Microsoft counters report of Google's dumping Windows

Posted by Teacher of Cisco .
  • Agregar a Technorati
  • Agregar a Del.icio.us
  • Agregar a DiggIt!
  • Agregar a Yahoo!
  • Agregar a Google
  • Agregar a Meneame
  • Agregar a Furl
  • Agregar a Reddit
  • Agregar a Magnolia
  • Agregar a Blinklist
  • Agregar a Blogmarks

Microsoft counters report of Google's dumping Windows

Microsoft counters report of Google's dumping Windows

Posted: 02 Jun 2010 09:00 AM PDT


On the heels of a report that Google will phase out Windows in its workplace over security concerns, Microsoft on Tuesday stood up for its operating system.

Will Fed Intervention Curb or Protect Your Digital Freedom?

Posted: 02 Jun 2010 09:00 AM PDT


Considering the high-tech industry's expanding reach into everyday consumer life, it should be no surprise that Washington, D.C. has taken a closer look at the Internet economy of late.

Windows, Mac, or Linux: It's Not the OS, It's the User

Posted: 02 Jun 2010 09:00 AM PDT


Who's got the safest operating system? Apple, Google, Microsoft? According to one security expert, what really matters is who's using the OS.

Intego updates Mac users on OSX/OpinionSpy Spyware threat

Posted: 02 Jun 2010 09:00 AM PDT


Intego has unveiled preliminary list of applications affected by the OSX/OpinionSpy malware threat, the company reported earlier on Tuesday

Security firm discovers spyware in Mac software

Posted: 01 Jun 2010 09:00 AM PDT


Intego, makers of security and privacy apps for the Mac, warned on Tuesday that some Mac software include a new piece of invasive spyware. Macworld has obtained a preliminary list of the applications with the spyware.

Configuring IPS Protection and IP Spoofing on Cisco ASA 5500 Firewalls

Posted: 02 Jun 2010 06:53 AM PDT


The Cisco ASA firewall appliance provides great security protection out-of-the box with its default configuration. However, to increase the security protection even further, there are several configuration enhancements that can be used to implement additional security features. Two of these features are IP Spoofing protection and basic Intrusion Prevention (IPS) support.

IP Spoofing Protection

IP spoofing attacks are those that change the actual source IP address of packets to obscure their true origin. This means that packets arriving at a particular interface (e.g inside) must have a valid source IP address that matches the correct source interface according to the firewall routing table. Normally the firewall only looks at the destination address of a packet in order to forward it accordingly. If you enable the IP Spoofing mechanism, the firewall checks also the source address of the packets.

If for example our inside interface connects to internal network 192.168.1.0/24, this means that packets arriving at the inside firewall interface must have a source address in the range 192.168.1.0/24 otherwise they will be dropped (if IP Spoofing is configured).

The IP Spoofing feature uses the Unicast Reverse Path Forwarding (Unicast RPF) mechanism, which dictates that for any traffic that you want to allow through the security appliance, the security appliance routing table must include a route back to the source address.

To enable IP Spoofing protection, enter the following command:

CiscoASA5500(config)# ip verify reverse-path interface "interface_name"

For example, to enable IP spoofing on the inside interface, use the following command:

CiscoASA5500(config)# ip verify reverse-path interface inside

Basic IPS Protection

Although the ASA Firewall supports full IPS functionality with an extra IPS hardware module (AIP-SSM), it supports also basic IPS protection which is built-in by default without using an extra hardware module. The built-in IPS feature supports a basic list of signatures and you can configure the security appliance to perform one or more actions on traffic that matches a signature. The command that implements the basic IPS feature is called "ip audit".

There are two signature groups embedded in the firewall software: "Informational" and "Attack" signatures. You can define an IP audit policy for each signature group as following:

For informational signatures:

CiscoASA5500 (config)# ip audit name "name" info [action [alarm] [drop] [reset]]

For attack signatures:

CiscoASA5500 (config)# ip audit name "name" attack [action [alarm] [drop] [reset]]

The keywords [alarm], [drop], [reset] define the actions to perform on a malicious packet that matches one of the signatures. [alarm] generates a system message showing that a packet matched a signature, [drop] drops the packet, and [reset] drops the packet and closes the connection.

