Tag Archive for SANS Institute

| November 19, 2010
Comments Off on Do You Know Where Your IPv6 Is?

Do You Know Where Your IPv6 Is?

Do You Know Where Your IPv6 Is?Earlier, I covered the iSuppli announcement that nearly 3 out of every 4 people on Earth will soon own a mobile phone. Now, this factoid has some consequences. Johannes Ullrich, PhD, chief research officer for the SANS Institute is predicting that the arrival of new and upgraded IPv6-enabled operating systems, can open new and unrecognized security weaknesses in otherwise secure environments.

SANS Institute logo

Dr. Ullrich told Net Security, “One of the problems is the accidental implementation of IPv6. You may already have IPv6 on your network without knowing about or configuring it.” He continues, “Windows 7, OS X, and Linux enable it by default. In the last round of operating system updates, it has tended to be turned on by default.” Dr. Ullrich, who is currently responsible for the SANS Internet Storm Center (ISC), also highlights devices running Apple’s IOS such as iPhone as well as some Google Android devices come with IPv6 enabled by default.

Dr. Ullrich says that the growth of mixed IPv4 and IPv6 networks, sometimes without the knowledge of IT security teams, can introduce a variety of potential security risks. Attacks designed to exploit IPv6-enabled devices could also be missed by security teams not looking for  IPv6 traffic, “Many organizations will look at their own networks and not see a big problem staying on IPv4,” he explains.

According to Net Security, Ullrich believes that organizations have failed to grasp the full impact of a move to IPv6 or the amount of time needed to plan, test, and secure any migration strategy. Ullrich believes that it will take at least about a year for larger organizations to move over to IPv6. Although most modern routers and switches are capable, supporting SIEM, IDS, IPS, and monitoring tools will need reconfiguration. The application layer is more problematic according to the SANS Institute expert  “It is comparable to the Y2K problem, and there may well be many complex or custom applications that are affected by switching over that need to be tested.”

This gadget has been developed by Takashi Arano, Intec NetCore

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , ,
| June 18, 2010
Comments Off on Full AV Needed for MacOS

Full AV Needed for MacOS

The Mac antivirus vendor Intego has identified a new malware threat for MacOS. On the Mac Security Blog, the firm calls the threat, OSX/OpinionSpy, a “high risk.” According to their blog, the main distribution channel for the malware through screen saver programs downloadable from reputable download sites including MacUpdate, VersionTracker, and Softpedia. The malicious code does the typical malware things like scan files, record user activity, create a backdoor, and send stolen data to remote servers.

SeacrchSecurity quotes security expert and SANS Institute instructor, Rob VandenBrink, writing on the SANS Internet Storm Center Diary, who said the malware is a simple bolt-on to other freely downloadable applications. “The neat thing about this malware is that it passes most static scan tests – the downloaded software itself is clean, the malware is downloaded as part of the installation process,” VandenBrink wrote. “This highlights the requirement for an on-access virus scanner for your OSX computers.”

rb-

Many people have long-held that macOS is more secure than Windows. macOS and its underlying *NIX OS have their own issues. The recent announcement by Google to increase its use of non-Windows OS’s (here and here) has made macOS security thru obscurity mute. Mickey Boodaei, CEO of security vendor Trusteer, told SC Magazine, “Mac and Linux are not more secure than Windows. They’re less targeted. There is a big difference.”

This announcement weakens the theory that using MacOS computers is the best way to secure online financial transactions. For the time being, a * NIX-based live CD is probably the safest bet to secure your online financial transactions.

macOS users should get a real anti-malware package that includes an on-access scanner.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,