NetworkingNexus.net

Better Security Conversations – Thoughts for a Series

As many PacketU readers know, I have held the role as a vendor SE for a couple of years. In this role, a primary function is to correctly position our products into customer environments. What I’ve come to realize is that many of our conversations actually start incorrectly. I think we need to change that. I will be sharing, as well as structuring, my own thoughts with an upcoming series of posts on security.

I firmly believe that products are only tools and we need to back up to better understand the problems we are trying to solve. One analogy I use on a regular basis when talking about autonomous vehicles is that “no one needs a car [they only need the transportation].” So if technology can provide autonomous cars, transportation can become a service instead of a depreciating asset in our garage.

Although it isn’t a parallel thought or analogy, no organization needs an NGFW for the sake of owning an NGFW. There is a need to provide proper tools required to enable the organization’s security program. Thinking in these terms guides the conversations to a more appropriate solution. My goal with this upcoming series is to help anyone that touches cybersecurity Continue reading

Tell the FCC you don’t want robo-voicemail, spammy direct-to-voicemail messages

If your phone doesn’t ring, yet you have received voicemail, did that voicemail qualify as a call? If it didn’t count as a call, then the telemarketer behind the pre-recorded voicemail message may claim it can leave “ringless voicemail” (RVM) for people even on the Do Not Call list.The FCC is currently deciding if it should ban ringless voicemail or if those spammy voicemail messages don’t count as calls as companies using direct-to-voicemail insertion technology claim.All About the Message, a ringless voicemail company, petitioned the FCC to “declare that the delivery of a voice message directly to a voicemail box does not constitute a call that is subject to the prohibitions on the use of an automatic telephone dialing system (ATDS) or an artificial or prerecorded voice” under the Telephone Consumer Protection Act (pdf).To read this article in full or to leave a comment, please click here

Tell the FCC you don’t want robo-voicemail, spammy direct-to-voicemail messages

Chinese Malware ‘Fireball’ Has Infected 250 Million Devices

A malware attack dubbed Fireball has infected more than 250 million computers worldwide and is redirecting web browsers on compromised machines to generate revenue for its attackers. First discovered by cybersecurity firm Check Point Threat Intelligence, the browser-hijacking malware attack of Chinese origin has reportedly spread to 20 percent of corporate computer networks. Read: Android …

Continue reading "Chinese Malware ‘Fireball’ Has Infected 250 Million Devices"

EuroDIG 2017: ISOC Speaks on Cybersecurity, Blockchain, Human Rights, IoT, Internet Shutdowns and more

How do we create a more secure and trusted Internet within the multistakeholder model of Internet governance? That will be among the many questions addressed this week at the European Dialogue on Internet Governance (EuroDIG) in Tallinn, Estonia. From June 5-7, we will have an Internet Society team on site participating in many sessions. Our EuroDIG 2017 page has all the details - including links to live video streams - but at a high level here are some of the workshops we are participating in:

Dan York

War Stories: Always Check Your Inputs

The extremely irregular War Stories series returns, with an anecdote from 15 years ago, investigating a problem with a web app that only seemed to crash when one particular person used it. Ultimately a simple problem, but it took me a while to track it down. I blame Perl.

ISPY With my Little Eye

“ispy” was our custom-built system that archived SMS logs from all our SMSCs, aggregating them to one server for analysis. Message contents were kept for a short period, with CDRs stored for longer (i.e. details of sending and receiving numbers, and timestamps, but no content).

The system had a web interface that support staff could use to investigate customer reports of SMS issues. They could enter source and/or destination MSISDNs, and see when messages were sent, and potentially contents. Access to contents was restricted, and was typically only used for things like abuse investigations.

This system worked well, usually.

Except when it didn’t.

Every few weeks, we’d get reports that L2 support couldn’t access the system. We’d login, see that one process was using up 99% CPU, kill it, and it would be OK for a while. Normally the system was I/O bound, so we Continue reading

War Stories: Always Check Your Inputs

ISPY With my Little Eye

This system worked well, usually.

Except when it didn’t.

Ultimate Go, Ardanlabs, Training Course Writeup

After being in the IT industry for a while, courses generally don’t impress or engage you for very long. If it’s something you’re interested in, you stand a better chance of hanging on in there, but even then, someone talking at you is always difficult. Those that attend conferences regularly will appreciate the shift to ‘brown bag’ lightening talks where a nervous energy fuelled speaker delivers the interesting snippets of a topic with the knowledge to guide question asking talk goers to the right info if they have beyond surface level curiosity.

