We are often asked by customers about how they can prevent traffic from a certain country (let’s say country X) from entering their network. The motivations for doing this could vary. Sometimes a company does not do business with all countries in the world; therefore, the company doesn’t need to be accessible from all countries. Other times it is an issue of trust and security, where an administrator may not want to allow country X to enter their infrastructure. Finally, there are cases where country X has often been incriminated with malicious activity, so an administrator may want to block country X when there is no need for the organization to interact with this country. In this document I present a methodology on how to write a tool that provides the configuration lines to block country X, using your IOS router or ASA/ASASM firewall.
Read More »
Tags: ASA, filters, firewall, internet traffic, IOS, mitigations, security
It’s that time of year again. The annual RSA security show brings together all the major security vendors under one roof for a week of training, announcements, and vendors hawking their latest wares. This year we can expect the usual cadre of legacy security vendors with their stand-alone, siloed products pretending that they now support clouds and mobile workers and BYOD. Booth babes, jugglers, magicians, and flashy giveaways will fill the exhibit halls while vendors play shell games with the security of customers, all adding a cacophony of noise to an already confusing situation.
Amidst all the hoopla and fanfare, however, Cisco Systems, the largest security vendor in the world, will be there with perhaps the only reasonable strategy for securing the networks organizations are creating today.
Read More »
Tags: Cisco, data, data center, framework, network, RSA, SecureX, security
Last week it was reported in the media that two British tourists were detained at Los Angeles International Airport due to the threatening tone of messages on Twitter (“tweets”), as one of the two travelers had said that they were going to “destroy America” on their holiday. It turns out that either the U.S. Department of Homeland Security (DHS) noticed those tweets through their efforts to monitor social media, or, as has been suggested more recently, someone explicitly reported the tweets to DHS as a prank. The legal ramifications of this event are worthy of examination when we consider that this event contains elements of language (slang), location (whose laws apply based on where the alleged events took place), and intent — particularly if the prank allegation turns out to be true. Read More »
Tags: legal, security, social media, twitter
Walter Sulym from the Cisco IPS team explains the signature retirement process and how the default configuration is determined.
Tags: IPS, signature
How many times have we encountered a situation where some part of the software industry starts small, in a closed environment, then grows and attracts a lot of attention before realising that things were not designed properly for this changed environment? On a large scale, I would say three times. It happened with the Internet, operating systems, and system and industrial control systems (also referred to as SCADA). This transition from a closed environment to an open environment inevitably exposes aspects that were overlooked during the development phase. The speed of this transition will only exacerbate the situation. Because SCADA systems are currently going through this transition I will call this a “SCADA Syndrome.”
Read More »