Cisco cuts 4,000 jobs, Sourcefire not impacted

Cisco are apparently “rebalancing” their workforce by some 4,000 (5%) of their global headcount.

Despite relatively strong earnings figures, Cisco are pushing ahead with plans to eliminate a significant quantity of posts across the entire business portfolio. Exactly where the axe is to fall is currently not clear.

A recent Network World article suggests that the recent acquisition of SourceFire will not be impacted by this cull.

Barry Hesk
Intrinsic Network Solutions

 

Patch Tuesday: Microsoft has critical fixes for Exchange Server

Network World – Businesses will want to jump on patches that fix vulnerabilities to the gamut of Microsoft Exchange Server versions that are   flagged in next week’s Patch Tuesday alerts.

“This month’s remediation is all about the Exchange servers,” says Tommy Chin, a technical support engineer at CORE Security.   The critical alert affects all supported versions of Exchange Server – Exchange Server 2007 Service Pack 3, Exchange Server   2010 SP 2 and 3, and Exchange Server 2013, cumulative updates 1 and 2.

Chin says Exchange’s reliability is generally taken for granted. “However, what if all e-mail communications suddenly became   compromised?” he says. “For most organizations, this scenario is simply unacceptable due to the sensitive information contained   within today’s e-mail conversations.”

Ross Barrett, senior manager of security engineering at Rapid7, agrees. “If this is truly a remotely exploitable issue that   does not require user interaction, then it’s a potentially wormable issue and definitely should be put at the top of the patching   priority list,” Barrett says. Another critical alert, Bulletin 1, affects current versions of operating systems Windows 8 (and Windows RT) and Windows Server   2012, as well as earlier versions back through Windows XP and Windows Server 2003.

There are no details on what the exact vulnerabilities are but being ranked critical means they could allow code execution   even if the user doesn’t interact with the attack. Self-propagating malware and code execution without warnings or prompts   are exploits that fit this category. Examples include browsing an infected Web page or opening a malicious email.

“To me, Bulletin 1 is most critical,” says Ken Pickering, the director of engineering at CORE Security. “The last time I saw   an IE Remote Code execution of this caliber, I saw live malware exploiting it not too long after. People are getting good   at turning these IE vulnerabilities into web-based attacks.”

Bulletin 1 affects Internet Explorer from Version 6 to Version 10 as deployed on all Windows client operating systems from   Windows XP to Windows 8 including its ARM version, Windows RT. It also affects Windows Server 2003, 2008, 2008 RR2 and 2012.

Three out of eight bulletins this month are critical, possibly facilitating remote code execution on victim machines. The   rest of the bulletins are ranked important, two allowing elevation of privileges by attackers, two threatening denial of service   and one that could allow disclosure of information on the attacked machine.

Paul Henry, a security and forensics analyst at Lumension, notes that the bulleting count for this year so far is up seven   over last year at this time, but this year so far there are 10 fewer critical ones.

Barry Hesk
Intrinsic Network Solutions

UK average broadband speed rises

Repost of Computer Weekly article

Full Article Here

The average speed of broadband connections in the UK has reached 14.7Mbps, according to the latest report from Ofcom.

The telecoms regulator has published its bi-annual survey into fixed-line residential broadband speeds, which showed the figure had risen by 2.7Mbps in the six months to May 2013 and by 5.7Mbps when compared with the same period last year.

It also revealed that the number – which represents download speed – had more than quadrupled since the report began in November 2008, when it stood at just 3.6Mbps.

“With the average household now owning more than three types of internet-connected devices, consumers are demanding more than ever from their broadband service,” said Claudio Pollack, consumer group director at Ofcom.

“Internet providers have responded by upgrading customers to higher-speed services and launching new superfast packages. To help consumers make informed purchasing decisions, our report offers a useful insight into the actual speeds and level of reliability delivered by many of the broadband packages available on the market today.”

Measurement period
Average speed

November 2008
3.6Mbps

April 2009
4.1Mbps

May 2010
5.2Mbps

November/December 2010
6.2Mbps

May 2011
6.8Mbps

November 2011
7.6Mbps

May 2012
9.0Mbps

November 2012
12.0Mbps

May 2013
14.7Mbps

Source: Ofcom

Superfast broadband connections slow to rise

Although the adoption of superfast broadband packages, which Ofcom defines as connections over 30Mbps, rose during the period, it still stood at just 19% of all connections – up from 14% in November 2012 – despite the regulator revealing in March that at least 65% of the UK population had access.

The vast majority of broadband subscribers are on packages with speeds of up to 10Mbps – 86%, up from 76% six months ago.

Ofcom claimed the move to higher speeds was partly down to network upgrades by Virgin Media, which saw the speeds available over its cable connections double from 18Mbps to 34.9Mbps. But there was evidence consumers are choosing to move to speedier connections, with BT saying it had more than doubled its fibre customers in a year from 550,000 to 1.3 million.

Virgin Media was found to offer the fastest connection of the 14 internet service providers Ofcom examined, with its 120Mbps service providing an average speed of 112.6Mbps. Its 100Mbps offering brought in average download speeds of 88.8Mbps.

BT’s superfast 76Mbps package offered an average speed of 62.1Mbps, while PlusNet’s 76Mbps service delivered 61Mbps on average

Rural broadband gains speed

The report also showed the differences between speeds in urban, suburban and rural areas. Although there was a clear difference in the averages – 26.4Mbps, 17.9Mbps and 9.9Mbps respectively – rural areas showed the largest percentage increase to speed in the past two years, up by 141% compared to 103% for suburban areas and 95% for urban locations.

