Hacking the Human Network

A couple of network televisions shows have lately caught my eye.  Now I’m not a television critic but there were things in these shows that have security implications that warrant some attention.  These episodes came just as I had finished some hacking training and provide an opportunity to share some interesting new tools and attack scenarios.  

First, Alex Baldwin pimped Cisco’s TelePresence system on 30 Rock.  In the episode “The Audition,” Baldwin’s character Jack has bedbugs and is forced to use TelePresence to attend a meeting.  There is a very funny bit that takes product placement to a new tongue-in-cheek level:

TelePresence Screen: “Do you like the Cisco equipment?”

Jack:  “Of course, it continues to be the gold-standard by which all business technology is judged.  Cisco, The Human Network.”

Read more

Denial Of Service Attacks Have The Internets All A Twitter

John Kindervag

My BlackBerry battery died more quickly than usual yesterday as I received a wave of calls from reporters wondering about the denial of service (DoS) attacks against Facebook, Twitter, and other social networking sites.  It seems many people are not aware of the long and storied history of denial of service attacks and this is their first personal experience with DoS. These types of DoS attacks have been around since the creation of the public Internet. A 15 year old named Mafiaboy famously brought down many of the top Websites of the day at the beginning of this millennium using similar techniques.

Read more

No Honor Among Thieves

John Kindervag

In the old days criminals like Robin Hood and Don Corleone had scruples. Remember when Don Vito stood up to Virgil "The Turk" Sollozzo and refused to become involved in the heroin trade? The Don stood for honor at the cost of a couple of bullets.

Don+Corleone

Read more

The Top 5 Things We Think You’ll See At RSA

John Kindervag

Trying to guess what will be HOT at RSA is always a fun game.  2009 promises to be different than most years as pure technology may not be the focus of this year’s show.  Attendance may be lighter and conspicuous consumption of new gadgets may no longer be in vogue.  We’ll know more come Tuesday, but in the meantime, here’s our guess as to what the big topics may be:

Read more

What would you do if you knew your network only had a week to live?

Crank-defib 
 

Read more

Categories:

Blue Coat: Creating An Economic Advantage For Users In 2009?

John Kindervag

Last week, Blue Coat gathered analysts in New York City for its Application Delivery Network Briefing Event to showcase its newest offerings, some of which are not yet released, and give the analyst community an update on where things stand following the company’s acquisition of Packeteer, completed in June of 2008.

Long story short? The vendors’ roadmaps have merged and it seems Blue Coat is doing a solid job of integrating the visibility and deep traffic inspection messages of the PacketShaper products with its caching, optimization, and security messages. Prior to the Packeteer acquisition, while Blue Coat offered a solid secure gateway and caching story, the true level of traffic visibility and optimization it could provide was limited.

Read more

Big News for Check Point Firewall Customers

John Kindervag

Today, Check Point Software Technologies, one of the old guard in the world of information security, announced they are purchasing Nokia's security appliance business. This is welcome, if late, news to Check Point's customers who use Nokia hardware.  For many years, Nokia was the de facto hardware platform for deploying Check Point firewall software.  Check Point/Nokia shops have been struggling for months to decide how to respond to Nokia's announcement that they would rid themselves of this troublesome (think non cell phone) business.  For customers with sometimes hundreds of Nokia appliances, the fear of potentially unsupported hardware, or of a big firewall replacement project, were equally disturbing.

This new agreement spawns a couple of interesting questions: 

Read more

Upping The IPS Ante

My colleague at Forrester, Chris Silva, recently commented upon the recent Air Defense acquisition by Motorola.  Looking at the deal through the security lens, I completely agree with Chris that this will help ease integration of wireless security into wireless infrastructure.  It's good to see one of the major wireless brands step up and take wireless security seriously.  Perhaps that other major wireless vendor will get the hint...

Upping The IPS Ante


Motorola announced this week its intentions to acquires Wireless IDS/IPS vendor AirDefense.
The acquisition may provide a bit of deja vu to readers who recall the
acquisition of Network Chemistry's wireless IDS/IPS assets by Aruba
Networks in 2007.

Read more

Categories:

Wireless as Fashion

As a security guy, I’ve spent a lot of time thinking about the security ramifications of wireless connectivity.  Wireless has evolved from a single protocol, 802.11b, to a veritable alphabet soup loosely defined as "Mobility."  We now have 11a/b/g and maybe n, Bluetooth, RFID, CDMA, Wi-Max, and a bunch of other stuff that all provides wireless access, often without even a thought of security.  As people scramble to have the latest, coolest, most connected devices in the company, they are tossing security right out the window.

Read more