http://blogs.cisco.com/security/synful-knock This is an attack that is successful only if you do not change default passwords on Cisco Routers. But… see below. In Mid September: { Today, Mandiant/FireEye published an article describing an example of this type of attack. This involved a router “implant” that they dubbed SYNful Knock, reported to have been found in 14 routers … Read more
To answer why Cybersecurity? we must discuss how software is being developed. There are traditional software methods (also called waterfall) from the following site: http://www.umsl.edu/~hugheyd/is6840/waterfall.html I always like to break down waterfall in the following: Pseudocode Design Develop Test Customer has it – needs any bug fixes must be fixed. Did you notice a lack of … Read more
beartales.me “Another hacker” Joke #449 at Al’s Cyberjoke 3000 website Two computer programmers met in the park. One said, “New bike?” “Yep.” “Nice. How much did it cost you?” “Nothing!” “Nothing? How can that be?” “Well, you see, yesterday a gorgeous woman rode up to me on this bike, took off all her … Read more
When we set up a Network we segment the network. The firewall protects the inside network, and the inside network critical systems are separated from the rest of the devices. Also for compliance reasons one needs to segment networks. So the hacker wants to see all the computers… (how?) VLAN hopping. http://www.blackhat.com/presentations/bh-usa-02/bh-us-02-convery-switches.pdf This is … Read more
Yes we(humans) are Risk seeking with losses, and risk averse with gains. https://www.schneier.com/essays/archives/2008/01/the_psychology_of_se.html “Security is a tradeoff,” Schneier said, speaking to a packed audience at his RSA session. “What are you getting for what you’re giving up? Whether you make that tradeoff consciously or not, there is one.” You think that your computers are not … Read more