• submit your feed
• about

• Home
• Business
• Technology
• Sports
• Entertainment
• Blogs
• Classifieds
• Finance
• Browse all

Security Uncorked

RSS FEED IDEMS: Security Uncorked

• Sending Some Shout-Outs
  

  I wanted to take a moment and send shout-outs (as we say) to a couple of fellow bloggers. I’m a baby blogger, so I apprecited the recent posts and mentions, from Alan Shimel on his blog StillSecure… and Augusto Paes de Barros (former Brazilian ISSA President) on his blog Security Balance.

  Alan was kind enough to take notice of my new little blog and invited me to join the Security Bloggers Network - a great resource for anyone interested in the security field and industry. The Security Bloggers Network offers a rich selection of ~100 hand-picked security blogs, offering up plenty of information without overwhelming. Alan’s was one of the first blogs I subscribed to myself, and I’ve been enlightened and amused the whole way.

  Augusto has several neat things going on his Security Balance blog, and I’m looking forward to seeing his upcoming article on “Security Blind Spots”.

  We, in the IT industry, always have looootttts of free time- a plethora perhaps ;). So, in all YOUR free time, check out some of these other great blogs and hopefully you’ll see more links to Security Uncorked as popularity grows and subscriber-ship expands.

  Until then…  happy reading!

  # # #

  

  
  
  Fri, 01 Feb 2008 05:09:19 +0000
  
  
• Juniper Switches: Refrigerator Art?
  

  I’ve been reading, listening and collecting my thoughts on Juniper’s latest addition to their happy hardware family and I’ve reached a few conclusions. I’d have to give it all a B+… for Blown, way out of proportion (that’s the + part).

  Sorry to put it so bluntly- I love Juniper products, technology and their people, but I have to call this one out. Alan had me chuckling on his extremely short response to the news and I found myself agreeing whole-heartedly with the words of  Mike Fratto. And yes, I did love Robert’s sweet little write up in CRN- warm and fuzzy even if a bit over-ambitious- I’ll stick with my tea, thank you.

  We weren’t sure what exactly was coming, so when the big unveiling revealed two series of fixed-form stackables I was left with a slightly empty feeling inside. I’ll be honest- I expected something more. So I did some checking on the ‘selling points’ hoping to find some hidden Magic Network Sauce along the way.

  I was disappointed when I examined several of the ‘features’. They’re pitching the stackables as a more flexible and cost-effective alternative to chassis-based switches. One document title promises “true chassis functionality” but the true flexibility of a chassis is the option for a variety of modules, whether they be access ports, wireless management modules, security modules, etc. That’s something you can’t possibly get in a fixed-form switch- sorry.

  To add insult to injury, part of the chassis-replacement pitch is for lower power consumption. So imagine my surprise when I started adding up the numbers- looks like a fully-populated 6-slot chassis from ProCurve could power 144 PoE ports for just a little more juice than Juniper’s 48-port EX flavours.

  The Security feature list is a bit over-hyped as well. I see 7 bullet items for 802.1X features that have much less to do with the switch, and much more to do with the IEEE standard and the implementation method. And what I don’t see is the option to do Web-Auth and Mac-Auth as supplements to 1X.

  If you examine the Layer 2 features, you’ll see similar repetition- 6 of those items are all various ways of describing spanning tree features, several encompassing the others. And they give you a ‘Voice VLAN’ as part of the Layer 2 features too- very nice of them. It might not be all bad, were not for the pricey sticker- starting at

  

  
  
  Thu, 31 Jan 2008 04:23:19 +0000
  
  
• ProCurve PCM+ Quick Start Tips
  

  Tips & Tricks: HP ProCurve PCM+ (ProCurve Manager Plus)

  Occasionally I like to throw something useful out there- so here goes! Included are some tips and tricks for getting started with ProCurve’s PCM+. PCM is the management software for ProCurve Networking devices, switches, wireless and security. I’ll give you a brief overview of the available options and plug-ins at the end.

  What to Install. When you install PCM+, other plug-ins are included in the install package, so you’ll be prompted to select which components to install. My advice- start with PCM+ only. Once you layer in the other plug-ins, the menus, options and views become intertwined and it’s hard to tell what’s a native PCM+ option, or something included in IDM, NIM or PMM (see end for plug in details). If you’ve already purchased licenses for one or more of the others, go ahead and install them. Otherwise, load PCM+, get used to it, then add a plug in. It’s the only way you’ll know if you want/need the additional features from the plug in.

