Device Fingerprinting – What it is and defense measures

cookie1 Device Fingerprinting   What it is and defense measures

The people at webdesigndegreecenter developed a infographic covering device fingerprinting beyond standard cookie tracking. The original infographic can be found HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

NSS Labs Breach Detection Systems (BDS) Comparative Analysis Report

nsslabs3 NSS Labs Breach Detection Systems (BDS) Comparative Analysis Report

NSS labs just released their Breach Detection Systems Report found HERE. The purpose for this report is based on the concept that there is a need for security solutions that extend beyond defense measures found in common security products such as Anti-Virus and IPS network appliances. NSS labs have developed a name for the feature designed to stop advanced threats known as having “Breach Detection” capabilities.  Its pretty much technology you would implement as a last layer in the event a threat breaches your firewall, AV and network security defenses. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Launching and Preventing Denial of Service Attacks – DDoS / DoS

Dos Launching and Preventing Denial of Service Attacks – DDoS / DoS

I have recently seen a uptick in DDoS / DoS attacks against my customers and asked questions such as “how easy is it to perform these attacks?”, “who launches these attacks?” and “how can I defend against such attacks?”. I have spoke about this topic in the past however will provide both the executing and defending side of DoS in this post. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

The Darknet

shhh The Darknet

I’ve had people ask about the Darknet and decided to provide a brief overview. To summarize, the Darknet is not some evil network designed to cause chaos. I find it funny when articles refer to the Darknet as some form of attack or thing to watch out for. To put it simply, the Darknet is a closed or hidden network meaning you can’t access webpages using standard Internet browsers. In order to find dark resources, you need specific software and sometimes special permission to access parts of the network. The next screenshot is one method using a TOR browser. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

The Imminent Demise of Bitcoin

Aamir Lakhani wrote a fantastic overview on Bitcoins. You can find the original HERE via www.drchaos.com.

Bitcoin started as a transparent open source currency that provided anonymity. It also provided advantages over traditional currency. Bitcoin is not bound to any organization or country. It is a peer-to-peer trading currency, so it is not subject to financial institutions such as banks, merchants, or payment gateways. A Bitcoin, in almost every way, is like real currency coins that you can use, spend, and save. However, like real currency, it can also be destroyed, lost, and stolen.

Bitcoin 1024x1024 The Imminent Demise of Bitcoin Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

End of availability for the Cisco IPSEC VPN Client this summer. Time to migrate!

computer management End of availability for the Cisco IPSEC VPN Client this summer. Time to migrate!

For those that have been hanging on to the old Cisco IPSEC client, its time to really consider a migration. The client will no longer be downloadable as of July 29th of this 2014 year. This also means it will no longer be supported. The official notice can be found HERE. Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

Open App ID: Cisco commits to open source and application identification

bart os Open App ID: Cisco commits to open source and application identification

My buddy Aamir wrote a summary of the open source announcement by Cisco at RSA last week (original post can be found HERE). Cisco also announced integrating FireAMP with Cisco email, web and cloud security products. FireAMP gives Cisco products the ability to detect infected files by searching for known hashes, sandboxing unknown files and other detection means. More on the FireAMP capabilities can be found HERE. Another source for these announcements is on the Network World blog found HERE Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)

2014 UPDATE: Web Security Offerings From Cisco: Comparing the Latest Cisco CX Firewall to Cisco Web Security Appliance

update 2014 UPDATE: Web Security Offerings From Cisco: Comparing the Latest Cisco CX Firewall to Cisco Web Security Appliance

I wrote a post comparing Cisco’s Next Generation Firewall known as ASA CX vs. Cisco’s Web Security Appliance / Proxy known as WSA HERE. Here is a update to that post as requested by some readers.

In summary, the WSA is a security appliance that can act as a proxy focusing on network bound traffic such as port 80, 443 and 21. The ASA CX is an all ports and protocol firewall with reputation and IPS security (IPS being added in October 2013). Both solutions can provide reputation based security meaning stopping the attacker (more on this concept can be found HERE), Integrate with authentication systems such as Active Directory, can view HTTPS via decryption, application visibly with policy enforcement (IE identify and block Farmsville within Facebook) and detection of threats however detection methods are slightly different (one uses a combination of AV / malware engines while the other uses IPS).  Continue reading

VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)