AU Blogspot

The 2008 Global Information Security Workforce Study was recently released.  A total of 7,548 professionals in the field were surveyed.  The complete study can be downloaded at https://www.isc2.org/cgi-bin/content.cgi?category=510 

The most interesting headline from the study was the fact that 70 percent of all respondents reported that their own employees are the biggest threat to their organization’s security.  This is contrary to the common belief that organizations must throw most of their resources at the outside perimeter of the organization’s network to prevent outsiders from accessing their network.   

This premise is supported by a recent finding that email is now no longer the number one manner in which viruses access an organization’s network.  With the ease at which employers now bring in thumb drives, personal laptops and PDA’s.  Network security plans must focus on an umbrella approach that guards the entire network. 

Brad Rudisail
Computer Network Technician-Network Security Instructor
Ashworth University

 
                 Thanks to David K for permission to use this Photo.

Back in 2000, we were constantly told that the world was running out of IP addresses.  This was because IPV4, the IP standard we use for IP addresses only has so many mathematical combinations, thus there is a defined limit to the number of IP addresses that can be utilized.  Due to the wide spread use of IP in the world, a usage rate far beyond what the creators of IP ever visualized; the IT world was stressing out as to how to address the problem.  The solution was a new standard called IPV6 which introduced more bits into the addressing scheme.  In turn, millions of additional mathematical combinations were created, resulting in an equal number of additional IP addresses.   

Unfortunately, IPV6 is more complicated than its predecessor, requiring a degree of training for networking professionals.  We were told back then that IPV6 would be implemented by the middle of the decade and alleviate the crisis. 

Well guess what?  It’s 2008 and the world hasn’t run out of IP addresses which is why IPV6 is barely used in the industry today.  This is because of the wide popularity of NAT, Network Address Translation, which is used by most organizations that have a WAN presence.   

For those unfamiliar with NAT, Network Address Translation allows a single device, such as a router to act as an agent between the Internet (or “public network”) and a local (or “private”) network. This means that only a single, unique IP address is required to represent an entire group of computers.  This isn’t to say that IPV6 will wither on the vine.  As of right now, government offices are required to transition to IPV6 within the next couple of years and other organizations are planning such an implementation in the future, but IPV4 is and will continue to be alive and well for some time to come.

Brad Rudisail
Computer Network Technician-Network Security Instructor
Ashworth University

   Thanks to NASA, ESA-Hubble Collaboration for permission to use Photo. 

One of the security weaknesses experienced with laptops and other portable computer devices for many years is the simplicity in which their drives could be compromised if the device is stolen.  This was especially true before Windows XP and Windows 2000 when a thief could simply install a second operating system on the laptop, logon to the new operating system and gain admin rights to all the data on the drive. 

Windows XP and Windows 2000 introduced EFS, Encryption File System, which allowed users to encrypt files of their choosing.  Because the encryption was centered on an encryption key based upon the original operating system, an intruder couldn’t access that file simply by accessing it through another operating system.  However, this required the user to individually encrypt every file or folder in order to protect all of their data.  Needless to say, the majority of users failed to do this.   

Microsoft has introduced a new technology called BitLocker with Windows2008 and premium flavors of Windows Vista.  BitLocker encrypts the entire drive, including the Windows system files necessary for startup and logon, which could give an intruder the ability to discover passwords and logon information.  What’s more, BitLocker utilizes a feature called Integrity checking which analyzes the early boot components and helps to ensure that data decryption is performed only if those components appear unmolested and that the encrypted drive is located in the original computer.  This prevents thieves from stealing your hard drive and putting it into another computer to access the data. 

It will also make it much easier for organizations to recycle old computers as they will not have to worry about erasing data on machines being decommissioned as the drives will be inaccessible.  BitLocker is a great new addition to the Windows operating system and should be implemented by any organization or individual that works with sensitive data.

Brad Rudisail
Computer Network Technician-Network Security Instructor
Ashworth University

              Thanks to Jamie Hladky for permission to use this Photo. 

You have to learn how to crawl before you learn how to walk, but once you learn a foundation of IT skills in Ashworth University’s information technology programs and anchor yourself in the IT labor force, here are the ten hottest tech skill sets you should aim to learn in the next five years according to Tech Republic.

1. Voice over IP - sales of pure IP PBX systems for the first quarter of 2007 increased 76% over the first quarter of the previous year 
2. Unified Communications - the convergence of different communications technologies, such as e-mail, voicemail, text messaging, and fax 
3. Hybrid Networks – Networks are no longer all Windows or all Linux, they are a hodgepodge of different systems and IT pros need to learn more than one of them.   
4. Wireless Technologies – everything’s going wireless it seems.    
5. Remote User Support – with more employees working off-site today, help support personnel must provide remote support to anywhere. 
6. Mobile User Support – more and more organizations are providing blackberries and other smart portable devices for their employees that must be supported. 
7. Software-as-a-Service – or SaaS as it is referred to in technical articles.  With the popularity of Web 2.0, the trend is to now provide software applications over the Internet rather than installing them on each and every computer. 
8. Virtualization – With the dominance of VMWare and the soon to be released 2008 Virtual Application from Microsoft, virtualization is THE buzzword today along with its countless benefits. 
9. IPv6 – Although this standard has not grown in popularity as of yet, mostly because the wide usage of NAT has allowed us to not run out of IP addresses on the Internet as fast as predicted, this standard is going to come about within the next five years.
10. Security - A skill set that will probably always be in the top 10. 

