Show 247 – ThousandEyes Network Visibility – Sponsored

How do you manage networks you don't control? Our sponsor ThousandEyes joins us to talk about how to get visibility into every network your organization relies on, enabling you to resolve issues faster, improve application delivery, and run your business more smoothly.

Author information

Ethan Banks

Co-host at Packet Pushers

Ethan Banks, CCIE #20655, has been managing networks for higher ed, government, financials and high tech since 1995. Ethan co-hosts the Packet Pushers Podcast, which has seen over 3M downloads and reaches over 10K listeners. With whatever time is left, Ethan writes for fun & profit, studies for certifications, and enjoys science fiction. @ecbanks
TwitterGoogle+LinkedIn

The post Show 247 – ThousandEyes Network Visibility – Sponsored appeared first on Packet Pushers Podcast and was written by Ethan Banks.

PlexxiPulse—Disrupting The IT Channel

We’re honored that CRN has included Plexxi in this year’s 2015 Emerging Vendors List, an annual list that features up-and-coming technology vendors that have launched innovative new products that generate opportunities within the channel. Our team believes that the next generation of IT is upon us and we are honored to be recognized for our innovative solutions for the next generation of IT. To learn more about our predictions for what’s next in IT, take a look at this recent blog post by Bob Noel, Director of Solutions Marketing here at Plexxi.

We are continuing to partner with forward thinking channel partners to carve a new path in the market and to make our solutions widely accessible. Thank you to CRN for the distinction and congratulations to all of this year’s Emerging Vendors!

Below please find a few of our top picks for our favorite news articles of the week. Enjoy!

Forbes: Big Data Will Select Your Next Strategic Partner
By Christine Crandall
In an increasingly competitive but cost conscious world businesses are always looking for new ways to gain competitive advantages and revenue streams.  Businesses are likely to be more successful in achieving their goals if they Continue reading

Hillary Clinton sent classified information via personal email

A government investigation has concluded that Hillary Clinton sent classified information through a personal email account while she served as Secretary of State, The Wall Street Journal reported on Friday.The internal review of Clinton’s use of a personal account by the Inspector General for the intelligence community examined just 40 emails of the thousands sent through the account and found four of them contained information that should have been classified as “secret,” the newspaper said. None of the emails were marked as such.At the time they were sent, that was the second highest level of classification in the U.S. government.To read this article in full or to leave a comment, please click here

US govt guide aims to bolster security of mobile devices used in health care

Health care providers are increasingly using smartphones and tablets for tasks such as accessing and transferring medical records, and submitting prescriptions, but these devices may not be secure enough to protect sensitive medical information from hackers.That’s the conclusion of the U.S. National Institute of Standards and Technology, whose cybersecurity center released a draft guide Thursday to help health IT professionals shore up the mobile devices.“Mobile devices are being used by many providers for health care delivery before they have implemented safeguards for privacy and security,” the agency said.To read this article in full or to leave a comment, please click here

IDG Contributor Network: DDoS attack size is getting bigger, security firm says

DDoS attacks aren't going away anytime soon. In fact, they're getting bigger, according to network security company Arbor Networks. But there's good news for potential attacks in the Internet of Things arena—some heat is off there.DDoS, or Distributed Denial-of-Service, attacks are where numerous compromised computers are used to target a single system. In simple terms, the sheer size of the blast of traffic overwhelms the system.Large attacks Arbor Networks says that "while very large attacks are what makes headlines, average attacks are approaching one gigabit per second, and are rapidly becoming a real problem for more and more enterprises."To read this article in full or to leave a comment, please click here

Chrysler recalls 1.4M cars that were vulnerable to remote hacking

Chrysler has launched a recall of 1.4 million recent model cars that were vulnerable to being remotely accessed and controlled by hackers.The recall comes days after Wired reported a demonstration by hackers in which they were able to access and control a Chrysler Jeep as it was being driven.The hack detailed in the Wired article took place under somewhat controlled conditions—the driver, a Wired writer knew that it was about to happen—but it occurred on the busy Interstate 64 near St. Louis. It culminated in the vehicle slowing down and causing something of a traffic obstacle for cars behind.To read this article in full or to leave a comment, please click here

