Home Tags Networking

Tag: Networking

computer network or data network is a telecommunications network which allows computers to exchange data. In computer networks, networked computing devices exchange data with each other using a data link. The connections between nodes are established using either cable media or wireless media. The best-known computer network is the Internet.

Network computer devices that originate, route and terminate the data are called network nodes. Nodes can include hosts such as personal computers, phones, servers as well as networking hardware. Two such devices can be said to be networked together when one device is able to exchange information with the other device, whether or not they have a direct connection to each other.

Computer networks differ in the transmission medium used to carry their signals, the communications protocols to organize network traffic, the network’s size, topology and organizational intent.

Computer networks support an enormous number of applications such as access to the World Wide Web, video, digital audio, shared use of application and storage servers, printers, and fax machines, and use of email and instant messaging applications as well as many others. In most cases, application-specific communications protocols are layered (i.e. carried as payload) over other more general communications protocols.

VU#270232: Quagga bgpd with BGP peers enabled for VPNv4 contains a...

Quagga bgpd with BGP peers enabled for VPNv4 contains a buffer overflow vulnerability Original Release date: 10 Mar 2016 | Last revised: 10 Mar 2016 Overview Quagga, version 0.99.24.1 and earlier, contains a buffer overflow vulnerability in bgpd with...

Cisco Lights a Fire in Its Security Business

VIDEO: Martin Roesch, VP and chief architect of Cisco's Security Business Group, discusses how things are going two years after his company Sourcefire was acquired by Cisco. In 2013, Cisco acquired Martin Roesch's company Sourcefire for $2.7 billion, a...

Cisco Prime LAN Management Solution Default Decryption Key Vulnerability

A vulnerability in Cisco Prime LAN Management Solution (LMS) could allow an authenticated, local attacker to decrypt and access data fields in LMS databases that are used to manage devices in Cisco networks. The vulnerability is d...

Cisco Wireless Residential Gateway Information Disclosure Vulnerability

A vulnerability in the web-based administration interface of the Cisco Wireless Residential Gateway could allow an unauthenticated, remote attacker to access sensitive information on the affected device.  The vulnerability i...

Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability

A vulnerability in the web server used in the Cisco Cable Modem with Digital Voice Model DPC2203 could allow an unauthenticated, remote attacker to exploit a buffer overflow and cause arbitrary code execution. The vulnerability is...

Cisco ASA Content Security and Control Security Services Module Denial of...

A vulnerability in the HTTPS inspection engine of the Cisco ASA Content Security and Control Security Services Module (CSC-SSM) could allow an unauthenticated, remote attacker to cause exhaustion of available memory, system instabi...

Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability

A vulnerability in the web-based administration interface of Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with EDVA could allow an unauthenticated, remote attacker to cause the device to become unresponsive and r...

Cisco TelePresence Video Communication Server Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol (SIP) message handling process of Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. T...

Encryption project issues 1 million free digital certificates in three months

Let's Encrypt, an organization set up to encourage broader use of encryption on the Web, has distributed 1 million free digital certificates in just three months. The digital certificates cover 2.5 million domains, most of which had never implemented SSL/TLS (Secure Sockets Layer/Transport Layer Security), which encrypts content exchanged between a system and a user.

An encrypted connection is signified in most browsers by "https" and a padlock appearing in the URL bar. "Much more work remains to be done before the Internet is free from insecure protocols, but this is substantial and rapid progress," according to a blog post by the Electronic Frontier Foundation, one of Let's Encrypt's supporters. The organization is run by the ISRG (Internet Security Research Group) and is backed by Mozilla, Cisco, Akamai, Facebook and others. There's been a push in recent years to encourage websites to implement SSL/TLS, driven in part by a rise in cybercrime, data breaches and government surveillance. Google, Yahoo, and Facebook have all taken steps to secure their services. SSL/TLS certificates are sold by major players such as Verisign and Comodo, with certain types of certificates costing hundreds of dollars and needing periodic renewal.

Critics contend the cost puts off some website operators, which is in part why Let's Encrypt launched a free project. "It is clear that the cost and bureaucracy of obtaining certificates was forcing many websites to continue with the insecure HTTP protocol, long after we've known that HTTPS needs to be the default," the EFF wrote.

NEDA Telecommunications Appoints SpeedCast to Build New Network for the Government...

