security
A Smorgasbord of Denial of Service
4 min read
On October 22, 2013, Cisco TRAC Threat Researcher Martin Lee wrote about Distributed Denial of Service (DDoS) attacks that leverage the Domain Name System (DNS) application protocol. As Martin stated, the wide availability of DNS open resolvers combined with attackers’ ability to falsify the source of User Datagram Protocol (UDP) packets creates a persistent threat […]
Defensive Security: The 95/5 Approach
1 min read
Many organizations make the error of thinking that basic defensive software is sufficient to protect critical data and infrastructure. When in reality, in order for government and enterprise organizations to keep their data protected from increasingly advanced cyber threats, comprehensive defensive security approaches are critical. And even with advanced, comprehensive solutions, there are still risks. […]
DNS Knows. So Why Not Ask?
3 min read
DNS is like the town gossip of the network infrastructure. Computers and apps ask DNS questions and you can ask DNS who has been asking to resolve malware domains. When internal trusted systems are using DNS to resolve the names of known malware sites, this can be an Indicator of Compromise and a warning to […]
Check Ins – Why location needs to be part of Authentication and Identity
4 min read
Dude, where’s my IP? I love to check in on social networks like Foursquare and Google+. Most of the time, there’s no point to it, but it’s fun to see what friends and colleagues are up to or discover new local haunts. Despite the fun and games, location is much more important to the network […]
A Crypto Conversation: How We Choose Algorithms
2 min read
Cryptography is critical to secure, trustworthy communications. Recent questions within the tech industry have created entirely new discussions about the cryptography underpinning our communications infrastructure. While some in the media have focused on the algorithm chosen for Deterministic Random Bit Generation (DRBG), we’ve seen many more look to have a broader crypto conversation. With this […]
Practical Tips for Safekeeping your Mobile Devices
4 min read
Now when I’m talking about safekeeping a mobile device, I’m not saying don’t use your Kindle by the pool or let your toddler play on the iPad while eating ice cream. These are dangerous things to be doing with a gadget, but today I want to focus more on the data within that device, rather […]
One Week After April First, It’s No Joke
1 min read
April first falls on a Tuesday next year. The following Tuesday is Microsoft’s monthly security update. It will be the last monthly security update for the Windows XP operating system. About one third of the computers with Windows operating systems on the Internet today are still running Windows XP, an operating system almost 15 years […]
Mobility: No Longer a Risky Business?
2 min read
Risk. It’s not just a strategic board game; in business it’s the analysis that determines the potential for loss. In today’s organization, the consumerization of IT has led to groundbreaking developments in the mobility space. The broad deployment of BYOD, coupled with the availability of corporate data and applications, have challenged how we define security. […]
Cisco’s onePK Part 2: Reaching out to a Network Element
8 min read
Exordium In the previous installment of the onePK series, you received a crash course on Cisco’s onePK. In this article, you’ll take the next step with a fun little exposé on onePK’s C API. You will learn how to write a simple program to reach out and connect to a network element. This is staple […]
4