Sunday, June 30, 2013

Essential Network Tools For Your Phone or Tablet

For the past year, I have been asked several times to put a list together of networking tools I use in my everyday network engineering.  All of the tools listed below are listed on Google Play.  There may be a version for some of these apps on the Apple Store.  Some of thet tools do the same tasks as others, so you can choose which tool best suites your needs. 


Wigle Wifi is a android version for Netstumbler except better.  It will allow you to see a gps map of your where your access point is located.


Fing is a network mapping tool using ping.  You can change the network from wireless to wired  and It will tell you the device type on the network and allow you to do a port scan of that device.


Is network mapper with a basic set of ip tools.

Is a great tool for troubleshooting IP.  It has ping, NSlookup, traceroute, a port scanner and net scanner.  The developer of this app abandoned it, but it is still a nice app.


Is good at troubleshooting IP.  It has ping, NSlookup, traceroute and some other tools.


This tool test for any bandwidth or throughput issues on your network.


Need to trace an ip address to a country or ISP, this is your tool.


If you need wifi access point information, ip information, cell service information and GPS information all in one app, this is the one for you.  Highly recommended.

A great little ftp client to connect to secure ftp as well as SCP servers.


Do you need to connect to a teamviewer session on a computer?


Allows you to connect to any Spiceworks application server to get information on your network.


Great ssh and scp client that supports both ssh v1 and v2.


I still have need to do some old school ICQ chatting.


Great IRC client for connecting to a IRC server.


This software allows you to connect to your phone from any web browser and partially control it.  You can transfer files, send text messages all through a web browser.


Nice to have one in case you need it.


Need to attend a WebEx meeting but do not have your lab top, no problem use your phone or tablet.


Need to attend a GoToMeeting, no problem again, use your phone.


Studying for CCNA and need a little quick help, this has good information on all the basics.


Used for Cisco mobile learning


Did you forget how to use a command?  Just look it up.


Another great command line reference for Cisco.


Most of these apps will run on a android tablet with ICS or Jellybean.  Also some of these apps have a paid version which will add some more functionality.  I hope this list gives you some good ideas for apps to use on your phone or tablet.


Tom Pruett
CCSI #33112, CCNA, MCSE (NT, 2000, 2003), MCITP SQL 2005, MCDBA SQL 7 & 2000, MCP+1, MCT, CTT+, CISSP, CWNA, CEH, CHFI, A+, Network+, Security+

Big changes - Cisco updates ICND1v2 and ICND2v2 classes

It is said that with change, comes new opportunity.   Well in April of this year, Cisco announced an upgrade to the ICND1 and ICND2 courses.  This update was from version 1.1 to 2.  Cisco has always been very good at updating its’ courses due to changes in technologies and student abilities and expectations.

With the advent of Cisco revising ICND1 & 2, some major changes have taken place in the courses which will provide new and exciting opportunities for students.  In my opinion Cisco made these revisions because most current students entering Cisco training are more experienced with the network infrastructure. The new courses focus more on Cisco base routing and switching technologies and less on network infracture theory. 

In my opinion this is a great direction Cisco is heading in its training.  Since students have had exposure in their jobs to Cisco why not provide more hands on training.  It is not to say that the networking theory information is less important.  In fact it is vitally important in learning Cisco technologies.  Its just that today’s students have been exposed to this information in either other vendor training (ie. Comptia Network+, Microsoft) or have learned about it in everyday network experience.

So what are the new changes in the courses?