SpeedCast to provide the Government of Afghanistan with secured and efficient connectivityDubai, United Arab Emirates, March 9, 2016 - SpeedCast International Limited (ASX: SDA), a leading global satellite communications and network service provider, today announced that it has been appointed by NEDA Telecommunications (“NEDA”), the first licensed Internet Service Provider in Afghanistan, to build a satellite connected secured private network for one of the ministry offices of the Government of Afghanistan (“End User”). Under this multi-year service agreement, SpeedCast will build a new satellite-based private network with over 50 sites to deliver required connectivity and service levels to the End User.

The new private network aims to provide reliable and secured connection that allows improved efficiency and productivity by extending connection coverage for the End User. “We are happy to work with SpeedCast,” said Ahmad Ihsan, CEO of NEDA Communications. “SpeedCast has been our main backbone network provider for the past few years.

Their experience with the Afghanistan market and their expertise in satellite communications is instrumental to our success.

This new network will open the door to a new market opportunity for us.” “SpeedCast has been serving the service providers and the private sectors in Afghanistan over the last decade, by providing connectivity and value added services to the region,” commented Pierre Jean Beylier, CEO of SpeedCast. “We are excited to work with NEDA, a truly pioneering service provider in Afghanistan and it is our pleasure to work with the NEDA team who are dedicated to bring in new technology to connect Afghanistan to the rest of the world.” “We are happy to witness the success of NEDA and support their growth, by providing our expertise and bringing in the latest technology to the region. We will continue to work hand in hand with NEDA to expand our footprints in the market and connect users in the region to the rest of the world,” added Mr.

Beylier. ENDS About NEDA CommunicationsFounded in 2003 as the first licensed ISP in Afghanistan, starting with dial-up and moving swiftly into wireless broadband services. Neda Telecommunications quickly established itself as the leading Internet Service Provider in Afghanistan with a presence in most major cities and plans to roll out still further.

For today, NEDA is the preferred ISP for most of the Banks and Ministries in Kabul. More information about NEDA can be found at http://neda.af. About SpeedCast International LimitedSpeedCast International Limited (ASX: SDA) is a leading global satellite communications and network service provider, offering high-quality managed network services in over 90 countries and a global maritime network serving customers worldwide. With a worldwide network of 33 sales and support offices and 31 teleport operations, SpeedCast has a unique infrastructure to serve the requirements of customers globally. With over 5,000 links on land and at sea supporting mission critical applications, SpeedCast has distinguished itself with a strong operational expertise and a highly efficient support organization.

For more information, visit www.speedcast.com. Social Media: Twitter | LinkedIn SpeedCast® are trademark and registered trademark of SpeedCast International Limited in Hong Kong and other countries.

All other brand names, product names, or trademarks belong to their respective owners. © 2016 SpeedCast International Limited.

All rights reserved. For more information, please contact:Media Contact Information:Clara So,Head of MarketingSpeedCast International Limited+852 3919 6894clara.so@speedcast.com Investor Contact Information:Ian Baldwin,Chief Financial OfficerSpeedCast International Limited+61 (0) 2 9086 2785ian.baldwin@speedcast.com

Will The Internet Of Things Enable Your Kettle To Steal Your...

Barry Mattacott, marketing director at security specialist Wick Hill Group, looks at the security risks of linking more and more smart devices to our networks.

Are we just creating ever more vulnerable endpoints in today’s world of the Internet of Things?Back in the good old days, we nailed the front door up tight with a firewall and we knew, that with good security on our gateway, our network was safe from the nasties of the outside world.

But those pesky kids in their bedrooms, not to mention state sponsored cybercriminals, worked out that they could circumnavigate our state-of- the-art firewall by looking for a way in at the opposite end of our network - the endpoint. Barry Mattacott, marketing director Wick Hill So now we all agree that securing the endpoint is essential, but just where is it and what does it look like?Since those early days, there has been a massive proliferation of endpoints and security issues have grown alongside them. You can't go anywhere or do anything without risking an infection. A recent survey found that almost two thirds of USB sticks that were lost/found on public transport were infected with malware.
I guess this raises several issues.

Definitely, don't plug any old USB stick you find into your computer - that's how Stuxnet got its start in life after all.

The survey also begs the question, of why so many of these USB sticks are infected.

Could it be that people are deliberately infecting USBs and "losing" them? Infected USBs can today be considered a fairly traditional attack vector, along with code attached to downloaded files and drive-bys leaping out of infected websites to get you.

The security industry has made a pile of cash developing products to protect us and it's all fairly much in hand. But now we have a game changer because endpoints aren’t the same as they were.

Firstly, we had the revolution that was the mobile endpoint. Mobile phones and tablets are now huge players on our networks.

