How many blogs

I have two Blog’s going right now. This one and www.computersecurityadvice.com I need to focus on one. I have been very busy. I’m now a proud father. Alexnander was born on May 5th. He is the best. I also started working for a computer reseller. I love my job, because I can learn all about different technologies. But my love is still information security. I consult clients on networking, storage, security, software and wireless solutions.

Information Security Consultant

I have decided that I want to do IT security for a living. I think it is the right path to take. I love reading about vulnerabilities and trying to figure out exploits. I’m starting to understand the concepts that different attackers use such as session hijacking, escalation, SQL injection techniques, Cross Site Scripting, race conditions, shell code etc….

I have changed jobs, I was going to offer clients search engine optimization and pay per click services. I have a son now and do not have the time to do customer service for client’s who are not getting the click through’s or conversions to earn money. I do however have the time to secure and analyze networks and home computers. I eat breathe and sleep IT security. I currently work for a large IT reseller, no not CDW.

My day consists of email, telephone calls, I like to make 75-100 calls a day to find new business. I am not a telemarketer. I’m a consultant. I understand prospects being hesitant getting a cold call from a stranger. I’m not here to boost my ego. I do understand IT security, networking, networking protocols, software both commercial and open source. I can read source code in almost any language. I cannot code it yet. I have programmed some really bad C code and spent most of my time debugging. That is how you learn right? Languages I like and want to learn PERL, PHP, C, Assembler, Python, and Ruby. I read Dr. Dobbs currently.

In the background the Backyardigans are blasting. I know parents can relate. LOL.

I’m learning allot in my new position. I used to like Dell, now all I recommend is HP. I own a Macbook, if your curious. I like it. I can use a limited shell with limited BSD functionality. Apple diasbled the root account. Hey Apple I bought the computer I want root.  Virtualization is hot right now. Most IT directors want virtualization. Why? Less money for hardware. I like the fact I can sale VM Ware but look at outsourcing and the reduction of hardware sales can hurt my current job. Security will never go away. It’s a ongoing process.

Storage is another ballgame I’m studying so much new technology. SAN, NAS, Tape LTO blah blah blah.

I’ll be honest I’m in sales and I have a hard time pushing software products when I beleive in Open Source. I can do anything with a Linux box and the right tools. Right SourceForge? Good night……

PERL

Practical extraction and reporting language. Perl is a stable programming language. It is great for automating tasks, especially system administration chores. It is Open Source which means its free.

PERL was created by Larry Wall. PERL is sometimes called the duct-tape of the internet. PERL can be used with popular database programs and implemented into websites as well.

Where can you get PERL? http://www.perl.org/get.html

Website on PERL http://www.perl.org/news.html

The PERL Journal http://www.tpj.com/

Examle of PERL code:

A cheap alarm clock: perl -e ’sleep(120); while (1) { print “\a” }’

Building Internet Firewalls

Building Internet Firewalls by Oreilly 

This book covers the basics of firewall technology to the nitty gritty details. I highly recommend it. It is well written and covers such interesting topics as protocols, databases, security strategies and examles of firewall setups.

Building Internet Firewalls covers packet Filtering, Proxy Services, NAT- network address translation and VPN’s virtual private networks. Firewall architecture such as single box, screened host, bastion host, multiple screened hosts, modems and internal firewalls for your intranets.

The different ways to filter traffic are also discussed in depth. You can filter based upon address, protocol, source and destination addresses amongst many other variables. It discusses both Micorsoft Windows and *nix based solutions.

It goes over Internet Services such as RPC, DCOM, DOM, CIFS, SMB, SSL, RAS, PPTP and so many others.

This book is a awesome reference to add to your security analyst book collection.

Cisco PIX

Cisco PIX Security Appliance.

Cisco PIX Security applications can enforce policies on users and applications.

Cisco PIX can protect you from many different network and Internet based attacks.

Cisco PIX offers secure connectivity, using methods such as SSHv2 Secure Shell Two and VPN virtual private networks.

This is fairly easy to setup.

Cisco PIX can provide you with secure VOIP voice over internet protocol.