Here is a summary of the new version 2 of ICND1 offers:

1) Access Control Lists                       - previously in ICND2, for filtering ip protocol

2) No SDM gui                                   - replaced SDM with Cisco Configuration Professional

3) Vlans                                               - previously in ICND2, creating and managing

4) Vlan Trunking Protocol 802.1q        - need to know for managing VLAN traffic                       

5) Routing between VLAN’s                - no layer 3 switch routing, router on a stick

6)  NAT and the CLI                            - NAT is now configured with ACL’s in CLI

7)  DHCP configured in CLI                 - DHCP is no longer done with SDM

8)  Variable Length Subnet Masking      - previously in ICND2, conserve IP addresses

9)  OSPF single and multiple area          - previously in ICND2, replaces RIP

10) IPv6                                               - previously in ICND2

11) OSPFv3                                         - routing with IPv6

12) No wireless                                    - has been moved to CCNA Wireless

13) More troubleshooting labs               - better for understanding real world issues


Here is a summary of the new version 2 of ICND2 offers:


1) EtherChannel                                    -  creating redundancy in media

2) Hot Standing Router Protocol           - provides fault tolerant for default gateway

3) Load Balancing                                 - provides better throughput for traffic

4) ACL IPv6                                         - Access Control Lists using IPv6

5) EIGRP                                              - using EIGRP with IPv6

6) OSPF Multi Area                              - more from ICND1 on OSPF

9) GRE Tunnel                                       - an ip tunnel created between routers

10) Syslog, SNMP and Netflow             - management of routers and switches

So as you can see there is quite a bit of new information for both courses.  

One of the questions I have already been asked is “Where or how can I get some of that base network information needed for ICND1v2 if I am new to Cisco or do not have a lot of experience?”  My answer has been if possible to take Network+.  Yes, I know its a basic introduction to networking, however all of the concepts not covered in  ICNDv1 are covered in Network+.

Network+ provides a great opportunity for those who may be new to networking or do not have a great deal of experience with networking.  I realize it is an extra course for some, but I do think its invaluable.  I teach Network+ for Centriq and include a lot of information for those who are going into Cisco.  I am probably a bit biased in my Network+ training because I am a Cisco Certified Systems Instructor.  

I hope this update on ICND1v2 and ICND2v2 helps and I look forward to seeing you in class at Centriq.

Tuesday, May 7, 2013

Achieve Your Goals with StickK

Do you need help with a goal?  Would you like to be held accountable by a friend for that goal?  Do I have the website for you.

StickK.com  is a website that helps people achieve and maintain their goals.  StickK has been around for a couple of years however its not really that well know.  Its easy and free to sign up and use.  Here is how it works.  You sign up and then choose a goal you would like to achieve and your referee (the person holding you accountable) or add your friends to help support you.

One thing successful people do is make goals.  However when people make goals there is usually not a way to get support or have someone to help you be accountable.  You can also write journal entries about your goals each day to help you reach your goals.  IT folks might find this website particularly helpful in achieving those certification goals.

Tom


Wednesday, May 16, 2012

Part II – Security Policy, SMB - Security Is At The Forefront

For a lot of SMB’s a good security policy is the basis for a strong network defense.  However for those companies who have not designed and implemented a security policy within their organizations, security issues are lying in wait.

A security policy is the backbone and foundation for information security.  However in this day and age some SMB’s have ignored or not kept up with current security concerns and their policy or lack of policy may allow for a severe security breach.  This may in fact prove fatal for a SMB.

In Part II of my series for SMB, I am going to look at what makes a good security policy. 

1.  Executive Management Buy In

All security policies should begin with an executive management summary that includes the purpose, direction and approval of the policy.  This informs IT as well as employees that security is supported in all aspects of the business.  Security needs to be addressed from a top down approach when it pertains to support.  By supporting security initiatives from this approach employees know that security is not only implemented but supported at all levels.

2.  Policies

A security policy is actually a collection of different types policies put together to create one policy.  The other types of policies are created from different areas that need to be secured, such as identification, authentication, authorization and auditing.   Other types of policies would include a user access policy, password policy, vpn policy, remote access policy, wireless policy and acceptable use policy.  Each one of these policies would address a certain set of guidelines and procedures when implementing these technologies.

