The dangers of weak passwords on Social sites (Facebook / Linkedin)

0 comments

Posted on 9th March 2010 by admin in Barracuda Web Filter | Fortinet | Web Filter

Phishers Used Facebook to Penetrate Financial Firm’s Computer System (March 4, 2010)

Phishers used Facebook to burrow their way into the network of a large US financial company last year.

The attackers took control of one employee’s Facebook account and using information culled from that individual’s friends’ profiles, sent what appeared to be personal messages to several other company employees about pictures taken at a company picnic.

The phishers learned of the picnic through postings on the hijacked account.  When one of the other employees received a message asking her to click on a link that would allow her to view the pictures, her computer became infected with keystroke logging malware.

When that employee logged in to a VPN account to access the company network, the attackers were able to capture the necessary information to gain access to that network.  The intruders managed to get deeper into the network and take control of two servers before they were detected.

Original Story: http://lastwatchdog.com/facebook-phishers-breached-corporate-network/

Use a different hard password for each publicly accessible website service you use and be suspicious of links in e-mail even if they appear to be from friends.

Popularity: 1% [?]

Post to Twitter

Barracuda Web Site Firewall Garners SC Magazine Best Buy!

0 comments

Posted on 22nd January 2009 by admin in Network Security | Web Site Firewall

, , , , ,

From SC Magazine:

The Web Site Firewall Model 460 is an application protection firewall, which resides on a single appliance device. The tool recognizes attacks by monitoring network traffic to and from the web server. The default configuration for the device is to run in bridge mode, but it can also be installed in a routed mode. Bridge mode allows the device to inspect traffic bi-directionally to the web server without the use of an IP address. The routed mode is similar to a traditional network configuration, whereby a separate IP address is installed on each interface of the website firewall. This configuration can cause a few problems, which the bridge avoids.

For example, the 460 becomes an inline device, which can cause a central point of failure. For this type of deployment, we recommend using the 460’s redundant configuration. In the default mode, the tool does not stop network traffic if the unit fails. However, all traffic to and from the website would be blocked in the routed mode. The routed configuration is what is known as a “fail secure” configuration. This means that if the Web Site Firewall Model 460 does not explicitly permit the traffic, it will be dropped. The logging on the tool is performed via the syslog protocol. Several different types of events can be configured to send traffic to the syslog server.

As an integrator of many types of systems, the Web Site Firewall Model 460 in bridge mode has “goes in to” and “goes out of” ports. The installation and configuration are as simple as it comes. The entire installation and configuration guide takes up only a single piece of paper. Additional documentation covers the routing installation method, as well as very detailed explanations of the events which triggered alerts.

Support is offered through phone, email and a website. Email support is available 24/7 for all customers, and additional support is available for a higher fee. Barracuda also provides a website with a knowledge base, FAQ and live chat options for support.

The Barracuda offering is priced at $8,999 with no “per user” fees on top of that price. This puts the cost of the device at the lower end of the spectrum.

..end of SC Magazine story. To see the original article, visit SC Magazine.

Pricing and Availability

The Barracuda Web Site Firewall is available in three models: Barracuda Web Site Firewall 360, 460 and 660. U.S. pricing starts at $4,999. International pricing and availability varies based on region. For more information, please visit http://www.barracudanetworks.ca/website-firewall.aspx.

About the Barracuda Web Site Firewall

The Barracuda Web Site Firewall is a complete and powerful security solution for Web applications and Web sites.

The Barracuda Web Site Firewall provides award-winning protection against hackers leveraging protocol or application vulnerabilities to instigate data theft, denial of service or defacement of your Web site.

Many applications are vulnerable to such attacks because application developers do not consistently employ secure coding practices. Barracuda Web Site Firewall is designed to combat all attack types that have been categorized as significant threats, including:

  • Cross Site Scripting (XSS)
  • SQL injection flaws
  • OS command injections
  • Site reconnaissance
  • Session hijacking
  • Application denial of service
  • Malicious probes/crawlers
  • Cookie/session tampering
  • Path traversal
  • Information leakage

To learn more about the Barracuda Web Site Firewall, see the product information pages on BarracudNetworks.ca.

Popularity: 42% [?]

Post to Twitter

Google Acting Slow?

