Wednesday, January 21, 2015

ITIL Process

ITIL 2011 Process


  • Service Strategy
Objective: This process start an assessment what the customer needs and the market, then determine what services an IT organization will offer. The ultimate goal is to make to any IT company or organization to act in a strategic manner.

  • Service Design
Objective: This process focus in design new services, design the changes in existing services or improve them.

  • Service Transition
Objective: Build and deploy services designed for Service Design state, also make sure the changes in the services are carried out in a coordinate way without negative impact the business.

  • Service Operation
Objective: This is the day to day activity, to make sure the IT services are working effectively and efficiently. This include any user request, fixing problems and any failures. Also this include any operations task in the IT environment.

  • Continual Service Improvements - CSI
Objectives: This focus and continually improve the effectiveness and efficiency of the IT process and services, this process is continual.

Tuesday, December 30, 2014

Set static IP address Kali

Sometimes you need to configure your Kali Linux virtual machine with static IP address:

1. Go to /etc/network

2. nano interfaces

Now you will find the following text in the file:

#The primary network interface
allow-hotplug eth0
iface eth0 inet dhcp


3. Because this is temporary and will comment the dhcp part and set the static IP address:

# The primary network interface
allow-hotplug eth0
#iface eth0 inet dhcp

# Temp Config
iface eth0 inet static
address 192.168.16.14
netmask 255.255.255.0
gateway 192.168.16.1
network 192.168.16.0
broadcast 192.168.16.255

Notice I put in read where I set the difference and type the new ip address I want.

4. Lets restart the service:

service networking restart

5. Check the new IP address with ifconfig command.

Do you want to learn more about security and how to test your network security, please go to: http://www.thehost1.com/

Thursday, December 25, 2014

Security Algorithms for CISSP

Symmetric and Asymmetric algorithms to remember for CISSP:

Symmetric:

Data encryption Standard (DES)
Triple DES (3DES)
Blowfish
IDEA
RC4
RC5
RC6
Advanced Encryption Standard (AES)

Asymmetric:

Rivest, Shamir and Adleman (RSA)
Elliptic Curve Cryptosystem (ECC)
Diffie-Hellman
ElGamal
Digital Signature Algorithm (DSA)
Knapsack




Tuesday, December 16, 2014

Security Models CISSP

Points to review for CISSP exam, I took some notes from the Eleventh Hours (Eric Conrad), please read that book, this is just some points to remember, no explanation:

Bell-LaPadula Model


Focus: Maintain confidentiality of objects.

Mean: Not allowing users at a lower security levels to access objects in a different level or superior level.

Facts:

  • Simple Security Property: no read up
  • Security Property: no write down
  • Strong Tranquility Property: security level will not change while the system is operating.
  • Weak Tranquility Property: security labels will not change in a  away that conflicts with define security properties

Lattice-based access controls


For every relationship between subjects and objects they set defined upper and lower access limit inside the system.

This depend of the need of the subjects, the label of the object and the role the subject has been assigned

Biba Model



The militaries focus in confidentiality for that reason Bell-LaPadula works fine, for business integrity is VERY important, Biba address this.

Facts:

  • Simple Integrity Axiom: no read down. This protects integrity by preventing bad information from moving up from lower integrity levels
  • * Integrity Axiom: no write up: This protect integrity by preventing bad information from moving up to higher levels.

 

Clark-Wilson


This is a real world integrity model that protects integrity by requiring subjects to access objects via programs.

Clark-Wilson use two primary concepts:

  1. Well formed transaction
  2. Separation of duties
This model implement Integrity-monitoring rules and integrity-preserving rules.

Also use the Access Tripe rule

Chinese Wall Model (Brewer-Nash)


This is designed to avoid conflicts of interest:

Source: http://www.amazon.com/Eleventh-Hour-CISSP-Study-Guide/dp/1597495662

Do you want to learn more about security and how to test your network security, please go to: http://www.thehost1.com/

Monday, December 15, 2014

Windows updates failing to search updates

You will find very often from many forums to check services, firewall, etc, etc. Normally this always works for me:

From command prompt stop the services (just copy it):

net stop wuauserv
net stop Cryptsvc


Delete the following folders

C:\windows\SoftwareDistribution

C:\Windows\System32\catroot2

Start the services with command prompt:

net start wuauserv
net start Cryptsvc


Restart the machine and then check for updates.

 Do you want to learn more about security and how to test your network security, please go to: http://www.thehost1.com/


Virtual Machine losing connection Hyper-v 2012 with HP servers

Some virtual machines lose connection with the physical network or the virtual switch lose connection with the physical network, after you unplug the cable and plug it backup the virtual machine reconnect o after you reboot the host server

It happen to me with ProLiant DL360 Gen9 and ProLiant DL385p Gen8

After a lot of testing and research the only way at this moment is to run a command in power shell to sidable VMQ:

Get-NetAdapterVmq | Disable-NetAdapterVmq

This problem I got it with and without full updates., also I updated the HP driver for the network interface and still getting the problem

Tuesday, December 9, 2014

Type of Access control (CISSP)

Six access control:

  • Preventive
  • Detective
  • Corrective
  • Recovery
  • Deterrent
  • Compensating
The Access control can fit in the following categories:

  • Administrative
  • Technical
  • Physical

Preventing: The name is saying, prevent to something happen. For example some companies make some background checks, with this they can find out if a person is getting some economics or law problems and avoid hire somebody for a risky position.

For example, if somebody is getting economic problems and it is managing money or secrets, this person could get some money or sell some secrets, the background check will prevent to hire a person for this position.

Detective control: This detect something when is happening or after happen, like the intrusion detection system in a network.

Corrective: Correct some situations, like the antivirus detect a virus and try to clean the file or quarantine it.

Recovery: This control recovery after an incident, for example after a hard drive fail, or user delete some data, or a virus damage data, all this situations require to restore from backups, install OS, reconfigure, etc, etc to restore the functionality of the system or availability of the data.

Deterrent: This deter a user to do something, for example when you see signs like "Smile you are on camera" or "beware of dog" or "security on duty" etc. The user/attacker/person avoid to do something because he/she doesn't want to be catch or get problem in that situation.

Compensating: This compensate or complement the weakness in one area to full fill the missing part or make it stronger.