0

Non-technical manager’s guide to protecting energy ICS/SCADA

Sophisticated cyber-attacks known as Advanced Persistent Threats (APT) are a growing challenge to the energy sector of our nation’s critical infrastructure. These attacks can largely be attributed to well-funded, dedicated nation-state actors.APT attacks against Industrial Control Systems (ICS) and to Supervisory Control and Data Acquisition (SCADA) systems are increasing; the U.S. Department of Homeland Security (DHS) Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) cited ICS/SCADA and control system networks as one of the top two targets for hackers and viruses. These vulnerabilities begin with the human interface (13% of vulnerabilities required local access) and end with the actual Internet-facing ICS/SCADA hardware (87% of vulnerabilities are web-accessible).To read this article in full or to leave a comment, please click here

0

Attackers target OWA for domain credentials

A targeted attack against Outlook Web Application (OWA) illustrates how far adversaries will go to establish persistent control over the organization's entire network.As seen in recent breaches, attackers typically use stolen credentials or malware to get a foothold on the network, and then target the domain controller. Once attackers successfully compromise the domain controller, they can impersonate any user and move freely throughout the enterprise network. Since the OWA server, which provides companies with a Web interface for accessing Outlook and Microsoft Exchange, depends on the domain controller for authentication, whoever gains access to the OWA server automatically wins the domain credentials prize.To read this article in full or to leave a comment, please click here

0

Liberate Your Application Deployments with Brocade Services Director

Learn how Brocade’s unique, simple, and intuitive approach to application programmability can empower you with flexibility to support your business needs.

0

Nokia’s Post-Merger Plan Bodes Well for Nuage Networks, So Far

Basil Alwan will stay close to the throne post-merger.

0

Zappos’s Website Frozen for Two Years as it Integrates with Amazon

Here's an interesting nugget from a wonderfully written and deeply interesting article by Roger Hodge in the New Republic: A radical experiment at Zappos to end the office workplace as we know it:

Zappos's customer-facing web site has been basically frozen for the last few years while the company migrates its backend systems to Amazon's platforms, a multiyear project known as Supercloud.

It's a testament to Zappos that they still sell well with a frozen website while most of the rest of the world has adopted a model of continuous deployment and constant evolution across multiple platforms.

Amazon is requiring the move, otherwise a company like Zappos would probably be sensitive to the Conway's law implication of such a deep integration. Keep in mind Facebook is reportedly keeping WhatsApp and Instagram independent. This stop the world plan must mean something, unfortunately I don't have the strategic insight to understand why this might be. Any thoughts?

The article has more tantalizing details about what's going on with the move:

0

IoT will become a matter of life or death for security pros

Orlando, Fla. -- Internet of Things means different things to different people; self-driving cars, smart cities, connected homes, health and fitness apps, etc. But for security professionals, IoT will become a safety issue. Christian Byrnes That’s the stark assessment of analyst Christian Byrnes, who delivered Gartner’s scenario for cyber-security looking out toward the year 2020.Gartner is all-in on IoT, predicting that we’re moving inexorably toward “the universal connectivity of everything,’’ according to Byrnes. The impact cannot be overestimated.To read this article in full or to leave a comment, please click here(Insider Story)

0

Gartner: Risk, relentless data center demand, open source and other tech trends IT needs to know

ORLANDO --It’s not a surprise to most in IT that the info/tech world is fraught with risk, change, and disruption but most of the time all of those issues aren’t laid out in front of them in nice, neat fashion like they are at Gartner Symposium/ITxpo.There are a number of key themes echoing around the Symposium this week many having to do the smart algorithms and how that kind of technology is going to change the world forever. Another is the move to an all-digital world – a trend well underway and mostly understood by most large companies.+More on Network World: Gartner: Top 10 strategic predictions that could shake up IT+To read this article in full or to leave a comment, please click here

0

Gartner: Risk, relentless data center demand, open source and other tech trends IT needs to know

ORLANDO --It’s not a surprise to most in IT that the info/tech world is fraught with risk, change, and disruption but most of the time all of those issues aren’t laid out in front of them in nice, neat fashion like they are at Gartner Symposium/ITxpo.There are a number of key themes echoing around the Symposium this week many having to do the smart algorithms and how that kind of technology is going to change the world forever. Another is the move to an all-digital world – a trend well underway and mostly understood by most large companies.+More on Network World: Gartner: Top 10 strategic predictions that could shake up IT+To read this article in full or to leave a comment, please click here

0

Datanauts 011: Understanding Leaf-Spine Networks

The Datanauts explore the leaf-spine network architecture and examine how it works, how it differs from the traditional 3-tier design, and why it's a good fit for modern data centers.

The post Datanauts 011: Understanding Leaf-Spine Networks appeared first on Packet Pushers.

0

Greenland

The post Greenland appeared first on 'net work.

