Forensics Challenge for CSIRT Team – Part 1 Assignment

I have created a virtual machine that you can use to test your forensics analysis skills. Please, download the VM, solve an assignment below and share solutions with us.

1. Assignment
Your are a member of elite CSIRT team which is responsible for dealing with computer security incidents in your jurisdiction. You are asked to investigate a server that was previously administered by disgruntled administrator Mr. Abdullah Khan who was fired up. Although login credentials for server were changed after Khan's sacking from the company, it is believed he might insert malicious software into server before change of credentials. Your task is to ensure that a sever does not contain any malicious software and user data stored on the server are not compromised. You also need to prove your professional forensic skills and analyze a suspicious file in case you find it on the server. Based on your investigation you should find out how malware work and create detailed report for your boss.

The server is running Ubuntu 16.04.1 and it is primary used as a file server with configured SSH access. Unfortunately the backup of user files is damaged and cannot be used in case of data are lost during your investigation. The login/password is Continue reading

What is MPLS tunnel label and why it is used ?

In networking we use many times different terms to define the same thing. MPLS tunnel label or transport label are just two of those. Not only transport and tunnel labels but also other terms are used to define the same thing which these labels provide. Let me explain first why and where MPLS tunnel label is […]

The post What is MPLS tunnel label and why it is used ? appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

Big data paper shows stock market trades behave like light bulbs

In the stock market, electronic trading (AKA “etrading”) originally started so people could buy and sell stocks and other financial instruments more easily. No more hanging out on the floor of a stock exchange or calling your orders into your broker; you could do it all from your desktop. This was good because it made markets more accessible and reduced costs.Then, in the 1980’s, because the electronic trading platforms had application programming interfaces to allow new client-side interfaces to be developed, the inevitable happened, the next generation of electronic trading appeared. Algorithmic trading (AKA “algo trading” or “black box trading”) removed humans from the equation and exploded as the latest, greatest stock market money-making strategy. To read this article in full or to leave a comment, please click here

Big data paper shows stock market trades behave like light bulbs

In the stock market, electronic trading (AKA “etrading”) originally started so people could buy and sell stocks and other financial instruments more easily. No more hanging out on the floor of a stock exchange or calling your orders into your broker; you could do it all from your desktop. This was good because it made markets more accessible and reduced costs.Then, in the 1980’s, because the electronic trading platforms had application programming interfaces to allow new client-side interfaces to be developed, the inevitable happened, the next generation of electronic trading appeared. Algorithmic trading (AKA “algo trading” or “black box trading”) removed humans from the equation and exploded as the latest, greatest stock market money-making strategy. To read this article in full or to leave a comment, please click here

Apple confirms: Pokemon Go has already set an App Store record

Since its release earlier this month, Pokemon Go has become a full-fledged cultural phenomenon. Speaking to this point, the last few weeks have been chock-full of stories involving addicted Pokemon Go players getting themselves into all sorts of ridiculous situations. From a Pokemon Go player who accidentally drove his car into a parked police car to a reporter who was recently caught playing the game during a State Department meeting, it seems as if the entire world is obsessed with capturing virtual monsters on Nintendo's Augmented Reality themed mobile app.To read this article in full or to leave a comment, please click here

More than half the world is still offline

While it may seem like half the world is chasing Pokemon right now, the other half is not even on the Internet.About 3.9 billion people, or 53 percent of the population, will still be offline at the end of this year, the International Telecommunication Union estimates. Even in Europe, the most connected region, 20.9 percent of all people aren’t online. In Africa, the least connected continent, 74.9 percent are offline.Those figures are part of the annual statistical report from the agency, which is part of the United Nations. The report also showed there’s still a huge divide between rich and poor countries, and a growing gap between men and women, when it comes to internet access. It shows that efforts by companies like Google and Facebook to get all people connected could take a long time.To read this article in full or to leave a comment, please click here

NSX-V: Multi-site Options and Cross-VC NSX Design Guide

Check-out the new NSX-V Multi-site Options and Cross-VC NSX Design Guide

The goal of this design guide is to outline several NSX solutions available for multi-site data center connectivity before digging deeper into the details of the Cross-VC NSX multi-site solution. Learn how Cross-VC NSX enables logical networking and security across multiple vCenter domains/sites and how it provides enhanced solutions for specific use cases. No longer is logical networking and security constrained to a single vCenter domain. Cross-VC NSX use cases, architecture, functionality, design, and failure/recovery scenarios are discussed in detail. 

Cross-VC NSX: Logical Networking and Security Across vCenter Domains and Sites

Cross-VC NSX: Logical Networking and Security Across vCenter Domains and Sites

Outlined briefly below are several important use cases that Cross-VC NSX enables in regards to Application Continuity. For additional details on Cross-VC NSX and multi-site data center solutions see the NSX-V Multi-site Options and Cross-VC NSX Design Guide.


