Indian government orders ISPs to block 857 porn websites

The Indian government has ordered a large number of porn websites to be blocked, creating an uproar among users and civil rights groups in the country.The Department of Telecommunications has issued orders for the blocking of 857 websites serving pornography, said two persons familiar with the matter, who declined to be named.Section 69 (A) of India’s Information Technology Act allows the government to order blocking of public access to websites and other information through computer resources, though this section appears to be designed to be invoked when a threat is perceived to the sovereignty and integrity of India, security of the state, friendly relations with foreign states or public order.To read this article in full or to leave a comment, please click here

DNS server attacks begin using BIND software flaw

Attackers have started exploiting a flaw in the most widely used software for the DNS (Domain Name System), which translates domain names into IP addresses.Last week, a patch was issued for the denial-of-service flaw, which affects all versions of BIND 9, open-source software originally developed by the University of California at Berkeley in the 1980s.The flaw can be exploited with a single packet, crashing both authoritative and recursive DNS servers. Security analysts predicted that attackers would quickly figure out how to exploit the flaw, which has now happened.“We can confirm that the attacks have begun,” wrote Daniel Cid, CTO and founder of the security company Sucuri. “DNS is one of the most critical parts of the Internet infrastructure, so having your DNS go down, it also means your email, HTTP and all other services will be unavailable.”To read this article in full or to leave a comment, please click here

Fake Apple iOS crash reports prove tricky to remove

Some Apple mobile users have been encountering a pop-up message that is particularly difficult to close.The message appears after a user has been redirected to a different domain, usually caused by viewing a malicious advertisement, wrote Jerome Segura, a senior security researcher with Malwarebytes.The message warns that a third-party application on the phone has caused the device to crash and includes a phone number where users can allegedly get their device fixed.Warnings such as this one are employed by technical support schemes, which convince people to call their support lines by falsely warning that their computers or devices have security or performance problems.To read this article in full or to leave a comment, please click here

Microsoft will NOT email you Windows 10, it’s ransomware

A few days ago, over 14 million machines had been upgraded to Windows 10, but millions of other people who used the “Get Windows 10” app are impatiently waiting for Microsoft to notify them that it is their turn to download Windows 10. The app says Microsoft is rolling out the free upgrade in waves; “Watch for your notification so that you can start your upgrade. Your notification to upgrade could come as soon as a few days or weeks.” That notification has become an exploitation opportunity for bad guys who are sending out fake Windows 10 upgrade emails along with supposedly zipped Windows 10 download attachments that ultimately install ransomware on victims’ PCs.To read this article in full or to leave a comment, please click here

Interview with CCDE/CCAr Program Manager Elaine Lopes

I am currently studying for the CCDE exam. Elaine Lopes is the program manager for the CCDE and CCAr certification. I’ve had the pleasure of interacting with her online and meeting her at Cisco Live as well. The CCDE is a great certification and I wanted you to get some insight into the program and ask about the future of the CCDE. A big thanks to Elaine and Cisco for agreeing to do the interview.

Daniel: Hi Elaine, and welcome. It was nice seeing you at Cisco Live! Can you please give a brief introduction of yourself to the readers?

Elaine: Hi, it was nice to see you, too! My name is Elaine Lopes and I’m the CCDE and CCAr Certification Program Manager. I’ve been with Cisco’s Learning@Cisco team since 1999, – I’m passionate about how people’s lives can change for the better through education and certification.

Daniel: Elaine, why did Cisco create an expert level design program? What kind of people should be looking at the CCDE?

Elaine: Cisco has very well established expert-level certifications for network engineers in various fields which assess configuration, implementation, troubleshooting and operations skills; however, these certifications were never aimed to assess design skills. Continue reading

Network Documentation Series: Port Mapping

In this post, I will be doing a brief commentary on creating and maintaining a physical port mapping spreadsheet. A port mapping spreadsheet is useful for keeping track of used/available ports on your network equipment, thoroughly documenting to which remote device each port connects, and generating configuration scripts to update port descriptions on the equipment. […]

The post Network Documentation Series: Port Mapping appeared first on Packet Pushers.

Citizens of Tech 012 – Biofuel Pyramid Cables

We start with a discussion of jail time. Jail. Time. And…147 MPH. Yeah. Eric tells the story. And then we hop into our show. Present Doomception: How modders got Doom to run inside of Doom http://arstechnica.com/gaming/2015/07/doomception-how-modders-got-doom-to-run-inside-of-doom/ Doom was open sourced in the 90’s. Folks have gone nuts porting it to all sorts of things. Now, […]

The post Citizens of Tech 012 – Biofuel Pyramid Cables appeared first on Packet Pushers.

Citizens of Tech 012 – Biofuel Pyramid Cables

We start with a discussion of jail time. Jail. Time. And…147 MPH. Yeah. Eric tells the story. And then we hop into our show. Present Doomception: How modders got Doom to run inside of Doom http://arstechnica.com/gaming/2015/07/doomception-how-modders-got-doom-to-run-inside-of-doom/ Doom was open sourced in the 90’s. Folks have gone nuts porting it to all sorts of things. Now, […]

The post Citizens of Tech 012 – Biofuel Pyramid Cables appeared first on Packet Pushers.

