Firewall – Some Insight into the Cisco ASA Failover Process

I’m currently working on a design and needed to verify some failover behavior of the Cisco ASA firewall.

The ASA can run in active/active or active/standby mode where most deployments I see run in active/standby mode. When in a failover pair the firewalls will share an IP address and MAC address, very similar to HSRP or VRRP but it also synchronizes the state of TCP sessions, IPSec SA’s, routes and so on. The secondary firewall gets its config from the primary firewall so everything is configured exactly the same on both firewalls.

To verify if the other firewalls is reachable and to synchronize state, a failover link is used between the firewalls. The firewalls use a keepalive to verify if the other firewall is still there. This works just like any routing protocol running over a link where you expect to see a hello from your neighbor and if you miss 3 hello’s, the other firewall is gone. This timer can be configured and in my tests I used a hello of 333 ms and a holdtime of 999 ms which means that convergence should happen within one second.

The first scenario I was testing was to manually trigger a Continue reading

Cisco boosts, broadens Catalyst switches

Cisco this week unveiled key enhancements to its enterprise switches, including a 6Tbps supervisor engine expected for some time.The extensions to Cisco’s Catalyst 6800, 4500-E and 3650 lines are intended to address a range of requirements spanning campus backbones, wiring closets, and small office and retail locations. They are designed to boost performance for business applications, support Cisco’s most recent features and accommodate space constrained environments.To read this article in full or to leave a comment, please click here

Flaws in Trane thermostats underscore IoT security risks, Cisco says

Cisco warned on Monday of serious flaws it found in an Internet-connected thermostat control, which it said are typical among products of vendors who aren't well-versed in network security.The flaws were found in the ComfortLink II thermostats made by Trane. The thermostats allow users to control room temperature from a mobile device, display the weather and even act as a digital photo frame.Cisco's Talos unit said the issues have now finally been patched since notifying Trane nearly two years ago, which is why it went public."The unfortunate truth is that securing internet-enabled devices is not always a high priority among vendors and manufacturers," wrote Alex Chiu, a Cisco threat researcher, in a blog post Monday.To read this article in full or to leave a comment, please click here

Snowden leaks furor still spilling over into courts

Nearly three years after former NSA contractor Edward Snowden first leaked details about massive domestic spying, his revelations have prompted a broader discourse, especially among legal scholars, over the potentially invasive nature of big data cybersurveillance tools.Even as intelligence officials, the FBI and Congress worry about the rise of terrorists using encryption to communicate, legal experts are concerned that the enormous volume of data still being collected and stored by the National Security Agency and other intelligence agencies will pose legal concerns based on the Fourth Amendment of the U.S. Constitution. The Fourth Amendment prohibits unreasonable searches and seizures without a judge's warrant supported by probable cause.To read this article in full or to leave a comment, please click here

Kingston buys encrypted flash drive maker IronKey

Kingston Technology today announced it has acquired the USB technology and assets of IronKey from Imation Corp.Imation, which purchased the then privately-held IronKey in 2011, did not disclose the financial details of the sale to Kingston.IronKey is perhaps best known for its highly secure USB flash drives, which use 256-bit AES encryption algorithm to secure data and a stainless steel case with no seams so it cannot be pried open.To read this article in full or to leave a comment, please click here

Is it time to give up on WordPress sites?

It’s being reported by Malwarebytes’ CyberheistNews and other sources that a unexpectedly large wave of hacking has been hitting thousands of WordPress sites (described as the “Weird WordPress Hack” just to fit in with the Buzzfeed style of headlines). The attacks are described as: "WordPress sites are injected with huge blurbs of rogue code that perform a silent redirection to domains appearing to be hosting ads," Malwarebytes Senior Security Researcher Jérôme Segura wrote in a blog post published Wednesday. "This is a distraction (and fraud) as the ad is stuffed with more code that sends visitors to the Nuclear Exploit Kit." To read this article in full or to leave a comment, please click here

9 technologies that could cut demand for lawyers, lower legal fees

Lawyers are embracing technology that makes them more efficient and less trapped in 100-hour work weeks but that also reduces the need for them in certain types of cases or turns their counsel into a commodity.These technologies and services include a Web platform that searches patents more quickly than lawyers can, an app to find flaws in contracts, low-cost access to ask legal questions and an arbitration network to keep from having to hire legal representation to go to small-claims court.Attorneys from across the country heard about these at the recent LegalTech conference where some of the attendees indicated that the innovations could save money for law firms and even change their hiring practices by cutting the need for full-timers. One attorney joked that the innovations are disrupting the profession so much that he’ll be retiring early.To read this article in full or to leave a comment, please click here

Moving from ifconfig to ip


Have you started using CentOS7.2? If you are a networking ninja and were all mojo about "ifconfig and route" commands, you are going to be in for a not-so-pleasant surprise in the later versions of Linux. Release after release the community talked about moving to "ip" commands and removing  net-tools package that houses commands "ifconfig and route" from minimalistic installs and going with the iproute package. And now finally with CentOS7.2 these packages aren't there anymore. It is however still possible to get these programs by installing the "net-tools" package, which I do quite often but I also suggest trying to use the "ip" suite that comes with iproute package instead. Not only does it give extended functionality but it comes-with and so you would not have to install new packages.

