A few months back, Der Spiegel published a carefully selected cache of documents about the NSA Exploit Kits used to compromise a wide range of commercial network and security hardware and software. I haven’t seen anyone discussing the implications for commercial espionage. NSA Exploit Catalog A few months back, Der Spiegel published a carefully selected […]
The announcement is a major change in Cisco Security strategy and perspective and, I think, a promising step forward: From a strategic standpoint, we will focus on a “threat-centric” security model moving forward – meaning that we will put a heavier focus on the threats themselves versus policy or controls. Given the fast-changing threat landscape, […]
In December 2002, I wrote an article for SearchNetworking at Techtarget about ten predictions for 2003 – Greg Ferro’s 2003 predictions. I stumbled across the article recently & was struck by just how many of these predictions are still valid & somewhat accurate. Let score how accurate I was:
Bruce Schneier has been reviewing documents from Snowden and believes that all security platforms have been compromised by governments : Be suspicious of commercial encryption software, especially from large vendors. My guess is that most encryption products from large US companies have NSA-friendly back doors, and many foreign ones probably do as well. It’s prudent […]
I’ve been thinking about the security issues of working with Huawei equipment and Huawei the company. I’ve spoken with a number of people who, off the record, talk of working with Huawei as customers and their experiences of the product have been less than excellent but the price is low. What I’ve realised is concerning. […]
Vendors are rarely believable when data sheets state the performance of IPS systems. That’s partly the fact that IPS performance is variable according to types of inspection rules that are configured and the amount of traffic hitting those rules, in use. In short, IPS performance is determined by the complexity of the rules you choose to […]
Another sign that it’s time to stop buying service modules for Catalyst 6500. This is not the time for dedicated hardware appliances such as ACE or ASA Service Modules. Mulitcontext support for routing and VPN is not available on C6500 ASA Service Module. Multi-Context Enhancements Enhances the current ASA Multicontext capability to include support for […]
Lots in insight for Enterprise people to consider when defending your network against DDoS attacks. At CloudFlare, an attack needs to get over about 5Gbps to set off alarms with our ops team. Even then, our automated network defenses usually stop attacks without the need of any manual intervention. When an attack gets up in […]
Define Threat Asymmetry
You can deploy some modern firewalls in Layer 2 mode such that they are transpart
Once upon a time, ZoneAlarm was the best personal firewall available. It was free, stable and excellent. I seem to remember using it from 2002-2003 or so – then Zonealarm was acquired by CheckPoint and the product was lost to the retail market. CheckPoint moved the product to corporate desktops and was lost to the […]
Apple is disabling Java by default in the last update which is a perfect solution to the risk that Java presents to the desktop. At the same time, it’s drives a stake into the heart of Java.
I’m deleting social media accounts with a sense of fear. Who wants to share _everything_ ? I did, until I realised how dangerous Network Theory is for exposing information about you. And everyone you know.
Microsoft announces zero-day exploitable RDP flaw that gets full compromise of server. Expects worm to be available within thirty days. I get to gloat and say “I told you so” to all Microsoft admins everywhere.
Couple of days back, Juniper announced acquisition of Mykonos Software. After reviewing the web site I find that I’m interested in this acquisition as signal of change.
There is a significant numbers of ASA5110 chassis that have been reworked to look and act like ASA5520 or ASA5540 firewalls. Refer this bug toolkit for more details.
There is a significant camp of software developers who are developing software switching solutions for hypervisors. Which is nice, I guess. The use of software switching in the hypervisor has some good points but, in my view they are heavily outweighed by the bad. I present the use case, and show that software
I’ve been reviewing a network that has some CheckPoint firewalls that have been unstable, and while this isn’t surprising (in my experience, it’s common enough for Checkpoint firewalls to be unstable for some reason or the other), this time I’ve been faced with Checkpoint Clustering. A few years back I tried to make this work, but gave up when CheckPoint couldn’t make it work either.
A few years later, I find someone brave enough to attempt it. This time it’s different, I’m the one who has to justify why it’s a bad idea. Now that the manuals are not secret anymore I think I’ve found out why.
I’ve got a Cloud Security Blanket. Got to know that all my data is safes now.
Cisco announces End Of Life for CS-MARS. Whither goes Cisco’s commitment to Security ?