0

REVIEW: MailScanner and ScrolloutF1 are standouts in open source email security

Email security is of paramount concern in any organization. A significant percentage of malware is delivered via email, on the premise that an unsuspecting user will open the message, allowing the malware payload onto the user’s machine. From there, malware can worm its way into the network and wreak various kinds of havoc, often undetected, sometimes for months or even years.It should then come as no surprise that a significant industry has grown up around the serious business of containing email threats. We decided to review four open source products to see if they could deliver enterprise-grade security. The four products were CipherMail, MailScanner Scrollout F1 and hMailServer.To read this article in full or to leave a comment, please click here(Insider Story)

0

NZ IPv6 & DNSSEC Update

A year ago I published a table of New Zealand ISP IPv6 support. At the time support was fairly poor. I’m pleased to report that things have gotten better over the last year. There has also been a very pleasing uptick in DNSSEC support.

IPv6 Changes

The big movers here are Trustpower & Orcon, who have both enabled IPv6 by default for their users. So now we have the two largest ISPs still only offering IPv4, but all of the next tier of ISPs are offering IPv6. New Zealand has a flexible ISP market, and almost all consumers can change provider quickly & easily. This means that IPv6 is effectively available for all who want it.

The numbers are still small, but we can see a move upwards towards the end of the year when Orcon & Trustpower enabled IPv6. Many legacy home routers have IPv6 disabled, but as these get replaced/reconfigured, I expect to see a steady increase in IPv6 uptake across those ISPs.

The two market leaders – Spark & Vodafone still only offer broken promises. In 2014 Vodafone implied it was not far away: “I can Continue reading

0

The Sad State of Enterprise Networking

John wrote an optimistic comment to my fashionable designs rant:

Nobody in their right mind does "fashionable" things when dealing with infrastructures that are required to be solid, dependable and robust.

Unfortunately many enterprises aren’t that prudent – the last Expert Express engagement I had in 2015 was yet another customer who lost two major data centers due to a bridging loop spilling over a stretched VLAN infrastructure.

Read more ...

0

BASH Script for Dictionary Attack Against SSH Server

Although they are several dictionary password attack tools available for Linux such as Hydra, Ncrack, I have decided to practice BASH scripting and write a script getsshpass.sh that can perform dictionary attack against SSH server. The script reads usernames and passwords from dictionaries (the one for usernames and the one for passwords) and uses them one-by-one during its login attempt to remote SSH server. Once correct username and password are found, the script save them to the file result.txt and displays them on the desktop. Then it exits.

The script can be started either in a serial mode that opens only single SSH session to SSH server or in a parallel mode which allows multipe SSH sessions to be opened at the same time. Below are parameters of the script.

Picture 1 - Script Parameters

All parameters are self-explanatory. If a parameter -l is not entered the script is started in a default serial mode. In case of parallel mode is used (-l parameter) it is recommended to use -l parameter together with -n parameter. The -n parameter slows down generating SSH sessions by inserting fixed number of seconds before a new SSH session is generated. This helps the attack to be successful. According to my findings during Continue reading

0

How many penalty points does a BGP route get for each flap, when Route Dampening is enabled ?

How many penalty points does a BGP route get for each flap, when Route Dampening is enabled ?

Think of the answer before reading the post...

0

Malware alone didn’t cause Ukraine power station outage

A new study of a cyberattack last month against Ukrainian power companies suggests malware didn't directly cause the outages that affected at least 80,000 customers.Instead, the malware provided a foothold for key access to networks that allowed the hackers to then open circuit breakers that cut power, according to information published Saturday by the SANS Industrial Control Systems (ICS) team.Experts have warned for years that industrial control systems used by utilities are vulnerable to cyberattacks. The Dec. 23 attacks in Ukraine are the most prominent example yet of those fears coming to fruition.To read this article in full or to leave a comment, please click here

0

Gamer blames Nvidia GPU driver bug for showing porn viewed via Chrome incognito mode

Imagine launching a game on your PC and the black loading screen instead shows the porn you had been viewing hours ago via Google’s incognito browser mode. That’s exactly what happened to Evan Andersen, according to his blog post detailing how an Nvidia GPU driver bug breaks Chrome incognito.Andersen said the porn he’d viewed hours previously had been “perfectly preserved” and was “splashed on the screen” while Diablo III was loading. He added: So how did this happen? A bug in Nvidia's GPU drivers. GPU memory is not erased before giving it to an application. This allows the contents of one application to leak into another. When the Chrome incognito window was closed, it’s framebuffer was added to the pool of free GPU memory, but it was not erased. When Diablo requested a framebuffer of its own, Nvidia offered up the one previously used by Chrome. Since it wasn't erased, it still contained the previous contents. Since Diablo doesn't clear the buffer itself (as it should), the old incognito window was put on the screen again.To read this article in full or to leave a comment, please click here