9 comments

Posted on 9th December 2008 by admin in Web Filter

(An interesting article by Joel Esler, published on the Internet Storm Center):

Everyday we receive about 20 reports of “www.xwebsitehere.com” being slow.  Today we’ve received a few reports about Google being slow.  One reader (thanks Neal) even wrote in to say that after he did some monitoring on his connections, he isolated it down to “pagead2.googlesyndication.com”.  Obviously, from the hostname being one of the servers that serves ads to lots of websites. 

Neal stated that after he blacklisted this hostname, his browsing went back to normal.  Anyone else experiencing similar?

(Yes we have received several reports of Google being slow, I’m asking if you can replicate the “pagead2″ issue.)

 Update:  We haven’t heard any more about this today, so, I’m not sure of the end result.  Personally, if my Google Ads are a little slow in loading…  I’m not sure I mind much.

Update 2:  We just received an email from a reader in Denmark, using Everydns.net, is having his Google DNS queries redirected to a Yahoo server.  No more info than that at this time.

– Joel Esler http://www.joelesler.net

 

Popularity: 100% [?]

Post to Twitter

Barracuda Web Filter Firmware Release 4.0 Now Available

0 comments

Posted on 19th November 2008 by admin in Barracuda Networks | Featured | Network Security | Web Filter

, , ,

Barracuda Web Filter firmware release 4.0 is now generally available to all customers.  This major release includes powerful new features and enhancements, including:

  • Support for Cisco WCCP v1 and v2 enabled routers/switches; allows forwarding of HTTP traffic via a single WCCP-enabled router.
  • Integration with the Barracuda Control Center (BCC); enables administrators to control multiple units from a single location.
  • Expanded Reporting Capabilities; offers 8 new time-based reports including “Top Users by Session Time” and “Top Domains by Session Time.”

To view detailed firmware release notes, click here.

Popularity: 73% [?]

Post to Twitter

Barracuda Networks Acquires BitLeap; Launches Integrated Local and Cloud-Based Backup Solution

0 comments

Posted on 6th November 2008 by admin in Barracuda Backup Server | Barracuda Networks | Featured

, , , , , , , , , , , , , , , , , , ,

Barracuda Backup Combines Local and Offsite Data Backup for Affordable Disaster Recovery Solution

Barracuda Networks Inc. today announced it has completed the acquisition of BitLeap, an innovative provider of local and offsite data backup and disaster recovery solutions.  As part of the acquisition Barracuda Networks will now offer Barracuda Backup, a complete and affordable data backup and disaster recovery solution, to customers of all sizes and business types. 

“BitLeap developed a compelling technology and services platform for delivering a unique backup solution to the market,” said Dean Drako, president and CEO of Barracuda Networks.  “We believe that the combination of the trusted Barracuda Networks brand, our customer-centric business approach, as well as our extensive worldwide channel reach will enable us to offer an affordable backup solution to our current customers and to mainstream businesses of all sizes.”

Complete Data Backup Solution

Barracuda Backup is an affordable, integrated local and offsite data backup solution that combines the Barracuda Backup Server for rapid restoration on the local network with the Barracuda Backup Service, a secure cloud-based backup service to two geographically dispersed data centers for redundancy. 

Click to enlarge

“No other backup solution provides an affordable means of combining local, appliance-based backup with two offsite replicas,” said Stephen Pao, vice president of product management for Barracuda Networks.  “By maintaining three copies of each customer’s data, Barracuda Backup offers superior levels of disaster tolerance through hardware redundancy, geographically dispersed data centers, elimination of single points of failure, and distance solutions.”

Barracuda Backup copies primary data from any operating system or storage platform and provides fast local storage and restorations, secure data transfers to offsite data centers and leverages industry-leading policy management for data retention.  Barracuda Backup safely maintains backup data offsite using efficient replication techniques designed by Barracuda Networks to conserve bandwidth and minimize the cost of disaster recovery.  Other capabilities include:

