Third try is no charm for failed Linux ransomware creators

Getting cryptographic implementations right is difficult. A group of malware creators is currently experiencing that hard truth, to the amusement of security researchers.For the past several months, a group of cybercriminals have been infecting Linux systems -- primarily Web servers -- with a file-encrypting ransomware program that the security industry has dubbed Linux.Encoder.This development is worrying, because Web server infections don't require user interaction as on desktop computers where getting users to open rogue email attachments or visit malicious websites are common attack vectors. Instead, the hackers use automated scanners to find servers that host vulnerable applications or have weak SSH passwords they can guess using brute-force methods.To read this article in full or to leave a comment, please click here

Passed the CCDE written. Now what?

I was fortunate enough to finally pass the CCDE written exam yesterday morning.

That begs the question of “Now What?”

Well, I will spend a couple of days putting together a study strategy, based on where I am now compared to where I need to be in order to pass the exam. As it looks now, I am probably going for a fall 2016 exam date. That gives me enough time to settle into a new job with everything that entails.

It also means that I will need to spend 2-3 hours of study per day (some weekends more than that), with a combination of watching Cisco Live 365 videos and reading CVD’s/Books.

On top of that, my good friend Daniel Dib and I, along with hopefully a few others will have some design discussions using Webex. We have been told its really important to iron out different design ideas with other people. Especially if we can get a group together with people from different areas of expertise (Datacenter, Service Provider, Enterprise etc.).

Alas, an update to this story will come shortly! :)

Take care!

Creating VLAN interfaces in Linux

Communicating over multiple VLAN's is possible by using VLAN sub interfaces in linux. A vlan interface can be created in linux which shows up as a network interface device. Each of these interfaces are used as you would use a normal linux interface - assign an IP to it, attach it to a bridge, add routing tables entries and more. One use case is when you need a VM to act as an L2 gateway having one leg on one VLAN and another leg on the other.

As always this can be achieved in multiple ways: using the vconfig command, adding a new interface network-script file (CentOS/Redhat) or by using the "ip" command. I will describe all three methods here:

First thing you will need is to load the 8021q linux kernel module that is responsible for VLAN tagging/untagging.  See RFC.

Check if you have VLAN module. You can check the ouput of lsmod and figure out if 8021q is loaded or I simply like to do this:

 lsmod | grep 8021q

You should see 8021q and some other lines in the output.

Add module to linux. Note that you'll need to automate this. You can add it in systemctl Continue reading

Mythical vuln-disclosure program

In the olden days (the 1990s), we security people would try to do the "right thing" and notify companies about the security vulnerabilities we'd find. It was possible then, because the "Internet" team was a small part of the company. Contacting the "webmaster" was a straightforward process -- indeed their email address was often on the webpage. Whatever the problem, you could quickly get routed to the person responsible for fixing it.

Today, the Internet suffuses everything companies do. There is no one person responsible. If companies haven't setup a disclosure policy (such as an email account "[email protected]"), they simply cannot handle disclosure. Assuming you could tell everyone in the company about the problem, from the CEO on down to the sysadmins and developers, you still won't have found the right person to tell -- because such a person doesn't exist. There's simply no process for dealing with the issue.

I point this out in response to the following Twitter discussion:



Josh's assertion is wrong. There is nobody at American Airlines that can handle a bug report. At some point, Continue reading

Juniper Networks Announces Date of Fourth Quarter and Fiscal Year 2015 Preliminary Financial Results Conference Call and Webcast

SUNNYVALE, CA–(Marketwired – January 05, 2016) – Juniper Networks (: JNPR), the industry leader in network innovation, today confirmed it will release preliminary financial results for the fourth quarter and fiscal year ended Dec. 31, 2015, on Wednesday, Jan. 27, 2016 after the close of the market. The Company’s senior management will host a conference... Read more →

Juniper Networks Announces Date of Fourth Quarter and Fiscal Year 2015 Preliminary Financial Results Conference Call and Webcast

SUNNYVALE, CA–(Marketwired – January 05, 2016) – Juniper Networks (: JNPR), the industry leader in network innovation, today confirmed it will release preliminary financial results for the fourth quarter and fiscal year ended Dec. 31, 2015, on Wednesday, Jan. 27, 2016 after the close of the market. The Company’s senior management will host a conference... Read more →

It’s Time For IPv6, Isn’t It?

 

I made a joke tweet the other day:

It did get lots of great interaction, but I feel like part of the joke was lost. Every one of the things on that list has been X in “This is the Year of X” for the last couple of years. Which is sad because I would really like IPv6 to be a big part of the year.

Ars Technica came out with a very good IPv6-focused article on January 3rd talking about the rise in adoption to 10% and how there is starting to be a shift in the way that people think about IPv6.

Old and Busted

One of the takeaways from the article that I found most interesting was a quote from Brian Carpenter of The University of Aukland about address structure. Most of the time when people complain about IPv6, they say that it’s stupid that IPv6 isn’t backwards compatible with IPv4. Carpenter has a slightly different take on it:

The fact that people don’t understand: the design flaw is in IPv4, which Continue reading

Privacy rules spur Intralinks growth

Intralinks launched in the late 1990s to help companies involved in corporate buyouts and mergers maintain control over critical, shared information during the deal-making process. Today, the company is applying its secure collaboration capabilities to a wide variety of new customers and use cases – from CMOs building marketing campaigns to pharmaceutical companies coordinating data for patients, physicians and regulators involved in major drug trials. Under CEO Ron Hovsepian, Intralinks has created a cloud-based platform that empowers an array of customers who need to share content safely with external partners. In this installment of the IDG CEO Interview Series, Hovsepian spoke with Chief Content Officer John Gallant about how changes in privacy and data sovereignty rules are driving Intralinks’s growth and talked about how the technology may replace secure Web sites for confidential communications among businesses and their customers.To read this article in full or to leave a comment, please click here(Insider Story)

1 2,970 2,971 2,972 2,973 2,974 3,616