0

Juniper will repatch its Netscreen operating system

After scrutinizing the two operating systems that run its networking and security products, Juniper Networks gives them both a clean bill of health, but it plans to replace a part of one that was exploited by unknown parties to undermine its Netscreen security gear.Juniper revealed last month that it had found two flaws in its ScreenOS operating system and patched them, but now it plans to patch one of them again to make the security of the operating system stronger, according to a Juniper blog.To read this article in full or to leave a comment, please click here

0

Piper nv: An ambitious home monitoring and automation system

Home automation has become a Big Thing and with it the surveillance and monitoring systems market has exploded. My focus today, the Icontrol Networks Piper nv, is ostensibly in the monitoring market but it’s an ambitious product that attempts to do a lot more.The Piper nv is a wireless (802.11 b/g/n), ultra-wide angle (180 degrees!) 3.4 megapixel video camera that can deliver 1080p (1,920-by-1,080 pixel) streaming video in h.264 format. It has “night” vision (at much reduced video quality) with built-in infrared illumination. The device has passive infrared motion detection, a microphone, a speaker, temperature and humidity sensors, a 105 dB siren, and a built-in Series 500 Z-Wave Controller. To read this article in full or to leave a comment, please click here

0

OSPF vs. EIGRP Design

This comparison chart and all the knowledge in the article is your ultimate resource for the OSPF and EIGRP routing protocols from the design point of view. Knowing and understanding these design practices will not only help you for the real life network design but also will help for the any design certification exams.

The post OSPF vs. EIGRP Design appeared first on Network Design and Architecture.

0

EIGRP vs OSPF

EIGRP vs OSPF  – Below comparison table is your primary resource for the OSPF and EIGRP routing protocols when you compare them from the design point of view. Knowing and understanding these design practices will not only help you for the real life network design but also will help for the any design certification exams. If you […]

The post EIGRP vs OSPF appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

0

Juniper Pledges to Remove a Weak Link From ScreenOS Security

The ScreenOS back door is closed, Juniper says, but a potential vulnerability is only now being removed.

0

SDxCentral Weekly News Roundup — January 8, 2016

FireEye ought to get bought; Nokia and Alcatel-Lucent's big day looms; SAP joins the cloud crowd.

0

How Do I Protect My Organisation from Exploit Kits?

Most network architects I’ve worked with seem quite familiar with botnets, but exploit kits (EKs) are somewhat of a mystery. I’ve recently come across a couple of good papers explaining the topic, one from CERT-UK titled ‘Demystifying the exploit kit’, available at the following URL: https://www.cert.gov.uk/resources/best-practices/demystifying-the-exploit-kit/ And ‘Evolution of Exploit Kits’ from Trend Micro: https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-evolution-of-exploit-kits.pdf […]

The post How Do I Protect My Organisation from Exploit Kits? appeared first on Packet Pushers.

0

How Do I Protect My Organisation from Exploit Kits?

Most network architects I’ve worked with seem quite familiar with botnets, but exploit kits (EKs) are somewhat of a mystery. I’ve recently come across a couple of good papers explaining the topic, one from CERT-UK titled ‘Demystifying the exploit kit’, available at the following URL: https://www.cert.gov.uk/resources/best-practices/demystifying-the-exploit-kit/ And ‘Evolution of Exploit Kits’ from Trend Micro: https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-evolution-of-exploit-kits.pdf […]

The post How Do I Protect My Organisation from Exploit Kits? appeared first on Packet Pushers.

0

Book Recommendation: Wasteland Blues

I am a fan of any sort of post-apocalyptic fiction. Movies. Books. Anime. Weird Al songs. You name it. If it posits a future after the world we know is gone, I'll give it a try. Thus it is that I recommend Wasteland Blues to you by Scott Christian Carr and my fellow Packet Pusher Andrew Conry-Murray.

0

iPexpert’s Newest “CCIE Wall of Fame” Additions 1/8/2016

Please join us in congratulating the following iPexpert students who have passed their CCIE lab!

Continue reading

0

White House to meet Silicon Valley tech firms on combating radicalization

A team of senior White House officials plans to meet with Silicon Valley tech leaders on Friday to discuss ways the two can work together in combating radicalization and extremism.

0

White House hopes for ‘common ground’ in Silicon Valley meeting

The White House hopes a Friday summit between senior government officials and Silicon Valley tech leaders will find common ground on ways to work together to combat extremism and radicalization. Government officials will seek to convince tech executives that they need to heed President Barack Obama's call to action and step up to help the U.S. in its fight against militants. But some tech executives are still wary of assisting the government after former National Security Agency (NSA) contractor Edward Snowden leaked information about U.S. spying back in 2013.To read this article in full or to leave a comment, please click here

0

White House hopes for ‘common ground’ in Silicon Valley meeting

The White House hopes a Friday summit between senior government officials and Silicon Valley tech leaders will find common ground on ways to work together to combat extremism and radicalization. Government officials will seek to convince tech executives that they need to heed President Barack Obama's call to action and step up to help the U.S. in its fight against militants. But some tech executives are still wary of assisting the government after former National Security Agency (NSA) contractor Edward Snowden leaked information about U.S. spying back in 2013.To read this article in full or to leave a comment, please click here