Tag: network

Attention #CEO, is your #network #Secure? #Sony thought so!

Attention #CEO, is your #network #Secure? #Sony thought so!

images (2)

I received an email from someone asking me about the internet outage in North Korea.

Firstly, if we, (America) had anything to do with it, I think it analogous to punishing a pugnacious brat, by taking away their computer. This kid really needs a good spanking!  For you who think that corporal punishment belongs in the dark ages, well you’re wrong, unless of course you consider North Korea is still in the Dark Ages!

This country, as stated in another blog; keeps its people in the dark.  Looking at a picture from space one can tell that electricity is not even well distributed much less the internet or the free exchange of information and thoughts.

north-korea-cyber-capabilities_1

Contained inside the Red Outline is North Korea. 

If you want to control a people, take away weapons, power, their ability to communicate with others, and feed them a constant feed of Bullshit daily!  Prevarication is called for if you want a submissive people who will do what you say without question.

The people of this country are brainwashed into “loving their dear leader” and believe anything that they are told.  Any type of truculence on their part is met with swift, brutal retaliation.  

If the evidence indeed points to North Korea in the attack of Sony, (the only people with motive,) Most assuredly, there was someone on the inside at Sony. Sony should be looking real hard with forensic experts to determine what happened!

As a security geek, I would love to be part of that team!

The sad truth today is that there could be a spook!   Money talks, with our lack of morality on the rise, it could be anyone.

Most firewalls today are pretty good at keeping bad people out so, planting a spook or a Trojan or worm of some kind on the inside of the firewall, enabling communication from the outside through some spoofed port that is normally open like 80, would have to be employed.

Many of the remote control desktop software out there today which some people use, violate all security protocols.  The problem is that a lot of companies don’t hire a security officer or have a limited IT staff who are too busy resetting passwords and posting on Facebook to be bothered with doing nothing more than putting out fires.

free_remote_desktop_Ammyy_Admin_logo teamviewer-icon200x200 banner ?????????????????????????????????????????????????????????????????????????????????????????????????????????????????

If you look at the OSI model (which I dare say few are familiar with, consist of 7 layers.  The OSI model (open system interconnection model) is a packet-based structure of layers, or protocol stack.

OSI-1

  • Starting at layer one, we have the physical layer which is basically your cable and associated hardware which allows your computer to communicate with the host.  This layer is responsible for the “frame bit.”
  • Layer two is the layer that established the protocol used to communicate whether it is frame relay or Ethernet or what have you. This layer is called the data link layer.
  • Layer three is known as the network layer and is responsible for transmitting data from node to node. This layer provides switching and routing information.
  • Layer four or transport layer is responsible for such things as error recovery and end to end flow control.
  • Layer five or session layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the applications.
  • Layer six or presentation layer works to transform data into the form that the application layer can accept.
  • Layer  seven or application layer is just that  Everything at this layer is application-specific. This layer provides application services for file transfers, e-mail, browser, Google, and other network software services, and yes, Facebook.  This is the layer that the end user has the most to do with in that applications exist solely at this level.

Now that you have a small idea of how one communicates over the internet, looking at this model, how would you interrupt traffic between them and us?

Keep in mind that North Korea gets internet from China and most probably through a Russian satellite. Neither of these do we have control over, so pulling the plug leaves out the physical layer.

Again, I could not use layer two; as again I don’t have control over that either. 

Ah, now layer three I do have control over.  What if I change their known ip addresses to non internet routable or private, much like the 192,172 or 10 subnets?  Now they have to go to Russia or China and beg for another subnet and… as soon as they do, we kill that as well.

Why do we have private addresses you ask?  Most reading this far probably already know this however, there are simply not enough addresses to give every company that wants one, a block of private addresses.

If you look at RFC 1918 a private addresses scheme was created that are not assigned meaning, that they cannot route through the internet.  In this way business’s and homes and even North Korea can use them to their hearts content, on their private networks and then using something called NAT or network address translation can make your home computer look as though it is talking on a public address.

This BLOG’s intent is to underscore the need to have a good CIO and a good security officer.  Your company could be the next Sony and as you can see, if some rogue country like North Korea who has a very limited pool of talent can take down a giant like Sony, just think what a Russia or China or other country who does not stagnate its citizens, and keep them in the stone age could do.

