Cybersecurity Canon and The Florentine Deception

I first met cybersecurity veteran, Rick Howard, when he joined Palo Alto Networks as Chief Security Officer.  During our discussion, Rick mentioned an idea he was promoting for a cybersecurity canon: A list of must-read books for all cybersecurity practitioners -- be they from industry, government or academia -- where the content is timeless, genuinely represents an aspect of the community that is true and precise, reflects the highest quality and that, if not read, will leave a hole in the cybersecurity professional’s education that will make the practitioner incomplete.Rick’s notion of a cybersecurity canon hit home for a few reasons.  I am an avid reader of cybersecurity books and am usually reading or re-reading something.  And whenever someone asked me how they could learn about cybersecurity concepts, I would tell them to eschew text books and begin their education by reading more mainstream works like Cyberwar by Richard Clarke, Fatal System Error by Joseph Menn, Worm by Mark Bowden, and Kingpin by Kevin Poulsen.To read this article in full or to leave a comment, please click here

Junosphere – inaccessible VMXes

Update:  The problem described in this article was logged with JTAC.  It took a while but eventually they informed me they had resolved an issue with provisioning VMX in the Junosphere system.  I have tried it since and the issue does appear to have gone away.  However I am leaving this post up in case it has simply become more intermittent.   Please let me know if you experience a situation like what is described below.

I usually use the ‘experimental’ VMX in my Junosphere topologies because I don’t like the VJX all that much.  The VJX has security code in it, so it’s not quite like an MX really.   Also I’ve seen oddities where it came up in flow mode with a default firewall policy of denying everything, and I was never able to work out why.

So instead I use the VMX for everything – which is better these days because it doesn’t use two VM units for the data and control planes like it used to.  Why VMX is still ‘experimental’ after so long is a mystery to me.

However one thing just keeps cropping up with this that is just Continue reading

Junosphere – inaccessible VMXes

I usually use the ‘experimental’ VMX in my Junosphere topologies because I don’t like the VJX all that much.  The VJX has security code in it, so it’s not quite like an MX really.   Also I’ve seen oddities where it came up in flow mode with a default firewall policy of denying everything, and I was never able to work out why.

So instead I use the VMX for everything – which is better these days because it doesn’t use two VM units for the data and control planes like it used to.  Why VMX is still ‘experimental’ after so long is a mystery to me.

However one thing just keeps cropping up with this that is just a bit annoying.   Every so often I start a topology I know was working, but one or more routers aren’t accessible for some reason.  The problem is usually caused by the way Junosphere has put the management address onto the VM. To get access to the VM you instead need to telnet to it via the console server at 10.233.255.254 using a specific port number

The fxp0 IP address should be created in the Continue reading

Packets of Interest (2015-07-24)

I’ve been doing a lot of reading and video watching on securing industrial control and automation systems (ICAS) (sometimes referred to as SCADA systems) so this POI has a few links related to that and ends with a link to an editorial piece about privacy and why privacy matters to us all.

SCADA and ICS for Security Experts: How to avoid Cyberdouchery (Blackhat 2010)

This is a funny but also educational and truthful presentation by James Arlen that every IT person needs to watch if they intent to work with and gain any credibility with their counterparts in Operations Technology (OT).

Digital Bond Quickdraw SCADA IDS Signatures

https://www.digitalbond.com/tools/quickdraw/

https://github.com/digitalbond/quickdraw

Quickdraw is a set of IDS/IPS signatures for Snort (and other IDS/IPS software that understands the Snort rule language) that deals specifically with ICAS protocols such as DNP3, Modbus/TCP, and EtherNet/IP. The rules appear to be generic in nature and not focused on any particular ICAS vendor equipment.

Digital Bond also wrote Snort preprocessors for DNP3, EtherNet/IP, and Modbus/TCP which some of the rules depend on. I tried browsing through Digital Bond’s diffs to Snort 2.8.5.3 but they are very hard to read because the Continue reading

The Wait is Over. Tower 2.2 Docs are Live.

While prior versions of the Ansible Tower documentation focused on a single PDF, we've gone in a different direction for this release. You will still have all of the great content available from earlier releases, but in a documentation set comprised of guides focused on getting you going, installation and reference, administration, and more. I have to say that all of the outstanding documentation that was created for prior versions gave me a strong foundation to work with for this release and I'm grateful for the hard work put in before I joined the Ansible team.

With Ansible Tower 2.2, we are ensuring that access to HTML as well as PDF versions of the Tower documents are easily available from the docs website. Our Ansible Tower HTML documents also look and feel more similar to the Ansible  documentation available online that you've come to know and love. And, they've been indexed to help you find the information you need as quickly as possible.

Docs_Landing_Page

First, we're introducing Ansible Tower to new users with our Quick Installation and Quick Setup Guides. These manuals are geared toward getting Ansible Tower installed and setup to the point of running a simple playbook. They Continue reading

Firewalls can’t protect today’s connected cars

The Chinese military strategist Sun Tzu once wrote, "What is of supreme importance in war is to attack the enemy's strategy."The automobile industry needs to follow Sun Tzu's advice to secure increasingly connected vehicles from hackers, according to experts.Instead of building firewalls to keep cyber attacks out, which industry watchers say is ultimately a futile endeavor, build systems that recognize what a security breach looks like in order to stop it before any real damage is done."If you hack into my car's head unit and change the radio station, I don't care. I can live with that," said Charlie Miller, one of the security experts who this week demonstrated they could hack into -- and remotely control -- a Chrysler Jeep.To read this article in full or to leave a comment, please click here

