Posts Tagged ‘Network’
Pennsylvania Man Indicted For Hack of Department of Energy Network
Last Updated on Thursday, 23 August 2012 10:14 Written by Celframe Security Team Monday, 12 November 2012 12:24
A Pennsylvania man was arrested yesterday after a Massachusetts grand jury issued a four-count indictment alleging that he hacked into computer networks belonging to the U.S. Department of Energy (DoE) and the University of Massachusetts and tried to sell access to a DoE supercomputer for $50,000 to an undercover FBI agent.
Andrew James Miller, a 23 year-old resident of the Philadelphia suburbs, was charged with one count of conspiracy, two counts of computer fraud and one count of access device fraud. The indictment claims that between 2008 and 2011 Miller and unnamed co-conspirators hacked into networks belonging to the DoE, U-Mass as well as private firms including RNK Telecommunications Inc. (RNK) and Colorado advertising agency Crispin Porter and Bogusky Inc. (CPB Group).
Indictment: Andrew James Miller
After gaining unauthorized access to these systems, Miller is alleged to have installed Trojan horse programs that gave him access to the networks which he and his co-conspitrators sold online.
Miller and his co-conspirators were discovered after they attempted to sell access to the victim networks to an undercover FBI agent. Specifically, the indictment details an IRC conversation between Miller and an undercover agent in which Miller exchanges access to RNK’s servers and a list of hundreds of user names and passwords for two payments of $500.00. Payment was to be made to Andrew Miller of Lancaster, PA, via Western Union. Miller later requested two payments of $600 via Western Union in exchange for a U-Mass database dump and $1,000.00 for access to CPB Group. At one point, Miller attempted to sell the FBI access to a supercomputer belonging to the DoE’s National Energy Research Scientific Computing Center for $50,000.
Miller could face five years in prison for the conspiracy count and one of the computer fraud counts and an additional ten years in prison for the second computer fraud count and the access device fraud count, which would then be followed by three years of supervised release and some $250,000 in restitution.
View the original article here
Tags: Department, Energy, Indicted, Network, Pennsylvania | Posted under Celframe Security | No Comments
Network of data visualization references
Last Updated on Thursday, 23 August 2012 10:14 Written by Celframe Web Team Saturday, 25 August 2012 01:22
Developer Santiago Ortiz explores visualization references through Delicious tags and puts them in a discovery context. There are two views. The first is a network with tags and resources as nodes. At first it looks like a giant hairball, but mouseover and you get a fisheye effect to zoom in on nodes, which makes them more readable. Mouse over a tag, and the labels for related resources get bigger, and likewise, mouse over a resource, and the related tags get bigger.
The second view lets you compare resources. In the network, select two ore more resources, and then click on the bottom button to compare the selected.
The rings represent tags and are placed by popularity for each resource, so a ring on the outside is a more frequently used tag than the smaller ones in the middle. Be sure to use your mouse wheel to zoom in on those lesser used tags. It’s kind of like heading down a vortex.
View the original article here
Tags: Network, references, Visualization | Posted under Web | No Comments
OpenFlow & SDN – Looking forward to SDNS: Software Defined Network Security
Last Updated on Monday, 12 March 2012 01:18 Written by Celframe Security Team Friday, 1 June 2012 02:29
As facetious as the introductory premise of my Commode Computing presentation is, the main message — the automation of security capabilities up and down the stack — really is something I’m passionate about.
Ultimately, I made the point that “security” needs to be as programmatic/programmable, agile, scaleable and flexible as the workloads (and stacks) it is designed to protect. “Security” in this contexts extends well beyond the network, but the network provides such a convenient way of defining templated containers against which we can construct and enforce policies across a wide variety of deployment and delivery models.
So as I watch OpenFlow (and Software Defined Networking) mature, I’m really, really excited to recognize the potential for a slew of innovative ways we can leverage and extend this approach to networking [monitoring and enforcement] in order to achieve greater visibility, scale, agility, performance, efficacy and reduced costs associated with security. The more programmatic and instrumented the network becomes, the more capable our security options will become also.
I’m busy reading many of the research activities associated with OpenFlow security and digesting where vendors are in terms of their approach to leveraging this technology in terms of security. It may be just my perspective, but it’s a little sparse today — not disappointingly so — with a huge greenfield opportunity for really innovative stuff when paired with advancements we’re seeing in virtualization and cloud computing.
I’ll relate more of my thoughts and discoveries as time goes on. If you’ve got some cool ideas/concepts/products in this area (I don’t care who you work for,) post ‘em here in the comments, please!
In the meantime, check out: www.openflow.org to get your feet wet.
/Hoff
Reminders to self to perform more research on (I think I’m going to do my next presentation series on this):
AAA for messages between OpenFlow Switch and ControllersFlood protection for controllersSpoofing/MITM between switch/controllers (specifically SSL/TLS)Flow-through (ha!)/support of OpenFlow in virtual switches (see 1000v and Open vSwitch)(per above) Integration with VN-Tag (like) flow-VM (workload) taggingIntegration of Netflow data from OpenFlow flow tablesState/flow-table convergence for security decisions with/without cut-through given traffic steeringService insertion overlays for security control planesIntegration with 802.1x (and protocol extensions such as TrustSec)Telemetry integration with NAC and vNACAnti-DDoS implications
View the original article here