But Ofcom highlighted the difference between urban and rural had grown from 9.5Mbps to 16.5Mbps in the same period, due to the lower availability of superfast broadband connections in remote areas and the fact that homes were often farther from exchanges.

“We are yet to see the full effect of government measures to improve broadband availability in rural areas, which should also help to boost speeds,” added Pollack. “We also anticipate 4G mobile to have a positive effect on mobile broadband availability across the UK.”

Microsoft warns of Wi-Fi-related flaw that can expose Windows Phone credentials

Reprint of Network World article:

 

Network World – Microsoft has warned Windows Phone users of a security weakness in a Wi-Fi authentication protocol that, ironically, was designed to make Wi-Fi more secure.

In an Aug. 4 security advisory, the company said this known vulnerability could let attackers obtain, decrypt and reuse the domain credentials of a handset running Windows Phone 7.8 or 8, but only if the phone uses a specific authentication method: PEAP-MS-CHAPv2, for Wi-Fi Protected Access 2 (WPA2) wireless authentication.

The full name of the method, which combines two protocols, is Protected Extensible Authentication Protocol with Microsoft Challenge Handshake Authentication Protocol version 2. It’s apparently the Microsoft protocol that is the source of the vulnerability. The alert says that “Microsoft is not currently aware of active attacks or of customer impact at this time. Microsoft is actively monitoring this situation to keep customers informed and to provide customer guidance as necessary.”

It’s unclear how widely used MS-CHAPv2 is among Windows Phone users in particular, or among enterprise deployments in general. It was introduced by Microsoft in Windows NT 4.0 Service Pack 4. It has been widely used as the main authentication method for many of today’s PPTP virtual private network (VPN) clients.

Though its weaknesses have been known in the security community since 1999, they were decisively exposed a year ago at DefCon 2012. David Hulton and Moxie Marlinspike together demonstrated and released two tools that could reduce the handshake’s security to a single DES (Data Encryption Standard) key, and then crack it in less than a day via CloudCracker.com — a commercial online password cracking service. Marlinspike posted his detailed analysis at that site

According to the latest Microsoft alert, to exploit this vulnerability in Windows Phone devices, the attacker impersonates a known Wi-Fi access point. A victim handset automatically tries to authenticate to this fake. The attacker intercepts the victim’s encrypted domain credentials. Then, he exploits the cryptographic weakness in MS-CHAPv2 to decrypt the credentials. After that, the attacker impersonates the victim, re-using the valid credentials to authenticate himself to network resources. Once cleared, the attacker has that victim’s full set of on-network privileges.

There are two actions to counter this weakness, according to Microsoft, but one of them is to shut off the Wi-Fi radio in the phone.

The other is to configure a Windows Phone 8 device to require a certificate that verifies the Wi-Fi access point – making sure the access point is a legitimate one and not a phony – before launching the authentication process between access point and phone. To do that, the IT group creates a “root certificate” used to verify the access point, and emails it to all users.

Then it’s up to the user to walk through the next steps:

+ Delete the previously configured Wi-Fi connection

+ In “Settings, Wi-Fi,” tap “Advanced”

+ Tap and hold over the selected Wi-Fi network, and choose delete

+ Create a new connection and enable server certificate validation

+ In Wi-Fi settings, tap on the enterprise Wi-Fi network access point which will open a Sign-in page

+ Enter username and password; toggle “Validate Server Certificate” to On; tap to choose a certificate; in the list of certificates to select, pick the root certificate issued from Corporate IT (for example, “Contoso Corporate Root Certificate”), and tap Done

Barry Hesk
Intrinsic Network Solutions

Cisco exits Unified Comms Market Place for SME customers

Cisco exits Unified Comms Market Place for SME customers

24 July 2013

Buried in a a plethora of end of sale announcements issued by Cisco on the 22 July 2013, were a tranche of highly significant ones. Shuffling towards an ignominious exit are the UC540 and UC560 platforms, and also the Business Edition 3000 system.

Despite investing millions of dollars in product development of these platforms, Cisco have failed to achieve any significant market penetration. High cost, poor code quality and lack of user features have prevented these systems from being adopted in their targeted customer base of 100 seats or less.

Cisco’s own end of life statements for these products suggest that customers below 25 seats should effectively jettison Cisco and move to hosted providers. This strikes us as being another example of Cisco refocussing on its core Enterprise markets, and leaving resellers who were only a few months ago heavily encouraged by Cisco to target SMEs, in the lurch.

This is not an unexpected move by Cisco, however it will hugely disappoint customers and partners who have invested in these platforms and the associated certifications. It follows other products launched by Cisco with great fanfare being dropped soon afterwards.Any new products should therefore be looked at with care before being adopted.Like IBM in the 1990s, no longer is a Cisco badge on the front of a piece of equipment a guarantee of longevity.

For customers larger than 25 seats, Cisco recommends the Business Edition 6000. Not a truly integrated system in its own right, the BE6K simply bundles Communications Manager call control, Unity Connection voicemail, and optionally Presence and Contact Center Express all running on top of VMware. The price point is radically different (for different read higher, much higher), as is the complexity of the deployment.

With the spectre of Microsoft Lync haunting Cisco at every step, the future for Cisco’s entire UC platform seems under ever increasing amount of focus. Interesting times lie ahead definitely

Barry Hesk

Intrinsic Network Solutions