How to use VirtualBox to emulate a network

VirtualBox is an open-source virtual machine manager and hypervisor that may also be used as a network emulator. In addition to creating and managing individual virtual machines, VirtualBox can connect virtual machines together to emulate a network of computers and network appliances such as routers or servers. VirtualBox works on the major computing platforms: Windows, MacOS, and Linux.

VirtualBox network with internal networks and a NAT management network

In this post, I offer a step-by-step tutorial showing how to use the VirtualBox graphical user interface to set up a network of six devices — three routers and three PCs. This tutorial will utilize some of the advanced functions supported by VirtualBox and provide you with the skills to set up a network of virtual machines on your own personal computer.

Required knowledge

I assume you, the reader, are already familiar with the VirtualBox GUI and have used it to create and run virtual machines on your personal computer, using default settings. I also assume you have a basic understanding of Linux shell commands, which will be needed to configure the Linux operating system running on the virtual routers and PCs.

If you need to refresh your knowledge about VirtualBox, the VirtualBox website provides a detailed user manual, and Continue reading

Android full disk encryption can be brute-forced on Qualcomm-based devices

Attackers can exploit vulnerabilities in Android devices with Qualcomm chipsets in order to extract the encrypted keys that protect users' data and run brute-force attacks against them.The attack was demonstrated last week by security researcher Gal Beniamini and uses two vulnerabilities patched this year in Qualcomm's implementation of the ARM CPU TrustZone.The ARM TrustZone is a hardware security module that runs its own kernel and Trusted Execution Environment independent of the main OS. On Qualcomm chips, the Trusted Execution Environment is called QSEE (Qualcomm Secure Execution Environment).The full-disk encryption feature on Android devices relies on a randomly generated key called the device encryption key (DEK). This key is itself encrypted with another key derived from the user's PIN, password or swipe pattern.To read this article in full or to leave a comment, please click here

Android full disk encryption can be brute-forced on Qualcomm-based devices

Attackers can exploit vulnerabilities in Android devices with Qualcomm chipsets in order to extract the encrypted keys that protect users' data and run brute-force attacks against them.The attack was demonstrated last week by security researcher Gal Beniamini and uses two vulnerabilities patched this year in Qualcomm's implementation of the ARM CPU TrustZone.The ARM TrustZone is a hardware security module that runs its own kernel and Trusted Execution Environment independent of the main OS. On Qualcomm chips, the Trusted Execution Environment is called QSEE (Qualcomm Secure Execution Environment).The full-disk encryption feature on Android devices relies on a randomly generated key called the device encryption key (DEK). This key is itself encrypted with another key derived from the user's PIN, password or swipe pattern.To read this article in full or to leave a comment, please click here

Mobile Broadband Ecosystem

Mobile Broadband… You might have heard this term before, possibly in an ISP environment. The term has always represented a name of a department within a mobile operator or a vendor organization. It is always there in profile description for telecom professionals. It is everywhere actually when it comes to a certain ecosystem or framework that delivers Internet Service […]

The post Mobile Broadband Ecosystem appeared first on Cisco Network Design and Architecture | CCDE Bootcamp | orhanergun.net.

New products of the week 7.4.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Alight Enterprise CloudKey features: a platform for deploying vertical applications for mortgage banking, mining/energy, telecommunications and high tech that show the financial ripples of potential decisions across the enterprise. More info.To read this article in full or to leave a comment, please click here

New products of the week 7.4.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Alight Enterprise CloudKey features: a platform for deploying vertical applications for mortgage banking, mining/energy, telecommunications and high tech that show the financial ripples of potential decisions across the enterprise. More info.To read this article in full or to leave a comment, please click here

New products of the week 7.4.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Alight Enterprise CloudKey features: a platform for deploying vertical applications for mortgage banking, mining/energy, telecommunications and high tech that show the financial ripples of potential decisions across the enterprise. More info.To read this article in full or to leave a comment, please click here

Second man pleads guilty of hacking entertainment industry celebrities

A second man has pleaded guilty to using a phishing scheme to get access to private and sensitive videos and photographs of people in the entertainment industry in Los Angeles.Edward Majerczyk, 28, a resident of Chicago and Orland Park, Illinois, has admitted in a plea agreement entered in the U.S. District Court for the Central District of California that between Nov. 23, 2013 through August 2014, he had engaged in a phishing scheme to obtain usernames and passwords from his victims, according to the U.S. Attorney’s Office for the Central District of California.Majerczyk gained access to the victims’ usernames and passwords after he sent them emails that appeared to be from security accounts of internet service providers. These mails directed the victims to a website that would collect their usernames and passwords. After illegally accessing the email accounts, he obtained personal information including sensitive and private  photographs and videos, according to his plea agreement.To read this article in full or to leave a comment, please click here