After defining an IP audit policy (IPS policy) as shown above, we need to attach the policy to a specific interface:

CiscoASA5500(config)# ip audit interface "interface_name" " policy_name"

Let's see an actual example:

CiscoASA5500 (config)# ip audit name dropattacks attack action drop
CiscoASA5500 (config)# ip audit interface outside dropattacks

Cisco CCNA Exams Expiring In November - Get Certified Now!

Posted: 02 Jun 2010 02:39 AM PDT


Cisco CCNA candidates need to be aware that the current CCNA, Intro, and ICND exams are being retired as of November 6, 2007.

This is actually great news for future CCNAs, since there is more than enough time to study for the 640-801 version of the CCNA exam, even if you haven't started studying yet!

The current version of the exam, 640-801, is challenging enough as it is - but the new version of the exam, 640-802, is going to be even more challenging! Among the new topics covered on the 640-802 exam are Rapid Spanning Tree Protocol (RSTP), IP Version 6 (IPv6), router security, switch security, VPNs, and wireless routing.

Why is Cisco making these changes? Cisco no longer wants the CCNA to be seen as an "entry level" certification, and I personally think that's a welcome change. I've been writing CCNA ebooks and teaching in-person and internet-based CCNA courses for years, and I've always refused to refer to the CCNA as "entry level". Cisco's new entry-level certification is the CCENT, Cisco Certified Entry Level Technician, and we'll talk about that certification in a future article.

For now, it's important to realize that you have plenty of time to prepare for the current 640-801 exam. By doing so, you'll earn one of the most valuable certifications avaiable today. Cisco does a tremendous job in protecting the value of its certifications, and any time spend on earning the CCNA is time well-spent.

The CCNA 640-802 exam will be available on August 1, but again, the current 640-802 exam will be available through November 5. If you want to get CCNA certified, now is definitely the time to get the job done - so get started, book your exam date today, and get CCNA certified!

Google faces privacy investigation in Canada

Posted: 02 Jun 2010 09:00 AM PDT


The Privacy Commissioner of Canada has started an investigation into Google's collection of data from unsecured wireless networks, the office said in a statement on Tuesday.

Android rootkit is just a phone call away

Posted: 02 Jun 2010 09:00 AM PDT


Hoping to understand what a new generation of mobile malware could resemble, security researchers will demonstrate a malicious "rootkit" program they've written for Google's Android phone next month at the Defcon hacking conference in Las Vegas.

FTC pushes back identity theft rules deadline -- for fifth time

Posted: 01 Jun 2010 09:00 AM PDT


The Federal Trade Commission (FTC) has once again pushed back its enforcement deadline for an identity theft --lated regulation called the Red Flags Rule.

Enterprise risk management: all systems go

Posted: 01 Jun 2010 09:00 AM PDT


When Bill Badertscher arrived at Georgetown University three years ago, campuswide security was handled in several departments with little coordination among teams. It was time for a change. Badertscher is Georgetown's senior engineer for facility and safety control systems and leader of a new IT team that focuses on the same areas. The goal is to address enterprise risk management (ERM) by redefining it to include nontraditional systems. Understanding that security is mission-critical has led the University Safety and Information Services departments to work together in unprecedented ways.

SaaS's Troubled Adolescence: 3 Signs of Immaturity

Posted: 01 Jun 2010 09:00 AM PDT


A new Forrester Research survey of enterprise software buyers sheds light on SaaS's blind spots: troubling security concerns, hidden integration costs, and data migration challenges.

The best CTOs of 2010

Posted: 01 Jun 2010 09:00 AM PDT


For many in IT, 2009 was a nuclear winter, with resources stripped away as companies struggled to survive. Yet many were tasked with using IT to increase the company's efficiency, enter the few new growth markets, or fix a fundamental problem that threatened the company's ability to stay in business.

Google Dropping Windows over Security? Good Luck

Posted: 01 Jun 2010 09:00 AM PDT


Sources from within Google are claiming that the online search and advertising giant is implementing an official transition away from the Microsoft Windows operating system. According to the reports, the culture shift is intended to reduce security concerns. That makes a compelling headline--especially for a Microsoft rival developing its own operating system--but it doesn't make a very good security strategy.

0 comments:

Subscribe to: Post Comments (Atom)
Post a Comment