IPSec or Internet Protocol Security IPSec can be setup for VPN’s.

Cisco PIX Security appliances provide multiple layers of security.

This hardware/software based solutions is designed to look for anomolies aka weird traffic thats not normal on your network, which could be an indication of a attack.

There is over thirty different engines looking for different attack signatures.

The current version is Cisco PIX appliance version 7.0

Here are some of the feautures:

You can rollback previous configurations in IOS.

QOS- Quality of Service

You can update software on the fly with bringing down the hardware. No rebooting.

VPN client security

Layer 2 transparent firewall.

This is really interesting 3G mobile security services.

You can configure the firewall to block instant messaging, point to point networking P2P.

You have the ability to block applications trying to tunnel thru your network with encrypted
traffic.

Cisco PIX provide rich statefull packet inspection PIX can protect your voice, data, and video
traffic.

Version 7.0 also supports IKE or Internet Key Exchange.

Everything can be managed from Cisco Adaptive Device Manger which can be console and web based.

Benjamin Hargis CEO Phuture Networks
http://www.phuturenetworks.com

Cisco PIX

Cisco PIX Security Appliance.

Cisco PIX Security applications can enforce policies on users and applications.

Cisco PIX can protect you from many different network and Internet based attacks.

Cisco PIX offers secure connectivity, using methods such as SSHv2 Secure Shell Two and VPN virtual private networks.

This is fairly easy to setup.

Cisco PIX can provide you with secure VOIP voice over internet protocol.

IPSec or Internet Protocol Security IPSec can be setup for VPN’s.

Cisco PIX Security appliances provide multiple layers of security.

This hardware/software based solutions is designed to look for anomolies aka weird traffic thats not normal on your network, which could be an indication of a attack.

There is over thirty different engines looking for different attack signatures.

The current version is Cisco PIX appliance version 7.0

Here are some of the feautures:

You can rollback previous configurations in IOS.

QOS- Quality of Service

You can update software on the fly with bringing down the hardware. No rebooting.

VPN client security

Layer 2 transparent firewall.

This is really interesting 3G mobile security services.

You can configure the firewall to block instant messaging, point to point networking P2P.

You have the ability to block applications trying to tunnel thru your network with encrypted
traffic.

Cisco PIX provide rich statefull packet inspection PIX can protect your voice, data, and video
traffic.

Version 7.0 also supports IKE or Internet Key Exchange.

Everything can be managed from Cisco Adaptive Device Manger which can be console and web based.

Benjamin Hargis CEO Phuture Networks
http://www.phuturenetworks.com

More info on Cisco PIX 501

Cisco Firewall PIX 501

This firewall is designed for homes and small businesses.This firewall can support up to ten users on a basic license from Cisco. It has a 133 MHz processor and comes with 16MB’s of RAM. In addition it has 8MB of Flash RAM.

The Firewall also comes with 1 uplink port and a four port switch. It does not support Layer 2 transparent fire walling. It also does not support the routing protocol OSFP which stands for Open Shortest Path First. There is no VLAN-Virtual Local Area Network.

The PIX 501 allows you to setup a VPN-Virtual Private Network easily with the Cisco Easy VPN Server.

The firewall supports speeds up to 60Mbps bidirectional.

When you implement cryptography such as 3DES or DES it slows down the traffic.The PIX 501 can support anywhere from 50-unlimited users depending on your license

Voice over IP

I hear allot about VOIP what is it?

VOIP stands for voice over internet protocol. Basically it means making phones calls over your local area network (LAN) or even across the Internet.

VOIP is normally cheaper than your PSTN that’s public switched telephone network i.e. your local carrier.

VOIP is a good choice for businesses as well to save money on long distance calls if they have many satellite offices. VOIP service providers usually have lower fees because they are not a government regulated currently as the phone systems which at one time were a monopoly. VOIP can even be free if you connect directly to another VOIP client.

VOIP routers can send your incoming phone calls to you anywhere thus cutting down on the number of lines and you can be reached anywhere you have a Internet connection.

This and the combination of technologies like WiFi are going to make for one huge network. That voice, data and video will be sent everywhere and from anywhere. With this VOIP technology you have allot more features as well such as Caller ID, Call Forwarding and answering services all from your computer or PDA.

