Security: May 2007 Archives

Storage Media Encryption launched by Cisco and RSA

By liam noonan on May 28, 2007 2:27 PM | | Comments (0)

A number of our BSc in IT Support students undertook research projects in the area of storage and encryption. Both these areas are merging in a number of different ways.

At EMC World in Orlando Cisco and RSA launched Storage Media Encryption. It runs on a Cisco Storafe Blade and uses RSA’s Key Manager technology to control access and deployment of encrypted systems.

Storage Media Encryption is being touted as an alternative to appliance-based approaches from Decru, NeoScale, Vormetric and CipherMax.

Initially, Storage Media Encryption will be available only for magnetic tapes. Cisco expects to roll it out by the end of the year. A subsequent release will extend it for use with other storage media.

Cisco will also offer an open API to develop key management.

The RSA Key Manager will ease deployment, management and operation of enterprise wide encryption. It is used to generate, store and broker access to cryptographic keys, and manage their life cycle.

Network World

IPv6 Tabloid Headlines

By liam noonan on May 12, 2007 12:59 PM | | Comments (0)

I am used to reading tabloid headlines about security and the internet. IPv6 has now become the latest victim to this particular type of sensationalist journalism. The Register reports on a potential flaw in IPv6 which if we are to believe could mean the end of the world.

IPv6 supports an extension header concept called the Type 0 Routing Header (RH0), which allows computers to tell IPv6 routers to send data by a specific route. My 3rd year datacomms students would tell you that this is known as strict source routing it is also supported in IPv4 in the TOS field of the header.

So what's the fuss about? Well during a presentation at the CanSecWest conference on 18 April, researchers Philippe Biondi and Arnaud Ebalard pointed out that RH0 support allows attackers to amplify denial-of-service attacks on IPv6 infrastructure by a factor of at least 80.

"In rough terms, it makes everything we thought was bad, a thousand times worse," Paul Vixie, president of the Internet Systems Consortium, said in an email interview with SecurityFocus. "It can be exploited by any greedy Estonian teenager with a $300 Linux machine."

Now this is bad piece of PR on several fronts, a basic networking property is being hyped and Estonia is being bashed.

Could a greedy capitalistic American Kid attempt this?
Is Paul Vixie stating that only the Estonians have the ability to use IPv6?

Well I have news for you Paul, you better add Irish graduates to your list of potential list of IPv6 network hackers as they know how it functions.

« Security: May 2005 | Main Index | Archives | Security: June 2007 »

Search

About this Archive

This page is a archive of entries in the Security category from May 2007.

Security: May 2005 is the previous archive.

Security: June 2007 is the next archive.

Find recent content on the main index or look in the archives to find all content.

Security: May 2007: Monthly Archives

Influenced by:

Irish Eyes
Jabit
Mike Maunsell
Buzzblog
Tom Raftery I.T. views
Damien Mulley
James Corbett (Eirepeneur)
Powered by Movable Type 4.12