Info Sharing Blog

Friday, September 21, 2018

Cisco FTD error : This device does not support local management.

September 21, 2018 Posted by jaacostan , ,
Issue: Cisco FTDv is not allowing the administrator to add a local manager and throwing the following error.
"This device does not support local management."
Solution/Explanation:
Because virtual devices do not have web interfaces, you must use the CLI to register a virtual device to a Cisco Firepower Management Center, which can be physical or virtual.
 From your FTDv CLI, add the FMC IP and the registration key (don't forget this key)
On FMC , Add a new device. You enter the FTD IP in the host field and the same registration key.
Click on Register to add the device and start managing the device from FMC.

Sunday, September 16, 2018

BEING A FIREWALL ENGINEER : AN OPERATIONAL APPROACH

September 16, 2018 Posted by jaacostan , ,

BEING A FIREWALL ENGINEER : AN OPERATIONAL APPROACH

A Comprehensive guide on firewall management operations and best practices
Available on Amazon.
Kindle Edition : https://www.amazon.com/dp/B07HDJDG6R
Paperback : https://www.amazon.com/dp/172374297X
Understand different firewall products and the Packet-flows. Hardening and best practices of firewall management with real world example. Get familiarize with Change management and understand how to incorporate change management process in to firewall management operations.

This book give you a broad overview on Firewalls, packet flows, hardening, management & operations and the best practices followed in the industry. Though this book is mainly intended for firewall administrators who are in to operations, this book give a quick introduction and comparisons of the major firewall vendors and their products.
In this book I have covered the following topics.
•Various Job roles related to Firewalls.
•What makes you a firewall expert?
•Know the major firewall vendors and their models.
•Understand the packet flow or order of operation in each firewall.                      .Buy Now
•Understand the different types of firewalls.
•Understand the daily tasks of a firewall administrator
•Understand device hardening.
•Guidelines on hardening the firewalls.
•Explains major hardening standards and compliance.
•Understand Change Management process.
•Illustration on How to make a firewall change (incorporating Change management process) with a real world example.
Note: This book is not a configuration guide.


Saturday, September 15, 2018

Google is shutting down "Inbox by Gmail".

September 15, 2018 Posted by jaacostan

Google is shutting down "Inbox by Gmail".

"Move from lnbox to Gmail
As Gmail continues to improve, we’re working to bring the best features over from Inbox. In the new Gmail, you’ll find workflows that are similar to your favorite ones in Inbox.
Support for Inbox will conclude in 2019."

Read official statement guide: https://support.google.com/inbox/answer/9117840

Sunday, July 29, 2018

Non-Sense or Over-Confidence? TRAI chairman's personal data leaked after he threw the Challenge

July 29, 2018 Posted by jaacostan , ,
So finally some proof has been shown on personal data leakage to the Indian Bureaucrats . As per Government of India, "There is nothing called absolute right to privacy" and the privacy “should be subject to reasonable restrictions.” Read my previous post on Why India needs a Stringent Data Privacy Law? Here.
Citizen's personal data has been shared with various organizations those are in sectors like Telecom, Service, retailers, E-commerce etc. In my opinion, before implementing the data sharing, the government must implement some data privacy laws and standards like the European GDPR in India. Once it is implemented and audited properly for the compliance, then the government can consider about data sharing. Currently there is no stringent laws and policies on data leak. The penalty is there for a few clauses but considering the value of the data, the penalty is negligibly small.
The Reply came within hours , Sweet Sour !!!


The TRAI chairman challenged A french security expert named Elliot Alderson on Aadhaar Data by sharing his Aadhaar number on twitter. Today, on 28th July 2018, Mr.Elliot exposed the TRAI chairman's personal information in a series of tweets. Though it is not sure on how he has obtained his personal information, he was able to get the victims data so quickly. I personally believe that he might have obtained the data through some public sources/websites and not by hacking UIDAI.

However, this is a very serious issue on data privacy especially lacking of a stringent Data Privacy law.We have been seen a series of such leaks and unauthorized usage of citizens data by some E-commerce/Telecom companies. Even there was an incident on data leak from a government website itself.

