The hollow rhetoric of nation-state threats
The government is using the threat of nation-state hackers to declare a state-of-emergency and pass draconian laws in congress. However, as the GitHub DDoS shows, the government has little interest in actually defending us.
It took 25 days to blame North Korea for the Sony hack, between the moment "Hacked by the #GOP" appeared on Sony computers and when President Obama promised retaliation in a news conference -- based on flimsy evidence of North Korea's involvement. In contrast, it's been more than 25 days since we've had conclusive proof the Chinese government was DDoSing GitHub, and our government has remained silent. China stopped the attacks after two weeks on their own volition, because GitHub defended itself, not because of anything the United States government did.
The reason for the inattention is that GitHub has no lobbyists. Sony spends several million dollars every year in lobbying, as well as hundreds of thousands in campaign contributions. When Sony gets hacked, politicians listen. In contrast, GitHub spends zero on either lobbying or contributions.
It's not that GitHub isn't important -- it's actually key infrastructure to the Internet. All computer nerds know the site. It's the largest repository of source-code on the Continue reading
HP Gets Mobile with New Campus Networking Products
HP is taking mobility to the campus with new products it announced today at Interop.
Pop Quiz: Which of These Security Startups Missed RSA?
Winner gets a pair of SDxCentral socks. We're not kidding.
Featured Video: Next-Generation Data Centers Need Next-Generation Security
Automated security policies can help you roll out apps faster, get more granular with your security, and reduce over provisioning.
OMG, VXLAN Encapsulation Has No Security!
Every now and then someone actually looks at the VXLAN packet format and eventually figures out that VXLAN encapsulation doesn’t provide any intrinsic security.
TL&DR Summary: That’s old news, the sky is not falling, and deploying VXLAN won’t make your network less secure than traditional VLAN- or MPLS-based networks.
Read more ...DevOps Breaks Security, and Access Management Could Be the Fix
The speed and scope of DevOps just broadens the network security problem.
Juniper CTO Chris Hoff Makes ‘Epic Fail’ in RSA Keynote
At least there weren't any wild animals.
Feds’ Encryption Key Escrow Plan Meets Resistance
Encryption is a threat to public safety, the Secretary of Homeland Security says.
RSA President Amit Yoran Makes a Splash in Debut Keynote
Not quite a home run, but Yoran draws good marks as he (vaguely) calls for standards in security reporting.
Big Switch Networks & Cyphort Use SDN to Deliver Advanced Threat Detection
Big Switch Networks and Cyphort have just announced a new partnership that will bring a SDN defense product to market by combining Big Tap and Advanced Threat Defense Platform.
Intel and Ericsson Deepen Ties in Managed Security Services
Another partnership between the two giants, this time targeting telco-managed security.
Our Top Session Picks for RSA Conference 2015
Juniper, DevOps, and RSA itself — it's a packed week at the annual security confab.
VMware News and the Expanding Minimalist OS Ecosystem
The Docker community saw expanded capabilities introduced today from VMware who showed support for the open source ecosystem with the announcement of two ecosystem projects – Project Photon, a Linux container OS and Project Lightwave, a container identity and access … ContinuedSolidarity
The government's zealous War on Hackers threatens us, the good hackers who stop the bad ones. They can't tell the good witches from the bad witches. When members of our community get threatened by the system, we should probably do more to stand in solidarity with them. I mention this because many of you will be flying to SFO this coming week for the RSA Conference, which gives us an opportunity to show solidarity.Today, a security researcher tweeted a joke while on a plane. When he landed, the FBI grabbed him and confiscated all his stuff. The tweets are here:
Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)
— Chris Roberts (@Sidragon1) April 15, 2015Chris Roberts' area of research is embedded control systems like those on planes. It's not simply that the FBI grabbed him because of a random person on a plane, but specifically because he's a security researcher. He's on the FBI's radar (so to speak) for things like this Fox News interview.
I suggest we all start joke tweeting along these lines, from the airplanes, like:
DFW->SFO. Playing with airplane wifi. I Continue reading
The Internet of Things Is Here – But We Can’t Trust the Things
IoT Needs Security-Enabled Networks with SDN
VCDX-NV Interview: Ron Flax On The Importance Of Network Virtualization
Ron Flax is the Vice President of August Schell, a reseller of VMware products and IT services company that specializes in delivering services to commercial accounts and the federal government, particularly intelligence and U.S. Department of Defense. 
Ron is a VCDX-NV certified network virtualization professional and a VMware vExpert. We spoke with Ron about network virtualization and the NSX career path.
***
The most exciting thing about network virtualization, I think, is the transformative nature of this technology. Networks have been built the same way for the last 20 to 25 years. Nothing has really changed. A lot of new features have been built, a lot of different technologies have come around networks, but the fundamental nature of how networks are built has not changed. But VMware NSX, because it’s a software-based product, has completely altered everything. It enables a much more agile approach to networks: the ability to automate the stand-up and tear-down of networks; the ability to produce firewalling literally at the virtual network interface. And because things are done at software speed, you can now make changes to the features and functions of networking products at software speed. You no longer have to deal with Continue reading
Masscanning for MS15-034
The bug comes from adding the following header to a web request like the following
Range: bytes=0-18446744073709551615As you can see, it's just a standard (64-bit) integer overflow, where 18446744073709551615 equals -1.
That specific header is harmless, it appears that other variations are the ones that may cause a problem. However, it serves as a useful check to see if the server is patched. If the server is unpatched, it'll return the following error:
HTTP/1.1 416 Requested Range Not SatisfiableFrom the PoC's say, a response that looks like the following means that it is patched:
The request has an invalid header nameHowever, when I run the scan across the Internet, I'm getting the following sorts of responses from servers claiming to be IIS:
HTTP/1.1 200 OK
HTTP/1.1 206 Partial Content
HTTP/1.1 301 Moved Permanently
HTTP/1.1 302 Object moved
HTTP/1.1 302 Found
HTTP/1.1 302 Redirect
HTTP/1.1 401 Unauthorized
HTTP/1.1 403 Forbidden
HTTP/1.1 404 Object Not Found
Continue reading
Intel Backs Skyport’s Security Dream Team in $30M Round
Big names, big money, but few details on an actual product.
Illumio Raises $100M Round, Talks Up Plans To Go Public
A massive round for the security startup.
Video: IPv6 Microsegmentation
The video of my Troopers 15 IPv6 Microsegmentation presentation has been published on YouTube. As with the Automating Network Security video, it’s hard to read the slides; you might want to look at the slide deck on my public content web site.
You’ll find more about this topic, including tested Cisco IOS configurations, in IPv6 Microsegmentation webinar.