3)  Standards


Each policy will have standards of how the technology can be implemented.  Standards are important because they allow us to measure by a metric.  For example, if the password policy has a minimum length of 8 characters, then when we set passwords we have a value to measure if we have met the standard.

4)  Guidelines

As mentioned earlier, each policy may also have a set of guidelines.  Guidelines are helpful because they allow us to implement technology with variables that may differ from one area to another area.  Guidelines provide a range of values because if we set a standard it may not be appropriate for that technology.  An example of a guideline would be the types of hardware purchased for laptops.  No one laptop may fit all the needs so guidelines are put in place to ensure secure hardware is purchased.

5)      Procedures

These are the details that go along with every policy that explains the how, who, what and when of how the technology is implemented.  An example of a set of procedures would be how a Cisco wireless thin client would be installed and managed.

6)      Acceptable Use Policy

This is part of the security policy that informs everyone on how company assets and resources are to be used inside and outside of the company.  The acceptable use policy has guidelines, procedures and standards from how you can use a company laptop to where you can go on the internet.  It is important that companies ensure this is updated and employees are made aware of changes.

If you would like to get some more information of creating a security policy and download some templates for the creation of different types of policies try SANS: Information Security Policy Templates

Next month in part 3, I will be discussing how SMB’s can implement and improve security awareness. 

Thank you and if you have any questions during the series please feel free to email me at wpruett@centriq.com


Tom Pruett

Network Security Engineer/Senior Technical Instructor
CCSI, CCNA, MCSE (NT, 2000, 2003), MCITP SQL 2005, MCDBA SQL 7 2000, 2005, MCP+1, MCT, CTT+, CISSP, CWNA, CEI, CEH, CHFI, A+, Network+, Security+

Friday, March 30, 2012

Part I - Threats and Vulnerabilities, SMB - Security Is At The Forefront

SMB's share a lot of similarities with large enterprises when it comes to IT Security.  Those similarities include confidentiality of data, preventing unauthorized access and ensuring availability of data.  However, enterprises have the resources such as security personnel to ensure these objectives are achieved.  SMB's have the same threats and vulnerabilities except they may or may not have the the personnel or knowledge that these threats and vulnerabilities may even exist or that they may even be effected by them. 


In Part I of of my "SMB - Security Is At The Forefront" series I am going to explore the unique challenges presented by threats and vulnerabilities for SMB's.


I. Security Policies  - The Key

Whenever I do a security audit for a SMB, the first thing I find is the lack of a specific security policy.  I either find no policy or only a statement in the employee handbook about the AUP (Acceptable User Policy).  This is not enough in this day and age to ensure a secure environment.  First, the owner or owners need to understand that security is important and that their acceptance and support of a security policy is first and foremost.  A written policy explaining the policies, baselines, standards, procedures and who is responsible for security should be created so everyone understands what is to be expected with regards to security.


II. Patching Control

Most SMB's do not have a managed patching system.  By this I mean a centralized method of controlling when and what patches are applied to OS's and applications.  Most SMB's rely on Windows Update to individually update the OS, however it is up to the individual to ensure the updates are applied.  This can mean a workstation might not be updated and have a serious vulnerability.  A major component to a secure system is ensuring that all systems are up to date with the latest patches.  This includes a process that ensures that patches and updates are tested and rolled in a timely fashion.  This can be done easily and effectively by WSUS (Windows Server Update Service).  Also, ensuring a set of procedures to audit to ensure all systems are up to date is very important.

Weak Passwords

This is one of the biggest vulnerabilities for a SMB.  A lot of SMB's have weak password policies or none at all.  Employees are allowed to create passwords on their own for their workstations without any guidelines nor are they made to change them.  Also, in some cases there is no password on the system at all.   A strong password policy is crucial to securing a system.  All employees should be required to have passwords that are at least 8 characters, have a number and a character and should be changed at least every 45 days.