  Selecting a Start From Device. When you first install PCM or PCM+, it will ask for a ‘start from’ device, which is exactly what it sounds like- it’s a starting or seed device from which the network sweep will start. Generally, you want something close to the ‘root’ of the network tree- something in the center. Most likely, you have a mixed environment, with other equipment in the WAN or core area of the network. In these cases, we suggest you use a start from device that’s the ProCurve device closest to the core/WAN area, even if it’s a hop or two out from what you consider your core. If the management server you’re loading PCM on is directly attached

  

  
  
  Wed, 30 Jan 2008 01:50:54 +0000
  
  
• The 3 C's- Your Other Network Stuff
  

  Tips & Tricks: Fully documenting your network.

  During regular ‘closet crawling’ (aka site surveys) we often find a few important details overlooked… and we all know… the devil is in the details!

  It’s not uncommon for both customers’ own network staff and prior service providers they’ve called in to leave out key pieces of data while surveying a network. It’s an honest mistake, but one we certainly don’t like to make.

  A common oversight are the 3 C’s - Cameras, Controllers and Card Readers.

  These devices are often out of sight- and therefore- out of mind. When your team or your consultant is documenting your network, be sure to track down any devices running on, through, over and around it- including the 3 C’s. This handy little tip comes from many trips on site with my father- who would document a pin, were it lodged in a patch cable.

  Cameras are easily overlooked and may or may not be part of the IP network. Controllers may include appliance controllers, storage controllers, even HVAC controllers. Card Readers are another gotcha that may be in plain sight, but a ‘forest and trees’ situation. Be sure to include those, along with any accompanying physical security devices.

  It’s important to understand the tiniest details, especially if you’re planning to implement new security functions, such as VLANs, NAC or 802.1X.  Work out the details ahead of time and you won’t have any nasty little surprises when you commit your new configs.

  # # #

  

  
  
  Fri, 18 Jan 2008 04:05:44 +0000
  
  
• The Aruba - AirWave 'Merger'
  

  After last week’s announcement of the Aruba-AirWave merger, many are asking what’s in store for the newly-acquired AirWave. I mean… merged. (This word tends to bring to mind a really big tail and a really small dog).

  If you’re not familiar with AirWave, they make the AMP product, which is a vendor-neutral wireless management solution for handling all the first-string WLAN players - Cisco, ProCurve, Trapeze, Meru, Enterasys, Motorola/Symbol, Proxim.. and yes… Aruba. Light, heavy, dumb and mesh- they do it all. We’d been watching AirWave for a couple of years and fell in love with their solution when we finally saw it in action. Of course, as soon as we become an AirWave partner and start singing it’s praises to our customers they ‘dun went and got themselves acquired’.

  But, we’re not worried. Aruba saw the great value and advantage of a vendor-neutral management platform and they intend to keep it as such. To drop the 3rd party support would be extremely disadvantageous for all, so I feel pretty comfortable saying we can all expect to see “AirUbaWave” continue on down it’s current prosperous path.

  Even better yet- I think the acquisition will give AirWave the shot in the arm they need to add support for even more vendors’ APs. They’re keeping the full AirWave team, including a group of very knowledgeable SEs and developers.

  So, I think we can expect great new things from this new marriage… and it’s likely our customers will soon be seeing an Aruba logo on our site once the deal is sealed in March.

  # # #

  

  
  
  Thu, 17 Jan 2008 03:45:44 +0000
  
  
• Naughty Little NACkers
  

  They promise you the world. “You want toast- great, it does that too!” I guess we’re used to that. I’m not naive here- I understand the cogs of the IT Sales World, but for some reason NAC vendors go above and beyond. They just make crap up. They scratch, claw, lie and cheat their way into your heart- and your pocketbook.

  Cut the fluff, do your research and find what works for you.

  I won’t name names (yet) but at a recent security conference I sat aghast as I listen to a Sr SE compare his company’s proprietary NAC solution to 802.1X- as though they were competing against the technology. There were even charts, accompanied by “our product does X, Y and Z and - oh look- 802.1X can’t do that!” (Duh!). A Senior Systems Engineer did this- not a sales guy, or a product manager- an SE. I felt obligated to right this wrong, so I patiently waited until the end then took aim at him with a few targeted questions that got everyone around me nodding and re-thinking his idiotic pitch. I wanted to just look at him and say “you know better… ” But I didn’t have to. After precisely 2.5 of my questions, he decided he had run out of time (8 minutes early) and invited me to take my questions ‘off line’. LOL

  Three weeks ago, I caved into a manufacturer that’s been trying to rope us into selling their NAC solution. To make a long story short, I asked the guy (a principal of the company) during his ‘technical’ presentation if their solution could interface with an external RADIUS server- about as basic a question as exists. He stumbled for a moment then told me how great the built-in RADIUS was. Unbelievable. (The answer turned out to be ‘no’). I gave up, thanked him for his time and deleted the rest of the fluff they sent.

