Popular Posts

Tuesday, 24 July 2012

Cisco to cut 1,300 jobs in realignment

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Cisco to cut 1,300 jobs in realignment

According to an AFP reported, Cisco Systems said Monday it was cutting 1,300 jobs, or two percent of its global workforce, in response to an uncertain economic outlook.

In its most recent quarter, Cisco posted a profit of $2.2 billion on $11.6 billion revenues, but shares tumbled at the time on a weaker-than-expected outlook.

Cisco shares were down 1.8 percent at $16.07 in the regular session on Wall Street Monday, from recent highs in April above $20.

Let me quote the reported from AFP:

NEW YORK: US computer network giant Cisco Systems said Monday it was cutting 1,300 jobs, or two percent of its global workforce, in response to an uncertain economic outlook.

The California tech firm, seen as a bellwether for the industry, said it was carrying out "a focused set of limited restructurings" that include the job cuts.

"We routinely review our business to determine where we need to align investment based on growth opportunities," the San Jose, California firm known for its Internet hardware, in a statement.

"Additionally, we continue to evaluate our organizational structure as part of our plan to drive simplicity, speed of decisions and agility across Cisco."

The statement added: "As we focus on both of these efforts, we are performing a focused set of limited restructurings that will collectively impact approximately two percent of our global employee population.

"These actions, subject to local legal requirements, including consultation where required, are part of a continuous process of simplifying the company, as well as assessing the economic environment in certain parts of the world."

In its most recent quarter, Cisco posted a profit of $2.2 billion on $11.6 billion revenues, but shares tumbled at the time on a weaker-than-expected outlook.

Cisco shares were down 1.8 percent at $16.07 in the regular session on Wall Street Monday, from recent highs in April above $20.

-AFP/ac



Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Monday, 23 July 2012

The First CCIE in Cambodia

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

The proverb “like father, like son” explains the inevitable similarities between parents and their offspring. In Cambodia these similarities often extend to the professional realm, as it is quite common for children to take over the family business when the opportunity arises. Pheng Sovanvichet’s parents expected him to do the same thing, encouraging him to study medicine so he could take over their pharmacy when they retired. But he had other plans. “My parents wanted me to study medical science when I finished high school because we have our own pharmacy,” said the 25-year-old pioneer. Instead he enrolled as a scholarship student of economics and information technology at the Royal University of Law and Economics.

Today his decision has proven to be a good one, as the IT-specialist is the only person in Cambodia who can call themselves a Cisco Certified Internetwork Expert. After years studying abroad, Pheng Sovanvichet has now brought his talents back home, working with Wicam Corporation as an IP Core Network Specialist and Sunrise Informatics Center as a Cisco instructor.

While he said he has been obsessed with technology since he was 8 years-old, it was a conversation with a couple he met in Chinese-language classes that piqued his interest in Cisco.

“One day Mr Bryan (the husband) told me about his job, his duties and even his salary of US$1.6 million dollars per year, which made me so interested,” he said.

He occasionally consulted the couple for help, but spent hours alone learning about the cutting-edge technology. “Sixty percent of my time and effort was for Cisco, while the other 40 percent was for university,” he said.

In 2007, he successfully reached the first level of Cisco certification, becoming a Cisco Certified Network Associate (CCNA) with a perfect score of 1,000 out of 1,000 on the company’s test. Realising he couldn’t advance further on his own, he enrolled at Ya Wei Training Institute in China to study with Cisco experts. In 2008, he took the exam for the next level of Cisco operators and once again got a perfect score. In his spare time that year he also created a website to share his ideas and experience about new technology and Cisco with fellow IT experts in Cambodia and around the world at khmeritforum.net.

After another year of studying, he tested to become a Cisco Certified Internetwork Expert in Routing and Switching. In 2009 he passed the written exam and in 2010 he passed the lab test to become the first person in Cambodia and the 26,884th person in the world to reach Cisco’s highest level of expertise.

Even after his much-celebrated accomplishment, the tech whiz is still not content. “There are always new things being discovered,” he said. “So I have to keep updating myself. I plan to get another CCIE in security; since when Cambodia has a network infrastructure, security will be needed.”