Use Case 1: Workload Mobility

Since logical networking and security can span multiple vCenter domains and multiple sites, Cross-VC NSX allows for enhanced workload mobility which can not only span multiple sites but also multiple vCenter domains across Active-Active data centers. Workloads can now move between vCenter domains/sites on demand for tasks such as data center migration, data center Continue reading

Why a Verizon and Yahoo merger would be like Microsoft snapping up CompuServe

Wait, what?If this rumor about Verizon buying Yahoo for $5B is true, we have an honest to goodness schadenfreude moment for me as someone who remembers the days of the Buddy List, giant banner ads (which is actually still common at Yahoo Mail for some reason), and those plastic discs they might still sell at Walmart for gaining “high-speed Internet” access.As you may know, Verizon also owns AOL. Those three letters, combined with the Yahoo exclamation mark, create some vivid memories. Few of them are good ones. I remember having to wait for my modem to connect to AOL back in the day, and for the banner ads at Yahoo.com to finish loading. It’s a curious development, but it makes about as much sense as other luminous icons of tech combining into an ungodly entity driven by brand dominance.To read this article in full or to leave a comment, please click here

Consumer Office 365 subscription growth slows

Microsoft this week said that consumer subscriptions to Office 365 topped 23 million, signaling that the segment's once prodigious year-over-year growth had slowed significantly.The Redmond, Wash. company regularly talks up the latest subscription numbers for the consumer-grade Office 365 plans -- the $100 a year Home and the $70 Personal -- and did so again this week during an earnings call with Wall Street analysts."We also see momentum amongst consumers, with now more than 23 million Office 365 subscribers," CEO Satya Nadella said Tuesday.But analysis of Microsoft's consumer Office 365 numbers showed that the rate of growth -- or as Nadella put it, "momentum" -- has slowed.To read this article in full or to leave a comment, please click here

AMD mulls a CPU+GPU super-chip in a server reboot

AMD emerged as a serious threat to Intel in servers more than a decade ago, but after a series of missteps and bad chips, the company's server business is hanging on by a thread.Now, AMD is rebooting its server chip business with the upcoming Zen CPU, which will also be used in PCs. AMD is getting creative with Zen and considering merging the CPU with a high-performance GPU to create a mega-chip for high-performance tasks."It's fair to say we do believe we can combine a high-performance CPU with the high-performance GPU," AMD CEO Lisa Su said during an earnings call on Thursday.Su's comment was in response to a question on whether AMD would ultimately combine its Zen CPU with a GPU based on the upcoming Vega architecture into one big chip for enterprise servers and supercomputing.To read this article in full or to leave a comment, please click here

Verizon will cut off unlimited data users who use too much unlimited data

Verizon's continuing its ongoing mission to pare down the number of customers on unlimited data plans by migrating them to ones with hard limits. Recently, the company came up with a way to get rid of its biggest data hogs. Verizon is notifying customers using an “extraordinary” amount of data per month that they must move off their unlimited data plan by August 31. If they don’t switch, the carrier will disconnect their accounts, though they’ll have 50 days to reactivate them on a limited plan, as first reported by Droid Life. Verizon ceased offering unlimited data plans in 2011.To read this article in full or to leave a comment, please click here

Microsoft touts data harvesting tool as aid to enterprises upgrading to Windows 10

Microsoft will preview a new service today that lets enterprises mine data that Windows collects, including software usage statistics, to accelerate adoption of Windows 10.The service, called Upgrade Analytics, was announced Tuesday by Marc-Andrea Klimaschewski, a company program manager, in a brief post to a company blog. He said that it would launch as a public preview Friday.Klimaschewski characterized the service as a tool that businesses can use to determine whether PCs -- in general or individually -- were eligible for upgrading to Windows 10. Upgrade Analytics, Klimaschewski wrote, "Provide[s] customers with insights which allow them to quickly evaluate application and driver readiness and mitigate potential problems."To read this article in full or to leave a comment, please click here

This Tinder scam promises to verify your account, but actually sells porn

Tinder users beware. The popular dating app generally doesn’t verify most user accounts, but that hasn’t stopped spammers from pretending to offer the service.In recent weeks, automated bots masquerading as Tinder profiles have been telling real users to get “verified,” as part of a clever scam to sell them porn, security firm Symantec said on Thursday.The spam bots first send off flirty messages, like “Wanna eat cookie dough together some time?” only to then ask whether Tinder has verified the user.It’s a free service, the spam bot will claim, and done “to verify the person you wanna meet isn’t a serial killer lol.”To read this article in full or to leave a comment, please click here