According to the latest Threatscape report (October 2009) released by Fortinet, the total amount of malware detected is more than a year, with levels four times greater than in the previous month (September 2009).
The two main Bredolab variants detected this month were W32/Bredo.G and W32/Bredolab.X, most notably included in fake DHL invoice spam campaigns.
Derek Manky, project manager, cyber security and threat research, Fortinet commented: “We’re seeing record levels of scareware building off volume from September, and the danger in these threats is only becoming more serious as the methods for delivery evolve and the blending of attacks bring more complexity.
“As we’ve seen in the consistency of repeated threats, the old schemes are still proving to be good methods. Enterprises and consumers must take equal responsibility in understanding the disguises of these threats and implementing a multi-pronged security solution that addresses the different and changing characteristics of tried and true tactics,” he added
During the month of October 2009 Scareware tactics have reached all time high, with worst ever attacks reported. Seven of the top ten malware variants detected linked back to scareware, with scareware tactics diverging to include botnets, corrupted advertisements and SEO attacks.
The most notable development in October 2009 was the preponderance of AntiVirus Pro 2010 rogue security software, which when installed will contact a remote server in order to obtain malicious payload and receive updated copies; a trojan downloader named Bredolab which is now downloading AntiVirus Pro 2010 installers and the ZBot keylogger; and the ongoing development of affiliate programs that tempt participants with a handsome pay-out on each software download purchased. Tools and kits are readily available to participating affiliates, accelerating the distribution of scareware and other malicious components.
Read the full October Threatscape report, which includes the top threat rankings in each category.
We are all aware of the traditional way of transferring IOS files from and to Cisco Catalyst Switches, Cisco Routers and Cisco PIX/ASA firewall devices using TFPT, FTP and lately https. However there is also one more way to copy the IOS files, which is known as Secure Copy (SCP). The Secure Copy (SCP) is a secure and authenticated method of copying a configuration file or transferring an Image files to Cisco Catalyst Switches, Cisco Routers and Cisco PIX/ASA firewall devices.
Cisco Systems introduced the Secure Copy (SCP) feature in the following IOS releases
This feature was introduced.
This feature was integrated into Cisco IOS 12.0(21)S.
This feature was integrated into Cisco IOS 12.2(25)S.
PIX/ASA firewalls 7.1 and above, FWSM 3.1 and above.
The Secure Copy (SCP) works on SSH protocol on port 22 which is like an encrypted tunnel. This tool is very useful especially to transfer files for upgrades or to perform safe backups.
In my next post you will find the commands to configure SCP in a Cisco Router and Switch.
We all know the importance of logs generated by Cisco Devices. Since long time I am using Kiwi Syslog server to capture the log generated by the Cisco Devices installed in our network. Recently Solar Winds announced the release of Kiwi Syslog Server. Since I was using an old version I downloaded the latest full trail version of Kiwi Syslog Server version 9. In the new version I found some new cool features which are really useful for Network Administrators.
Pic Courtesy: Solar Winds
With new Kiwi Syslog Server you can access the Syslog data from anywhere on the network using the web access this feature is amazing as its easy for me to look at logs periodically no matter where I am.
Some of the key features of Kiwi Syslog Server v9 are as follows.
View your syslog data from anywhere on the network via web access – NEW FEATURE!
Filter messages and create advanced alerts with Advanced Script Processing
Log to any database with ODBC logging
Schedule archiving and log maintenance by using Automated Log Archive
View syslog messages in multiple windows simultaneously
Automatically perform actions based on alerts, including sending email, forwarding messages, triggering audible alarms, sending SNMP trap messages, and paging IT staff
Retain the original source IP on forwarded messages as one of many advanced forwarding options
Forward Windows event log messages from your Windows servers to your Kiwi Syslog Server using the included Log Forwarder for Windows – NEW FEATURE!
Produce trend analysis graphs and email syslog traffic statistics
Leverage and share user-created rules, filters and scripts with the Community Content Exchange on thwack – NEW FEATURE!
With new Kiwi Syslog Server v9 my day to day activity is somewhat simplified as I can create filters based on host name, IP address or even event based. I just don’t need to look at each and every log. It does saves lot of time.