When it comes to Information security Governance, there are two major factors. Due Care and Due Diligence. In my personal opinion, both factors are violated here. There is no Privacy for the data which is shared to the government and other private sector companies and there is no due diligence from the government and the organizations on providing privacy and security for the data. Until the implementation of a Data Privacy law with Stringent penalty and punishment, the citizen's personal data can be considered as public.
Also the citizens expect an explanation from the Government on this incident and data security.


Thursday, July 26, 2018

Part 2-InfoSec Scribbling : ISO/IEC 27001:2013

July 26, 2018 Posted by jaacostan , ,
:: InfoSec Study Notes : Scribbling on ISO/IEC 27001:2013 Standard Part-2:: 

Context of the Organization

The organization needs to identify the Internal and external issues that can affect the expected outcome. Hence context becomes an important consideration and helps to ensure that the ISMS is designed and adapted for your organization.

-External Issues-external to the organization

    External issues may include:
    government regulations and changes in the law, Political conditions
    economic shifts in your market
    Partner,Vendors and competitor.
    events that may affect your corporate image
    Trends and changes in technology

-Internal issues-within the organization and under direct control of the organization.

    Internal issues can include :
    regulatory requirements for the organization
    strategies to conform to your policies and achieve your objectives
    relationship with your staff and stakeholders, including partners and suppliers
    resources and knowledge including people, processes, budget, technology etc.
    assets
    product or service
    standards, guidelines and models adopted by the organization

-Interested parties and their needs and expectations.-client, end-users, employees, partners, suppliers etc.

 When developing your ISMS, consider interested parties that can affect the organizations':
 -ability to consistently provide a product or service that meets your customers' needs and any statutory requirements and regulations
-ability to enhance customer satisfaction and standards/regulations.

-Document Everything.

For internal issues, document the relevant ones as part of the organization's information security objectives and results of the risk assessment, and maintain records of the competence of your employees.
For external issues, it is mandatory to have a list of relevant legislative, statutory, regulatory, and contractual requirements;.

Scope of ISMS

-The scope should be documented.
-Scope means where are you going to plan/implement the ISMS and what you are trying to protect. This document clearly define the boundaries of the Information Security Management System (ISMS).
-The organization should define the scope of its ISMS in relation to its business needs, the structure of the organization, its location, its information assets and its technologies.

Tuesday, July 24, 2018

Part 1-InfoSec Scribbling : ISO/IEC 27001:2013

July 24, 2018 Posted by jaacostan , ,
:: InfoSec Study Notes : Scribbling on ISO/IEC 27001:2013 Standard Part-1::
 
ISO/IEC 27001:2013 is an information security management standard. Organizations use it to manage and control the information security risks, to protect and preserve the confidentiality,integrity, and availability of information, and to establish your information security management system (ISMS).

-Is a systematic framework to manage information security related risks and protect important information.
-Also consists of requirements for an ISMS Annex A- a list of control objectives and controls for information security.
-Annex A provides an essential tool for managing security. A list of security controls (or safeguards) that are to be used to improve security of information.
-In brief, the Annex A lists the following control objective. This is a very large list which have more sub-topics/controls.
    -Security Policy Management
    -Corporate Security Management
    -Personnel Security Management
    -Organizational Asset Management
    -Information Access Management
    -Cryptography Policy Management
    -Physical Security Management
    -Operational Security Management
    -Network Security Management
    -System Security Management
    -Supplier Relationship Management
    -Security Incident Management
    -Security Continuity Management
    -Security Compliance Management

ISO 27000 family of standards:

ISO/IEC 27001 –specifies the requirements for an ISMS
ISO/IEC 27002 –guideline for the implementation of the controls in Annex A
ISO/IEC 27000 – a general overview of information security and terms and definitions
ISO/IEC 27003 –general guidance for the implementation of an ISMS
ISO/IEC 27004 –advice on how organizations can monitor and measure the performance of their ISMS
ISO/IEC 27005 –guidance on risk management and
ISO/IEC 27006 –for audit and certification of ISMS
ISO/IEC 27007 - guideline on how to audit an ISMS
-sector specific -
ISO/IEC 27011 –application of security controls in telecommunication
ISO/IEC TR 27015 –information security management in financial services


Wednesday, June 6, 2018

Cisco Modular Policy Framework (MPF) : A brief Introduction

June 06, 2018 Posted by jaacostan , ,
Modular Policy Framework (MPF) configuration defines set of rules for applying firewall features, such as traffic inspection, QoS etc. to the traffic transiting the firewall
There are 3 main components in creating a MPF.
1) Class Map
Class map is used to identify the type of traffic. This can be done by creating an ACL.
2) Policy Map
Policy Map specifies what action the ASA should take against the traffic identified by the Class Map.
3) Service Policy
Finally Service policy specifies where to apply it. The policy is applied to an interface or Globally.

