• Cisco: Securing the Control Plane of Infrastructure security

    The control plane is where a Cisco switch or router learns about its environment, using various protocols to talk to neighboring devices. The protocols operating on the control plane of a router are different from those of a switch. Therefore, the types of attacks and the intended results are also different, but they can be generalized into two broad sets:

    • Overwhelming the control plane: This is a DoS attack in which an attempt is made to overwhelm the CPU by sending a large number of control packets. When the CPU is busy handling this flood, it isn’t able to process normal traffic.
    • Corrupting control plane data: In this type of attack, malicious control plane protocol packets are used to inject rogue information to affect the actual flow of data. Typically, STP, VTP, and routing protocols are used in the control plane to create routing tables, forwarding tables, and other tables. An attacker managing to inject incorrect information in these tables can result in a DoS attack or, worse, the data can be redirected to a rogue device for a MITM attack.
  • Cisco: securing the Management Plane of Infrastructure security

    Any function related to management of a device resides in the management plane. The primary means of managing Cisco routers and switches are the console and the vty. Both of these provide access to the command-line interface (CLI). In most cases, even when a GUI interface for management is available, it uses the CLI to issue commands to the device. Apart from direct access to the CLI, SNMP can be used for information gathering and change configuration.

  • Ecuador: data leakage of almost all citizens

    VpnMentor found a big data leak. From an unprotected server owned by Novaestrat, an Ecuadorian consulting and analytical company, 18 GB of personal data and 20 million financial data of Ecuadorians, including 7 million children, got into the network.

  • How to ensure the Oracle database security?

    Database security has several aspects. First, there is authentication: Who can connect? How does one identify them? Second, there is authorization: What are users allowed to do? How does one restrict their actions? Finally, there is auditing: Given that users can connect and perform certain actions, how do you track what they are doing? These aspects are covered in this short note.

  • Infrastructure security and segmentation: the Three Planes

    We did not leave the world of security for the astral planes, and neither did we switch to the flying kind. The planes we discuss here are the three that exist on a network device: the management, control, and data planes.

  • Integrated Security Technologies and Solutions - Volume I

    Title: Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security, First edition

    Author:Jamie Sanbower, Mason Harris, Vivek Santuka, Aaron Woland
    Publisher: Cisco Press

    Year: 2018
    Pages: 590
    Language: english
    Format: EPUB
    ISBN: 9780134807577, 978-1-58714-706-7

  • Integrated Security Technologies and Solutions - Volume I

    Название: Integrated Security Technologies and Solutions - Volume I: Cisco Security Solutions for Advanced Threat Protection with Next Generation Firewall, Intrusion Prevention, AMP, and Content Security, First edition

    Автор:Jamie Sanbower, Mason Harris, Vivek Santuka, Aaron Woland
    Издательство: Cisco Press

    Год: 2018
    Страниц: 590
    Язык: english
    Формат: EPUB (изначально электронная книга)
    ISBN: 9780134807577, 978-1-58714-706-7

  • Integrating Security Solutions basic principles

    The threats that current-day networks face are advanced, persistent, and evolving continuously. To protect against them, network and security solutions are becoming more complex. Complexity leads to inefficiency and increased cost. A typical large organization uses multiple security products from multiple vendors. Some organizations use up to 70 different products to secure their networks. Each of these products has different information in different management consoles. In the event of an attack, you have to look at multiple consoles and correlate information manually to even determine that you are under attack.

  • Introducing Core IT Security Principles

    When thinking about security, most people start by thinking about their stuff. We all have stuff. We have stuff that we really care about, we have stuff that would be really difficult to replace, and we have stuff that has great sentimental value. We have stuff we really don’t want other people to find out about. We even have stuff that we could probably live without. Now think about where you keep your stuff. It could be in your house, your car, your school, your office, in a locker, in a backpack or a suitcase, or a number of other places. Lastly, think about all of the dangers that could happen to your stuff. People could be robbed or experience a disaster such as a fire, earthquake, or flood. In any case, we all want to protect our possessions no matter where the threat comes from.

  • IT Security

    Blogs on information security, protection of IT resources, systems and networks.

