution easily available. According to Datameer’s Sr Product Manager of Cloud Solutions, Alejandro Malbet:

"Azure HDInsight Application Platform is the most robust and stable framework we’ve seen to quickly configure and test Datameer deployments in the cloud. We had all the flexibility to iteratively test different deployment options for our solution as well as Marketing collateral within the same Portal. By far the easiest and fastest way to take your cloud-based solution to Market."

If you would like to learn more about Datameer, please visit the Datameer listing in the Azure Marketplace.

If you have solutions that you have built for the Apache Hadoop ecosystem and would like to make them available to HDInsight, then please do read the following documentation on how to make them available.

Documentation & How-To’s

Install custom HDInsight applications

MSDN documentation on apps

Customize Linux-based HDInsight clusters using Script Action

Publish HDInsight applications into the Azure Marketplace

Summary

We hope that you find this experience an easy-to-distribute solution to increase productivity of customers using Big Data. We invite independent software vendors (ISVs) to leverage this capability to make it easier for customers to discover and use your solution. Please reach out to [email protected] if you would like to participate.

Historically the Internet of Things (IoT) has been much more hype than substance. Sure, there have been a few verticals such as oil and gas and mining that have embraced the trend, but those vertical have been active in IoT since it was known as machine to machine (M2M).

Now, however, we sit on the precipice of IoT exploding. I’ve seen projections that by 2025, anywhere from 50 billion to 200 billion new devices will be added to the network. Which is right? Doesn’t really matter. The main point is that we’re going to see a lot devices connected over the next 10 years, and businesses need to be ready. 

+ Also on Network World: Experts to IoT makers: Bake in security +

IoT does present some unique security concerns for organizations. In fact, the most recent ZK Research Network Survey asked what the biggest impediment was to broader IoT adoption, and security ranked #1 by an overwhelming amount. Why is IoT security so difficult? It’s a fair question, as we’ve been connecting devices to our company networks for years. 

Challenges of securing IoT devices

IoT devices are different, though. First, scale is an issue. Consider a hospital where the number of connected medical devices could outnumber traditional computers and printers by a factor for 4 or 5.

Also, IoT endpoints are often the domain of the operational technology (OT) group, not IT, so there many not be any awareness from the security team that new devices are being connected.

Lastly, IoT devices can be hard to secure. Some are old, some have proprietary operating systems, some have no security capabilities and the list goes on. The main point is that these devices have either never been connected to a network before or, at most, connected to a parallel closed network where security wasn’t a concern.

Given the magnitude of IoT and the concerns regarding security, it’s safe to say that businesses need to rethink their security strategy when it comes to IoT.

Securing IoT endpoints: 5 steps

To help understand what steps need to be taken when securing IoT devices, I turned to Vinay Anand, vice president and general manager of ClearPass for Aruba, a Hewlett Packard Enterprise company. I asked him what steps organizations should take to secure IoT endpoints. Here is his advice and how Aruba ClearPass could help:

1. Onboard the devices. There’s no single way of onboarding a device. Aruba’s ClearPass supports a wide range of methods, including 802.1X authentication with RADIUS, MAC authentication, agents, MAC plus 802.1X or captive portal.
2. Fingerprint the devices. This step requires gathering data and understanding the behavior of the endpoint. This is a critical step in looking for breaches, as any deviation from the normal behavior could indicate malicious activity.
3. Put the devices into a profiler. ClearPass includes a built-in profiling service that can classify the devices. A variety of contextual data can be used to profile, including MAC OUIs, DHCP fingerprinting and other identity-centric device data. Unmanaged devices can be identified as either known or unknown when they connect to the network. The identity of these devices is based on the presence of MAC addresses in a database within ClearPass. 
4. Create a policy. A policy is only as good as the data used to build it and the tool used to enforce it. Aruba takes an ecosystem approach to policies by partnering with a broad set of technology partners, including MobileIron and Palo Alto Networks. This lets policies be applied and enforced at every level of IoT, including the device, network edge, applications and internet. This gives customers tight control over how devices operate and communicate, resulting in better containments of threats when they emerge.
5. Monitor and analyze traffic. ClearPass pulls data out of a number of systems, including control, authentication, communication, security and management systems. Data is gathered and then analyzed for odd behavior, and the device is either removed from the network or quarantined. That would happen, for example, if a medical device attempts to communicate with an accounting server. If that occurs, it could indicate a breach. When that kind of traffic is discovered, ClearPass can disconnect the device from the network, minimizing the damage.

Adequately securing IoT devices depends on organizations being able to quickly recognize a device when it joins the network. Aruba has thousands of profiles already created, and it has an exchange for partners to create their own, adding to the list of supported devices.

Securing IoT may seem daunting, Anand said, but it doesn’t have to be if you take the right steps and use the right tools.

Hi!

You are about to activate our Facebook Messenger news bot. Once subscribed, the bot will send you a digest of trending stories once a day. You can also customize the types of stories it sends you.

Click on the button below to subscribe and wait for a new Facebook message from the TC Messenger news bot.

Thanks,
TC Team

A few months back, we blogged about our first cost management feature: Monthly cost trend. It allows you to see how much you have spent in the current calendar month and also shows the projection of the spending until the month’s end, based on your spending in the last 7 days.

Now, we’re moving on to answer a second question that’s likely crossed your mind: Why is lab spending so fast? In order to help you get a clear answer more productively, we have released a new feature so that you don’t have to scratch your head to find the answer. The feature makes your life easier by showing you the month-to-date cost per resource in a table.

Figure 1: Cost by resource

We have also released another feature that allows you to set the target lab cost for the current calendar month. The target cost will appear in the “Monthly estimated cost trend” chart, which will help you to track the month-to-date lab spending relative to the target cost for the current month. The projected lab cost, together with the target cost, will help you to easily identify if you are going to blow up your budget for the month.

For more details on these features and what’s coming next, please check out the post on our team blog.

Please try the new features and let us know how can we make them better by sharing your ideas and suggestions at the DevTest Labs feedback forum.

If you run into any problems with the features or have any questions, we are always ready to help you at our MSDN forum.