Building The Net

Exploit Against Adobe Flash and Adobe Reader.

I thought I got this posted the beginning of the week, but I guess it slipped through the cracks… June 4, 2010, Adobe confirmed that a zero day exploit exists in it’s Flash Player,  Acrobat and Adobe Reader software. This bug effects all of it’s supported platforms, and has been found in the wild.

So, you all know the drill, if your computer has the software listed in the Adobe Security Bulletin, then follow the instructions and get yourself safe!

– Stu

Building Redundant Networks in Data Centers.

I recently was asked to put together a brief web presentation on the different methods of creating redundant networks. I couldn’t think of a better place to put it, then right here on my blog. After all, I was overdue for a post anyways…

What do I mean by redundant networks?

A redundant network is two or more distinct paths for data to travel to and from an upstream network. In it’s simplest form, it can be a piece of equipment that can be manually placed into service easily upon a failure. More often though it is set up so that any single device or connection can fail, and without user intervention, a backup system or connection will automatically step in and take over the job of the failed device, or connection. A redundant network does not mean that no mater what happens, your data will still be reachable. There are many factors that need to be considered, ranging anywhere from your providers, to your applications, that can cause a failure.

Read more »

Amazon Brute Force SIP Attacks – Dave Michels Interviews Me.

Shortly After my “SIP Brute Force Attack Originating From Amazon EC2 Hosts” post, Dave Michels interviewed me for an article Dark Side of the Cloud. This is that interview:

Dave:   What do you believe the intent was of the attacks? Free long distance?

Stu: Certainly free long distance would be one reason… But there are many other reasons to hijack a SIP account. I’m sure that organized crime would pay for a block of active SIP logins. They could use them to circumvent surveillance, or possibly use them for fraudulent boiler room calls about extended warranties and such.

Remember, most folks still believe that the Telephone System is secure… They tend to believe someone who is calling them.

Read more »

SIP Brute Force Attack Originating From Amazon EC2 Hosts.

I woke up Saturday morning to find strangely high network activity on some of our inbound connections. After a quick review, it turned out that most of the traffic was going into several of our hosted PBX systems. After a little more digging, I discovered that several systems on the Amazon EC2 network were preforming brute force attacks, against our VoIP servers. They were attempting to guess user names and passwords for our SIP clients. I immediately blocked all traffic from the attacking IPs and examined the logs. Thankfully, I found that non of the attacks had succeeded in guessing passwords.

Read more »

Upgrading to Windows 7

Windows 7 is out! And as usual, Microsoft is pushing the idea that: “Windows 7 is the greatest operating system ever created”. Well, I would argue that point, but if you are a hardcore windows user, you most likely will be drinking from the Microsoft Cool-Aid fountain, and will purchase the Windows 7 upgrade.

The first thing you’ll notice is that if you aren’t running Vista, you will be installing Windows 7 as a fresh install. Even if you are running Vista, most experts recommend that you install from scratch regardless. So what does that mean to Windows users? You will be starting fresh! A fresh start! A new tomorrow!

Read more »

What is GNUPG?

GNUPG is the open source alternative to PGP. It allows you to sign and / or encrypt digital information that you are sending to others. They then can verify / decrypt the data. It uses the asymmetric cryptography model for signing data and can use both symmetric and asymmetric cryptography for data encryption.

Why use GNUPG

GNUPG creates an additional layer of security and authenticity of data that you transmit or receive. This helps verify and protect your identity on the web. Using GNUPG for encryption also protects sensitive information during transmission to others, as well as protecting data on storage media.

Read more »

The temptation of the cloud…

In today’s everything digital world, it seems like a natural thing to store your data where you can get to it from anywhere. But who is insuring that all those photos, contacts, videos, calendar entries, and other digital info will be there in ten years? Or in five years? Or even next year? Actually, who is making sure it will be there and accessible tomorrow? With Microsoft/Danger’s announcement of a total data storage failure on the T-Mobile Sidekick Network:

Read more »

This story might not be for everyone.

I often have trouble thinking of things to write about that will fit in to the “Everyone can benefit from” category. This little blog post is really aimed at IT folks and their families. It is an effort in explaining some of the strange thought processes we as IT people need to use in our jobs, and how they leak into our home and social lives sometimes.

Read more »

Thousands report receiving health care email from White House without requesting it.

Over the last few days, news agencies have been reporting that the office of the president used a third party email service to deliver a political email to email accounts that were not subscribed or ever requested government email. This has lead to all sorts of questions regarding if tax payer money was used, or if the White House over stepped it’s bounds by sending what many are calling “SPAM” emails under the presidential umbrella.

This event has brought to the forefront a company that is engaged in managing mass emails for different government agencies called Gov Delivery. Caught in the middle of this whole thing, Gov Delivery is doing it’s best to protect both it’s clients, and it’s own back end. But I think everyone is missing the real story here.

Read more »

Who’s really behind the idea.

First off, let me be clear that this was not my idea. I was told about this whole concept by Mike Rubel @ Cal Tech. He’s the rocket scientist behind this whole idea. Now that we have our “Credit Where Credit is Due” portion out of the way, let’s get into the whole rsync backup concept.

Read more »