I will try to describe the 1:1 mapping of the most common commands I use to just figure out what a linux box is configured with. There are tons of articles & cheat sheets out there which can be used too.

ifconfig commands - See & set interface properties

NASA’s Skylab marks 42nd anniversary of last space mission

The month marks the 42 anniversary of the last manned occupation of the US’ first big attempt to live in outer space – Skylab.+History in pictures: Skylab: NASA's first space station marks 40 years+Launched on May 14, 1973, the Skylab saw three crewed manned missions—the last being concluded in February 1974. In terms of technology the lab was pretty advanced for the time. According to IBM, two Big Blue computers controlled the orientation of the laboratory throughout the mission. The onboard computers, which were arranged redundantly, were models of IBM's System/4Pi, a computer designed for the special weight and environmental requirements of aerospace applications. Each of the IBM computers aboard Skylab weighed 100 pounds and measured 19 by 7.3 by 31.8 inches. They were capable of handling more than 100 signals to Skylab attitude control equipment, IBM says.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Algorithm developed to predict future botnet attacks

Six botnets have been discovered and traced back to their perpetrators by an algorithm produced by researchers at Israel's Ben-Gurion University (BGU) of the Negev. The scientists who built the formula say it will allow law enforcement to trace administrators responsible for future attacks.The key to the work is analyzing data produced by previous attacks, the cybersecurity researchers say.Malicious botnets are groups of Internet-connected computers that have been secretly compromised to forward traffic to other computers. Payloads can include spam and viruses. The PCs can become remote controlled and also proffer private information.To read this article in full or to leave a comment, please click here

Spectrum 101

A tremendous amount of ink has been ‘shed’ over the last 3+ years debating the various technical proposals for LTE operation in unlicensed spectrum (Ruckus has certainly weighed in when we’ve had something worthwhile to say). But maybe it’s time...

Report examines the massive future cybersecurity problem of connected cars

If you are interested in the Internet of insecure Things, then you might like a new report which looks at the cybersecurity of connected vehicles, calling it "one of the biggest issues facing manufacturers today." Cyber Security in the Connected Vehicle attributed that threat to complexity, connectivity, and content. There's a "massive future security problem just around the corner," and it can't be fixed by trying to bolt on security during the implementation phase.Complexity was called "the worst enemy of security," as a connected car could have "approximately 100 million lines of code," compared to 8 million for an F-35 fighter jet. There has been a dramatic increase in Electronic Computing Units, with some high-end vehicles currently having about 100 ECUs. There has also been a rise in the diversity of in-vehicle systems which provide both luxury and critical features.To read this article in full or to leave a comment, please click here

Webinar Q&A: Docker Basics – Orchestration

As the need for greater agility and portability drives the growth of containerization within enterprises world-wide, container orchestration tools have become increasingly important. With multiple nodes running multiple containers, enterprises now need a way to manage and deploy containers at … Continued

Webinar Q&A: Docker Basics – Orchestration

As the need for greater agility and portability drives the growth of containerization within enterprises world-wide, container orchestration tools have become increasingly important. With multiple nodes running multiple containers, enterprises now need a way to manage and deploy containers at … Continued

Cybercriminals adopt spies’ techniques to pull off online bank heists

The times when stealthy, persistent and advanced malware was associated only with cyberespionage are gone. Criminals are now using similar threats and techniques to steal millions of dollars from financial institutions.Last year researchers from security vendor Kaspersky Lab were called in to investigate unusual thefts from 29 banks and other organizations located in Russia, leading to the discovery of three new sophisticated attack campaigns. Their findings were presented Monday during the company's annual Security Analyst Summit.One group of attackers is using a modular malware program known as Metel or Corkow to infect computer systems belonging to banks and to reverse ATM transactions. During a single night, the gang stole millions of rubles from a Russian bank using this hard-to-detect transaction rollback trick.To read this article in full or to leave a comment, please click here

1 3,111 3,112 3,113 3,114 3,115 3,805