Skip to main content


Showing posts from May, 2020

An overview of Software Defined Wide Area Networking (SDWAN) Security

This article is about software defined wide area network (SD-WAN) and specifically related to the context of information security. Encrypting communications Much has been said lately about end to end encryption in the context of online communications such as those associated with zoom . The expectation with SD-WAN is that it fulfill these requirements and it holds true for Fusion. It is possible to configure Wireshark to capture traffic from Linux nodes and this includes SD-WAN nodes. This is a great means of troubleshooting problems and it also highlights some of the cases where missing encryption can be exploited. Often the last mile is established across fibre or wireless operator networks. When troubleshooting why a last mile wasn't provisioned I captured traffic on the last mile using Wireshark. It turned out the operator has made a mistake and allocated the last mile on the wrong port. I was able to access the unencrypted traffic of a state operated enterprise (S


Would you like to be able to easily answer trivial questions such as how many unique prefixes are there in your routing table, or how many MAC addresses are there in the MAC tables across the network? How about more difficult questions, such as what changes did your routing table see between 10 pm and midnight last night, or which of your nodes have been up the longest, or which BGP sessions have had the most routing updates? How about being able to answer if your OSPF (or BGP) sessions are working correctly, or is all well with your EVPN? How about a quick way to determine the amount of ECMP at every hop between two endpoints? Do you wish you could easily validate the configuration you deployed across your network? Find out more about the project over at github over here .

Batfish An open source network configuration analysis tool

Batfish finds errors and guarantees the correctness of planned or current network configurations. It enables safe and rapid network evolution, without the fear of outages or security breaches.  Batfish was originally developed by researchers at Microsoft Research, UCLA, and USC. Many others have since contributed to it. It is currently maintained by Intentionet , who also offers Batfish Enterprise , a service that extends and enhances the core capabilities of Batfish. Find out more about the project over here .

Hackers Targeting Critical Healthcare Facilities With Ransomware During Coronavirus Pandemic

As hospitals around the world are struggling to respond to the coronavirus crisis, cybercriminals—with no conscience and empathy—are continuously targeting healthcare organizations, research facilities, and other governmental organizations with ransomware and malicious information stealers. Read the article over at the Hacker News over here .

Alert Fatigue Causes Operational Disruption, Machine Learning Calms the Chaos

If you spend time digging into the Machine Learning offerings from vendors today in the Telecom Service Assurance space, you will see that many of these vendors are positioning for significant replacement of the existing Service Assurance tools that require a completely new user front-end. While this might sound enticing, it does not focus on solving the underlying issue that Network Operation Centers face today. Instead it creates a waste of resources. Read the article over at The Fast Mode over here .

Cybersecurity Update: Malware Blacklist and Remote Desktop Vulnerabilities

The COVID-19 Cybersecurity Threat Intelligence League  was formed by  Ohad Zaidenberg last week, and has quickly grown into over 900 cybersecurity experts who are volunteering their time and experience to help healthcare organizations defend against the malicious Richard Lutkus is involved with the group and is helping with cybersecurity related legal issues that members have. As part of the FBI’s InfraGard Special Interest Group for Legal, Richard is helping information be shared between law enforcement (including DHS, FBI, etc.) and private sector organizations. threat actors. The group is comprised of malware researchers, white hat hackers, CISOs, cyber consultants, reverse engineers, coders, software providers, etc. Seyfarth’s own Read the article over at JDSUPRA over here .

Set Up OpenConnect VPN Server (ocserv) on CentOS 8/RHEL 8 with Let’s Encrypt

This tutorial is going to show you how to run your own VPN server by installing OpenConnect VPN server on CentOS 8/RHEL 8. OpenConnect VPN server, aka ocserv , is an open-source implementation of the Cisco AnyConnnect VPN protocol, which is widely-used in businesses and universities. AnyConnect is a SSL-based VPN protocol that allows individual users to connect to a remote network. Read the tutorial over at Kirelos Blog over here .

Remote spring: the rise of RDP bruteforce attacks

With the spread of COVID-19, organizations worldwide have introduced remote working, which is having a direct impact on cybersecurity and the threat landscape. Read the article over at Kaspersky over here .

Bob Marley & The Wailers - Three Little Birds