Source: Phnompenhpost

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Friday, 6 July 2012

Network Security Notes: Network Security Hot News: DNSChanger malware may cause thousands to lose internet access

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

DNSChanger malware may cause thousands to lose internet access

Source: Heraldsun Australia

TENS of thousands of computer users across the world - including 6000 Australians - may lose their internet access on Monday when a virus security fix expires.


The problem stems from malicious software, or malware, known as DNSChanger, which was created by cybercriminals to redirect internet traffic by hijacking the domain name systems of web browsers.

The ring behind the DNSChanger virus, discovered in 2007, was shut down last year by the US Federal Bureau of Investigation (FBI), Estonian police and other law enforcement agencies.

Because the virus controlled so much web traffic, authorities obtained a court order to allow the FBI to operate replacement servers which allow traffic to flow normally from infected computers.

But that order expires on Monday, when experts say infected computers will face an "internet doomsday".

The FBI, Facebook, Google, internet service providers and security firms have been scrambling to warn users about the problem and direct them to fixes.

According to a working group set up by experts, more than 300,000 computers remained infected as of June 11.

The largest number were in the United States (69,000), but more than a dozen countries - including Australia, Italy, Germany, India, Britain, Canada and France - are also believed to have infected computers.

Around 6000 Australians affected by the DNSChanger malware will have no internet from 2pm AEST on July 9 as the temporary solution switches off, the Australian Communications and Media Authority told AAP.

Australians can go to http://dns-ok.gov.au/ to check if their computer is affected.

Security experts say it's not clear how many of the affected computers are active.

"Reaching victims is a very hard problem, and something we have had issues with for years," said Johannes Ullrich, a researcher with the SANS Security Institute.

But he said he expected the impact to be "minimal" because many of these systems are no longer used or maintained.

Users who think they are infected may perform a test at the DNSChanger Working Group's website http://www.dcwg.org/ or others operated by various security firms.

The security firm internet Identity said last week that at least 58 of all Fortune 500 companies and two out of 55 major government entities had at least one computer or router that was infected with DNSChanger.

That's an improvement over January, when half of Fortune 500 companies and US federal agencies were infected.

"DNSChanger is an insidious form of malware affecting everyone from the everyday consumer to a large chunk of the Fortune 500," said IID chief executive Lars Harvey.

IID said that the malware also compromises computers by preventing antivirus software updates.

"This enables criminals to view any data, messages exchanged and more on a victim's computer, depending on what the victims' machines are infected with," the company said.

The security firm McAfee, which also offers a diagnostic tool at http://www.mcafee.com/dnscheck, said users must act before Monday to clean their computers.

"If users' computers have the wrong DNS settings for the servers, they will not be able to access websites, send email or use internet services," a McAfee statement said on Thursday.

Google said in May it was seeking to notify 500,000 users of likely infections who were using the FBI servers.

Google spokesman Jay Nancarrow said on Thursday it was not clear how many remain infected.

"We've notified many people and have seen some clean-up as a result, but we expect others with affected devices will likely encounter problems after the deadline passes," he told AFP.

For computers affected, the blackout will be total, experts say.

"Connectivity will be lost to the internet PERIOD," said a blog posting from the security firm Symantec.

"If your computer is still using DNS entries that are pointing to the FBI servers on July 9, you will lose TOTAL access to the internet. No connecting to the office from home, no updating Facebook, nothing until the DNS settings are fixed."

Six Estonians and a Russian were charged last November with infecting computers, including NASA machines, with the malware as part of an online advertising scam that reaped at least $US14 million.

The internet fraud, which took place between 2007 and October 2011, involved redirecting users searching for websites such as iTunes, Netflix and even the US tax collection agency.

At least four million computers located in over 100 countries may have been infected.

