Cisco Firewall PIX 501
This firewall is designed for homes and small businesses.This firewall can support up to ten users on a basic license from Cisco. It has a 133 MHz processor and comes with 16MB's of RAM. In addition it has 8MB of Flash RAM.
The Firewall also comes with 1 uplink port and a four port switch. It does not support Layer 2 transparent fire walling. It also does not support the routing protocol OSFP which stands for Open Shortest Path First. There is no VLAN-Virtual Local Area Network.
The PIX 501 allows you to setup a VPN-Virtual Private Network easily with the Cisco Easy VPN Server.
The firewall supports speeds up to 60Mbps bidirectional.
When you implement cryptography such as 3DES or DES it slows down the traffic.The PIX 501 can support anywhere from 50-unlimited users depending on your license
Orange County Computer Consultant
- Orange County Computer Security Consultant
- Orange County Computer Consultant helps small businesses with networking, installations and small business software.
Wednesday, December 14, 2005
Cisco PIX Technology
Cisco PIX Security Appliance.
Cisco PIX Security applications can enforce policies on users and applications.
Cisco PIX can protect you from many different network and Internet based attacks.
Cisco PIX offers secure connectivity, using methods such as SSHv2 Secure Shell Two and VPN virtual private networks.
This is fairly easy to setup.
Cisco PIX can provide you with secure VOIP voice over internet protocol.
IPSec or Internet Protocol Security IPSec can be setup for VPN's.
Cisco PIX Security appliances provide multiple layers of security.
This hardware/software based solutions is designed to look for anomolies aka weird traffic thats not normal on your network, which could be an indication of a attack.
There is over thirty different engines looking for different attack signatures.
The current version is Cisco PIX appliance version 7.0
Here are some of the feautures:
You can rollback previous configurations in IOS.
QOS- Quality of Service
You can update software on the fly with bringing down the hardware. No rebooting.
VPN client security
Layer 2 transparent firewall.
This is really interesting 3G mobile security services.
You can configure the firewall to block instant messaging, point to point networking P2P.
You have the ability to block applications trying to tunnel thru your network with encrypted
traffic.
Cisco PIX provide rich statefull packet inspection PIX can protect your voice, data, and video
traffic.
Version 7.0 also supports IKE or Internet Key Exchange.
Everything can be managed from Cisco Adaptive Device Manger which can be console and web based.
Benjamin Hargis CEO Phuture Networks
http://www.phuturenetworks.com
http://www.computersecurityadvice.com/
Here are some other sites for you viewing pleasure:http://www.checkmategame.blogspot.com
http://www.realestatelead.blogspot.com/
Cisco PIX Security applications can enforce policies on users and applications.
Cisco PIX can protect you from many different network and Internet based attacks.
Cisco PIX offers secure connectivity, using methods such as SSHv2 Secure Shell Two and VPN virtual private networks.
This is fairly easy to setup.
Cisco PIX can provide you with secure VOIP voice over internet protocol.
IPSec or Internet Protocol Security IPSec can be setup for VPN's.
Cisco PIX Security appliances provide multiple layers of security.
This hardware/software based solutions is designed to look for anomolies aka weird traffic thats not normal on your network, which could be an indication of a attack.
There is over thirty different engines looking for different attack signatures.
The current version is Cisco PIX appliance version 7.0
Here are some of the feautures:
You can rollback previous configurations in IOS.
QOS- Quality of Service
You can update software on the fly with bringing down the hardware. No rebooting.
VPN client security
Layer 2 transparent firewall.
This is really interesting 3G mobile security services.
You can configure the firewall to block instant messaging, point to point networking P2P.
You have the ability to block applications trying to tunnel thru your network with encrypted
traffic.
Cisco PIX provide rich statefull packet inspection PIX can protect your voice, data, and video
traffic.
Version 7.0 also supports IKE or Internet Key Exchange.
Everything can be managed from Cisco Adaptive Device Manger which can be console and web based.