-Best to you and those that you care about and if I don’t get to write again by ChristmasHave a Merry Christmas!

merry-christmas4_0 (1)

Disaster Avoidance

 

 

Consulting as a Disaster Recovery Specialist, I often find things that need to be changed to avoid a disaster, much like a loose rug over a threshold or too many things plugged into one circuit; which would be an issue in your home.  In the business world it comes down to security issues both IT related and physical, as well as simple things like a lack of fire extinguishers or the wrong type of fire retardant system in the computer room.  I am trained to notice the smallest of details including things like cable management issues. 

 

When Best Practice scenarios are not followed by sys-admins or networking guru’s, they too trigger red flags.  There is an art to designing data centers.  I have designed and built many over the last 30 years complete from the ground up; from air handling to power requirements to working with ADA compliance issues.  I have designed cable management for many companies that include the MDF and IDF’s and working with building management to handle communication through multiple story buildings making sure that they pass fire code.  You would be amazed at how many data centers that I walk into that are under wired, lack proper air handling and have a sprinkler head above the equipment!  The cable management looks like Spiderman installed it, nothing is labeled, and there is absolutely not one shred of documentation.   And the boss / owner is oblivious to the immanent disaster, as he thinks his guys are pretty good!

 

When business’s start up, often times they don’t contact the brightest and best to build it as they are on a tight budget.  When I am called, their data center is generally a candidate for one of those web sites that post “what not to do.”  The exercise of unraveling the Gordian knot comes into play before anything can be changed.  Many times a family friend is called to assist or the business owner has a home network and thinks that a business network is no different.

 

When these knots are constructed; most if not always there is limited or no documentation and the original creator has long since abandoned ship as he undoubtedly realized the ice berg ahead was not too far off.   To that end there are many land mines that have to be discovered and diffused.  This practice is akin to changing the tires on a racecar, while it is going down the track, and part of that track is in no mans land!  The catch 22 is that no business can afford down time but, if they don’t address the issues they will have un-planned down time!  Un-planned is always much longer than planned, and always more expensive!

 

As an SME on this and many subjects regarding IT, I can offer many things to mitigate any issues and put them on a road to setting things right. Whether that is working with their current IT staff, or bringing in hired guns to knock it out quickly!

 

The business must be willing to want to change, and have Executive buy-in as well as buy-in from the local staff.  The process can take weeks to months depending upon the situation; but after it is all said and done, procedures and processes are put into place to keep up with change.

 

Some policies addressed are Change Management, Incident analysis; complete with root cause analysis, documentation with the introduction of the concept of a living document. The run book, what is it and how does it work?  Testing the Disaster Recovery plan and then implementing changes from things learned. Other topics include SAM (software asset management,) and of course hardware management including lifecycle, and the budget process.   

 

All too often the CFO or CEO is told that IT needs X thousands of dollars for this, that, or the other thing; not because it is a new project but because something failed!  With proper asset management this can be mitigated greatly and things can be budgeted for.

 

Much like any other audit, I don’t guarantee anything will be pleasant other than the knowledge that when it is done you will have the documentation you need, your network will be running at peak efficiency and it will be secure.  Depending upon your growth and company needs, a design can be implemented to make sure your data network is robust enough to handle changes and or growth!

 

The last thing that I can address for you is personnel.  As a manager of and director of IT for 2 decades I know people.  I know who is right for a job and who is not.  If that type of expertise is needed; look no further.

 

-Best

Windows 8 First Glance

Windows 8

Even as management, I still enjoy messing with new technology.  If there is a new gadget I must at least see it, but most probably have it.

Having said that I have a lab at the house with different Pc’s Routers and such that I mess with as time permits.  As time was running out to get a “cheap” copy of Windows 8 pro to evaluate, I bought one to put on a PC that was sporting “Vista.”

While I would compare Vista to ME as in the “not very well thought out” category, I have been happy with Windows 7 and 8 seems to be on equal footing.  I have installed 7 on several PC’s which were at their end of life cycle as they were dog slow with XP.  Windows 7 makes them viable once again.

Pro’s: runs well on 2 gig or ram with a 2.8ghz processor.  Machine indexed at 5.4 because the video card rates a 3.5.   All in all, the machine is responsive.  Windows defender is included but I am not sure how that compares to Eset Node 32.  My hunch is not to well.

Cons: One of the secrets of Microsoft’s success is its GUI.  Once you get the basics of “start and find the program” even the slowest grandmother can be sending e-mails in no time. 8 has the e-mail icon on the start page so that might even be better. Intuitive software is key to their success story.

After a few moments of playing with it, I had no issue doing what ever I wanted to do.  That is me; someone who can install UNIX and mess with it.  Since I have been doing this since DOS was 1.0 and before Good old Al invented the Internet (cough), I cannot judge adequately how others will perceive it.  It looks as though it would do well with a touch screen device.