  

  
  
  Fri, 04 Jan 2008 20:00:08 +0000
  
  
• A Garage Door Hacking, Bombs and a Rolling Code
  

  You have to read this one, don’t you? The title is just too catchy to let go.

  If you read my recent post on “Ignorance Without Bliss”, you know I was helping out one of my SMB friends, the owner of ‘This Office’ in the story. In my follow up, I told you about the vandalization of the business. And I told you that story so I could tell you this one.

  I was at my office the day they found the business had been vandalized. After staying late to work out the password issues and finish up with their PC, I actually had to head straight over to our local ISSA meeting. It was our annual wrap-up and board elections, so it lasted a bit longer. After the meeting, I went along my merry way to This Office to deliver their clean and accessible PC. Finally, I made it home just before midnight.

  At 11:48 pm I pulled up to my house. With all the neighbors already asleep, it was dark and lonely at the end of our cul-de-sac. As I got to the middle of the circle I stopped- my garage door was wide open. The position of the house and the garage made it’s gaping hole obvious from all parts of our street, and the next one up. It was also garbage day, leaf pickup day and recylcing day, so I have no clue how many strangers passed by. Nor did I have a clue how long it had been exposed like that- possibly since I left for work at 8:00am - potentially 16 hours of a poor defenselss house. Which may not have been an issue, had it not been my habit to leave the door from the garage to the house unlocked - all the time.

  

  
  
  Wed, 02 Jan 2008 21:50:21 +0000
  
  
• I Jumped on the CrackBerry Train
  

  Yes, I jumped on the CrackBerry Train. I’ve been holding out for years, happy with my little ‘Blueberry’ as I called it- my small Sanyo clamshell that was a lovely deep blue colour. But last Sunday, I joined the growing army of BlackBerry users.

  My poor little Sanyo, after many years of faithful service, starting dropping calls, not holding a charge, and offering some interesting speech synthesis during voicemails.

  I found my new jewel- the BlackBerry Pearl, which is only slightly larger than my little clamshell and offers all the same applications as the larger, full-sized BlackBerry editions.

  My background is customized, the sound profiles are set, emails a’comin’ in steady and I’m having a jolly time with the interactive maps and the hi-res camera.

  Now, as soon as I find a good solution for the zillions of daily Spam, I’ll be all set!

  # # #

   

  

  
  
  Sat, 22 Dec 2007 17:59:24 +0000
  
  
• Ignorance Without Bliss: a J! True Security Story
  

  Sometimes when I’m flipping through the television stations, I see the ‘E! True Hollywood Story’ shows, in my case on Time Warner’s channel 62. If you haven’t seen them, the series offers a documentary-style look at the ‘true’ lives of Hollywood’s top A-listers and their story of chasing fame and fortune.

  Perhaps not quite as interesting, but equally puzzling an outrageous, I’ve decided to log my own chronicles of astounding and crazy true InfoSec stories- henceforth to be known as: a J! True Security Story.

   

  A J! True Security Story Episode 1: Ignorance Without Bliss, an SMB Security Schmuck

  I don’t get worked up often, but when I do it’s quite an occasion for friends, family, co-workers and customers (if they get to witness it). Today is one of those days.

  Being in ‘the IT” industry as we are, we get regularly volunteered by friends and family to ‘fix computer problems’. That infamous question….

  

  
  
  Tue, 04 Dec 2007 04:10:31 +0000
  
  
• Content Filtering in Schools: Best Practices for K-12
  

  Introduction from one of my white papers ‘Content Filtering in Schools: Best Practices for K-12’. Some of my customers call it the infamous ‘Booby Paper’. Find out why! You can read the full White Paper online at http://www.cadinc.com/news/press/pr_20060503_contentfilteringinschools.htm

  “I don’t care if they see boobies!” Yes, it was just as silly the first time I accidentally blurted that out, but it got the point across. That comment embodies the purpose of this document- to bring attention to the full spectrum of risks and considerations of Internet usage in schools. …  I’ve come to realize that there is a large communication gap between the educators who have to deal with these issues in the classroom and the technologists who have to enforce policies behind the scenes. Included is relevant information also for parents, so they may be aware of these issues and can remain pro-actively involved in their children’s’ ‘virtual’ life.

  # # #

  

  
  
  Sun, 02 Dec 2007 03:00:00 +0000
  
  

Submit your RSS Feed

Subscribe to this RSS Feed

• 
• 
• 
• 
• 
• 
• 
• 
• 
• 

Copyright © 2006-2007 Listopica, Inc. RSS Feed Directory