Benjamin Hargis CEO Phuture Networks
http://www.phuturenetworks.com
http://www.computersecurityadvice.com/
Here are some other sites for you viewing pleasure:http://www.checkmategame.blogspot.com
http://www.realestatelead.blogspot.com/
Sales Tips
-Here are some tips for people in sales, hope this helps.
Anticipate objections and be ready with rebuttals.
Get down to the real objection.
Follow up with all leads.
Do it the best its ever been done.
Its all numbers, dial more.
Provide value for customers.
Control the conversation, listen even more.
Follow ethical practices.
Planning, goal setting, decision making, delegation and communication work on improving these areas.
Toss out ideas at meetings.
Keep abreast of the market
Look for multiple sources of income.
Assume responsibility for your actions.
Build relationships.
Network like crazy.
Be resourcefull, ready, remebered and relentless.
Help customers discover the best solutions.
Persist and dont give up!
I've been in sales for 15 years this can be valuable to new sales people and veterans.
Anticipate objections and be ready with rebuttals.
Get down to the real objection.
Follow up with all leads.
Do it the best its ever been done.
Its all numbers, dial more.
Provide value for customers.
Control the conversation, listen even more.
Follow ethical practices.
Planning, goal setting, decision making, delegation and communication work on improving these areas.
Toss out ideas at meetings.
Keep abreast of the market
Look for multiple sources of income.
Assume responsibility for your actions.
Build relationships.
Network like crazy.
Be resourcefull, ready, remebered and relentless.
Help customers discover the best solutions.
Persist and dont give up!
I've been in sales for 15 years this can be valuable to new sales people and veterans.
Building Internet Firewalls
Building Internet Firewalls by Oreilly
This book covers the basics of firewall technology to the nitty gritty details. I highly recommend it. It is well written and covers such interesting topics as protocols, databases, security strategies and examles of firewall setups.
Building Internet Firewalls covers packet Filtering, Proxy Services, NAT- network address translation and VPN's virtual private networks. Firewall architecture such as single box, screened host, bastion host, multiple screened hosts, modems and internal firewalls for your intranets.
The different ways to filter traffic are also discussed in depth. You can filter based upon address, protocol, source and destination addresses amongst many other variables. It discusses both Micorsoft Windows and *nix based solutions.
It goes over Internet Services such as RPC, DCOM, DOM, CIFS, SMB, SSL, RAS, PPTP and so many others.
This book is a awesome reference to add to your security analyst book collection.
This book covers the basics of firewall technology to the nitty gritty details. I highly recommend it. It is well written and covers such interesting topics as protocols, databases, security strategies and examles of firewall setups.
Building Internet Firewalls covers packet Filtering, Proxy Services, NAT- network address translation and VPN's virtual private networks. Firewall architecture such as single box, screened host, bastion host, multiple screened hosts, modems and internal firewalls for your intranets.
The different ways to filter traffic are also discussed in depth. You can filter based upon address, protocol, source and destination addresses amongst many other variables. It discusses both Micorsoft Windows and *nix based solutions.
It goes over Internet Services such as RPC, DCOM, DOM, CIFS, SMB, SSL, RAS, PPTP and so many others.
This book is a awesome reference to add to your security analyst book collection.
Microsoft Security Update
Microsoft has released several security alerts for Microsoft Internet Explorer. Here are four of them:
HTTPS Proxy Vulnerability (CAN-2005-2830)
File Download Dialog Box Manipulation Vulnerability (CAN-2005-2829)
COM Object Instantiation Memory Corruption Vulnerability (CAN-2005-2831)
Mismatched Document Object Model Objects Memory Corruption Vulnerability (CAN-2005-1790)
This can cause problems ranging from attackers reading web addresses sent to a proxy server to running malicious code on your hosts to gain admin access.
