Report: Target failed to execute security basics

Verizon consultants probed Target’s network for weaknesses in the immediate aftermath of the company’s 2013 breach and came back with results that point to one overriding – if not dramatic - lesson: be sure to implement basic security best practices.In a recent KrebsOnSecurity post, Brian Krebs details Verizon’s findings as set down in a Target corporate report.The findings demonstrate that it really is important to put in place all the mundane security best practices widely talked about, and that without them even the best new security platforms can’t defend against breaches.To read this article in full or to leave a comment, please click here

Cisco fixes privilege escalation flaws in AnyConnect Secure Mobility Client

The Cisco AnyConnect Secure Mobility Client has been updated to fix vulnerabilities that could allow attackers to gain system or root privileges on Windows, Linux and Mac OS X computers. The AnyConnect Secure Mobility Client allows employees to work remotely by securely connecting back to their company's network. It provides virtual private networking over SSL and additional features like identity services, network access control and Web security. The vulnerability in the Linux and Mac OS X version of the client was discovered and reported by researchers from Dutch security firm Securify. It can be exploited to execute arbitrary files with the highest system privileges, also known as root.To read this article in full or to leave a comment, please click here

Using VirtualBox linked clones in the GNS3 network simulator

GNS3 1.3 will create and manage VirtualBox virtual machine linked clones from within the GNS3 user interface. This simplifies the process of setting up VirtualBox virtual machines in GNS3 makes GNS3 easier to use for studying the operation of open-source routers, switches, and hosts in network simulation scenarios.

LC-090

In this post, I will show how to set up and use VirtualBox linked clones in your GNS3 simulation scenarios and work through a detailed tutorial.

Continue reading

PQ Show 57 – Improve Your Home Internet Performance Using CoDel

Rich Brown chats with Ethan Banks about CoDel, an algorithm specifically designed to minimize the impact of bufferbloat. Rich and Ethan explain how CoDel works, and discuss the head-drop principle, sojourn times, TCP ECN, and more. This is a nerdy look at how your modem handles buffering, and how you can improve your home networking experience.

The post PQ Show 57 – Improve Your Home Internet Performance Using CoDel appeared first on Packet Pushers.

Imprisoned and censored voices around the world

The number of individuals in prison around the world for raising their voices online is on the rise. In 2014, the Committee to Protect Journalists found that over half of imprisoned journalists were arrested for activities conducted on the Internet. In a 2015 report, Reporters Without Borders cited 178 incidents of imprisoned “netizens” in just a selection of twelve countries. Now that individuals can speak up without the need for institutions or gatekeepers, states choose the most direct way to take away their power: incarcerating them, and taking them offline. via the offline project

This is something every engineer, every blogger, and everyone who has a passion for free speech can help with. We live in a world that increasingly sees free speech as some sort of monstrously abnormal concept (even in the US); this is a fight we need to take up if any of us expect to be able to have a conversation about anything other than whether you should use EIGRP or IS-IS on a particular network.

We need to stand up for everyone who speaks, even if we don’t agree with them.

This is important.

The post Imprisoned and censored voices around the world appeared first Continue reading

Nest aims for central role in connected homes, enticing developers to integrate

The big winners in connected homes will be vendors of whole platforms, not individual products, and Google's Nest division is pushing hard to play that role. After pioneering Thread, a low-power networking protocol, Nest is now introducing an application layer that device and appliance makers can use to integrate their products tightly with Nest's. The new tool, called Weave, is for direct interactions between devices without resorting to processing in the cloud. That's good for in-home connections that are fast, don't require much energy and work even if the home's Wi-Fi network is down, said Greg Hu, senior manager of the Nest platform. Nest already uses Weave in its own products.To read this article in full or to leave a comment, please click here

The price of free: how Apple, Facebook, Microsoft and Google sell you to advertisers

Jumping from Windows 7 directly to Windows 10 has to be something like a farmer visiting Times Square. Live Tiles flash and move. A nice assistant named Cortana always hovers nearby. Click on the wrong spot and you could be whisked away elsewhere on the Web. And there are always people asking who you are, where you live, what you like...Because the latest version of Windows is always asking for information in the guise of being helpful, it’s easy to think that Microsoft’s the poster child for the collective attack on your digital privacy. But it’s not.MORE ON NETWORK WORLD: 26 crazy and scary things the TSA has found on travelers In fact, there are plenty of other companies who feel perfectly entitled to require you to hand over your personal info before they open their doors. On a day where Microsoft clarified what it does with your data to try and soothe your fears, a Bloomberg feature profiled Facebook’s “unblockable” ads, while a new Google program revealed that advertisers can now tune ads to who you are just by knowing your email address. To read this article in full or to leave a comment, please click here

New Android vulnerabilities put over a billion devices at risk of remote hacking

Newly discovered vulnerabilities in the way Android processes media files can allow attackers to compromise devices by tricking users into visiting maliciously-crafted Web pages.The vulnerabilities can lead to remote code execution on almost all devices that run Android, starting with version 1.0 of the OS released in 2008 to the latest 5.1.1, researchers from mobile security firm Zimperium said in a report scheduled to be published Thursday.The flaws are in the way Android processes the metadata of MP3 audio files and MP4 video files, and they can be exploited when the Android system or another app that relies on Android's media libraries previews such files.To read this article in full or to leave a comment, please click here

IPv6 Support in VRF on Catalyst 3k

I was looking for information on running IPv6 in VRF on the Catalyst 3k platform and there wasn’t much information available. I tried running IPv6 in VRF on Catalyst 3560 with correct SDM profile but got this error message:

Switch(config-vrf)#address-family ipv6
 IPv6 VRF not supported for this platform or this template

I checked with Cisco and you need to have Catalyst 3560-X/3750-X with release 15.2(1)E for IPv6 to be supported in a VRF. This means the feature is not supported on the non X models.

The feature is also available on the 3650/3850 platform with IOS-XE 3.6.0E.

I hope this information helps someone looking for IPv6 support in VRF.

In Pursuit of the CCIE

Just a short post to let you know this blog is not dead. I have not written anything in several months. While I have several posts that are partially complete, I have not been able to finish them…..yet.

For the past several months, I have been busy studying for the CCIE Wireless lab exam. Prior to that, I was sort of working towards the CCIE Route/Switch written and lab exam. I wasn’t fully committed, so my studying was sporadic at best. My heart just wasn’t in forcing myself to learn more about IPv6, multicast, MPLS, and some of the other blueprint items.

Somewhere along the line it changed. Maybe it was having another co-worker who was serious in his pursuit of the CCIE Wireless. Maybe it was that my job working for a reseller had me doing more and more Cisco wireless work. Maybe I just liked the fact that wireless was hard. I’m not really sure. I just know that at some point, a switch flipped inside my head and I just decided to go all in on my studies. Honestly, I should have done this years ago, but the timing just didn’t seem right.

I’ve been studying Continue reading

1 3,304 3,305 3,306 3,307 3,308 3,844