DNSChanger Malware from FBI.GOV:

DNS (Domain Name System) is an Internet service that converts user-friendly domain names into the numerical Internet protocol (IP) addresses that computers use to talk to each other. When you enter a domain name, such as www.fbi.gov, in your web browser address bar, your computer contacts DNS servers to determine the IP address for the website. Your computer then uses this IP address to locate and connect to the website. DNS servers are operated by your Internet service provider (ISP) and are included in your computer’s network configuration. DNS and DNS Servers are a critical component of your computer’s operating environment—without them, you would not be able to access websites, send e-mail, or use any other Internet services.

Criminals have learned that if they can control a user’s DNS servers, they can control what sites the user connects to on the Internet. By controlling DNS, a criminal can get an unsuspecting user to connect to a fraudulent website or to interfere with that user’s online web browsing. One way criminals do this is by infecting computers with a class of malicious software (malware) called DNSChanger. In this scenario, the criminal uses the malware to change the user’s DNS server settings to replace the ISP’s good DNS servers with bad DNS servers operated by the criminal. A bad DNS server operated by a criminal is referred to as a rogue DNS server.

The FBI has uncovered a network of rogue DNS servers and has taken steps to disable it. The FBI is also undertaking an effort to identify and notify victims who have been impacted by the DNSChanger malware. One consequence of disabling the rogue DNS network is that victims who rely on the rogue DNS network for DNS service could lose access to DNS services. To address this, the FBI has worked with private sector technical experts to develop a plan for a private-sector, non-government entity to operate and maintain clean DNS servers for the infected victims. The FBI has also provided information to ISPs that can be used to redirect their users from the rogue DNS servers to the ISPs’ own legitimate servers. The FBI will support the operation of the clean DNS servers for four months, allowing time for users, businesses, and other entities to identify and fix infected computers. At no time will the FBI have access to any data concerning the Internet activity of the victims.

It is quite possible that computers infected with this malware may also be infected with other malware. The establishment of these clean DNS servers does not guarantee that the computers are safe from other malware. The main intent is to ensure users do not lose DNS services.

What Does DNSChanger Do to My Computer?

DNSChanger malware causes a computer to use rogue DNS servers in one of two ways. First, it changes the computer’s DNS server settings to replace the ISP’s good DNS servers with rogue DNS servers operated by the criminal. Second, it attempts to access devices on the victim’s small office/home office (SOHO) network that run a dynamic host configuration protocol (DHCP) server (eg. a router or home gateway). The malware attempts to access these devices using common default usernames and passwords and, if successful, changes the DNS servers these devices use from the ISP’s good DNS servers to rogue DNS servers operated by the criminals. This is a change that may impact all computers on the SOHO network, even if those computers are not infected with the malware.

Am I Infected?

The best way to determine if your computer or SOHO router has been affected by DNSChanger is to have them evaluated by a computer professional. However, the following steps can help you gather information before consulting a computer professional.
To determine if a computer is using rogue DNS servers, it is necessary to check the DNS server settings on the computer. If the computer is connected to a wireless access point or router, the settings on those devices should be checked as well.

Checking the Computer:

If you are using a Windows computer, open a command prompt. This can be done by selecting Run from the Start Menu and entering cmd.exe or starting the command prompt application, typically located in the Accessories folder within Programs on your Start Menu...

At the command prompt, enter:
ipconfig /all
Look for the entry that reads “DNS Servers……….”

The numbers on this line and the line(s) below it are the IP addresses for your DNS servers. These numbers are in the format of nnn.nnn.nnn.nnn, where nnn is a number in the range of 0 to 255. Make note of the IP addresses for the DNS servers and compare them to the table of known rogue DNS servers listed later in this document. If the IP addresses of your DNS server appear in the table below, then the computer is using rogue DNS.

You can also look for your DNS servers without using the command prompt.
For windows XP machines, click on Start and select My Network Places. Then select Network Connections. In this example, the wireless connection is used.....

Checking the Router

Small office/home office routers connect your network of computers and devices to your Internet service provider. The SOHO router may have been purchased and installed by you or installed by your ISP. Linksys, D-Link, Netgear, and Cisco are common SOHO router brands, but there are many others.

The DNSChanger malware is capable of changing the DNS server settings within SOHO routers that have the default username and password provided by the manufacturer. If you did not change the default password at the time the SOHO router was installed, you must check the SOHO router settings.

