Recently, we decided to deploy an Ixia CloudLens instance in our lab to see what we could report on using Ixia’s IPFIX. Once I had Ixia running and sending flows to a lab environment, I was blown away by the level of reporting.
When it comes to cloud watching, you’re probably thinking that means laying outside in the sun watching clouds float by. That is a form of cloud watching, yes; however, the type of cloud watching I’ll be talking about today is monitoring your network clouds with NetFlow!
While we have supported Gigamon reports for a couple of years, we now leverage the SSL information pulled from Gigamon flows. This enables you to run a series of reports that provide context-rich SSL information.
Since I wrote my last blog on FireSIGHT integration, a lot has changed with Scrutinizer. We have a new WebUI, new reports, and our FireSIGHT integration now works differently. This, of course, means that the way we set up the integration is a bit different as well.
Recently I was visiting a customer on site when they mentioned they felt like they were not getting accurate information from their Cisco Catalyst 4510. Upon investigation, their flow record, monitor, and exporter all looked correct. Puzzled, my colleague and I took a look at Cisco’s website and found some interesting information regarding the configuration.
Eek! A rat! No, I don’t mean the cute, little rodent with the long tail; I mean the Remote Access Trojan. Trust me, I would much rather have the rodent near my computer than this Trojan. What does a RAT do, though? Exactly what the name suggests—it uses remote access to send data from the infected PC to a phone home location.
I will admit it—I am a helicopter aunt. As soon as my nieces and nephews got Kindles for Christmas, I was buzzing around trying to see what they were downloading. Thankfully, the kids in my life were just downloading Minecraft and apps associated with their favorite cartoons. These apps are usually pretty safe, but not all apps are harmless. Some can even infringe on your children’s online privacy.
Which Apps Are Bad Apps?
Not all apps are harmful. In fact, most apps built for children and teens are pretty educational and helpful. Most apps try to make learning fun or encourage creativity through art and coloring. So what makes a bad app bad? The first red flag would be anything that stores your child’s information. For example, if we go back and look at our blog Connected Christmas Toys and Your Children’s Data Privacy, apps that store your child’s voice and personal data are a bit sketchy and interfere with children’s online privacy. After some digging, I found that the company who makes the app for the Barbie Dreamhouse makes several other apps as well with a similar function.
We all know that’s sketchy and poses several security risks but what else is out there? Since I’m no longer a hip, young teenager I had to do some research on what was currently popular on the app store. I quickly came to the conclusion that anything having to do with communication and meeting new people had lots of downloads. While there is certainly no harm in making friends, cyber criminals are sneaky and can easily gather information even if they’re only given a snippet of personal info. During my searching, I came across a blog called,“The Worst Apps for Kids.” Admittedly, I rolled my eyes a bit about some of these (mostly because Vine doesn’t even exist anymore), but it brought up some good points. Apps such as YikYak, Kik, Whisper, Chat Roulette, and Omegle can be used to gather tidbits of information that are, in turn, used to gather even more information. Thankfully, most apps do not allow children under 13 to download their application (see the Children’s Online Privacy Act). As the article also stated, apps like Voxer that turn your phone into a walkie talkie are dangerous because they can be accessed by cyber thieves if location services are on. Aside from the obvious, “don’t talk to strangers” mantra, the other thing that stood out to me was what is listed in the privacy policies of each app. While most apps promise not to share your data with third parties, there were some apps that stated they may share your data. Much like how the Barbie Dreamhouse stores your child’s voice, these apps store the information your child provides and then share it with third parties. How about no?
So What Can We Do to Protect Children’s Online Privacy?
I was recently speaking with a customer about network security when he brought up a nasty botnet called the DressCode Trojan. Having never heard of this, he explained to me that it was a trojan that had made it’s way on to the Google Play app store. After doing some research of my own, I found that over 400 different apps had been affected causing thousands of Android phone users to become infected. While some companies do offer malware detection apps for Android phones not everyone knows these exist plus, botnets tend to remain dormant for some time causing the end user to not even be aware that their mobile device is infected. In a world where BYOD (Bring your own device) has become popular it is important to not only monitor for botnets and other forms of malware on your network but being able to monitor mobile devices is a must. With Scrutinizer, we can combine both security needs in one tool.
When it comes to network security there are dozens of factors that we always need to consider. Can we block malicious traffic? Are we able to prevent data from leaving our network? What about threats that come from inside the network? The list goes on and on. One additional thing to think about is secure authentication. If a user’s credentials become compromised that can pose a serious issue. Suddenly, someone on the outside now has the ability to log in and start sending data out. Furthermore, this bad actor now has access to business critical applications. The question then becomes, what can we do to make sure users are logging in to critical applications safely? In this blog, I will highlight how Scrutinizer now offers RADIUS authentication support for secure log ins.