Therefore, many of us don’t attend classroom based training anymore. Short webinars and self-lead courses are generally the way forward for those of us not in college or university. I need to add here, technology itself is changing too. Gone are the days where Microsoft, Oracle and Cisco lead the world. Sorry folks, they truly are gone. Technology now is ‘passing through’. I have a transformed view of technology akin to cattle herding; rope it, guide it to the right place to feed, then shoot it, eat it and make some handbags. Technology is more and more transient. It’s not about being an expert, it’s about the techniques Continue reading

How to track that annoying pop-up

In a recent update to their Office suite on Windows, Microsoft made a mistake where every hour, for a fraction of a second, a black window pops up on the screen. This leads many to fear their system has been infected by a virus. I thought I'd document how to track this down.

The short answer is to use Mark Russinovich's "sysinternals.com" tools. He's Windows internals guru at Microsoft and has been maintaining a suite of tools that are critical for Windows system maintenance and security. Copy all the tools from "https://live.sysinternals.com". Also, you can copy with Microsoft Windows Networking (SMB).

Of these tools, what we want is something that looks at "processes". There are several tools that do this, but focus on processes that are currently running. What we want is something that monitors process creation.

The tool for that is "sysmon.exe". It can monitor not only process creation, but a large number of other system events that a techy can use to see what the system has been doing, and if you are infected with a virus.

Sysmon has a fairly complicated configuration file, and if you enabled everything, you'd soon be Continue reading

Open Networking for Large Scale Networks

The post Open Networking for Large Scale Networks appeared first on rule 11 reader.

Intel’s new chip puts a teraflop in your desktop. Here’s what that means

It’s as fast as a turn-of-the-century supercomputer. Intel’s Core i9 Extreme Edition processor costs about $2,000. Intel Corporation Earlier this week in Taipei, Intel announced the most powerful desktop chip for consumers that it has ever sold. With 18 cores and a price tag of $1,999, the processor is known as a teraflop chip, meaning …

Continue reading "Intel’s new chip puts a teraflop in your desktop. Here’s what that means"

CCNA Wireless – CCNA Wireless Notes Chapter 5

Types of Wireless Networks

Wireless LANs are not the only type of wireless networks that exist.

Wireless Personal Area Network (WPAN)

WPAN uses low-powered transmitters to create a very short range network, usually 7 to 10 meters. Based on the 802.15 standard and includes technologies such as Bluetooth and ZigBee although ZigBee can have greater range. Unlicensed ISM frequencies are used including the 2.4 GHz band.

Wireless Local Area Network (WLAN)

Wireless service connecting multiple devices using IEEE 802.11 standard over medium-sized range, usually up to 100 meters. Uses unlicensed frequencies in 2.4 GHz and 5 GHz band.

Wireless Metropolitan Area Network (WMAN)

Wireless service over a large geographic area, such as all or portion of a city. One technology used is WiMAX, which is based on the 802.16 standard. Most commonly uses licensed frequencies.

Wireless Wide Area Network (WWAN)

Wireless data service for mobile phones offered over a very large geographic area, such as regional, national or even global by telecommunication carriers. Licensed frequencies are used.

Wireless LAN Topologies

Likelihood of interference increases as the number of wireless devices grows. Wireless devices use half duplex to avoid colliding with other Continue reading

Don’t Miss out on These 5 Spotlights on Security at vForum Online Summer 2017

You’ve likely heard it before: “All businesses are now digital businesses.” But since the business has expanded into digital space, shouldn’t something as critical as business security digitally expand too? That’s where the VMware ubiquitous software layer comes into play — sitting across the application infrastructure and endpoints, no matter where they are.

Now more than ever, it’s clear that security expertise is a must-have for IT. To further enhance your own security knowledge, make sure to join us at vForum Online on June 28th — right from your own desk. As our largest virtual conference, vForum Online is a must-attend event for IT professionals, and especially for those looking to improve their approach to security.

For returning attendees, you may notice we’ve made some alterations to the structure of vForum Online: Now, the conference is divided into several goal-oriented tracks, to ensure we’re aligned to your IT aims.

With this free, half-day event just a few weeks away, we’re counting down the days — and counting up all the reasons you should attend. Get a preview of these five security spotlights you can expect at the conference:

A Modern Approach to IT Security

In our “Transform Security — Reduce Continue reading

Bringing Internet to Nepal’s Remote, Mountainous Villages

In 1997, we finally got the Internet in Nepal. Unfortunately, it was only available in the capital, Kathmandu, which is very far from my village of Nangi. But almost immediately, I started thinking of ways we could get Nangi online. I was already familiar with the Internet from studying in the United States, and I had a lot of ideas about how being online could improve life in Nangi.

For the next four years, I talked to a lot of people about how we could get connected, but nothing seemed feasible. Nangi is in a remote, mountainous part of the country, so we didn’t have wireline phone service. That meant the traditional methods of connecting to the Internet were out, and satellite Internet was prohibitively expensive.

Mahabir Pun