  • Automatic backups. Administrators set the schedule for how often backups should run throughout the day. This eliminates the risks associated with manual backup techniques.
  • Full Local Backup. The Barracuda Backup Server offers sufficient storage for a complete copy of an organization’s current and historical data.
  • Fast Local Restore. Administrators can restore data directly from the Barracuda Backup Server at local network speeds. This is the quickest way to recover lost data or recreate historical data from local backups.
  • Secure, Redundant Replication. Multiple layers of encryption, including AES 256-bit, protect the integrity of data transferred offsite using Barracuda Backup. Barracuda Networks’ two offsite data centers use highly redundant disk-based hardware in a fully encrypted and secure format.
  • Data De-Duplication. Using advanced technology, Barracuda Backup reduces the storage and transfer requirements for backups by analyzing each file at the bit level and only copying, transferring and archiving new bit sequences. This advanced de-duplication technology is applied within a single file’s revision history as well as across the entire backup volume. De-duplication is also applied between data sets from multiple locations.
  • Alert Notifications. Barracuda Backup automatically provides email alerts to administrators when service issues are detected, including when the Barracuda Backup Server goes offline. Other notifications are sent when errors or file warnings are detected in backups, or when, expected files for backup are missing.
  • Regulatory Compliance. Barracuda Backup encompasses the security requirements to cover a wide range of industry-specific regulations such as HIPAA, for the healthcare industry, and Gramm-Leach-Bliley for financial organizations.

“Barracuda Backup eliminates the complexity and expense associated with most data backup solutions available for businesses today,” said Pao.

Automatic Health Monitoring and Provisioning
The Barracuda Backup user interface makes it easy to manage and back up data on the Barracuda Backup Server and to schedule reoccurring offsite data backups in the cloud. The Web user interface provides access and control of settings, reports, restores, statistics and account information in order to manage deployed Barracuda Backup Servers even across multiple locations.  In addition, Barracuda Central, an advanced operations center, provisions and monitors the health of the Barracuda Backup Service and provides 24×7 technical support and emergency restoration assistance in the event of disaster or local backup system failure.

Continued Support for Current Customers and Partners
As part of the acquisition, Barracuda Networks plans to increase investment in product development in backup services and solutions.  In addition, all of BitLeap’s employees have joined the Barracuda Networks team.  Barracuda Networks will continue to work with all BitLeap sales channel partners, expanding the depth of its worldwide sales reach, and enabling them to provide better service and support to all existing and future customers. 

Pricing and Availability
Barracuda Backup pricing includes a one-time hardware fee for the Barracuda Backup Server and a monthly subscription to the Barracuda Backup Service plans.  Barracuda Backup Server pricing starts at $999 depending on model and Barracuda Backup Service plans start at $99 for 50GB of storage per month and varies according to how much storage is needed.  Barracuda Backup is currently available in North America only.  For more information, please visit http://www.BarracudaNetworks.ca/backup-server.aspx.

Popularity: 9% [?]

Post to Twitter

Barracuda Networks Launches Barracuda Link Balancer

0 comments

Posted on 18th September 2008 by admin in Barracuda Link Balancer | Barracuda Networks

, , , , , ,

New Product Line Routes and Manages Traffic Across Multiple Internet Connections

Barracuda Networks Inc. today launched the Barracuda Link Balancer, an affordable and powerful solution for routing and managing traffic across multiple Internet connections.  Available in three models, the Barracuda Link Balancer optimizes the use of multiple Internet links, such as T1s, T3s, DSL and cable connections from one or multiple Internet Service Providers (ISPs).  Capable of automatic failover in the event of link failure, the Barracuda Link Balancer ensures that customer networks are always connected to the Internet.
  
“Fast and reliable Internet connectivity is central to the majority of mission-critical business applications,” said Stephen Pao, vice president of product management for Barracuda Networks.  “The Barracuda Link Balancer enables organizations to simply ‘add-on’ additional Internet connections for both speed and redundancy without other changes to their network environment.”

The Barracuda Link Balancer’s Web user interface allows administrators to define, manage and control bandwidth settings from one central location.  Administrators can also view graphical traffic statistics to analyze hourly, daily or monthly usage.  Clients and applications can be set permanently or for a predetermined period of time to be connected to specific links. 

The Barracuda Link Balancer automatically detects Internet connection failure and enables service restoration.  Tracking connections by saturation, availability, latency and performance, the Barracuda Link Balancer makes informed decisions to select the best link to handle Internet traffic without intervention from an administrator.