Huge Con:  I added some memory to the machine and 8 promptly crashed.  It went into a loop of trying to repair itself and crashed again and again.  It would not even boot in safe mode.  With all of the normal tricks tried, I re-loaded 8 from scratch as it would not even let me repair it.

I am not sure if the additional memory which came from Crucial http://www.crucial.com/  has issues but, I had to remove it before I could even get the PC to go into the defective loop.  The Bios recognized the extra memory but, the machine did not like something about it.

I have used Crucial for years and have promoted them as their hardware scanner works well for the non-techie person and even for someone like me.  Anything to make life a little easier deserves to be supported.

As your mileage may vary, I would be interested in hearing your thoughts and experience with 8.

-Best to you and those that you care about.Image

Which Anti Virus Software is the Best?

Selecting an anti virus software today is like trying to look at a watermelon in the store and telling how it is going to taste without opening it up. This is also the question that I get asked most frequently.

Not all software is the same and that holds true with the virus itself.

When I evaluate anti virus software I look for several things. Firstly what can I find in the way of reviews on the internet? Try to find independent reviews vs. going to their website.

Amazon frequently has reviews of products.

From a technical stand point I want to know what size footprint it has. When I say footprint I want to know how much of my available memory is it going to chew up and I want to know how much CPU is it going to use. There are several anti virus software’s out there that literally will stop you from using your machine while they scan, update etc. Ideally this type of software should run at a lower priority when you need the resources of your machine. To me there is nothing more frustrating than needing to check your e-mail and the anti virus software among other software takes over your machine for the first 30 minutes doing updates, scans and what have you.

Here is the biggie, will it catch everything?

Sadly there is no silver bullet. Some software makers have a lot of resources to pour into updates and research as well as the ability to quickly push out updates to their customers on an as needed basis. Software like Trend Micro has an easy way to upload suspicious files for them to analyze.

Another thing to look at with software is technical support. How much will you need, what do people say about their support and how much will it cost?

I have been in IT since before there were viruses. I fought the first virus which got out onto our network of several hundred employees through a shared file brought in by an employee on a floppy disk. I say that to set the stage for the different iterations of anti virus software out there. The first company on the scene was McAfee. PcTools was picked up by Symantic and over the last few years there have been many players enter into the game.

My personal favorite as of this moment is EsetNode32. That could change tomorrow as they may rest on their laurels or have a policy change of some sort which would affect the quality of their product. That is the same for all companies.

I see a lot of computers that have been infiltrated. While they all have some sort of protection, free software seems the most susceptible to attacks, MailWare and other forms of infections.

While free is better than none, I would certainly budget anti virus software into my computer needs.

TIP: Go to the store and purchase it in the box vs. getting it online. Do this even for the renewal. One can almost always find it on sale going to the office supply store or even Wal-Mart. Purchasing it online usually involves a third party which makes money off of the sale as well. You pay a price for convenience and it could be as much as 100% more than you would pay in the store. In the below URL’s you can gain quick access to the different brands that I am personally familiar with. Several ranking sites will rank these differently so do your research and roll the dice.

This blog in no way constitutes any type or warrantee or guarantee of usability or protection against the hackers either expressed or implied. While I have had good fortune with Eset, your mileage may vary and I will be held harmless, in the event that your results are not what mine have been.

What you do on the internet and who sends you e-mail may put your computer in less risk or more risk than me. There are independent labs out there that evaluate different software so you might search them out as well. The trick is make sure that they are independent and do not have any dog in the fight. The problem there however is obvious; if they don’t have a dog in the fight, why do the work and give it away? Do your own research. Consumer reports frequently look at this topic as well.

http://www.eset.com/us/

http://shop.trendmicro.com/brand/SB/?cm_mmc=Paid+Search:US-_-Consumer:Brand-_-Google:TrendMicroExact-_-KW=trend+micro&SQ=trend+micro

http://www.bitdefender.com

http://norton.symantec.com/norton/ps/3up_us_en_navnis360_sym_ent.html?om_sem_cid=hho_sem_sy:us:ggs:sy:e|kw0000006084|10257754940&country=US

http://promos.mcafee.com/offer.aspx?id=469920&affid=792&eid=covmcaggl89400000194617s&adid=17846076983&s_kwcid=TC|16933|mcafee||S|e|17846076983

http://usa.kaspersky.com/?domain=kaspersky.com

http://free.avg.com/us-en/homepage

http://www.avast.com/en-us/index

-Best and Happy Computing