Second man pleads guilty of hacking entertainment industry celebrities

A second man has pleaded guilty to using a phishing scheme to get access to private and sensitive videos and photographs of people in the entertainment industry in Los Angeles.Edward Majerczyk, 28, a resident of Chicago and Orland Park, Illinois, has admitted in a plea agreement entered in the U.S. District Court for the Central District of California that between Nov. 23, 2013 through August 2014, he had engaged in a phishing scheme to obtain usernames and passwords from his victims, according to the U.S. Attorney’s Office for the Central District of California.Majerczyk gained access to the victims’ usernames and passwords after he sent them emails that appeared to be from security accounts of internet service providers. These mails directed the victims to a website that would collect their usernames and passwords. After illegally accessing the email accounts, he obtained personal information including sensitive and private  photographs and videos, according to his plea agreement.To read this article in full or to leave a comment, please click here

Understanding Firepower DNS Policies

One cool feature added with Firepower version 6 is probably best described as DNS-based Security Intelligence, Inspection and Sinkholing. The thought is pretty simple. If a host issues a DNS request for a host that is known to be malicious, that response is manipulated. The manipulated response can be host not found, an alternative IP address or no response at all. This allows an administrator to provide another layer of protection by preventing hosts ready access to the IP addresses of known malicious hosts.

So the first question that might come to mind is how are hosts on the Internet classified as bad. The short answer is that Talos maintains lists of known bad fully qualified domain names (fqdn). These are actually categorized and delivered into the Firepower solution as a feed. Each of the following category can be selected into one or multiple DNS Rules.

DNS Feeds and ListsDNS Rule with Categories

  • DNS Attackers
  • DNS Bogons
  • DNS Bots
  • DNS CnC
  • DNS Dga
  • DNS Exploitkit
  • DNS Malware
  • DNS Open_proxy
  • DNS Open_relay
  • DNS Phishing
  • DNS Response
  • DNS Spam
  • DNS Suspicious
  • DNS Tor_exit_node

In addition to the above, there are two built in lists that can be controlled by the UI.

  • Global-Blacklist-for-DNS
  • Global-Whitelist-for-DNS

The final way Continue reading

Nexar, turning your smartphone into a dash cam with crowdsourced smarts

I’ve tested a few dash cams in the last year (for example the Swann DriveEye and the Papago GOSAFE 520) and I’ve been impressed. Even if you’re not planning to capture the next meteor screaming over your town and shattering windows for miles around, it’s a great hedge against fraudulent insurance claims against you and terrific documentation for any road travel incidents you might have. But as with all technology, while there’s a lot of value in point application, when the point data is aggregated and treated as Big Data, amazing opportunities and insights emerge … which is exactly what comes from turning your iPhone into an ultra-sophisticated dash cam with the Nexar app.To read this article in full or to leave a comment, please click here

ADP + Docker Datacenter Delivers Security and Scale for Both Legacy and Microservices Applications

At DockerCon 2016, the second day’s general session featured products and stories related to Docker running in the enterprise. From product demonstrations of integrated security features, to deployment templates to a session featuring Keith Fulton, CTO of ADP, speaking about their evolution to a tech company and how Docker Datacenter enables them to ship faster, securely at scale across apps big and small.

ADP is the largest global provider of cloud based human capital management (HCM) solutions. ADP has over 630,000 clients that span more than 35 million users in over 100 countries. More than just payroll services, ADP delivers solutions across the entire spectrum of HCM for their customers in each one of these areas with right sized versions for SMBs, mid market and large enterprises.

 

 

This breadth and depth of solutions developed over the last 60 years does lead to some complexity in product development. ADP views this as a transition from a services company to a technology company and Docker is the key to future acceleration. Speeding up product development, not just in writing more code faster, but also helping ADP ship the resulting end product faster. Docker enables them to have a common Continue reading

The full-disk encryption protecting your Android can be cracked

If you have an Android device running 5.0 (Lollipop) or later, and powered by a Qualcomm Snapdragon processor, then you should know that a security researcher demonstrated how to crack the full-disk encryption (FDE) with brute-force attacks; the fix is not necessarily as simple as installing new firmware and might require changes to hardware.Full-disk encryption, which is supported on devices running Lollipop on up, is supposed to protect files on the storage drive. Android uses a randomly chosen 128-bit device encryption key which is further encrypted using a user’s PIN, password or swipe pattern. The master key, or Device Encryption Key (DEK), is stored on a user’s device; it is bound to the device’s hardware though Android’s KeyMaster, which runs in the TrustZone. In other words, an attacker should not be able to extract the crypto key for this walled-off and protected section.To read this article in full or to leave a comment, please click here

1 2,814 2,815 2,816 2,817 2,818 3,809