Yahoo picks up fashion commerce site Polyvore

Marissa Mayer knows fashion, and she’s bringing more of it to Yahoo with her latest acquisition announced Friday.Yahoo has reached a deal to acquire Polyvore, an e-commerce site that lets you shop for “what’s trending in the style community,” Yahoo announced Friday. It hopes the deal will give it a place to sell more ads for retailers.The site lets users shop for clothing and accessories, but it also has a social networking component that lets users post collections of desired items, like they might on Pinterest. The majority of Polyvore’s users are women between the ages of 18 and 34, the company says.In its announcement, Yahoo cited advertising as a key driver of the deal. Yahoo will integrate Polyvore’s ads into Gemini, its native ads platform. Polyvore has more than 350 advertisers who are retailers, Yahoo said.To read this article in full or to leave a comment, please click here

FirePower management interface

While installing Cisco FirePOWER on 5545-X, I was following the "Install and Configure a FirePOWER Services Module on an ASA Platform" guide.

One of the steps was to configure an IP address to the FirePower management interface. However, nowhere in the document it was mentioned how would that interface connect to the outside world.

So I tired to google it, and it looks like no one was asking that question: How would an internal module connect to the outside world? Not a single blog post about it. It just worked for everyone, no questions asked!

After digging around I found this document: "Cisco ASA FirePOWER Module Quick Start Guide"

And there I have found my answers:
  1. For 5585-X, FirePOWER is installed on a dedicated slot with its own mgmt0 interface.
  2. For 5545-X, FirePOWER module (SRF) is using the 5545-X's management0/0 interface. Which means that we can not use that interface for managment and it must be dedicated to FirePOWER!
  3. For the rest, it will use the "inside" interface.
 I would have expected a command to allow me to set up a bridge between the SRF management interface and some ifname on the ASA. But no, it is hard wired! Why?

VLAN Bridging with FirePOWER

Although not immediately obvious, the FirePOWER Series 3 devices can do a form of IPS on a stick. This means that the capability described here should be available to the current appliance versions of the FirePOWER managed devices. The premise involves connecting broadcast domains (VLANs) to bring the managed device inline between the initiator and responder of a flow. Configuration is fairly straightforward but does have some caveats.

Caveats

  • Even though only a single port is required, a virtual switch must be configured (this cannot just be an inline pair)
  • BPDUs being bridged between VLANs are detected and will render the switchport(s) in an inconsistent state
  • The FirePOWER physical interface will not activate until it is also bound to a Virtual Switch

FirePOWER Bridge VLANsThe diagram shows two devices in the same VLAN (we will assume /24 for the configuration). The device on the top is in VLAN 100. The FirePOWER managed device bridges VLAN 100 to VLAN 101 and allows the two devices to communicate directly with one another. The connection to the FirePOWER device is a single 802.1q trunk.

Frames arriving on VLAN 100 will be processed and egress with a VLAN tag of 101. This configuration is similar to a Continue reading

Mt. Gox CEO Karpeles arrested by Japanese police

The CEO of failed Bitcoin exchange Mt.Gox was arrested in Japan early Saturday by police, according to several media reports.Mark Karpeles faces charges related to the loss of 650,000 bitcoins worth hundreds of millions of U.S. dollars when the Tokyo-based trading exchange collapsed in February 2014.Karpeles, a French citizen, is suspected of accessing the company’s computer systems and falsifying financial data, according Japan’s Kyodo News.Japanese broadcaster NHK showed video of a man that appeared to be Karpeles being led to a car by police in a residential district of Tokyo. The TV station said the footage was recorded around 6:40am Saturday, or Friday afternoon U.S. time.To read this article in full or to leave a comment, please click here

Facebook says Flash security woes could hurt its business

Earlier this month, a security vulnerability in Adobe Flash compelled Google and Mozilla to temporarily block the plug-in from their browsers. Now, Facebook says the problems with Flash could hurt its bottom line.In a filing with U.S. regulators on Friday, Facebook said security issues with Flash could harm the revenue it collects from its Payments service. That’s because social games on Facebook rely on Flash, and they’re also the source for substantially all the revenue it gets from Payments.The company listed the concern for the first time among the “risk factors” in its quarterly filing. Public companies in the U.S. are required to disclose such risks to investors. It doesn’t mean Facebook’s revenue from Payments is about to collapse, but it means it’s enough of a concern that Facebook felt the need to disclose it.To read this article in full or to leave a comment, please click here

Show 248 – GPON For Campus Use Cases

Gigabit Passive Optical Network (GPON) is an interesting alternative to traditional Ethernet in situations where Ethernet might be difficult or expensive to deploy. Network engineers Andy Burridge and Wallace Chase join us to talk about exactly what GPON is, potential use cases for the technology, and network design challenges.

The post Show 248 – GPON For Campus Use Cases appeared first on Packet Pushers.

Personal health information in the wrong hands can be painful

Credit card data isn’t quite the mother lode it once was for cyber thieves. Not only is its useful life generally brief, it also isn’t worth as much as it used to be.But cyber criminals are, among other things, adaptable. As Daniel Berger, CEO of Redspin puts it, "hackers are bad guys but good economists.” So they simply turn to something that provides a bigger bang for the buck.And that, increasingly, is the data you voluntarily turn over to doctors, hospitals and health insurers, known as PHI, or Personal Health Information.MORE ON CSO: How to spot a phishing email The Identity Theft Resource Center reported in January that of reported breaches, the healthcare sector had the most for three years in a row, with 42.5% of the total in 2014.To read this article in full or to leave a comment, please click here

1 3,386 3,387 3,388 3,389 3,390 3,853