Gigabit Internet access grows out of its niche

Google Fiber launched in Kansas City in 2011. It offered gigabit speed at $70 per month and ignited the development of an ultrafast Internet access category that has since spread throughout the U.S. According to Michael Render, principal analyst at market researcher RVA LLC, 83 Internet access providers have joined Google to offer gigabit Internet access service (all priced in the $50-$150 per month range).Render’s data shows that new subscribers are signing up at an annualized growth rate of 480 percent each year. Between the third quarter of 2014 and the second quarter of 2015 gigabit, subscribers grew from 40,000-174,000.To read this article in full or to leave a comment, please click here

Google removes ‘porn clicker’ malware from Play Store

Google has removed dozens of apps from its Play Store that purport to be games but secretly click on advertisements on pornographic websites.Security company Eset found 51 new apps that contained the “porn clicker” component, which it first discovered in April in a fake app mimicking a video app called Dubsmash.Over the last three months, some 60 fake apps have been downloaded 210,000 times, showing how common it is for users to stumble across and download them.“Following ESET’s notification, Google has pulled the malware from the Play Store and also reports some of them as potentially harmful applications using its built-in security service,” wrote Lukas Stefanko, an Eset malware researcher.To read this article in full or to leave a comment, please click here

Downloading your LinkedIn contacts can now take all weekend

LinkedIn users now have to wait up to three days if they want a list of their contacts on the service.Previously, the social networking site provided a way for users to instantly export their contacts. It was a useful feature for people looking to manage their contacts elsewhere. Under a change made Thursday, users now must make a request to download their account data. In a page describing the new process, LinkedIn says users will receive an email within 72 hours with a link to download the archive when it is ready.A link to the instructions for the process appears in very small type on the LinkedIn export settings page. The change was reported earlier by VentureBeat.To read this article in full or to leave a comment, please click here

Packets of Interest (2015-07-24)

I've been doing a lot of reading and video watching on securing industrial control and automation systems (ICAS) (sometimes referred to as SCADA systems) so this POI has a few links related to that and ends with a link to an editorial piece about privacy and why privacy matters to us all.

Amazon posts a profit as AWS sales nearly double

Cloud services continue to grow by leaps and bounds for Amazon.com.The company reported that Amazon Web Services generated $1.8 billion in sales in the second quarter, up about 80 percent from the $1 billion it brought in a year earlier.That helped Amazon achieve a profit of $92 million, a turnaround from its loss of $126 million in last year’s second quarter.Overall revenue grew by 20 percent, reaching $23.18 billion.Amazon offers an increasingly broad range of products and services, including an e-commerce site, video streaming, cloud computing, ebook readers, tablets and phones.The company continues to briskly roll out new online services. During this last quarter, it launched Amazon Business, an e-commerce portal for businesses, as well as Amazon Mexico, a version of its e-commerce site specifically for that country. It also introduced the Amazon Echo, a voice-controlled device for ordering Amazon products or playing music and audio news.To read this article in full or to leave a comment, please click here

HTIRW: NOG World

NOGs and other NOGs, they sit on logs… Looking at the Internet from the outside, it might almost seem like it runs just on standards bodies, vendors, and providers. But these three groups, as important as they are, really only scratch the surface of the sinews that keep the Internet operating. At the core of […]

Author information

Russ White

Principal Engineer at Ericsson

Russ White has scribbled a basket of books, penned a plethora of patents, written a raft of RFCs, taught a trencher of classes, nibbled and noodled at a lot of networks, and done a lot of other stuff you either already know about — or don't really care about. You can find Russ at 'net Work, the Internet Protocol Journal, LinkedIn, and his author page on Amazon.
TwitterGoogle+LinkedIn

The post HTIRW: NOG World appeared first on Packet Pushers Podcast and was written by Russ White.

HP study finds smartwatches could do more to keep user data safe

Smartwatches are failing people at keeping their data safe and protecting them from hackers.Those are the findings of a study from Hewlett-Packard, whose Fortify on Demand security division tested 10 popular smartwatches. The company is in the process of alerting vendors about the flaws and can’t disclose the watches it tested, said Daniel Miessler, practice principal at HP.HP also examined the security around the Web interfaces and mobile apps that accompany smartwatches and allow a person to access the device as well as how data gathered by watch apps is protected and used.The study found vulnerabilities with each of the watches and raised concerns over user authentication methods, data encryption and data privacy, among other issues.To read this article in full or to leave a comment, please click here

Datanauts 004 – The Silo Series – Provisioning Perspectives

Chris Wahl and Ethan Banks bust IT silos by walking through a service request at a fictional corporation. They outline the steps required from network and server domains, providing context to help each group understand what the other is trying to accomplish. The result? A more effective team.

The post Datanauts 004 – The Silo Series – Provisioning Perspectives appeared first on Packet Pushers.

YouTube cofounder endorses paid version

As Google prepares to launch a subscription version of YouTube, the move has been endorsed by at least one interested party: YouTube cofounder Chad Hurley.YouTube has grown massively since its launch in 2005 and its acquisition a year later by Google. But to support its continued growth, the site needs to provide the right tools for people to create and post videos, even if that might result in a cost to users, Hurley said.“You have different forms of [video on demand],” he said, suggesting that some might be worth paying for. YouTube needs tools to help people create better content, determine how to make money from their video, and charge subscribers, he said.To read this article in full or to leave a comment, please click here

1 3,387 3,388 3,389 3,390 3,391 3,844