Chrysler recalls 1.4M cars that were vulnerable to remote hacking

Chrysler has launched a recall of 1.4 million recent model cars that were vulnerable to being remotely accessed and controlled by hackers.The recall comes days after Wired reported a demonstration by hackers in which they were able to access and control a Chrysler Jeep as it was being driven.The hack detailed in the Wired article took place under somewhat controlled conditions—the driver, a Wired writer knew that it was about to happen—but it occurred on the busy Interstate 64 near St. Louis. It culminated in the vehicle slowing down and causing something of a traffic obstacle for cars behind.To read this article in full or to leave a comment, please click here

Even without breaches, don’t count on websites to hide that you have an account with them

Companies often fail to hide if an email address is associated with an account on their websites, even if the nature of their business calls for this and users implicitly expect it.This has been highlighted by data breaches at online dating sites AdultFriendFinder.com and AshleyMadison.com, which cater to people looking for one-time sexual encounters or extramarital affairs. Both were vulnerable to a very common and rarely addressed website security risk known as account or user enumeration.In the Adult Friend Finder hack, information was leaked on almost 3.9 million registered users, out of the 63 million registered on the site. With Ashley Madison, hackers claim to have access to customer records, including nude pictures, conversations and credit card transactions, but have reportedly leaked only 2,500 user names so far. The site has 33 million members.To read this article in full or to leave a comment, please click here

Bitcoin companies move ahead in Africa

Efforts to get Bitcoin off the ground in Africa received a boost this week as BitX announced it has raised $4 million in funding.Africa is a market ripe for Bitcoin: it’s underserved by financial institutions due to the high cost of having a physical presence like ATMs, bank branches and remittance offices, according Werner van Rooyen, head of business development and growth at BitX.The company was founded in 2013 and runs a bitcoin exchange and provides wallets for the cryptocurrency. Its headquarters are in Singapore and it has offices South Africa, Indonesia, Kenya, Malaysia and Nigeria. The Series A funding round was led by South Africa’s Naspers Group.To read this article in full or to leave a comment, please click here

Intro to Docker Webinar: Q&A

Many great questions popped up in this week’s Introduction to Docker webinar where we covered the basics of the Docker technology, discussed the Continuous Integration (CI) use case and a product demo of Docker Trusted Registry and Docker Engine. Instead of keeping … Continued

French surveillance law is constitutional, highest court says

A surveillance law rushed through the French parliament in the wake of the Charlie Hebdo shootings in Paris in January is constitutional, the country’s highest court ruled late Thursday. The decision gives law enforcers and intelligence agencies the power to gather communications metadata—who is communicating with whom, where, and when—in real time, with few restrictions.As the law on surveillance progressed through parliament, the government declared it “urgent”, meaning elected representatives in the Senate and National Assembly had only one opportunity to amend it instead of the usual two. They waved it through anyway. Some parliamentarians challenged parts of the law on constitutional grounds, calling on the Constitutional Council to give its verdict.To read this article in full or to leave a comment, please click here

French surveillance law is constitutional, highest court says

A surveillance law rushed through the French parliament in the wake of the Charlie Hebdo shootings in Paris in January is constitutional, the country’s highest court ruled late Thursday. The decision gives law enforcers and intelligence agencies the power to gather communications metadata—who is communicating with whom, where, and when—in real time, with few restrictions.As the law on surveillance progressed through parliament, the government declared it “urgent”, meaning elected representatives in the Senate and National Assembly had only one opportunity to amend it instead of the usual two. They waved it through anyway. Some parliamentarians challenged parts of the law on constitutional grounds, calling on the Constitutional Council to give its verdict.To read this article in full or to leave a comment, please click here