0

Worth Reading: Revisiting Internet Governance

The realpoltik is that in addition to all of its other aspects — such as its social and economic elements — the internet has become a weapon in the arsenal of the military and security forces. Of course, we all knew that this was the case but the abovementioned affairs brought this out into the open, and I think even the most militant opponents of internet governance were shocked by the extent to which these agencies were already using the internet and the other technologies it facilitates, such as data-gathering and data analytics. -via circleid

The post Worth Reading: Revisiting Internet Governance appeared first on 'net work.

0

Control Plane Protection in Cisco IOS

How does Internet work - We know what is networking

CoPP – Control Plane Protection or better Control Plain Policing is the only option to make some sort of flood protection or QoS for traffic going to control plane. In the router normal operation the most important traffic is control plain traffic. Control plane traffic is traffic originated on router itself by protocol services running on it and destined to other router device on the network. In order to run properly, routers need to speak with each other. They speak with each other by rules defined in protocols and protocols are run in shape of router services. Examples for this

Control Plane Protection in Cisco IOS

0

TeliaSonera Likes Its NFV Session Border Controller on COTS

Metaswitch chalks up another service provider for the Perimeta SBC.

0

SSL Certificate signed by own CA

There are a lot of “how-to” on the Internet explaining the setup procedure. This is mainly a copy / paste example for those in a hurry :)

How to setup your own CA

Read more on SSL Certificate signed by own CA…

0

SDN Myths Revisited

I had a great time at TECHunplugged a couple of weeks ago. I learned a lot about emerging topics in technology, including a great talk about the death of disk from Chris Mellor of the Register. All in all, it was a great event. Even with a presentation from the token (ring) networking guy:

I had a great time talking about SDN myths and truths and doing some investigation behind the scenes. What we see and hear about SDN is only a small part of what people think about it.

SDN Myths

Myths emerge because people can’t understand or won’t understand something. Myths perpetuate because they are larger than life. Lumberjacks and blue oxen clearing forests. Cowboys roping tornadoes. That kind of thing. With technology, those myths exist because people don’t want to believe reality.

SDN is going to take the jobs of people that can’t face the reality that technology changes rapidly. There is a segment of the tech worker populace that just moves from new job to new job doing the same old things. We leave technology behind all the time without a care in the world. But we worry when people can’t work on that technology.

I Continue reading

0

Network Troubleshooting: Device Cleanup

In this video, Tony Fortunato explains how removing unnecessary protocols and services from desktops and other devices can make the job of network troubleshooting much easier.

0

McAfee plans to be elected president in a landslide on the backs of 40 million tatooed voters

It has been a whirlwind few years for John McAfee, the man noted for developing the first commercial anti-virus program. It was only a few years ago when rumors were frantically flying around in following an incredibly sensational story of McAfee as a murder suspect. With all of that seemingly behind him, he now turns his attention to taking up residency in the White House.McAfee, 70, who founded the McAfee security brand, which was later sold to Intel in 2010, recently filed papers as a candidate for president as a member of the Cyber Party. McAfee’s political views are likely to be viewed by many as out of the mainstream, and he believes that if the government is not working for the people, then the citizens have the right to abolish it. He believes that the government has gotten too big and unwieldy. He often cites how it would take 600 years to read all of the laws Congress has passed through the years.To read this article in full or to leave a comment, please click here

0

Apple’s new two-factor authentication bumps up security and ease of use

Apple has a new, easier-to-use, and more robust system to protect your login if you’re running the latest major OS release and the latest iTunes on every device connected to the same iCloud account. But you may have to wait for it: the system started rolling out in testing this summer for early public beta testers and developers, and started its full rollout a few days ago with the release of El Capitan.The new two-factor authentication (2FA) system requires that whenever you log in to a new device or browser, you have to enter not just your password but a confirmation code from another piece of equipment you’ve established is under your control. A second factor prevents someone from stealing or guessing your password and gaining access to your account, which can be done remotely or through a security breach. In addition, they have to have a token that can only be generated by or sent to equipment under your control, which means they typically need physical access to a computer, mobile device, or SIM.To read this article in full or to leave a comment, please click here

0

IT Monitoring & The Five Stages of Grief

Organizations often exhibit a series of behaviors when they implement IT monitoring systems that makes life difficult for IT pros doing the monitoring.

0

Get ipSpace.net Subscription while Attending the Rome SDN/NFV Event

Reiss Romoli, the fantastic organizers of my SDN/NFV event in Rome, Italy in late October are offering you a free personal ipSpace.net subscription – a saving of $299 or approximately EUR 270.

All you have to do to qualify is (A) download and fill in the registration form, (B) send it to Reiss Romoli and (C) pay before attending the webinar.

Yeah, I know the PDF form says “fax it back” – everyone has to use the tools that work best in their environment.

Hope we'll meet in warm and sunny Rome in a few weeks!