Cisco acquired Meraki, the leader in cloud controlled WiFI, routing and security late 2012. For those that haven’t heard of Meraki, the concept behind the technology is pretty cool. All device configuration and management is handled using a cloud / web accessible GUI. You can configure everything and ship equipment to where it needs to provide network access prior to first powering things on. Once you are ready, all you do is plug in the equipment and it works (IE all configuration is sent to the device via encrypted tunnel from the cloud) . It really is that simple.
Metasploit is one of the most popular open source penetration testing frameworks available today. It offers tons of tools that range from scanning utilities to easy to launch exploits that include encoders used to bypass common security defenses. I’ll walk you through an example by compromising a Windows based authentication server that is not properly patched. Continue reading
There has been a lot of press around the closing and now reopening of Silk Road. For those that haven’t heard, Silk Road is underground amazon like network for dealing illegal goods and services. It leverages the Tor or onion router concept to conceal the identity of users using the service. You can find more on silk road HERE.
Drugabuse.com created a infographic displaying details on the history of Silk Road. I found it interested and have posted it below. You can find out more about the people sponsoring the infographic HERE.
Mobile Device Management or MDM has become a very popular topic following the smart phone and tablet market explosion (more on this found HERE). Everybody seems to own a range of mobiles devices making provisioning wireless and maintaining security a ongoing challenge. To address this demand, a handful of vendors have developed mobile device management solutions to provide these and other capabilities. Continue reading
I had a article published in PenTest Magazine earlier this year. Enough time has passed so I’m now able to post the entire article on my blog. You can find the original article in the PenTest Mag extra titled Backtrack Compendium found at http://pentestmag.com/. Continue reading
For those not following recent technology news, Cisco just acquired Sourcefire for 2.7 billion dollars. This has generated a ton of interest in Sourcefire and something I’ve been hammered on the last few weeks being a Cisco engineer responsible for security. As a result, I’m posting a summary of what Sourcefire is all about.
NOTE: Expect changes as Cisco and Sourcefire merge. Also assume I may be off on some areas as I’m still learning the technology. Continue reading
I recently posted about how to setup a Cisco ASA CX lab HERE. I ended the last post once I had access to the ASA CX GUI via local PRSM. This post will focus on configuring CX once its operational, review the local management GUI and creating some basic policies.
The ASA and CX module act as two separate systems exchanging traffic through policy maps. Unlike proxy-based solutions, all ports can be included in a security policy aka an Application Layer / Next Generation Firewall function. This post will touch upon enforcing Internet use policies such as denying gambling websites, viewing application layer traffic, blocking applications such as YouTube and monitoring for security threats leveraging Cisco’s global correlation engine via Cisco Security Intelligence Operations (SIO). Continue reading
Here is a really cool post by the Chaos Computer Club found on Dr. Chaos’s blog (but they are not associated with each other) about bypassing Apple TouchID. For those watching the new iPhone releases, this is a major feature from the iPhone S. The original post can be found HERE
First, the fingerprint of the enrolled user is photographed with 2400 dpi resolution. The resulting image is then cleaned up, inverted and laser printed with 1200 dpi onto transparent sheet with a thick toner setting. Finally, pink latex milk or white wood glue is smeared into the pattern created by the toner onto the transparent sheet. After it cures, the thin latex sheet is lifted from the sheet, breathed on to make it a tiny bit moist and then placed onto the sensor to unlock the phone. This process has been used with minor refinements and variations against the vast majority of fingerprint sensors on the market.
This was sent to me by a blog reader regarding the FBI’s magic lantern project. I also found some other sources such as
1) Wired’s findings found HERE
2) ABC News found HERE
3) Cotse.net found HERE
It is very interesting to see what the FBI could use to monitor your computer behavior. Key-loggers are typically associated with cyber criminals however it seems that the FBI leverages similar tactics (which totally makes sense … why limit the best tactics to the malicious users). Key-loggers such as the magic lantern install themselves as a rootkit meaning they burrow into the core system making it difficult to detect and remove. One interesting note some sources are calling out about the FBI version is it is whitelisted by anti-virus vendors meaning commercial security products are designed to not remove it. This means you are on your own regarding detecting and removing this software. Continue reading