Cisco Blogs


Cisco Blog > Security

SIO Portal: Tell Us What You Think!

The Cisco Security Intelligence Operations (SIO) Portal is the primary outlet for Cisco’s security intelligence and the public home to all of our security-related content. This content ranges from Event Responses () to IntelliShield Alerts () to Cisco product Security Advisories (). The SIO Portal is intended to be the first place you visit when looking for security information from Cisco.

Customer input is very important to us. With this in mind, we’ve launched two new customer listening tools on the SIO Portal: an enhanced feedback mechanism and a short six-question survey.

Read More »

Tags: , , , , ,

Student project collaboration with NC State University

It was about a year ago that Dr. Yannis Viniotis, Professor of the Electrical & Computer Engineering (ECE) department at North Carolina State University (NCSU), met with senior Cisco Engineers and agreed to collaborate on several small, hands-on projects with Cisco Engineers and NCSU students.

The NCSU ECE department partners with the industry as part of their Senior Design Project Program, where various vendors serve as sponsors and offer several projects for NCSU students to complete. That is also how the Cisco-NCSU collaboration started. Students get to work on real networking industry problems guided by engineers that already work in the industry. The students gain experience that can be later used in their professional lives. The Cisco engineers get to work with future engineers, mentoring and preparing them for their professional lives and solving some real world technical challenges. It is fun and educational for both sides.

Read More »

Tags: , , ,

Sniffing Out Social Media Disinformation

The raw, edgy nature of social media is part of its charm, and its value. As Cisco’s global threat analyst, I often look at my Twitter feed in the morning before I check mainstream media sites because it provides quick, frequently expert, irreverent analysis on breaking news. In fact, my own concerns about press freedom and objectivity stemming from concentration of mass media ownership arguably strengthens the case for a lively, unregulated social media space. It can serve as a fact checker and whistle blower on traditional news sources. In societies where news outlets may be closely monitored or controlled by the state, social media may provide the only online outlet for uncensored public opinion.

Unfortunately, social media is frequently inaccurate or misleading, with the potential for real-world damage. It isn’t hard to imagine a scenario in which a terrorist coordinates on-the-ground attacks with misleading tweets with the intent to clog roads or phone lines, or send people into the path of danger. Several recent incidents underscore the ease with which social media rumors can compound the impact of real events.

Read More »

Tags: , , ,

Securing BGP sounds great but is there a tradeoff in terms of router performance?

October 10, 2012 at 2:45 pm PST

A primary concern of any network administrator when configuring new IOS features is the potential impact the enabling of new features will have on router performance including CPU utilization and memory usage.

It is fully expected that the layering of additional features, in this case BGP security features, will undoubtedly have an adverse impact on the available memory of an IOS router. But, based on our testing, the results were not quite what we expected… Read More »

Tags: , , ,

Injecting the Python Interpreter Via GDB

Recently I was evaluating the security of an application sandbox and I needed a way to inject some kind of interface into the sandboxed application in order to explore the possibilities available from that context. The main objective was to be able to easily explore file and system call access to determine what was allowed/denied. I decided the most suitable interface I could use for this exploration would be the Python interactive shell.

The first step I needed to take was to get the Python library (libpython) loaded into the address space of the target application. The easiest way that I could think to do this was to utilize the call command in the Gnu Debugger (GDB). GDB’s call command performs a debugee procedure call by injecting a new thread into the debugee and controlling the startup state. Since GDB already performs the necessary steps, I could take advantage of this by issuing the command:

Read More »

Tags: , ,