NetworkingNexus.net

Simple ASA to IOS VPN

Occasionally you just need a cheat sheet to configure something up. This is meant to be exactly that, a quick configuration of lan to lan IPSec between an ASA and IOS based router.

Topology

Host (for testing)

! /// Host is simply here to emulate a
! /// client on one end of the network
!
hostname Host
!
interface GigabitEthernet0/1
 description to iosv-1
 ip address 192.168.1.2 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.1.1

iosv-1 (IOS IPSec Endpoint)

! /// iosv-1 is terminating one end of an IPSec Tunnel
!
hostname iosv-1
!
! /// phase 1 policy
!
crypto isakmp policy 10
 encr aes
 authentication pre-share
 group 2
!
! /// pre shared key
!
crypto isakmp key P@rtn3rNetw0rk address 3.3.3.4
!
crypto ipsec transform-set myset esp-aes esp-sha-hmac
 mode tunnel
!
crypto map mymap 10 ipsec-isakmp
 set peer 3.3.3.4
 set transform-set myset
 set reverse-route distance 10
 match address crypto
!
interface GigabitEthernet0/1
 description to Internet
 ip address 2.2.2.2 255.255.255.0
 !
 ! /// recommend to restrict inbound traffic
 ip access-group out-in in
 !
 ! /// probably a good idea to disable ip 
 ! /// unreachables on the outside interface
 no ip unreachables
 !
 ! /// if nat is  Continue reading

Security startup wages continuous war games against networks

Startup SafeBreach automatically assesses corporate networks to find out whether they offer up enough security loopholes for real-world attacks to succeed.Using software probes called simulators distributed throughout customers’ networks, SafeBreach attempts to establish connections among devices and network segments just as a hacker would do in trying to carry out malicious activity.These automated attempts are driven by the Hacker’s Playbook, a SafeBreach library of known attack methods that the simulators try in order to discover weaknesses and reveal how these vulnerabilities might be exploited to carry out successful breaches.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords So simulators might find individual weaknesses in a desktop Internet connection, a credit card database and a management platform that could be strung together to nab customer credit card data. This would be reported on a single screen.To read this article in full or to leave a comment, please click here

Startup Cybric aims to reduce time between detecting and remediating breaches

Startup Cybric is working on a cloud-based platform to help businesses find out about breaches quickly and clean them up as fast as possible.It will do that with its platform, Continuous Security Delivery Fabric that creates a clone of network elements in its cloud and runs tests against them looking for vulnerabilities. Because the work is done in the cloud, it doesn’t slow down or interfere with the business’s production network, the company says.Because multiple tests can be run in parallel in the cloud, the time it takes to find vulnerabilities is reduced, the company says. Alternatively, customers can run the Continuous Security Delivery Fabric on premises.To read this article in full or to leave a comment, please click here

Big Switch Networks Offers Upgrades & Free Stuff

Community editions mean the first taste is free.

Say hello to The Matrix: DARPA looks to link brains and computers

Building a high-speed brain-to-computer interface that would offer “unprecedented signal resolution and data-transfer bandwidth between the human brain and the digital world” is the goal of a new program announced by the Defence Advanced Research Projects Agency recently. The research agency’s Neural Engineering System Design (NESD) want to develop an implantable device that would “serve as a translator, converting between the electrochemical language used by neurons in the brain and the ones and zeros that constitute the language of information technology. You may recall in the sci-fi film The Matrix, protagonists were plugged into a violent virtual future world though a brain interface.To read this article in full or to leave a comment, please click here

Say hello to The Matrix: DARPA looks to link brains and computers

Cyberthugs targeting companies with ransomware based on extortion amount for data

As if the steady rise of ransomware isn’t alarming enough, businesses that get hit with ransomware may not be unlucky targets of opportunity, but targets of choice as cyberthugs are setting ransom demands based on how much valuable data a business has.That is just one cybersecurity and online privacy trend found in the 2016 Data Protection and Breach Readiness Guide. With a nod to Data Privacy Day, the Online Trust Alliance (OTA) released its new guide as well as key findings from its analysis.To read this article in full or to leave a comment, please click here

The Butcher’s Bill

chopping-block-Dell-EMC

Watching a real butcher work is akin to watching a surgeon. They are experts with their tools, which are cleavers and knives instead of scalpels and stitches. They know how to carve the best cut of meat from a formless lump. And they do it with the expert eye of a professional trained in their trade.

Butcher is a term that is often loaded with all manner of negative connotations. It makes readers think of indiscriminate slaughter and haphazard destruction. But the real truth is that a butcher requires time and training to cut as they do. There is nothing that a butcher does that isn’t calculated and careful.

Quick Cuts

Why all the discussion about butchers? Because you’re going to see a lot more comparisons in the future when people talk about the pending Dell/EMC acquisition. The real indiscriminate cutting has already started. EMC hid an undisclosed number of layoffs in a Dec. 31 press release. VMware is going to take a 5% hit in jobs, including the entire Workstation and Fusion teams.

It’s no secret that the deal is in trouble right now. Investors are cringing at some of the provisions. The Virtustream spin out was rescinded after Continue reading

Let us look at the code running our devices, says Federal Trade Commissioner

Consumers should have the right to inspect the source code for connected devices they own, to ensure it doesn't contain bugs or backdoors, one U.S. Federal Trade Commissioner believes.As we connect our homes, our vehicles and our clothing to the Internet of Things, "We need to be very mindful of consumer data security and be very careful of anything that undermines that data security," said Commissioner Terrell McSweeny.McSweeny was speaking in a personal capacity at the State of the Net conference in Washington, D.C., on Monday, but her position as one of four Commissioners at the U.S. Federal Trade Commission could allow her to influence policy.To read this article in full or to leave a comment, please click here

Worth Reading: Intel becomes irrelevant

We’re approaching the end of the closed, proprietary, single source technology era. ARM processors are freely licensed, more open, and much more cost competitive than similar products from Intel or AMD. If you need 10 million chips for your next product do you buy them from Intel? Or do you get a license from ARM and hire a foundry to make them for you? -va cringely

The post Worth Reading: Intel becomes irrelevant appeared first on 'net work.