MS05-055Vulnerability in Windows Kernel Allows Elevation of Privilege (908523)http://www.microsoft.com/technet/security/bulletin/MS05-055.mspx
This one allows attackers to escalate or gain higher privleges than allowed an example would be a user with no rights gaining administrative control of the machine. It is possible to change kernel memory with this vulnerability. This can lead to remote code execution as well.
HTTPS Proxy Vulnerability (CAN-2005-2830)
File Download Dialog Box Manipulation Vulnerability (CAN-2005-2829)
COM Object Instantiation Memory Corruption Vulnerability (CAN-2005-2831)
Mismatched Document Object Model Objects Memory Corruption Vulnerability (CAN-2005-1790)
This can cause problems ranging from attackers reading web addresses sent to a proxy server to running malicious code on your hosts to gain admin access.
MS05-055Vulnerability in Windows Kernel Allows Elevation of Privilege (908523)http://www.microsoft.com/technet/security/bulletin/MS05-055.mspx
This one allows attackers to escalate or gain higher privleges than allowed an example would be a user with no rights gaining administrative control of the machine. It is possible to change kernel memory with this vulnerability. This can lead to remote code execution as well.
Tuesday, December 13, 2005
Cisco PIX 501 security appliance
The is a firewall thats easy to set up for home or small office. It has a four port fast Ethernet switch built in.
This firewall can provide up to 60Mbps data transfer or 3Mbps of encrypted traffic using (3DES) . This can be used for VPN's Virtual Private Networks.
It supports AES which is the Advanced Encrytion Standard at up to 4mbps.
Here is Cisco's overview of their product
SANS going to start IT college
SANS will create a IT college! This is great news. Its going to be in Maryland, hmm I wonder why. Maryland is famous for computer security why do you ask? The National Security Agency is there. I would love to attend this school, it would be fun. They will offer two programs for Masters Degrees:
Information Security Engineering
Information Security Management
This will not be easy there looking for high GPA's and recommendations from employeers.
Information Security Engineering
Information Security Management
This will not be easy there looking for high GPA's and recommendations from employeers.
Security Warrior
This is a great book that gets more technical than most books I read. What does it contain? What does it not :)
It has assembly programming tutorials, reverse engineering concepts and tools. Overflow attacks and ways to stop them or at least make it more difficult.
TCP/IP analysis and tools to help in your network engineering chores. It breaks down protocols and their strengths and weaknesses.
It also covers forensics, and anti-forensics. SQL, Wireless, VPN's and SSL.
There is so much in this book and its a great read and handy reference this is my third time reading it so I recommend it to any security analyst's bookshelf.
Bidding for Excel Vulnerability
A cracker discovered a hole in Microsoft Excel and try to auction it off! This is a first, kinda funny in my opinion. Ebay quickly pulled it from their website. This is a goodthing. There are tons of free software out on the Internet to recover Microsoft Office passwords.
I use many Linux Distributions on bootable CD's to recover these from clients who have forgot or lost their passwords. I can recover most files even ones that have been deleted.
I use many Linux Distributions on bootable CD's to recover these from clients who have forgot or lost their passwords. I can recover most files even ones that have been deleted.
Virus Definitions
I'm amazed on how so many people think that antivirus software is a cureall its only as good as your last updates. Malicious users write malware daily to exploit and corrupt your systems. Turn on your auotmatic updates! YOu should also use a firewall, if your using wireless use WPA with strong paawords.
Spyware is also rampant on the Internet is your homepage changing automatically? There is also the threat of keyloggers which could be logging your bank account info, or even your Amazon account information! Use tools such as SpyBot Search and Destroy or Adaware.
Spyware is also rampant on the Internet is your homepage changing automatically? There is also the threat of keyloggers which could be logging your bank account info, or even your Amazon account information! Use tools such as SpyBot Search and Destroy or Adaware.
Monday, December 12, 2005
What is PERL?
Practical extraction and reporting language. Perl is a stable programming language. It is great for automating tasks, especially system administration chores. It is Open Source which means its free.