For sure you must try the new Kiwi Syslog Server. It does comes in two versions a free one and a full version with lot features.
Dell teams up with Juniper Networks Inc to offer networking solutions under Dell’s Power Connect brand.
As per the recent press release from Juniper Networks Inc, Juniper Networks Inc has reached an agreement with leading PC maker Dell to offer networking solutions under Dell’s Power Connect brand.
With this deal Juniper and Dell are planning to work together on open, standards-based solutions for virtualized data centers and to create technology solutions using Converged Enhanced Ethernet (CEE).
Juniper and Dell are a formidable team, and together we can deliver significant value for enterprise customers around the world. This OEM agreement is another great step in our sustained and successful push into the enterprise market,” said Gerri Elliott, executive vice president, Strategic Alliances, Juniper Networks. “We have the only infrastructure that includes integrated security, routing and switching running on a single operating system. And that uniform approach is a great benefit to IT organizations, from the smallest to the largest, as they tackle the challenges of an increasingly decentralized landscape.”
[kml_flashembed movie="http://www.youtube.com/v/yZMqh7DWYM4" width="425" height="350" wmode="transparent" /]
The products Dell will deliver under its PowerConnect brand include the Juniper Networks MX Series services routers, EX Series Ethernet switches and SRX Series services gateways, all running JUNOS® Software. Dell expects to make these products available to customers via its direct and PartnerDirect channels.
MX Series Routers — MX Series Ethernet Services Routers offer advanced routing capabilities, such as Multiprotocol Label Switching network virtualization, low-latency multicast, advanced quality of service (QoS), and high availability.
EX Series Ethernet Switches — EX Series Ethernet Switches deliver the next-generation of switching technology for todays – and tomorrow’s – networks. With the EX Series, businesses can deploy a cost-effective family of switches that delivers the high availability (HA), integrated security and operational excellence needed today, while providing a platform for supporting future requirements.
SRX Series Services Gateways — For organizations supporting extranets, SRX Series Services Gateways can help lower the cost of delivering new capabilities while reducing risk, and satisfying end users. These services gateways integrate leading security, connectivity, and application delivery capabilities into a single platform for a safe, affordable, and consistent high-performance communications foundation.
Finally Dell too started venturing into new business. Dell has also announced that it would be promoting Salesfroce.com (CRM) software products to its valued customers in American market. Apart from this Dell is also planning tap the fast growing smart phone market by launching its own smart phone to run on Google’s Android mobile operating system.
Cisco’s TechWise TV is webcasting a 60 minute Episode on 29th of October 2009 with a title ‘”Routers Are Dead. Long Live the Router!” where you can learn the Cisco integrated services router will dramatically simplify your branch architecture and greatly reduce your network management workload.
[kml_flashembed movie="http://www.youtube.com/v/BTebfzQkDhE" width="425" height="350" wmode="transparent" /]
By registering to this web cast you will get the chance to see the technological advances that will enable you to create a truly borderless network, while giving you the convenient, powerful network management features you crave in today’s resource-challenged IT environment.
- ISR G2: New Model New Story
- The ISR Autopsy
- New Modules
- Security Innovation in the ISR
- Collaboration Enablement
- The Service Ready Engine
- Universal IOS
- Long Live the Router
I was just accessing the rough cuts for the Cisco CCIE Routing and Switching Official Certification Guide, 4th Edition. I had a great first impression. I had a chance to read “LAN Switching” part. It was a great firsthand experience. This segment is organized well and the approach is similar to CCNA, CCNP books, starts with a brief introduction and then the most useful section of Cisco Press Books “Do I Know This Already?” Quiz followed by “Foundation topics and “Foundation Summary”.
Pic Courtesy: Cisco Press
The Cisco Press authors Wendell Odom, Rus Healy and Denise Donohue did a credible job; I liked the way they presented the topics, since I spent most of my time on Switching I really enjoyed the “LAN Switching” part. Though I am familiar with most of the things they were talking but it was great experience to refresh my info.
The CCIE Routing and Switching Official Certification Guide 4th Edition is to be released on 19th of November 2009 by Cisco Press, they are offering great discount do check Cisco Press web site for more details, but make sure you registered yourself to Cisco Press website to get more discount. Once the book released I will try to write a review on this book.