Sample Illustration

Consider the following Command lines.

access-list OUTSIDE-TO-INSIDE permit tcp any any eq ftp

<--- The above ACL will allow FTP traffic. This ACL can be different than the Interface ACL--->
class-map FTP-CLASS-MAP
    match access-list OUTSIDE-TO-INSIDE

<--- The class map FTP-CLASS-MAP will look for the FTP traffic based on ACL --->
policy-map FTP-POLICY-MAP
    class FTP-CLASS-MAP
        inspect ftp

<--- What action need to be done? here inspect the ftp. --->
service-policy FTP-POLICY-MAP interface outside
<--- Apply the policy in the outside interface --->



The above illustration is just an example. MPF enables the administrator to assign different network policies to different traffic flows in a flexible and granular manner.

Tuesday, June 5, 2018

Crossover or Straight-through Cable? Its Auto-MDIX

June 05, 2018 Posted by jaacostan , , ,
On older devices, we should choose the type of cables for connectivity. If it's same kind of device, then a crossover cable and if they are different, then a Straight-through cable. To overcome this inconvenience , there is a feature introduced on network devices , Auto-MDIX.
This feature automatically detects the required cable connection type for a connection. That is, whether to use straight or Crossover. If either one of the connection device supports Auto-MDIX, then no matter the device, you can use a crossover or a straight-through cable. It also needs the speed and duplex auto-negotiation feature being enabled on the device. 
In other words, with this feature enabled, the interface automatically corrects for any incorrect cabling.
And Automatic medium-dependent interface crossover (Auto-MDIX) is enabled by default (from IOS 12.2(20)SE on-wards).

Sample Manual configuration is shown below.

Monday, June 4, 2018

Top 5 Accounts : Review and Adjust your Privacy Settings

June 04, 2018 Posted by jaacostan , ,
privacy

So, May 2018 was a remarkable month in the world of data security. European GDPR is now in effect and almost all tech giants are adjusting themselves in order to comply with the data privacy standards.

I have consolidated the Privacy policies of the top 5 companies and the link for adjusting/controlling your data privacy. Review your privacy settings and control your own privacy.

Google

Privacy Policy : https://privacy.google.com/take-control.html
Adjust Privacy Settings : https://myaccount.google.com/intro/privacy

Facebook

Privacy Policy : https://www.facebook.com/privacy/explanation
Adjust Privacy Setting : https://www.facebook.com/settings?tab=privacy

Instagram

Privacy Policy : https://help.instagram.com/519522125107875
Adjust Privacy Settings : https://help.instagram.com/196883487377501

Yahoo

Privacy Policy : https://policies.oath.com/ie/en/oath/privacy/index.html
Adjust Privacy Settings  : https://policies.oath.com/us/en/oath/privacy/controls/index.html

Twitter

Privacy Policy : https://twitter.com/en/privacy
Adjust Privacy Settings : https://twitter.com/settings/account

Controlling your own public information on the internet is your own responsibility. Review your privacy settings frequently.

Saturday, May 12, 2018

CEHv10 Exam Blueprint : Effective 1st October 2018

May 12, 2018 Posted by jaacostan
 An exam blueprint is a break down the sections of the Exam Syllabus and makes it easier for the test taker to  prepare for the exam. It helps the test taker to understand how many questions in various areas of practice should go on an exam.

Effective 1st October 2018, EC-Council will be introducing a new version of the CEH exam blueprint and it is mentioned below.
CEHv10 blueprint

The current CEH blueprint is valid till September 30th 2018. You can find the current blueprint here :https://cert.eccouncil.org/images/doc/CEH-Exam-Blueprint-v2.0.pdf