PERL was created by Larry Wall. PERL is sometimes called the duct-tape of the internet. PERL can be used with popular database programs and implemented into websites as well.
Where can you get PERL? http://www.perl.org/get.html
Website on PERL http://www.perl.org/news.html
The PERL Journal http://www.tpj.com/
Examle of PERL code:
A cheap alarm clock: perl -e ’sleep(120); while (1) { print "\a" }’
PERL was created by Larry Wall. PERL is sometimes called the duct-tape of the internet. PERL can be used with popular database programs and implemented into websites as well.
Where can you get PERL? http://www.perl.org/get.html
Website on PERL http://www.perl.org/news.html
The PERL Journal http://www.tpj.com/
Examle of PERL code:
A cheap alarm clock: perl -e ’sleep(120); while (1) { print "\a" }’
Random Password Generator
Steve Gibson writes great software. This tool will generate random passwords for you you, this is usefull for alot of things such as WPA and WEP.
https://www.grc.com/passwords
It gives you 3 choices!
63 random alpha-numeric characters (a-z, A-Z, 0-9)
63 random printable ASCII characters
64 random hexadecimal characters (0-9 and A-F):
https://www.grc.com/passwords
It gives you 3 choices!
63 random alpha-numeric characters (a-z, A-Z, 0-9)
63 random printable ASCII characters
64 random hexadecimal characters (0-9 and A-F):
Friday, December 09, 2005
Want to learn ARM assembly?
So what exactly is ARM, its a RISC based processor it can be used for mobile applications such as cellphones, it also can be used for routers, switches and hubs. I like embedded programming and figured I would include a link to learn to code in assembly for ARM.
Microsoft Security Video
This come from Microsoft in Japan- it is so cool.
From Microsoft Japan
http://www.microsoft.com/japan/athome/security/images/thinksecurity/tv/thinksec_1m.wvx
From Microsoft Japan
http://www.microsoft.com/japan/athome/security/images/thinksecurity/tv/thinksec_1m.wvx
Thursday, December 08, 2005
Firefox Vulnerability
We all new this one was coming. I love Firefox but the more popular it gets the more were going to see holes and exploits. Its still alot safer than IE.
http://isc.sans.org/diary.php?storyid=920
This code was written just to test Firefox, and it worked.
http://isc.sans.org/diary.php?storyid=920
This code was written just to test Firefox, and it worked.
Wednesday, December 07, 2005
Voice Over IP
This technology is hot, it allows you to make phone calls over the internet with the IP protocol, companies like Google might have plans to use this nationally already. There is also VONAGE.
You can check them out here : http://www.vonage.com/
You can check them out here : http://www.vonage.com/
Looking for a great debugger?
IDA Pro dissasembler is perfect for looking at machine language. Word of warning it is difficult to use, but it is the best in my opinion. It works with different processors as well. It also serves as a dissasembler. This is great for looking at Malware to find it what makes it tick and see which system calls its using. It call also allow you to view HEX. Stacks, jumps, tables it has it all!
Tuesday, December 06, 2005
Wired buffer overflow show
I came across this on Wired's website www.wired.com It's a flash program showing how a buffer overflow works. Pretty cool yet makes it look way to easy :) Generating shellcode is not for the faint. Here is the link http://ly.lygo.com/ly/wired/news/flash/special_reports_bugs_1.html
Microsoft Internet Explorer Vulnerability
Another one? Come on Microsoft, Smart people use Firefox www.mozilla.org. There is a window() object that fails to check code passed thru it correctly. An attacker can execute code to launch a shell and take over the computer. The IE user would have to view a HTML documnent or email to be affected.
Disable Active scripting.
Follow this link to check out a paper on malicious active scritping:
http://www.cert.org/tech_tips/malicious_code_FAQ.html#ie56
Disable Active scripting.
Follow this link to check out a paper on malicious active scritping:
http://www.cert.org/tech_tips/malicious_code_FAQ.html#ie56