web analytics
0

Exchange 2013 SP1 Architecture

Posted by nimda on April 22, 2014 in Microsoft, Tools

Exchange 2014 SP1 Server Architecture (Diagram)

New diagram includes integration with Sharepoint and Lync.

Closeup detail of ports and other information on adjacent platforms.

Exchange Integration

0

What’s coming in 2014?

Posted by nimda on February 17, 2014 in News

Things have been extremely busy over the last couple of years. I am working on finishing up school along with developing a stable and successful career in Cyber Security.

> Platforms Page – Launched in late 2013 and now receives 5K visitors per month. Looking to add a wealth of platform specific information here and clean up the format.

> Threat Analysis – Articles and specific threat information uncovered during various types of research.

I am looking to get away from general news stories as I have increasing become more of a platform person than generalist. The site needs some major work and and I’d like to continue expanding on the platforms. At some point I should be able to cover the necessary information to make it a one-stop-shop for Firewall and Security devices.

If you have any ideas or would like to contribute, drop me a line.

We have Fortune 1000 companies and people from ALL over the world visiting this site. They need platform data in a pinch to get a critical job completed and my expertise can help fill in that gap.

Check it out http://platforms.infostruction.com.

Sonicwall, Cisco ASA, Checkpoint, Juniper, Palo Alto, Fortinet and many more!

 

Regards,

Matthew

0

Protecting Small Business Banking

Posted by nimda on August 13, 2013 in News

Brian Krebs recently wrote an article titled “$1.5 million Cyberheist Ruins Escrow Firm” who details a cyberheist that put a California escrow firm out of business. This article details the activities of an unknown group of individuals who diverted funds away from a legitimate organization by way of a computer trojan installed on an an account computer.

Businesses: I’d recommend picking up the phone and calling the bank you use. Ask questions, have documented conversations regarding security precautions. If they do not offer the necessary protections, expose it and make a decision. Commercial accounts are not FDIC insured and from what I know only a single digit number of banks are covering deposits lost in this manner.

The bottom line is Banks need to start protecting the money or they might find it will be going out to entities in foreign countries much faster than it will be coming in.

An interesting read from the SANS Reading Room can be found here “Protecting Small Business Banking” and covers a broad number of Banking Fraud related topics with a deep dive into the mechanisms used to exploit banking customers. This is a good read and I would high recommend reviewing the paper.

A number of topics are covered including:

Risks to the Small Business

Lack of FDIC Insurance

Banking Site Security

Attack Vectors (Zero Day Vulnerabilities, Trojans)

Securing systems using Third Party Tools (Trusteer Rapport)

The future of fraud trends is discussed with regard to digital transactions and authentication measures used by banks.

 

Abstract:
Online financial transactions are increasing exponentially; online attacks that attempt to capture credentials, intercept information, and divert f unds from small businesses are as well. Small business owners are being increasi ngly targeted for financial base d online crimes. Even worse, they are typically ill prepared and unable to take appropriate actions against the perpetrators of these crimes to recoup their losses. The current legal environment in the United States leaves these small businesses and thei r owners without the ability to obtain reimbursement from banking institutions resulting from these losses as well as unable to take the necessary legal actions against their attackers. It is therefore imperative to investigate ways to provide protection from these risks, and balance the needs of the business to continue to engage in online financial transactions.

(Protecting Small Business Banking – http://www.sans.org/reading-room/whitepapers/ecommerce/protecting-small-business-banking-34277 6/20/2013)

 

Featured Resources 

Additional Resources

Tags: , , , , ,

0

U.S DISA overhaul plans to eliminate Firewalls

Posted by nimda on July 5, 2013 in News

firewall

                                     U.S DISA overhaul plans to eliminate Firewalls

 

In a comment to the armed forced media, the U.S Defense Information Systems Ageny (DISA) is planning an overhaul that could mean the end for conventional firewalls.

US Airforce Lt General Ronnie Hawkins Jr. was quoted as saying that that the US military’s IT service wanted to move from a mesh of firewalls towards a design based on protecting data instead of packets.

In the past, we’ve all been about protecting our networks—firewall here, firewall there, firewall within a service, firewall within an organization, firewalls within DISA. We’ve got to remove those and go to protecting the data. You can move that data in a way that it doesn’t matter if you’re on a classified or unclassified network, depending on someone’s credentials and their need to know,” he declared.

“We want to be able to normalize our networks to where you can have the collaboration and information moving over our networks and you don’t have to have the different firewalls, the separate networks, to get those things done,” he added. Additionally, the department can realize significant savings in instrumentation—for example, by moving from “hard phones” to “soft phones,” he said.

“Yes, firewalls are important. They help solve network security problems by creating barriers that prevent unwanted network access. But they do not control data access,” he said.

That’s why I find DISA’s new approach so fascinating. It’s based on the realisation that the threats have changed. Hackers want data like IPs, PINs, credentials, proprietary information, and more. And it’s very easy for them to steal data due to poor security controls or outright mismanagement.

Shteiman said he believed that DISA would most likely move to role-based data access, and content control, auditing and monitoring.

http://www.afcea.org/content/?q=node/11248

Tags: , , ,

1

Exchange 2013 Architecture & Visual Diagrams

Posted by nimda on July 2, 2013 in Microsoft

We are building up resources on the latest version of Exchange released by Microsoft which is 2013. At this time we are forming an article with basic visual diagrams and troubleshooting information. If you are running Exchange 2010, you will find other articles on this site for that platform.

 

Exchange-2013-transport-pipeline-mailflow

 

exchange-2013-diagram-topology-hub-transport

 

 

 

 

Exchange 2013 Ports

 

Exchange 2013 Architecture

Exchange 2013 Visio Files
Reference:

Exchange Network Port Reference
http://technet.microsoft.com/en-us/library/bb331973.aspx

Tags: , , , , , ,

Copyright © 2010-2014 Infostruction All rights reserved.
HighEndApparel.com.