Brad Rudisail
Computer Network Technician/Network Security Instructor
Ashworth University

            Thanks to Donovan Mueller for permission to use this Photo. 

It’s standard practice that if you have an always-on Internet connection, then you should have a firewall, implemented in either hardware, such as a router, or in software.  But even if you are using a dial-up connection, you really need a software firewall to protect you from intrusions.  You would be surprised at the number of attempts to get into your PC a good software firewall will block on a PC using dial-up.  A firewall will also notify you of attempts to go out to an Internet website.  You can then allow or disallow the outbound traffic.  You would want legitimate programs such as Windows to access the company’s website for update purposes, but you’re safer to block any programs that you don’t recognize from doing so.  Be sure to check for correct spelling.  Say you have Symantec’s anti virus program on your PC and have set it up for automatic virus signature updates.  Your firewall will ask you whether you want to grant the program permission to go outbound.  But some malware could identify itself as Symantek.  Should you allow it to access the Internet, you could be in for an unpleasant surprise. 

Yes, it’s unfortunate that there are so many nasty things that can happen to your computer.  And thwarting such attempts can cost you time and money, but you really need to do this.  At minimum you need a firewall, an anti-virus program, and an anti-spyware utility.  You’ll also need to update the anti-virus and anti-spyware programs’ signature files at least once a week, as well as scanning with each at least once a week, more frequently if you are online daily.then you should have a firewall, implemented in either hardware, such as a router, or in software.  But even if you are using a dial-up connection, you really need a software firewall to protect you from intrusions.  You would be surprised at the number of attempts to get into your PC a good software firewall will block on a PC using dial-up.  A firewall will also notify you of attempts to go out to an Internet website.  You can then allow or disallow the outbound traffic.  You would want legitimate programs such as Windows to access the company’s website for update purposes, but you’re safer to block any programs that you don’t recognize from doing so.  Be sure to check for correct spelling. 

Say you have Symantec’s anti virus program on your PC and have set it up for automatic virus signature updates.  Your firewall will ask you whether you want to grant the program permission to go outbound.  But some malware could identify itself as Symantek.  Should you allow it to access the Internet, you could be in for an unpleasant surprise. 

Yes, it’s unfortunate that there are so many nasty things that can happen to your computer.  And thwarting such attempts can cost you time and money, but you really need to do this.  At minimum you need a firewall, an anti-virus program, and an anti-spyware utility.  You’ll also need to update the anti-virus and anti-spyware programs’ signature files at least once a week, as well as scanning with each at least once a week, more frequently if you are online daily.

Dave Ronan
Computer Training Instructor
Ashworth University

The threat of “cyber-terrorism” still strikes many as abstract, a symbolic fear first represented in seminal works such as William Gibson’s Neuromancer, followed by an explosion into pop-culture fantasy through the Wachowski Brothers’, “The Matrix.” While these dark visions of man’s accelerated move towards techno-slavery have certainly colored our perspectives, the reality of cyber-terrorism has existed since the 1950’s, when state secrets were first buried in dense programming language instead of manila folders labeled “top secret.”

Behind the curtain, the borderless battlefield is virtual and the threats are as imposing as those posed by nuclear weapons. After all, launch codes are just that—codes that are developed, stored, distributed, and controlled within cyberspace. The following podcast interview features Bruce Hoffman, a cyber-terrorism expert who outlines the precise nature and ominous implications posed by this threat. Mr. Hoffman also presents us with an in-depth report on how the U.S. government has redirected its’ counterterrorism strategies. Do you see a future where the Internet is under government control? Let’s think inside the box and brainstorm on the possibilities. Thanks.

Ryan Rode
Interactive Services Manager
Ashworth University

 
              Thanks to Miguel Lopes for permission to use this Photo.