  • Network Security: Know Thy Enemy & Self - Cisco approach

    These were the first two—and only—characters transferred between University of California, Los Angeles (UCLA) and Stanford Research Institute (SRI) when the very first ARPANET link was established between these two locations in 1969. It was an attempt to send the LOGIN command, but the system crashed. Who would have guessed that this was the birth of one of the most important tools of modern times: the Internet? Nevertheless, ARPANET continued to evolve and grow into an international network. By early 1990, especially with the invention of the World Wide Web (WWW) by Tim Berners-Lee, the Internet became an integral part of our lives. Initially ARPANET and then the Internet were designed to be government and government-body networks. The focus of early development was primarily inter-connectivity and reliability. Security was not top-of-mind for what was to be a closed network. Hence, most of the protocols the Internet is made up of do not have security built in.

  • Network security: Performing Threat Modeling

    Threat modeling is a procedure for optimizing network security by identifying vulnerabilities, identifying their risks, and defining countermeasures to prevent or mitigate the effects of the threats to the system. It addresses the top threats that have the greatest potential impact to an organization.

  • Oracle Database and Security: is protection strong?

    Oracle Database SecurityIn June of 1997, Larry Ellison and Robert Miner founded a company called Software Development Labs. Both had worked together at Ampex; Robert had been Larry's supervisor. Together they had a vision, inspired by the work of Edgar Codd. Codd worked as a researcher for IBM and developed ideas for relational database systems. In 1970 he published a paper entitled "Relational Model of Data for Large Shared Data Banks." While IBM was slow to see the potential of Codd's ideas, Larry and Robert were not. They changed their company's name to Relational Software, Inc., in 1979, and not long after that it again underwent a name change—becoming Oracle. "Oracle" had been the code name for a CIA project that both Larry and Robert had worked on while at Ampex. Indeed, by all accounts, in the early years, the biggest consumers of Oracle's software was the CIA and the NSA. Given this, one would assume that security would have been at the top of Oracle's agenda.

  • Payment Card Industry Data Security Standard & Cisco Security Tec

    The Payment Card Industry Data Security Standard (PCI DSS) is a standard for security mandated by most of the major credit card companies, including Visa, MasterCard, American Express, Discover, and JCB. This standard applies to any organization that processes, stores, or transmits credit card information. This is not a standard required by federal law but rather mandated by the credit card companies and administered by the Payment Card Industry Security Standards Council. Some states, however, directly reference either PCI DSS or an equivalent standard in their laws.

  • Regulatory Compliance and corresponding Cisco security solutions

    While frameworks can be used to create a security policy, an organization must also take into consideration the regulatory compliance and laws that apply to the industries and locations in which it operates. Such laws are made to protect the industry and its consumers and offer specific guidelines to ensure security of information.

  • Security Models review: Cisco SAFE, Bell–LaPadula, Biba

    So far in my blog, we have discussed how to assess risks and create a security policy, taking into consideration regulatory requirements. Creating a security policy is just the first step in securing your organization. A security policy only indicates the requirements of the business and its management. It needs to be implemented to be of any use!

    How do you effectively implement a security policy? The answer is by using security models. While it is not necessary to use a defined model, using one will make the implementation and auditing more effective and uniform. A security model helps convert requirements of a policy into a set of rules and regulations.

  • Security Standards and Frameworks overview

    Various government and private entities have realized that while it is increasingly important to have a security policy, creating an effective and comprehensive one is hard. Hence, they have published many standards and frameworks to help with creating and implementing security policies. You can use one or more of these frameworks as the basis of your own policy and customize as required. While there are many organizations around the world that publish and maintain such standards and frameworks, these are the two most important ones:

  • SQL Server 2017: new security features

    The last few years have made the importance of security in IT extremely apparent, particularly when we consider the repercussions of the Edward Snowden data leaks or multiple cases of data theft via hacking. While no system is completely impenetrable, we should always be considering how we can improve the security of the systems we build. These considerations are wide ranging and sometimes even dictated via rules, regulations, and laws. Microsoft has responded to the increased focus on security by delivering new features to assist developers and DBAs in their search for more secure systems.

  • Understanding Physical IT Security as the First Line of Defense

    There are a number of factors that need to be considered when designing, implementing, or reviewing physical security measures taken to protect assets, systems, networks, and information. They include understanding site security and computer security, securing removable devices and drives, access control, mobile device security, and identifying and removing keyloggers.