Designed to assist in scaling for high bandwidth requirements for organizations of all sizes, the Barracuda Link Balancer ensures that your network is always connected to the Internet while providing:

  • Automated failover
  • Bandwidth management
  • Quality of Service (QoS) for Internet applications
  • Traditional perimeter firewall capabilities
  • Simplified management of IP networks via DHCP and DNS caching servers
  • Aggregate T1s, T3s, DSL and cable Internet connections

The Barracuda Link Balancer can either replace an existing edge router or firewall, or it can be deployed between the Internet and a network firewall.  The Internet connection links plug into the Barracuda Link Balancer’s multiple WAN ports and LAN access is granted through the switch.

Pricing and Availability

The Barracuda Link Balancer is available in three models:  Barracuda Link Balancer 230, 330 and 430.  U.S. pricing starts at $1,999 with no per port charges or per server licensing fees.  International pricing and availability varies based on region. For more information, please visit www.BarracudaNetworks.ca/link-balancer.aspx.

About the Barracuda Link Balancer
Available in three models, the Barracuda Link Balancer is an affordable and powerful solution for routing and managing traffic across multiple Internet connections, capable of handling up to six WAN links.  The Barracuda Link Balancer combines bandwidth of multiple high speed connections while automatic failover ensures reliable connectivity to any of the available Internet links.  The Barracuda Link Balancer automatically detects failure and service restoration for Internet connections.  The Barracuda Link Balancer features an easy to use Web user interface, creating an intuitive and cost-effective administration tool for the integrated hardware and software solution. The Web user interface allows administrators to define, manage and control bandwidth settings from one central location. 

Popularity: 3% [?]

Post to Twitter

Barracuda Spam Firewall Rejects Invalid Non-Delivery Report Messages

0 comments

Posted on 10th September 2008 by admin in Barracuda Networks | Spam Firewall

, , , , , ,

Barracuda Networks Inc., the worldwide leader in email and Web security appliances, recently announced a new feature in the Barracuda Spam Firewall that can differentiate legitimate Non-Delivery Report (NDR) messages – also known as bounce messages – from invalid NDR messages resulting from spoofing attacks. Using [tag]Invalid Bounce Suppression[/tag], the [tag]Barracuda Spam Firewall[/tag] prevents “backscatter” messages from reaching innocent email senders.

“Backscatter is an unfortunate side effect of the continued prevalence of email spoofing by spam campaigns that is now plaguing corporate email servers,” said Stephen Pao, vice president of product management for Barracuda Networks.  “It is also a frustrating, and sometimes confusing, problem for email users who are the innocent victims.”

Backscatter occurs when spammers, hackers or other users with malicious intent, spoof the email addresses of legitimate email users to send spam, viruses or worms.  The receiving email server typically rejects the email and sends an NDR message to the spoofed email address. As a result, the legitimate email user receives a bounce message for emails that they never sent.

“While one common technique to minimize the impact of backscatter is to simply define policies to block all incoming bounce messages, doing so can result in the blocking of legitimate bounce messages,” said Pao.  “As such, distinguishing legitimate from invalid bounce messages can be extremely important to users who send business-critical email.”

Invalid Bounce Suppression tags the sender addresses of all outgoing messages sent from the Barracuda Spam Firewall’s outbound relay, or through the Barracuda Spam Firewall-Outbound appliance.  The tags are encoded with built-in expiration periods and encrypted to prevent forgery.  When an NDR message is received by the Barracuda Spam Firewall, a valid tag must be present in the bounce recipient address (i.e., the original sender address) for the bounce message to be delivered.  If the bounce recipient address does not contain a tag or if a tag is invalid, the NDR message is rejected.  Usage of the Invalid Bounce Suppression feature is transparent to legitimate senders and recipients.

“Beyond the reputation benefits of preventing spam and viruses from leaving an organization’s network, Invalid Bounce Suppression has a direct impact on reducing the amount of unwanted email that hits users’ email inboxes,” added Pao.  “Invalid Bounce Suppression provides another compelling reason why organizations should also consider relaying their outbound email through an email security solution, such as the Barracuda Spam Firewall or Barracuda Spam Firewall-Outbound.”

In addition to Invalid Bounce Suppression, the latest Barracuda Spam Firewall version also includes additional rules governing email policy, including new policy rules for character sets used in emails and attachments, reverse DNS resolutions of sending email servers, and full URLs (including query strings) embedded in emails.