I am using Windows 7, since beta days and then now with RC release. Couple of week’s back I was attending a Seminar “Introducing Windows 7” organized by Microsoft for their partners. I did asked few questions; one of them was related to Windows restore and hibernation. I asked them if I have a complete Backup of my computer in my external USB hard disk, is it possible to restore Windows 7 and all applications in a new hard disk. The gentleman said it’s not possible. I was not convinced thought of testing myself.
First using the Systems and Security menu from Control panel I selected the option “Backup your Computer” and I selected I created a System Image in my External USB hard disk.
Then I created a System repair disk by using the menu “Create a system repair disk” from the Systems and Security menu from Control panel.
Once I am done with these things I replaced the existing hard disk in my laptop with a new one. Then I installed Windows 7 in my laptop, after completion of Windows 7 installation I restarted my laptop with the restore disk I created and I made sure my External USB hard disk is connected my laptop as well. I booted the laptop using the System repair disk and then I click next once I got this menu,
And then I selected the option “Restore your computer using a system image that you created earlier”
Then I selected the latest available system image which by default selected the image stored in my external USB hard disk,
If by change if the latest system image is not shown you always have an option to select the image manually. Once I selected the image file stored in my external USB hard disk I was able to restore my laptop with all applications and documents stored in my original hard disk. Cool utility that too GUI from Microsoft in Windows 7. For some reason I forget to take the backup of my contacts in my Microsoft Outlook 2007 so again I removed the new hard disk and replaced it with the original one. When I restarted the laptop with the original hard disk, the laptop started back from the Hibernation mode. As I forget to shutdown my laptop before starting this whole operation. It was hibernated with lot of open files and windows. Amazing isn’t it.
Yet another acquisition is planned by Cisco Systems. Cisco Systems is planning to buy advance wireless telecommunication equipment makers Starent Networks Corp for 2.9 billion dollars to boost its product offerings as phone carriers build out next-generation networks. This will be a second major acquisition this month for Cisco Systems after billion buyout of videoconferencing leader Tandberg for roughly 3 billion dollars.
According to a post in Cisco blogs, by acquiring Starent Networks Corp – Cisco Systems can expand their product portfolio in mobile internet market. As we all know the Emerging markets are seeing the success of Wi-Max technology. Surely this acquisition will help Cisco to broaden its presence in the Wi-Max area.
“The growth of smart mobile devices and net books has fundamentally changed consumer behavior with regards to how they use the Internet,” said Ned Hooper, Cisco’s chief strategy officer who also oversees the consumer business.
By first half of year 2010, the acquisition is expected to close. Until then Cisco Systems and Starent Networks Corp will continue to operate as separate companies. Upon completion of the transaction Starent Networks Corp will become the new Mobile Internet Technology Group led by Starent President and CEO Ashraf Dahod. Starent was founded in 2000 and completed its initial public offering in 2007. The company is based in Tewksbury, Mass., and has approximately 1,000 employees worldwide.
One of the leading Telecom operators in India, IDEA Cellular an Aditya Birla Group Company was able to shift two million daily calls from live agents to a self-service voice portal that increased customer satisfaction and reduced average hold by using the Cisco Unified Customer Voice Portal.
[kml_flashembed movie="http://www.youtube.com/v/UpZRSq-Rl2I" width="425" height="350" wmode="transparent" /]
With the use Cisco Unified Customer Voice portal, IDEA Cellular is catering more than 47 million customers. Yet another business success story by using Cisco solutions. The solution was implemented by IMB India.
During base lining or troubleshooting activity you may need to determine out the CPU Utilization of your Cisco router or Switch. While exploring to find out the top 10 ten CPU utilization process in a Cisco router, I discovered the sorted option of the “show processes cpu” command.
The sorted option is really a beneficial option in the “show processes cpu” command which can help you to find out the load of your Cisco router or a Switch over the last 5 seconds, 1 minute and 5 minutes. Starting in IOS 12.2 T, the “show processes cpu history” command gives a nice CPU utilization graph.
At times it is helpful to sort the processes by their percentage of CPU utilization. To do this you can use the show processes cpu sorted command as follows:
Some of the sample output is as follows
…. rest deleted……