iPexpert’s Newest “CCIE Wall of Fame” Additions 2/5/2016

Please join us in congratulating the following iPexpert students who have passed their CCIE lab!

This Week’s CCIE Success Stories

  • Lucas Handybiantoro, CCIE #51350 (Routing and Switching)
  • Yuri Meca, CCIE #49668 (Wireless)
  • Ferenc Kuris, CCIE #46451 (Routing and Switching)
  • Vidhyadhar Rapolu, CCIE #38175 (Collaboration)
  • Robert Loeffler, CCIE #49780 (Routing and Switching)
  • Diego Martin, CCIE #51740 (Collaboration)
  • Sanaullah Khan, CCIE #47771 (Routing and Switching)
  • Tim Roth, CCIE #51451 (Routing and Switching)
  • Feras Nemri, CCIE #51388 (Collaboration)
  • Yasmin Hushki, CCIE #50093 (Collaboration)
  • Ferenc Kuris, CCIE #46451 (Routing and Switching)

We Want to Hear From You!

Have you passed your CCIE lab exam and used any of iPexpert’s self-study products, or attended a CCIE Bootcamp? If so, we’d like to add you to our CCIE Wall of Fame!

Researcher finds serious flaw in Chromium-based Avast SafeZone browser

Several antivirus vendors have taken the open-source Chromium browser and created derivatives that they claim are more privacy-friendly and secure. Yet, at least two of them were recently found to have serious flaws that don't exist in Chromium.The latest example is the Avast SafeZone browser, internally known as Avastium, which is installed with the paid versions of Avast's antivirus and security suites. Google Project Zero researcher Tavis Ormandy found a vulnerability that could allow an attacker to take control of Avastium when opening an attacker-controlled URL in any other locally installed browser.By exploiting the flaw, an attacker could remotely read "files, cookies, passwords, everything," Ormandy said in a report that he sent to Avast in December and which he made public Wednesday. "He can even take control of authenticated sessions and read email, interact with online banking, etc."To read this article in full or to leave a comment, please click here

Show 274: Packet Pushers Live! Viptela & Three Real-World SD-WAN Deployments (Sponsored)

The Packet Pushers are recorded live in New York in a podcast sponsored by Viptela. Greg and Ethan talk to 3 Viptela SD-WAN customers about their experiences deploying and running SD-WANs. They dive into speed of deployment, operational wins, security, and more.

The post Show 274: Packet Pushers Live! Viptela & Three Real-World SD-WAN Deployments (Sponsored) appeared first on Packet Pushers.

Show 274: Packet Pushers Live! Viptela & Three Real-World SD-WAN Deployments (Sponsored)

The Packet Pushers are recorded live in New York in a podcast sponsored by Viptela. Greg and Ethan talk to 3 Viptela SD-WAN customers about their experiences deploying and running SD-WANs. They dive into speed of deployment, operational wins, security, and more.

The post Show 274: Packet Pushers Live! Viptela & Three Real-World SD-WAN Deployments (Sponsored) appeared first on Packet Pushers.

How to secure Amazon Web Services

As cloud IT has proliferated, security concerns have diminished as a barrier to adoption. But that doesn't mean you can ignore security in the cloud, since a major attack can have expensive -- and potentially business-ending -- consequences.More and more sensitive data is heading to the cloud. Genomic informatics company GenomeNext, for example, feeds raw genome sequencing data into high-speed computational algorithms running entirely on AWS. Pharmaceutical giant Bristol-Myers Squibb reduced the duration of its clinical trials by using AWS. Electronic exchange Nasdaq OMX developed FinQloud on AWS to provide clients with tools for storing and managing financial data.To read this article in full or to leave a comment, please click here

Man turns tables on scammers

Seth was weary of the calls from bogus Windows support technicians, and decided to, if not get even, at least give them a taste of their own medicine."I was really tired [of the calls], and I really hate computer scammers," said Seth, whose last name Computerworld withheld for privacy reasons. "I got fed up."Like millions of others, Seth had been on the receiving end of scammers' phone calls, who rang up and told him that they were with "Microsoft support" or "Windows support," then proceeded to claim that they had detected malware on his machine.MORE ON NETWORK WORLD: 6 simple tricks for protecting your passwords "I would get these calls three or four times a year," said Seth in an interview, adding that the calls would continue for a week or more, then end, only to resume months later. He would hang up on the callers or tell them he had no computer or was running a Mac.To read this article in full or to leave a comment, please click here

Dridex banking malware mysteriously hijacked to distribute antivirus program

Users tricked by spam messages to open malicious Word documents that distribute the Dridex online banking Trojan might have a surprise: they'll get a free anitivirus program instead.That's because an unknown person -- possibly a white hat hacker -- gained access to some of the servers that cybercriminals use to distribute the Dridex Trojan and replaced it with an installer for Avira Free Antivirus.Dridex is one of the three most widely used computer Trojans that target online banking users. Last year, law enforcement authorities from the U.S. and U.K. attempted to disrupt the botnet and indicted a man from Moldova who is believed to be responsible for some of the attacks.To read this article in full or to leave a comment, please click here

Configure the Brocade NOS REST API to use HTTPS

Brocade VDX switches have REST and NETCONF interfaces. The REST API uses the built-in HTTP server. By default, this uses plain-text HTTP. As of NOS 6.0, you can (and should!) use HTTPS. If NOS has a certificate configured, it will automatically use HTTPS. Here’s how to configure it.

Pre-Change Tests

Let’s just do a couple of quick checks before we begin. Check that the switch is only listening on port 80, and that it responds to simple API queries:

Lindsays-MacBook:~ lhill$ nmap -p80,443 10.254.4.125

Starting Nmap 7.00 ( https://nmap.org ) at 2016-02-05 18:56 NZDT
Nmap scan report for 10.254.4.125
Host is up (0.14s latency).
PORT STATE SERVICE
80/tcp open http
443/tcp closed https

Nmap done: 1 IP address (1 host up) scanned in 0.52 seconds

Lindsays-MacBook:~ lhill$ curl -u admin:password -d "<activate-status></activate-status>" http://10.254.4.125/rest/operational-state/activate-status
<output xmlns='urn:brocade.com:mgmt:brocade-firmware'>
<overall-status>0</overall-status>
<activate-entries>
<rbridge-id>1</rbridge-id>
<status>0</status>
</activate-entries>
</output>

Lindsays-MacBook:~ lhill$ ssh [email protected]
[email protected]'s password:
Welcome to the Brocade Network Operating System Software
admin connected from 10.252.131.4 using ssh on Leaf-203025
Leaf-203025# show http server status
rbridge-id 1: Status: HTTP Enabled and HTTPS  Continue reading

The Neutrino exploit kit has a new way to detect security researchers

The developers of the Neutrino exploit kit have added a new feature intended to thwart security researchers from studying their attacks.The feature was discovered after Trustwave's SpiderLabs division found computers they were using for research couldn't make a connection with servers that delivered Neutrino."The environment seems completely fine except for when accessing Neutrino," wrote Daniel Chechik, senior security researcher.Exploit kits are one of the most effective ways that cybercriminals can infect computers with malware. They find vulnerable websites and plant code that transparently connects with another server that tries to exploit software vulnerabilities.To read this article in full or to leave a comment, please click here

1 3,158 3,159 3,160 3,161 3,162 3,849