U.S. Congress to federal agencies: You have two weeks to tally your backdoored Juniper kit

Around two dozen U.S. government departments and federal agencies are being questioned by the U.S. Congress on whether they were using backdoored Juniper network security appliances. In December, Juniper Networks announced that it had discovered unauthorized code added to ScreenOS, the operating system that runs on its NetScreen network firewalls. The rogue code, which remained undetected for 2 years or more, could have allowed remote attackers to gain administrative access to the vulnerable devices or to decrypt VPN connections. The U.S. House of Representatives' Committee on Oversight and Government Reform wants to determine the impact that this issue had on government organizations and how the affected organizations responded to the incident.To read this article in full or to leave a comment, please click here

U.S. Congress to federal agencies: You have two weeks to tally your backdoored Juniper kit

Big Switch Offers Free SDN Software

SDN startup adds free entry-level versions of its software-defined networking products to entice new customers.

Security ‘net: Digital Copyright Edition

security-net The world of digital copyright is somewhat tangential to “real” security, but it’s a culture issue that impacts every network engineer in myriad ways. For instance, suppose you buy a small home router, and then decide you really want to run your own software on it. For instance, let’s say you really want to build your own router because you know what you can build will outperform what’s commercially available (which, by the way, it will). But rather than using an off box wireless adapter, like the folks at ARS, you really want to have the wireless on board.

Believe it or not, this would be considered, by some folks, as a pretty large act of copyright infringement. For instance, the hardware manufacturer may object to you replacing their software. Or the FCC or some other regulatory agency might even object because they think you’re trying to hog wireless spectrum, or because you don’t like what the wireless providers are doing. The EFF has a good piece up arguing that just such tinkering as replacing the operating system on a commercially purchased device is at the heart of digital freedom.

One of the most crucial issues in the fight for Continue reading

Symantec partner caught running tech support scam

Tech support scammers are known for their cheek -- making unfounded claims that PCs are infected to scare consumers into parting with their money -- but a Symantec partner took nerve to a new level, a security company claimed last week.According to San Jose, Calif.-based Malwarebytes, Silurian Tech Support ran a scam in which its employees, who billed themselves as support technicians, used obscure but harmless entries in Windows' Event Viewer and Task Manager to claim that a PC had been overwhelmed by malware, then leveraged those bogus threats to sell overpriced copies of Symantec's Norton security software and an annual contract for follow-up phone support.To read this article in full or to leave a comment, please click here

DARPA funds a program so computers can read thoughts

In the future, computers may be able to read your thoughts through a connection with the brain. DARPA wants to create a device that could help make that happen.The device, which will be the size of two stacked nickels, will translate information from a brain into digital signals for use on a computer. The device is being developed as part of a four-year, US$60 million research program funded by DARPA -- the Defense Advanced Research Projects Agency, which operates under the aegis of the U.S. Department of Defense.MORE ON NETWORK WORLD: 13 awesome and scary things in near Earth space The program, called Neural Engineering System Design (NESD), is one of DARPA's many research programs that aims to bring brain-like intelligence to computers. The research program will cover neuroscience, low-power chips, photonics and medical devices.To read this article in full or to leave a comment, please click here

Marvin Minsky, AI pioneer and Turing award winner, dies at 88

Marvin Minsky, a professor emeritus at MIT who pioneered the exploration of the mind and its replication in a computer, died on Sunday from a cerebral hemorrhage at the age of 88, according to MIT Media Lab.In his prologue to his seminal book, Society of Mind, Minsky wrote that the book tries to explain how the mind works, and "that you can build a mind from many little parts, each mindless by itself."+ ALSO: Notable 2015 deaths in technology, science & inventions +To read this article in full or to leave a comment, please click here

Review: Microsoft’s Windows Defender antivirus is less awful than it used to be

We've all loved to hate Microsoft's free Windows Defender software—it's been so mediocre that it's been considered the baseline metric in third-party tests. But recent independent tests show it's actually outperforming a number of third-party suites, some of which charge you money to use them.Results released by AV-test.org for the month of December put Microsoft right in the middle of the pack of its list of antivirus software for home users. Microsoft is still near the bottom of the heap in the business market, however, using the version of Microsoft System Center that’s been integrated into Windows 10’s business editions.To read this article in full or to leave a comment, please click here

8 tips for recruiting cybersecurity talent

Good IT talent is hard to find. You know what's even more difficult? Finding good cybersecurity talent. Demand for skilled cybersecurity professionals is growing at an astonishing rate -- four times faster than the IT jobs market and 12 times faster than the overall labor market, according to research from Burning Glass Technologies.Unfortunately, supply isn't keeping up with demand, according to online cybersecurity training and MOOC platform Cybrary's Cyber Security Job Trends Survey for 2016. Of the 435 senior-level technology professionals who completed the survey between October and December 2015, 68 percent affirmed that there is a global shortage of skilled cybersecurity professionals. Only 13 percent of companies said there was an abundance of cybersecurity talent in their local areas.To read this article in full or to leave a comment, please click here

Netronome Offers a Boost for Server-Based Networking

Webscale players love hardware acceleration, Netronome says.

« Previous 1 … 3,130 3,131 3,132 3,133 3,134 … 3,804 Next »