Cisco Blogs


Cisco Blog > Security

Cisco Security Disclosure: Help Us Help You!

April 15, 2013 at 4:00 am PST

Wow! We just published our tenth bundle of Cisco IOS Software Security Advisories and what a ride it’s been!! Way back when in the fall of 2008 when we produced our first Cisco IOS Software Security Advisory bundle, we had no idea of the impact that this delivery format would have on us internally and, more importantly, on you -- our customers!! The decision to deliver the biannual (on the fourth Wednesday of every March and September) Cisco IOS Software Security Advisory Bundled Publication brought with it many challenges, process changes, and—in the end—a format for Cisco Vulnerability Disclosure that we hope addresses at least some of your concerns. This format was modeled after the scheduled monthly release used by Microsoft for years, known affectionately as “Microsoft Tuesday” and based on requests we heard through discussions with many of our customers.

Read More »

Tags: , , , ,

Making Global Threat Intelligence Locally Actionable

When we talk about using the network to gather threat intelligence on a global basis, the question arises: how does someone apply that intelligence to protecting their local IT infrastructure? The key lies in maintaining a high degree of situational awareness. This begins with understanding what you are trying protect and what might interfere with it. From there, you can distinguish between relevant and irrelevant intelligence, and then act to protect the things that matter from the threats that could harm them. Read More »

Tags: , , ,

Vectoring to a New Mission

A couple of weeks ago, I announced a new name and a new mission for the group I lead at Cisco. I’ll do my best to minimize reader exposure to boring administrative details, but the long and the short of it is that the former Cisco Global Government Solutions Group (GGSG) has become the Cisco Threat Response, Intelligence, and Development (TRIAD) organization.

Any organizational name change is only a label placed on more fundamental transformations in missions, strategies, and desired outcomes. While the new organization will continue to serve government customers, the time has come to mobilize the expertise we have built up over the years to help critical infrastructure and enterprise customers strengthen their abilities to deliver IT-based services and value with minimal disturbance from unauthorized sources.

Vectoring the organization’s mission to threat is the key to understanding what TRIAD is all about. Through our work with Cisco customers, observation and analysis of phenomena visible in Cisco and customer networks, and application of innovative thinking about security practices and processes, we see enormous potential for developing and delivering threat-focused approaches to cyber security into products, services, and solutions. Read More »

Tags: , , , , , , ,

Compliance versus Security

Rogue access points and unauthorized access, DDoS or penetration attacks, evil twin attacks – all mobile security issues that can keep you awake at night. But do you know the difference between compliance and enterprise security? Being compliant is not synonymous with being secure, that’s why our webcast on April 16, is focused on how to bridge the gap between PCI compliance and security to minimize the impact of an attack.

Read More »

Tags: , , , , , , , , , , , , , , , , , , , ,

Tips and Tricks: Nmap is still relevant

Anecdotally, it would take about a week for a single machine to ping sweep the Internet. That would be approximately 4 billion IP addresses, essentially the whole Internet. In theory, this includes every single military address, every single ISP, every home user, and every mobile device. Such a port sweep does not include all options, UDP, and Nmap Scripts, as that would take too long. But what if I want to run the same scan to my home IPv6 range? It will have a /64 allocated to it, or about 18 quintillion addresses. Let’s compare a sweep of the entire Internet with my home IPv6 range:

  • The Internet: 2^32 = 4,294,967,296 [1]
  • The home range from my ISP: 2^64 = 18,446,744,073,709,551,616 [2]

A stark difference! So, how will I scan this? Is that just one network? I am Moses Hernandez, and this is one of my tips and tricks in this series. This post is about the venerable Nmap. Read More »

Tags: , , ,