There are some issues to still be worked on.

Here are some:

The amount of band with required.

Security issues- what type of encryption should be used and how much is going to slow down the call and network?

This is a exciting and new technology which I will be writing more about.

Benjamin Hargis

Cisco PIX 506E

Cisco Pix 506E Security Appliance

This firewall is a enterprise class security appliance. It could be used for small to medium sized businesses, sattelite offices and regional offices.It supports two 10/100 fast ethernet cards and also two 802.1q virtual interfaces.This alows your business to create a DMZ or demilitarized zone. This is a spot on your network that you put your webservers but not your backend servers like SQL or Exchange. Cisco took the approach of multilayered defense again with this product and it has alot of nice feautres to help protect your network and data.There are no moving parts making it more reliable.

The Cisco Pix 506E uses what Cisco calls Cisco Adaptive Security Algorithim.This provides statefull packet inspection it logs all authorized attempts to use the network as well as trying to block unauthorized access.The firewall is designed to look for common vulnerabilities, it looks for about 55 well known attacks.It inspects layers 4 through 7 os the OSI layers. The Cisco Pix 506E also looks at application data traversing the network and even protocol status.The designers of this firewall did a good job. The Cisco Adaptive Security Algorithim does protocol field checking and also URL length checking. It does not mention anything about if it can filter Unicode.It has over 100 applications already documented so you can allow or disallow them easily.

Cisco PIX Device manager allows administrators to manage their network remotely.Network or Firewall administratos can still create their own ACL’s or access control lists and user and group based policies. Network administrators can decide which applications that are and are not allowed thru their network as well as protocols.Protocols that this device checks are HTTP, FTP,SMTP, DNS, SQl*Net,NFS,ILS, SCCP and many more.For instance I would not allow my employess to use Telnet, if they needed remote connectivity at all I would suggest SSH using a cool program called Putty for Windows based machines.

Since Im on the topic of remote management I will talk about some of the Cisco Pix 506E solutions.The are many different ways to mange this device. It can be troubleshooted and configured remotely.If you have a web browser which I hope all admins have, you can access this firewall through the Internet. It uses SNMP simple network management protocol for monitoring devices on the network.You can use Auto Update server, security monitor and management center for firewalls.

The firewall does auditing, has support for Dynamic devices on the network and can do software images.

The Cisco Pix 506E also has support for VPN’s or virtual private networks.You can use either IKE Internet Key Exchange or IPsec.Cisco also offers VPN concentrators to speed up connections. I will be writing articles on those shorlty. The encryption standards it supports are DES data encryption standard, this is crackable. 3DES which is more secure and AES advanced encryption standard. I recommend the later. The VPN can work with NAT or network address translation which hides your internal IP address from the Internet. Support for up to 10 VPN uers.The firewall also supports TACAS+ and RADIUS.

VoIP- Voice over Internet protocol can also be ran thru this firewall. So that you can sleep well at night knowing that your multimedia and voice connections are secure.
This is probably my favorite about this device. Intrusion Prevention. This firewall has tools that protect it from many well-known attacks.

Dos or denial of service attacks are prevented from bringing down your network and firewall. I do question how much data this device can take before shutting down or how many packets it can drop quickly. There tools are called DNSGuard, FloodGuard, MailGuard, IPVerify and TCP intercept.

This firewall can also contact adminstrators real time thru a cell phone SMS or email thru a devich such as a RIM Blackberry.I have read of software that will allow you to SSH to your router, computer thru the Blackberry. Cisco’s auditing software is called CiscoWorks Information management Solutions or SIMS.No not the game. It collects and anayzes data from across your network allowing you to prioritize threat levels.

Benjamin Hargis
Phuture Networks
http://www.phuturenetworks.com/

My Yahoo

I love this service from Yahoo.With My Yahoo I can tweek the homepage to have the information that I want. What do I use it for? A calendar, email, tasks, news, stocks, bookmarks, weather and movies. Its awesome and best of all free. Its my jump off point to the Internet next to Google.