The architecture of cyberspace is interconnected, timeless, and invisible from the inside-out.  On the Ashworth University Blog, we’re not afraid of the matrix and try to share perspectives from around the world, just a 0 1 code, on the technology issues that influence how this network will evolve in complexity, and most of us would like that evolution to be open rather than closed in principle.  Earlier this year, the nation of Estonia was involved in what by any measure must be considered one of the most large scale and sophisticated “cyber attacks” in history, an attack that operated on several levels simultaneously, resulting in the virtual collapse of this nation’s electronic infrastructure.  Instantly, the fundamental question, “who did this?” was buzzing with elements of fear and conspiracy.  Did Vladimir Putin and Russia conduct this operation in the shadow of political revenge?  Was the attack the work of loosely connected and politically marginalized hackers who were sending their own message to an establishment attempting to exert increased state control over the Internet, i.e. you’re more vulnerable than you think and we’re waiting for your next move.  The following video consists of an interview with information security expert, Dmitry Skylyarov, in which he shares his inside perspective on what occurred and the big picture implications of what is perhaps the most misunderstood yet powerful of political weapons; the large scale, well conceived, organized, and executed cyberattack.  This is a must watch interview.  Click on the image above to watch this video.  We look forward to hearing your thoughts.

Ryan Rode
Interactive Services Manager
Ashworth University School of Information Technology

                   Thanks to פיקוס for permission to use this Photo.

If you are in the IT Field or considering getting into it, you don’t need rose colored glasses to see a promising future for yourself.  The Bureau of Labor Statistics recently reported that IT will be the fastest growing sector of our economy for the next ten years.  They also report that the three fastest growing jobs in the US are network system and data communication analysts, computer systems analysts and software application engineers.  In fact, in just about any top ten list, you will find IT has the most positions of any field.Now couple this tremendous growth with the following statistic:

The labor force for the 25 to 54 age group in IT will only grow at a dismal .2% between 2006 and 2016. 

Do you want to be in demand for the next decade?  Stay committed to your program studies and your hard work will pay off.  The bottom line is that it’s important to obtain as many skill sets as you can in the rapidly expanding IT industry.  If you need assistance with your lessons, I encourage you to reach out to me in the comments section of this blog.  I always look forward to hearing from my students!

Brad Rudisail
Computer Network Technician-Network Security Instructor
Ashworth University

 
         Thanks to Isaac Wayton for permission to use this Photograph.

IT has already been paying close attention to the green revolution as it applies to technology.  Last year, the Chief Network Engineer for Google came out with a startling quote, “If the performance per watt of today’s computers doesn’t improve, the electrical costs of running them could end up far greater than the initial hardware price tag.”  Consider that while a typical server in the 2000 consumed only 100W of power, the average server today consumes at least four times as much.

To compound this, the number of servers in networked organizations has expanded drastically in the past decade as the ccommon practice up to now for server management was to allow rack-mounted servers to run just one workload.  This is exemplified by a 2005 study by Stanford University that showed that Servers in the United States and their attendant cooling systems consumed 45 billion kilowatt-hours of energy in 2005. That’s more than Mississippi and 19 other states. 

Now factor in the exploding economies of China and India and the number of servers they are putting on line each day and one can easily recognize the strain on resources that the IT industry is levying on the world.  It leaders across the country are recognizing that the current network model is unsustainable in the years ahead under realistic budgetary constraints.  Energy consumption is one more reason why more and more organizations are turning to virtual servers, centralized storage and virtual or multi-user desktops. 

Brad Rudisail
Computer Network Technician-Network Security Instructor
Ashworth University

                 Thanks to Kit Cowan for permission to use this Photo. 

I had to go about shopping for a new KVM switch at my work to replace one that had gone bad.  This gave me the idea to write a short blog piece about KVM switches.  A KVM switch allows a user to control multiple servers or workstations with a single monitor and mouse/keyboard.  In a typical datacenter, each rack of servers will be connected to a KVM switch which has an assigned monitor/mouse/keyboard.  Because of KVM switches, organizations don’t have to purchase a monitor and keyboard/mouse set for every single machine.  This makes sense since users do not dedicate themselves to a server desktop as they do a workstation. 

Each computer is connected to the KVM switch with a special VGA or USB cable.  Higher end KVMs allow standard Ethernet cables to connect computers.  KVMs usually come in 4, 8 and 16 port versions, meaning that it can accommodate that many machines.  When a user wants to access a particular machine, he simply hits an assigned key on the keyboard to view a menu of the computers that are managed by that KVM.  He then selects the machine he wishes to view and the monitor then brings it up.  Imagine if you were downloading and installing Windows Updates on 8 servers.  You could pull up each server at a single monitor and complete the tasks without leaving your chair.

KVM switches are not utilized as much as they have been in the past due to the ease of tools such as Microsoft Remote Desktop which allows one to remote into any windows server at will and pull up the server desktop wherever they are in the world.  These remote applications due have one big limitation in that they do not allow a user to view the booting process of the server or access the BIOS as one normally is able to.  Unlike a KVM, if you reboot a machine while remoting into it, you lose your connection.  Because of this, KVM switches continue to be a valuable tool for networks today.

One of the biggest players in the KVM market is Avocent.  Visit their website at www.avocent.com to learn more about their product line and KVMs in general.

Brad Rudisail
Computer Network Technician/Network Security Instructor
Ashworth University