They have effectively put network endpoints in our pockets and allowed us to take them down the pub and lose them. The technology to protect them has been available for some time, but the adoption has been woefully slow. You would have thought US Federal Agencies would be right on top of it, but a 2015 survey found 61 percent of agencies do not apply their network security policies to mobile devices! So what does the future hold for the endpoint? Without doubt, the Internet of Things (IoT) means they are going to be everywhere! Network attached security systems that give you video pictures of your front door and allow callers to leave recorded messages, are essentially connecting your door bell to your main processor (home PC). Your Hive controlled heating system is connecting you to the Internet. Despite these being serious systems, many have arrived on our networks and in our homes with gaping holes in their security.

British Gas took a thrashing in the national press when their control system was found to be a burglar's dream, easily allowing access to the heating schedule, which could tell them if the owner was at home, or even if they were away for an extended period of time. Even cars have become endpoints. Until recently they were fairly much self-contained. Yes, they communicated with the Internet and manufacturers’ control networks and as such they were hackable. We saw hackers demonstrate that they could take control of a Jeep and run it off the road.

This triggered a recall of 1.4 million cars by Chrysler in order to patch the operating system.

But they were somebody else's problem in that they didn't communicate with your network, so were not one of your endpoints. But car manufacturers, including Ford, are developing on-board systems to allow you to carry out vital activities like turning on your smart kettle whilst on the road.

This requires them to connect via the Internet to your own network. On the one hand, that kettle might be ever so smart in that it carries significantly more processing power than the 64 Kb memory operating at 0.043 MHz in the Apollo guidance system that put man on the moon. On the other hand, it's not smart enough to be fully secured against man-in-the-middle attacks that will allow a hacker to penetrate your network.

And once they are in, will they be able to access your car sitting in the driveway and steal it? It doesn't really matter how secure Ford makes your car, if your kettle is going to leave the door open. Why? Why is it that the Internet of Things is so woefully behind the curve regarding security?To start with, your average kettle manufacturer doesn't have a great pedigree in network security.

They might make an awesomely efficient kettle but in the current climate they will find it difficult to find and employ a suitable security expert.

They are also in a rush.

They have just come up with the world saving idea of adding internet connectivity to your kettle, so obviously they are in a huge rush to get it to market before everyone else thinks of it and beats them to it.

And of course, functionality will always beat security. No one wants to go through multi-factor authentication every time they want a cup of tea. So what can you do about it? Purchase (and attach to your network) with care. When it comes to the Internet of Things, you are putting your trust in the hands of others.

There is little that you personally can do to ensure that your TV, kettle, car, fridge, etc., etc. is secure. One piece of advice is to look out for names that you feel you can trust with security. Manufacturers are starting to come up with solutions for these gaping security holes.

Gemalto, for example, is emerging as a front runner in the field of IoT security.

They have hardware modules, platforms and service solutions that allow you to connect and protect any machine-to-machine or electronic consumer device.

They are currently working with all sorts of OEMs, mobile network operators and industrial manufacturers in various markets. http://www.gemalto.com/iot Barracuda Networks felt the need to bring out a brand new range of products designed to protect the Internet of Things and Machine to Machine connectivity.

Their S Series currently includes Barracuda NextGen Firewall Secure Connector 1 (SC1) and the Barracuda NextGen Secure Access Concentrator (SAC).

These two appliances will make it a lot easier and infinitely more secure for enterprises to benefit from and roll-out largescale deployments of devices like Automated Teller Machines (ATMs), point-of-sale kiosks, wind power stations and networked industrial machines in remote locations. https://www.barracuda.com/products/nextgenfirewall-s Another well-known name in security, Kaspersky Lab, is making a move in the automotive space and is currently in talks with most of the world’s car manufacturers, particularly around the area of securing self-driving cars.

They are looking to secure not only the industrial controls of the production process but also the connected car. Kaspersky Lab is coming at this from a great place as they are already involved in protecting Ferrari.

Aside from the usual endpoint protection they also integrate with existing complex infrastructure, including industrial technologies and mobile devices.
In future, if your car is protected by Kaspersky, then you can probably be pretty sure your kettle can’t steal it! http://www.techworld.com/news/startups/kaspersky-looks-secure-self-driving-cars-factories-theyre-made-in-3615206/ You can also do some research on good old Google.

Thinking about stuffing a EZCast Streamer in your TV’s USB port? A quick check online will find a recent report from Check Point which revealed that the wi-fi network the EZCast sets up, can easily be breached, allowing the attacker access to your main network, where they can wreak havoc or steal confidential data.
So don't be in a rush to buy.

