Fred Palma | Computer Scientist

Washington Post Staff Writer
Wednesday, May 6, 2009

The Pentagon is considering whether to create a new cyber-command that would oversee government efforts to protect the military’s computer networks and would also assist in protecting the civilian government networks, the head of the National Security Agency said yesterday.

The new command would be headquartered at Fort Meade, the NSA’s director, Lt. Gen. Keith B. Alexander, told the House Armed Services terrorism subcommittee.

Alexander, who is a front-runner to assume control of the command if it is created, said its focus would be to better protect the U.S. military’s computers by marrying the offensive and defensive capabilities of the military and the NSA.

Through the command, the NSA would also provide technical support to the Department of Homeland Security, which is in charge of protecting civilian networks and helps safeguard the energy grid and other critical infrastructure from cyber-attack, Alexander said.

He stressed that the NSA does not want to run or operate the civilian networks, but help Homeland Security improve its efforts.

“So if we develop something we’re going to use for the Defense Department, it makes no sense for [Homeland Security] to develop the same thing,” he said in a short interview after the hearing. “They can leverage it . . . We have great technical people. We can provide them the support.”

His remarks come as the White House is preparing to release a report based on a review of the government’s cyber-security initiatives. The cyber-command idea was raised in a letter last year by then-Director of National Intelligence Mike McConnell to Defense Secretary Robert M. Gates.

As proposed by the Pentagon, the command would fall under the U.S. Strategic Command, which is tasked with defending against attacks on vital interests.

The NSA, which drew fire for its role in the Bush administration’s program to monitor without a warrant Americans’ e-mails and phone calls, has “phenomenal depth and expertise far beyond what is there at DHS,” said Amit Yoran, a former top DHS cyber-security official now in the private sector.

But Yoran cautioned that the effort must be transparent. “DHS needs to be very, very cautious about its participation in a program like that because you could fundamentally erode the trust DHS needs in order to be successful in its broader security mission.”

Any effort involving the NSA that goes beyond protecting the military networks requires careful legal analysis, he said.

Alexander said a host of questions must be resolved for the military and intelligence community to broaden their partnerships with other entities. “What is the framework for sharing threat signatures that are classified? How do we do it at network speed so that it’s defensible? What’s that legal framework and what’s that operational framework? Those are areas that technically are easier to do than to set the legal framework up.”

Already, he said, DHS officials have been invited to see how the NSA runs its cyber-security, he said. The idea would be to formalize that partnership.

“We could say, ‘Here’s the path we’re going down,’ ” he said. “They can choose their own path, but at least they know one that’s been tried and the problems and issues we’ve had.”

To truly address the cyber-threat, the military must boost its partnership with the private sector as well as with DHS, he said at the hearing.

But the path forward has obstacles, he acknowledged. Say the NSA discovers a malicious computer code that an adversary is using, he said. If the government shares that classified information with, say, the antivirus industry, “how do we ensure that it’s not given out so widely that our adversaries have it?” he said.

Tags: Network, security by Fred
No Comments »

By Per Ola Andersson, HÃ¥kan Asp, Aldo Bolle, Harry Leino, Peter Seybolt and Richard Swardh From Ericsson Review No. 1, 2007.

The success of GSM to date has been nothing short of sensational. What is more, its future continues to hold great promise. However, two important challenges must yet be resolved to make GSM the mobile communications system for the “next billion users” and to guarantee the commercial success of its mobile data services: focus on low total cost of ownership (TCO), and deployment of enhanced GPRS (EGPRS) in every network. In addressing these challenges, GSM transport or backhaul constitutes one very interesting and dynamic area of development.

gsm_transport_web_Ericsson

Tags: Network by Fred
No Comments »

Display Current Config for all NIC’s: ifconfig

Display Current Config for eth0: ifconfig eth0

Assign IP: ifconfig eth0 192.168.1.2

Assign IP/Subnet: ifconfig eth0 192.168.1.2 netmask 255.255.255.0

Assign Default Gateway: route add default gw 192.168.1.1

Assign multiple IP’s: ifconfig eth0:0 192.168.1.2

Assign second IP: ifconfig eth0:1 192.168.1.3

Disable network card: ifconfig eth0 down

Enable network card: ifconfig eth0 up

View current routing table: route “or” route -n

View arp cache: arp “or” arp -n

Ping: ping -c 3 192.168.1.1

Trace Route: traceroute www.google.com

Trace Path: tracepath www.google.com

DNS Test: host www.google.com

Advanced DNS Test: dig www.google.com

Reverse Lookup: host 66.11.119.69

Advanced Reverse Lookup: dig -x 66.11.119.69

Tags: Linux, Network by Fred
No Comments »

