Cisco Blogs


Cisco Blog > Security

Windows Server DNS Cache: How to Use the Command Line Inspection of Microsoft Windows DNS Cache

This post explains how to inspect the contents of windows DNS cache. Inspection can be used to check DNS entries, revealing if any malicious websites are being visited.

A Domain Name Server’s (DNS) cache of DNS records can be inspected to determine if your network is interacting with suspicious or malicious internet sites. To perform this task, perform the following:

For Windows 2003 and prior versions, you must install Windows Support Tools. Once installed, inspect and export the DNS cache using the command prompt (cmd.exe) window.

For Windows 2008 and later, The Windows PowerShell is a more advanced version of Windows Support Tools and is installed by default. Use the PowerShell window or run the PowerShell Script from the command prompt window to inspect and export the DNS cache.

How to Inspect the Cache from the CMD Prompt

Windows 2003 and Prior Using dnscmd

  1. From the support tools directory (\Program Files (x86)\Support Tools), run the following command to display the DNS cache output in the CMD window.
  2. To redirect the DNS cache output to a file, use the following command:
    • C:\Program Files (x86)\Support Tools>dnscmd /zoneprint ..cache > c:\cache_output.txt

Read More »

Tags: , ,

Dimension Data Series #3: Closing the Gap Between the Secure Mobility Vision and Real-World Implementation

Mobile security is a top concern for IT and business leaders. This blog series with Dimension Data explores how organizational leaders can work together to mitigate concern and implement clearly defined policies and mobility goals. This blog will address closing the gap between secure mobility vision and real-world implementation. The first blog in this series discussing how concerns outweigh actions when it comes to mobility security is here. The second blog in this series highlighting how IT and business leaders can work together to develop secure mobility policies is here.

There is a gap between the vision for secure mobility and the real-world implementation.

How do we know a gap exists? A recent Dimension Data Secure Mobility Survey report indicates 79% of IT leaders believe mobility is a top priority and 69% of those surveyed already have a mobility roadmap in place. The vision looks good, right? However, only 29% of those implementing their roadmap have tested their core applications, and only 32% have conducted a security audit of the applications.

Today, IT is faced with the challenge of providing any user from any location on any device access to any of the corporate applications, all while keeping assets and users secure. These perimeters add up to a complex equation and it’s contributing to this gap in IT leaders’ approach to vision and action for mobility deployments. How can IT and business leaders work to address this disparity?

Listed below are a few steps that should be considered to help turn the secure mobility vision into a reality. Taking a careful assessment of what mobility can offer and applying these steps can make the difference between a successful implementation and being derailed by unforeseen problems.

Read More »

Tags: , , , , ,

6 Healthcare IT Transitions: The Hackers delight

From FDA (Food and Drug Administration) to FBI (Federal bureau of Investigations), they see a core issue bubbling up: The vulnerability of Healthcare systems to cyber-attacks. Both agencies have issued an advisory in this regard in the last 1 year.

Source: DataLossDB.org

Source: DataLossDB.org – Healthcare amounts to 17% of incidents in 2013

FDA Advisory was focused on medical devices and hospital networks, while the FBI’s communication is focused on hackers attempting to hack personal medical records and health insurance data and even goes to calling out the gaps in resiliency to cyber-attacks as compared with other sectors such as financial and retail sectors.

In addition, looking at statistics from datalossdb.org, Health Care sector has consistently been in the top 3 sectors that have had the most incidents.

But the question is, why now?

This is where the correlation with the Health Care IT transition time lines adds up. It’s the other side of Health Care IT transitions that we looked at in the previous part (At the security cross roads of Healthcare reforms and IoE – 6 Health Care IT Transitions) of this blog series – the threat that have emerged from open anywhere, anytime, any device access which has enabled convenience and transformational experience to patients and care teams.

Let’s see an example of the changing dynamics of some of these transitions from a Hackers perspective by analyzing one of these transitions: Transition from Paper charts to EMR and enabling anywhere anytime, any device access to my care teams and my patients.

Health Care IT Transitions and their Security Implications 1-3 of 6

Health Care IT Transitions and their Security Implications (1-3 of 6)

Read More »

Tags: , , , , , ,

#CiscoChampion Radio S1|Ep10 Cyber Security

#CiscoChampion Radio is a podcast series by Cisco Champions as technologists, hosted by Cisco’s Amy Lewis (@CommsNinja). This week Chris Young, SVP Security Business Group Cisco, and Bill Carter, Senior Network Engineer and Cisco Champion, talk about Intelligent Cyber Security for the real world.

Listen to the Podcastcisco_champions BADGE_200x200

Cisco Subject Matter Expert: Chris Young, SVP Security Business Group Cisco (@YoungDChris)
Cisco Champion: Bill Carter, Senior Network Engineer (@billyc5022)

Highlights:
How Cisco deals with fragmentation in Security market
Attack-driven model for Security, before, during and after
How Sourcefire acquisition fits in with Cisco Security
Open Source Security around Snort Community Read More »

Tags: , , , ,

At the Security Cross Roads of Health Care Reforms and IoE – 6 Health Care IT Transitions

The saying ‘Tell me how you will measure me and I will tell you how I will behave’ could have been the perfect tag line for the US Health Care Reforms. When we look at how Health Care Information technology is getting used to enable reforms, we see that most of the technologies existed prior to the reforms, but there wasn’t a compelling reason to adopt it. Once the measurement criteria, the carrots and the sticks were defined, the behaviors changed, and to achieve the metrics, the technology adoption picked up. As an example, according to CDC’s report, the adoption of office based physicians with EHR systems has increased to 78.4% in 2013 from 17.3% in 2003.

EMR-Adoption

Percentage of office based physicians with EHR systems in US

Maybe a coincidence, but the Health Care reforms and Health Care Internet of Everything (IoE) are very much intertwined. The Health Care reforms focus on the ‘why’ and ‘what’ changes are needed to enable outcomes and define how performance is measured.  The Health Care Internet of Everything focuses on how technology can be leveraged to enable the goals of Health Care Reforms. By connecting the unconnected, IoE brings more information from multiple sources (things and people) to create an enhanced evidence based model to enable better outcomes.

From an IT perspective, Health Care Reforms requires breaking boundaries, opening up the access, enabling choices, improving data collection from multiple critical sources, and enabling information sharing. It is definitely a challenge to achieve these needs using the traditional approaches in Health Care.  Hence Health Care approaches have evolved to leverage Health care IT as a change agent, thereby resulting in many new Health Care IT transitions.

Let us explore six key Health Care IT transitions that have significant security implications.

Healthcare-IT-Transition-part-1 Read More »

Tags: , , , , ,