The procedure to access your SOHO router setting varies by manufacturer, so consult your product documentation. Once you have access to the SOHO router configuration, compare the DNS servers listed to those in the rogue DNS servers table above. If your SOHO router is configured to use one or more of the rogue DNS servers, a computer on your network may be infected with DNSChanger malware.

What Should I Do?

In addition to directing your computer to utilize rogue DNS servers, the DNSChanger malware may have prevented your computer from obtaining operating system and anti-malware updates, both critical to protecting your computer from online threats. This behavior increases the likelihood of your computer being infected by additional malware. The criminals who conspired to infect computers with this malware utilized various methods to spread the infections. At this time, there is no single patch or fix that can be downloaded and installed to remove this malware. Individuals who believe their computer may be infected should consult a computer professional.
Individuals who do not have a recent back-up of their important documents, photos, music, and other files should complete a back-up before attempting to clean the malware or utilize the restore procedures that may have been packaged with your computer.

Information regarding malicious software removal can be found at the website of the United States Computer Emergency Readiness Team: https://www.us-cert.gov/reading_room/trojan-recovery.pdf.

For details news about DNSChanger Malware, please visit:

http://www.heraldsun.com.au/news/national/dnschanger-malware-may-cause-thousands-to-lose-internet-access/story-fncynkc6-1226419316723

http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!

Tuesday, 3 July 2012

Network Security Notes: Great Video For Network Security: Intrusion Detection and Network Security Perspectives From A Veteran

This blog is created for network security review, study and understanding about network related issues only! The blog is mainly focus on Network Security Notes about Network, Network Security, Network Technology, Network Labs review related Cisco and Microsoft technology ,Network Threats, Types of Network Threats, Network Alerts, Enterprise Security Policy and Audits, Security Policy and Audits,Logical Security, Physical and Logical Security, Physical Security,Cisco Products Review, Microsoft Products review, Cisco Routers, Routers Security, Console Access, Telnet Access, Network Attack, Network Attack report, Network management, Anti-virus, Network Security with Anti-virus, and All About Network Security... Thanks for your visit!

Intrusion Detection and Network Security Perspectives From A Veteran

This post, I would like to share a great video related to Network Security Perspectives. It's a great video with long details presentation...


Talk by Martin Roesch, Chief Technical Officer, Sourcefire, part of the Google and University of Maryland Cybersecurity Seminar Series

It's been over 12 years since the Snort® project was released. Millions of downloads and trillions of packets later many lessons have been learned. In that time it has gone from being a weekend project to the worldwide standard implementation of a fundamental component of securing networks against cyber attacks. Join Snort's original author, Martin Roesch, CTO of Sourcefire, as he discusses the past, present and future of network security architecture and technology.

Biography: Martin Roesch founded Sourcefire in 2001 and serves as its Chief Technology Officer (CTO). A respected authority on intrusion prevention and detection technology and forensics, he is responsible for the technical direction and product development efforts for Sourcefire's commercial and open source product offerings. With nearly 20 years of industry experience in network security and embedded systems engineering, Roesch has dedicated himself to developing intelligent network security tools and technologies to address evolving threats. Roesch has been interviewed as an industry expert in multiple technology publications, as well as print and online news services, such as MSNBC, Wall Street Journal, CNET, ZDNet, and numerous books. Roesch founded Sourcefire® in 2001 and is the author and lead developer of the Snort® Intrusion Prevention and Detection System that forms the foundation for the Sourcefire IPSTM. Roesch has received a host of awards of his technology innovation and vision. Most recently, he was recognized as a 2010 Security Superstar by Everything Channel's CRN magazine for the value his innovations provide partners and customers, and was selected as one of eWeek's Top 100 Most Influential People in IT. Roesch holds a B.S. in Electrical and Computer Engineering from Clarkson University.

Intrusion Detection and Network Security Perspectives From A Veteran:

Read more...

If you like this post, please subscribe below,thanks!

Enter your email address:

Delivered by FeedBurner

To Stay Up to date with Network Security, Please Subscribe!