Default Accounts

The use of default accounts is also sometimes an issue.  By this I mean workstations have just a default account on them such as administrator or guest with no password.  This allows anyone to use the system with minimal or no controls creating a vulnerability whereas a hacker or employee could exploit the machine.

Physical Controls

Since most SMB's only have a few offices, there may not be a great need for locks and door security since this is usually done.  However security to the IT closet or where the servers are located needs to be addressed.  Normally having only a few devices does not negate the fact that all servers, routers, switches and firewalls need to be in a secure place and have limited access.


Wireless - Rouge Access Points, Weak Wireless Security

Sometimes SMB's will employ wireless solutions just as they would as if they were installing one at home.  This can be a serious concern because business wireless should not be treated like home wireless.  Business wireless should be concerned with getting connectivity with secure protocols and most importantly controlling access to the wired network.  Basic installation and lack of controls on the use of the wireless usually lead to a security breach.

Lack of Security Awareness

Owner and employees need to be aware of secure practices when doing their job.  All employees should understand the impact on the company if they are working on a computer regardless if it is connected to a network.  Having a good understanding of secure practices will help protect the company from most security breaches.

Next month in part 2, I will be discussing most specifics on how to create a SMB security policy.

Thank you and if you have any questions during the series please feel free to email me at wpruett@centriq.com


Tom Pruett

Network Security Engineer/Senior Technical Instructor
CCSI, CCNA, MCSE (NT, 2000, 2003), MCITP SQL 2005, MCDBA SQL 7 & 2000, MCP+1, MCT, CTT+, CISSP, CWNA, CEI, CEH, CHFI, A+, Network+, Security+

Sunday, February 12, 2012

SMB - Security Is At The Forefront

As a IT consultant to several SMB's (Small Medium Business), I talk to owners everyday about their needs and concerns about their IT infrastructure. Most of the time the conversation is about increasing productivity through the use of technology.  Right now the hot topic there is cloud technology.  They feel they need to be  more efficient with processes and avoid creating redundancy.  The one thing that is not a big topic is security.

No offense to SMB's but I am not sure that these owners are fully aware of what is really going on with cyber-security.  A lot of small and medium shops treat their IT security as if they have nothing to worry about.  Now I am not here to say that all of them are not security aware, however they read something in the news about a security breach at a large company but think that will never happen to them.  Hackers do not discriminate.  If you have data and a internet presence you are a target.

The key to SMB security is to synergize business objectives and productivity with security.  Just because you lock down your IT infrastructure does not mean you cannot do business.  You just have to find a way that works best for your company.  Its easy to be productive if you have no controls on the infrastructure, however its the lack of those controls that could produce a security breach or incident that will cause you not to be productive.   I believe there is a way for all of these areas to coexist.

SMB security has some challenges that are different from enterprise security.  Sometimes SMB IT personnel are great administrators but may be unaware of security threats that may exist.  They are in charge of a lot of areas for the business and there is no security department like in enterprise companies to help them. Therefore while they are solving business needs and doing day to day brake it and fix there is just not the time to maintain up to date security.

So what is a SMB to do?  Where do they start?  Over the next month and a half I am going to be exploring 6 key areas for SMB security. 

Key Areas of SMB Security


1) SMB Threats and Vulnerabilities

2) Security Policy

3) Security Awareness

4) Internet Access

5) BOD (bring your own device) Security

6) Auditing Administrative, Technical, and Physical controls


Hopefully if you are a SMB this series may get you to re-evaluate your security needs and have a better understanding of your security needs. 

Thank you and if you have any questions during the series please feel free to email me at wpruett@centriq.com


Tom Pruett

Network Security Engineer/Senior Technical Instructor
CCSI, CCNA, MCSE (NT, 2000, 2003), MCITP SQL 2005, MCDBA SQL 7 & 2000, MCP+1, MCT, CTT+, CISSP, CWNA, CEI, CEH, CHFI, A+, Network+, Security+