Pricing and Availability:

The latest features, including Invalid Bounce Suppression, are available with Barracuda Spam Firewall firmware release 3.5.12 and above.  The Barracuda Spam Firewall is available in eight models with prices starting at $899.  International pricing and availability varies based on region.

About the Barracuda Spam Firewall:

The Barracuda Spam Firewall is available in eight models and supports up to 100,000 active users with no per user licensing fees.  Its architecture leverages 12 defense layers: denial of service and security protection, rate control, IP analysis, sender authentication, recipient verification, virus protection, policy (user-specified rules), Fingerprint Analysis, Intent Analysis, Image Analysis, Bayesian Analysis, and a Spam Rules Scoring engine.  In addition, the entire Barracuda Spam Firewall line features simultaneous inbound and outbound email filtering with the inclusion of sophisticated outbound email filtering techniques, such as rate controls, domain restrictions, user authentication (SASL), keyword and attachment blocking, triple-layer virus blocking, and remote user support for outbound email filtering.  The Barracuda Spam Firewall’s layered approach minimizes the processing of each email, which yields the performance required to process millions of messages per day. 

For more information on the Barracuda Spam Firewall, visit http://www.BarracudaNetworks.ca/spam-firewall.aspx.

Popularity: 38% [?]

Post to Twitter

Barracuda Networks Tech Alert

0 comments

Posted on 23rd July 2008 by admin in Barracuda Networks | Spam Firewall

, , , , , , ,

This just in from Barracuda Networks regarding the latest firmware upgrade for their Spam Firewall …

+-+-+-+

Technical Alert No. 20080722
Description: Configuration changes to all Barracuda Spam Firewalls upon upgrade to Firmware Release 3.5.12
Revision: A1.0
Affected Barracuda Networks Products: Barracuda Spam Firewall Release 3.5.12

Details: On July 14, 2008, Barracuda Networks released Barracuda Spam Firewall Release 3.5.12.001 into beta release. Upon upgrading to firmware release 3.5.12, three one-time configuration changes will be made to your Barracuda Spam Firewall:

  1. Disabling of bounce messages. On the Basic -> Spam Scoring page, in the Spam Bounce (NDR) Configuration section, the Send Bounce field will be set to No. Because of the growing number of spam emails spoofing addresses of good email senders, this change is being made to avoid sending bounce messages to innocent parties.
  2. Removal of Spamhaus external block lists previously listed as “Common External Blacklists.” On the Block/Accept -> IP Reputation page, the following Spamhaus external block lists will be removed from the Custom External RBLs list: sbl.spamhaus.org, xbl.spamhaus.org and sbl-xbl.spamhaus.org.The Barracuda Spam Firewall used to enable Spamhaus external block lists by default when usage of those lists was free to all Internet users. Now that Spamhaus is seeking license fees from some Internet users, this change is being made to remove the previous default settings and to ensure that Barracuda Spam Firewall customers do not experience problems or unexpected service interruptions.
  3. Replacement of removed Spamhaus external block lists with Barracuda Reputation. If any Spamhaus external block lists were removed by the previous action and the Barracuda IP Reputation field was set to Off, the Barracuda IP Reputation will be set to the most restrictive action of all of the removed Spamhaus external block lists.For example, if sbl.spamhaus.org was set to Block and Barracuda IP Reputation was set to Off, the upgrade would remove sbl.spamhaus.org from the Custom External RBLs list and set Barracuda IP Reputation to Block.The purpose of this change is to maintain or improve performance of the Barracuda Spam Firewall. Barracuda Networks strongly recommends blocking based on Barracuda IP Reputation, and this blocking is particularly important when external block lists such as Spamhaus are not in use.

These changes will be made only once. If you want to re-enable bounce messages and reinsert the affected Spamhaus external block lists, you may do so manually after the upgrade.

Barracuda Networks recommends that you create a new backup of your configuration after upgrading to firmware release 3.5.12.

Risk Rating: None

For More Tech Alerts: www.BarracudaNetworks.com/ns/support/tech_alert.php

For more information on Barracuda Spam Firewall’s please go to: http://www.BarracudaNetworks.ca

Popularity: 13% [?]

Post to Twitter