And check it out before you do. http://blog.checkpoint.com/wp-content/uploads/2015/12/EZCast_Report_Check_Point.pdf One important thing to check is whether the firmware on the product you are buying can be updated. Users of SimpliSafe wireless home alarm systems recently found out that the system is stupidly easy to hack with basic sniffing equipment, allowing its PIN to be grabbed from 30 metres away.

But to really rub salt into the wounds, the hardware apparently cannot be patched or updated to overcome the vulnerability, which leaves owners with no choice but to junk their system. http://thehackernews.com/2016/02/hack-home-security-alarm.html So what’s the best tactic if you don’t want to fall victim to security weaknesses in your clever consumer devices, intelligent cars and machine-to-machine equipment which makeup the Internet of Things? The best advice would be to try and resist the frivolous items like kettles and door bells and stick to things made by reputable manufacturers, preferably ones that have some sort of pedigree in networking. ENDS About the authorBarry Mattacott is marketing director of Wick Hill Group, which is based in Woking, Surrey and Hamburg Germany. Wick Hill Group is part of Rigby Private Equity (RPE), a subsidiary of Rigby Group Investments, an independent company within Rigby Group plc.
Specialist distributor Zycko is also part of RPE, and in co-operation with Zycko, Wick Hill can offer a pan-European service which provides a common proposition and consistent delivery for vendor and reseller partners covering 13 countries. Users of products sourced through Wick Hill include most of the Times Top 1000 companies, in addition to many non-commercial organisations, government departments and SMEs across all business sectors.

Through its channel partners, the company has delivered IT solutions to more than a million users world-wide. Wick Hill currently has offices in Woking, Surrey, with sister offices in Hamburg. ENDS For further press information, please contact Annabelle Brown on 01326 318212, email pr@wickhill.com, Wick Hill https://www.wickhill.com or www.twitter.com/wickhill.

For pic of Barry Mattacott please go to https://www.wickhill.com/company/press/pictures or contact Annabelle Brown.

Trivial path for DDoS amplification attacks found by infosec bods

600,000 servers are vulnerable to this little-known protocol Security researchers have discovered a new vector for DDoS amplification attacks – and it's quite literally trivial. Improperly configured services such as DNS or Network Time Protocol (NTP) have been exploited to launch a string of DDoS attacks over the last couple of years. Researchers at Edinburgh Napier University have discovered that the TFTP protocol (Trivial File Transfer Protocol) might be abused in a similar way. Unlike DNS and NTP, TFTP has no business being exposed on internet-facing systems. Yet port scanning research indicated that there about 599,600 publicly open TFTP servers. That’s bad in itself but the situation gets worse: the researchers discovered that TFTP offers a higher amplification factor than other internet protocols. “The discovered vulnerability could allow hackers to use these publicly open servers to amplify their traffic, similarly to other DDoS amplification attacks like DNS amplification.
If all specific conditions are met this traffic can be applied up to 60 times the original amount,” researcher Boris Sieklik told El Reg. “I also studied effects of this attack on different TFTP software implementations and found that most implementations automatically retransmit the same message up to six times, which also contributes to the amplification.” TFTP protocol (Trivial File Transfer Protocol) is a simplified version of FTP (File Transfer Protocol).
It is generally used in internal networks and in environments where OS image transfers are required regularly.

For instance, Cisco uses TFTP to send OS images to the VoIP phones and they can also be used by all Cisco equipment to update firmware or to transfer files as part of schemes to provide centralised storage of these images.

The technology is also widely used during PXE booting of machines. Essentially, any file can be transferred by TFTP. Attackers could use this vulnerability to perform large amplification attacks to both external and internal targets, Sieklik warns.
Sieklik worked together with Richard Macfarlane and Prof. William Buchanan, both of Edinburgh Napier University, in putting together the research, which also looked at ways to mitigate potential attacks and possible countermeasures. DDoS reflection/amplification attacks in general allow an attacker to magnify the amount of traffic they can generate.
Sending a dodgy request with a forged return address in the name of an intended target can generate a response, much bigger in size than the original request, hence the amplification terminology. The trick ultimately relies on using misconfigured services at third-party sites in order to flood targeted websites with junk responses to forged web requests.
Improperly configured services such as DNS or Network Time Protocol (NTP) have been exploited to launch a string of DDoS attacks over the last couple of years, the most high profile of which battered Spamhaus and buffeted internet exchanges back in March 2013. Something along the same lines might be possible, at least in theory, when it comes to TFTP, the researchers warn.

The computer scientists are unable to point to specific examples of DDoS attacks based on TFTP. More details of the research were published in the March edition of publisher Elsevier’s Computers & Security journal (synopsis here). ® Sponsored: DevOps for Dummies 2nd edition