Cybersecurity Canon and The Florentine Deception

I first met cybersecurity veteran, Rick Howard, when he joined Palo Alto Networks as Chief Security Officer.  During our discussion, Rick mentioned an idea he was promoting for a cybersecurity canon: A list of must-read books for all cybersecurity practitioners -- be they from industry, government or academia -- where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and that, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.Rick’s notion of a cybersecurity canon hit home for a few reasons.  I am an avid reader of cybersecurity books and am usually reading or re-reading something.  And whenever someone asked me how they could learn about cybersecurity concepts, I would tell them to eschew text books and begin their education by reading more mainstream works like Cyberwar by Richard Clarke, Fatal System Error by Joseph Menn, Worm by Mark Bowden, and Kingpin by Kevin Poulsen.To read this article in full or to leave a comment, please click here

Junosphere – inaccessible VMXes

Update:  The problem described in this article was logged with JTAC.  It took a while but eventually they informed me they had resolved an issue with provisioning VMX in the Junosphere system.  I have tried it since and the issue does appear to have gone away.  However I am leaving this post up in case it has simply become more intermittent.   Please let me know if you experience a situation like what is described below.

I usually use the ‘experimental’ VMX in my Junosphere topologies because I don’t like the VJX all that much.  The VJX has security code in it, so it’s not quite like an MX really.   Also I’ve seen oddities where it came up in flow mode with a default firewall policy of denying everything, and I was never able to work out why.

So instead I use the VMX for everything – which is better these days because it doesn’t use two VM units for the data and control planes like it used to.  Why VMX is still ‘experimental’ after so long is a mystery to me.

However one thing just keeps cropping up with this that is just Continue reading

Junosphere – inaccessible VMXes

I usually use the ‘experimental’ VMX in my Junosphere topologies because I don’t like the VJX all that much.  The VJX has security code in it, so it’s not quite like an MX really.   Also I’ve seen oddities where it came up in flow mode with a default firewall policy of denying everything, and I was never able to work out why.

So instead I use the VMX for everything – which is better these days because it doesn’t use two VM units for the data and control planes like it used to.  Why VMX is still ‘experimental’ after so long is a mystery to me.

However one thing just keeps cropping up with this that is just a bit annoying.   Every so often I start a topology I know was working, but one or more routers aren’t accessible for some reason.  The problem is usually caused by the way Junosphere has put the management address onto the VM. To get access to the VM you instead need to telnet to it via the console server at 10.233.255.254 using a specific port number

The fxp0 IP address should be created in the Continue reading

Packets of Interest (2015-07-24)

I’ve been doing a lot of reading and video watching on securing industrial control and automation systems (ICAS) (sometimes referred to as SCADA systems) so this POI has a few links related to that and ends with a link to an editorial piece about privacy and why privacy matters to us all.

SCADA and ICS for Security Experts: How to avoid Cyberdouchery (Blackhat 2010)

This is a funny but also educational and truthful presentation by James Arlen that every IT person needs to watch if they intent to work with and gain any credibility with their counterparts in Operations Technology (OT).

Digital Bond Quickdraw SCADA IDS Signatures

https://www.digitalbond.com/tools/quickdraw/

https://github.com/digitalbond/quickdraw

Quickdraw is a set of IDS/IPS signatures for Snort (and other IDS/IPS software that understands the Snort rule language) that deals specifically with ICAS protocols such as DNP3, Modbus/TCP, and EtherNet/IP. The rules appear to be generic in nature and not focused on any particular ICAS vendor equipment.

Digital Bond also wrote Snort preprocessors for DNP3, EtherNet/IP, and Modbus/TCP which some of the rules depend on. I tried browsing through Digital Bond’s diffs to Snort 2.8.5.3 but they are very hard to read because the Continue reading

1 3,376 3,377 3,378 3,379 3,380 3,834