Orange County Computer Consultant

My photo
Orange County Computer Consultant helps small businesses with networking, installations and small business software.

Monday, September 17, 2007

Cyberwar

The DOD has stated that Cyberwar is real. Our US networks have been attacked by China. I heard on CNN that our Secretary of Defense's computer was also penetrated. I do not know if this is true. President Bush says it's not.

The Air force has some of the best cyberwarriors. They have classes to train our troops on information warfare. The have a degree in Cyberwarfare. It's in the electrical and engineering department. They train on IP networks, telecommunications, radars, satellites, transportation systems, and power systems.

The NSA also does try to stop these attacks. The DOD had one of the lowest security rating's out of goverment agencies. The National Science foundation had some of the best security.

Virtualization

Virtualization is hot right now. I sale VM Ware products. I'm currently studying for the VM Ware professional sales. There are plenty of other player in the field right now. There are open source solutions. Such as Virtual Box.

There is also Novell is Xensource.

Virtualization allows you to run multiple virtual machines on one computer or server. It is handy. I run Parallels here at home on my Macbook. The benefit is that I can run Mac OS X and then have Redhat Linux in another window. This allows me to focus on programming in Linux and using Mac OS X for my photos or running ITunes.

Companies can use virtualization to reduce IT cost's, There does not have to be as many desktops. You can run multiple virtual machines on the server and have clients connect with dumb terminals.

Virtualization is also good for security. A virus or worm will only stay in the virtual machine and not infect other machines, or virtual machines. Virtual machines can also be transported with VMware. This can be carried on person in a USB drive.

Microsoft Automatic Updates

It appears that Microsoft has been installing updates without our permission. Tommorow is patch Tuesday. I wonder how many holes they are going to patch?

You can view the knowledge base articles to see what they are installing on your computer there are allot of updates. It would be nice of Microsoft to let users know that they are going to be installing software. It's bad enough that I cannot see the source code. How do I really know what is in those updates? More Spy ware? This is why I love Open Source/Linux. I can view the code and run MD5 checksums to insure that the software has not been tampered with.

I was reading this article in Eweek that stated that they have been doing this for quite some time.

AOL Instant Messenger Attack

It appears that it is possible to send HTML code to AOL messenger, to shut it down or try to gain information from the clients computer.

Here is the link to Bugtraq.

Cisco Adaptive Security Appliance

Every morning I get up and sign into My Yahoo and IGoogle. I have them configured to show me the days exploits and vulnerabilities. I do this to keep my clients informed. My clients consist of Network administrators, CIO's, CEO's and business owners.

Today I recommended a Cisco ASA to a client with IPS. IPS stands for intrusion prevention system. The Cisco ASA comes standard as a firewall. You can then add different modules such as VPN, Content filtering and Anti-X.

The VPN can support different users depending on the module selected. It does SSL and IPsec. There are different encryption protocols that can be utilized as well such as DES and 3DES. A VPN is a virtual private network. It allows you to login remotely form home or Starbucks securely. When you do this without a VPN, you send your data in clear text. A simple sniffer between your computer can pick up these packets and read what is in them. Encryption slows the process of reading the contents. 3DES and DES are very strong and it would take years or even longer to crack it. When you are surfing at your local Starbucks, the guy next to you can run a wireless sniffer and grab your bank account information, Yahoo Login ID, or Amazon login.

The content filtering module allows network administrators to implement security policies. Like blocking Yahoo instant messenger, Myspace, and ESPN during work hours.

Anit-X is a anit-Malware application. It defends against viruses, trojans, key-loggers, exploit code and other goodies that attackers like to use to gain info, mess up data, and just for fun.

The IPS module is nice. It attempts to stop attacks before they happen. How? It has a signature database, the firewall does deep packet inspection. This means it looks at the content of the packets and compares it against a updated databse of known attacks. It it looks suspicious it is dropped or quarantined for later inspection.