Display Current Config for all NIC’s: ifconfig

Display Current Config for dc0: ifconfig dc0

Assign IP/Subnet: ifconfig dc0 inet 192.168.1.2 netmask 255.255.255.0

Assign Gateway: route delete default && route add default 192.168.1.1

Assign multiple IP’s: ifconfig dc0:0 192.168.1.2

Assign second IP: ifconfig dc0:1 192.168.1.3

Disable network card: ifconfig dc0 down

Enable network card: ifconfig dc0 up

Tags: Network, Unix by Fred
No Comments »

Display Connection Configuration: ipconfig /all

Display DNS Cache Info Configuration: ipconfig /displaydns

Clear DNS Cache: ipconfig /flushdns

Release All IP Address Connections: ipconfig /release

Renew All IP Address Connections: ipconfig /renew

Re-Register the DNS connections: ipconfig /registerdns

Change/Modify DHCP Class ID: ipconfig /setclassid

Network Connections: control netconnections

Network Setup Wizard: netsetup.cpl

Test Connectivity: ping www.fredpalma.com

Trace IP address Route: tracert

Displays the TCP/IP protocol sessions: netstat

Display Local Route: route

Display Resolved MAC Addresses: arp

Display Name of Computer Currently on: hostname

Display DHCP Class Information: ipconfig /showclassid

Tags: Network, Windows by Fred
No Comments »

Researchers in George Mason University’s Center for Secure Information Systems have developed new software that can reduce the impact of cyber attacks by identifying the possible vulnerability paths through an organization’s networks.

By their very nature networks are highly interdependent and each machine’s overall susceptibility to attack depends on the vulnerabilities of the other machines in the network. Attackers can take advantage of multiple vulnerabilities in unexpected ways, allowing them to incrementally penetrate a network and compromise critical systems. In order to protect an organization’s networks, it is necessary to understand not only individual system vulnerabilities, but also their interdependencies.

“Currently, network administrators must rely on labor-intensive processes for tracking network configurations and vulnerabilities, which requires a great deal of expertise and is error prone because of the complexity, volume and frequent changes in security data and network configurations,” says Sushil Jajodia, university professor and director of the Center for Secure Information Systems. “This new software is an automated tool that can analyze and visualize vulnerabilities and attack paths, encouraging ‘what-if analysis’.”

The software developed at Mason, CAULDRON, allows for the transformation of raw security data into roadmaps that allow users to proactively prepare for attacks, manage vulnerability risks and have real-time situational awareness. CAULDRON provides informed risk analysis, analyzes vulnerability dependencies and shows all possible attack paths into a network. In this way, it accounts for sophisticated attack strategies that may penetrate an organization’s layered defenses.

CAULDRON’s intelligent analysis engine reasons through attack dependencies, producing a map of all vulnerability paths that are then organized as an attack graph that conveys the impact of combined vulnerabilities on overall security. To manage attack graph complexity, CAULDRON includes hierarchical graph visualizations with high-level overviews and detail drilldown, allowing users to navigate into a selected part of the big picture to get more information.

“One example of this software in use is at the Federal Aviation Administration. They recently installed CAULDRON in their Cyber Security Incident Response Center and it is helping them prioritize security problems, reveal unseen attack paths and protect across large numbers of attack paths,” says Jajodia. “While currently being used by the FAA and defense community, the software is applicable in almost any industry or organization with a network and resources they want to keep protected, such as banking or education.”

Funding for this software development was provided by the defense, homeland security and intelligence communities, the FAA and Mason. Researchers in the Center for Secure Information Systems involved in the software development include Jajodia; Steven Noel, associate director; and Pramod Kalapa, senior research scientist.

About The Center for Secure Information Systems
Housed in the Volgenau School of Information Technology and Engineering, the Center for Secure Information Systems (CSIS) was established in 1990, as the first academic center in security at a U.S. university. One of the nation’s premier security research organizations, it is also a charter NSA Center of Academic Excellence in Information Assurance Education. CSIS maintains a dedicated full-time team of scientists and engineers with a wide range of expertise, including vulnerability analysis, network attack modeling, intrusion detection, penetration testing and related areas. The range and depth of experience of CSIS team members allows the center to understand and anticipate client requirements, and to formulate innovative solutions and build high-quality tools to meet those requirements.

About George Mason University
George Mason University, located in the heart of Northern Virginia’s technology corridor near Washington, D.C., is an innovative, entrepreneurial institution with national distinction in a range of academic fields. With strong undergraduate and graduate degree programs in engineering, information technology, biotechnology and health care, Mason prepares its students to succeed in the work force and meet the needs of the region and the world. Mason professors conduct groundbreaking research in areas such as cancer, climate change, information technology and the biosciences, and Mason’s Center for the Arts brings world-renowned artists, musicians and actors to its stage. Its School of Law is recognized by U.S. News & World Report as one of the top 35 law schools in the United States.
Source: gmu.edu

Tags: Network, security by Fred
No Comments »