Cisco released multiple security advisories identifying 11 vulnerabilities in IOS on Wednesday. One of the security holes was described as 'highly critical' and could lead to a hacker compromising the affected machine or launching a DoS (Denial of Service) attack. The critical vulnerability is affects Cisco devices running SIP, a protocol used to set up and tear down voice and/or video calls. Cisco recommends that everyone running a Cisco product with IOS version 12 to review the security advisories here and patch the vulnerability. There are currently no workarounds for products that require SIP to function, but users can try to mitigate the risk by allowing only trusted devices to connect to the affected product. 

The vulnerabilities are triggered when an affected product processes malformed SIP messages. Hackers can use this to force the machine to reload repeatedly, resulting in a DoS attack. SIP should be disabled if it isn't required. The other 10 advisories have been listed as 'less critical', but they still could be used for the purpose of remote code execution or DoS attacks. 

Intel has succeeded in integrating the largest number of processing cores onto a single chip in its history. The Xeon 7500 series boasts a three-fold jump in performance over other chips in its Xeon and Core i line. Server makers that are looking to squeeze more performance into a tighter space will be the first to see the benefits of this new 'super-chip'. A single Xeon 7500 can replace 20 single core 4-chip servers, according to Intel. Hyper-threading is also supported on the Xeon series doubling the number of tasks a processor can perform, virtually making this chip into a 16-core processor. Also, the chip supports expanded memory making servers based on the 7500 able to handle up 1 terabyte in 4 processor configurations.

Intel's announcement of this chip comes on the heels of AMD's 6100 12-core processor, which combines two 6-core die. The two chips are comparatively priced with the 6-core Intel X7542 going for $1,980 versus $1,386 for AMD's slightly inferior 6100. Expect to fork over around $3,700 for Intel's 8-core X7560.

Last Tuesday the networking world was buzzing over Cisco's latest announcement, a router that would 'lay the foundation' for the next generation internet. While the router itself isn't quite as extraordinary as Cisco would have you believe, it really is a giant leap forward in routing technology. Today I'd like to give a quick rundown of the CRS-3's specs and capabilities.

The CRS-3 is 12 times faster than it's closest competitor, the CRS-1 or Juniper T1600, moving network traffic at 322 terabits per second. This would allow you to download the entire Library Of Congress in just over 1 second; stream every motion picture ever created in less than 4 minutes; or allow everyone in China to make a video call simultaneously.

The CRS-3 can save you 60% on power consumption compared to competitive platforms. Also, Cisco has made it easy and affordable to upgrade from the CRS-1, making the CRS-3's new capabilities achievable in a CRS-1's existing chassis, router processors, fans, and power systems.

Cisco's new Cisco QuantumFlow Array Processor powers the CRS-3 router. This processor combines 6 chips to work as 1, enabling unprecedented service capabilities and processiong power.

Pricing for the CRS-3 starts at $90,000 and is currently in field trials. AT&T recently tested the CRS-3 in a successful completion of the world's very first field trial of 100G backbone network technology. 

IBM researchers are getting close to developing chips that use pulses of light instead of electrical signals over copper wire to share information. The low-power nanophotonic avalanche photodetector is the fastest of its kind, able to transmit data at speeds up to 40 gigabits per second using a 1.5 volt power supply. This chip could be a huge step in making computers and other electronics more energy efficient. Using 20 times less energy than chips currently in use, IBM says that a traditional system using 20-30 volts could be operated by a 1.6 volt AA battery! 

The chip itself is made using existing semiconductor technology and the light signals themselves are transmitted over silicon circuits. The term 'avalanche' in the devices' name comes from the way the exchange of information builds as the circuit does its job. Much like an avalanche on steep slope where a tiny pack of snow triggers a large scale slide, an incoming photon releases an electron causing a cascade effect releasing many other electrons, amplifying the original signal many times. Researchers are hoping this new technology will allow them to build computers capable of exaflop performance, roughly 600 times faster than world's most powerful computer. You can watch a short video explaining the technology here.

Cisco released a warning to customers today about multiple holes in their security appliances. Patches have been released to fix the affected products, but the PIX 500 series has reached "End Of Life" status so no new software will be released for them. Workarounds have been suggested for PIX users and can be found here. The other affected products include the Cisco Firewall Services Module (FWSM) for the 6500 and 7600 series, ASA5500 Security Appliance, and Cisco Security Agent (CSA) releases 5.1, 5.2, and 6.0.

The FWSM vulnerability could cause a DoS (Denial Of Service) and may be forced to reload after processing a destructive SCCP (Skinny Client Control Protocol) message. The hole becomes apparent when SCCP inspection is enabled and is triggered by transit traffic, not traffic intended for the device. The ASA and PIX units are plagued by similar vulnerabilites, most of which can cause DoS but one fairly nasty one which can grant the hacker unauthorized access to the device and your network. The CSA holes can include an SQL injection that allows hackers to download files from the server hosting CSA's Management Center, product reconfiguration using the SQL injection, and DoS attacks that could lead to the system hosting the CSA to crash.

For more information on the subject, please use the link in the first paragraph of this article. 

Last April IBM announced plans to build a supercomputer that could compete on Jeopardy and confirmed yesterday that the computer, dubbed 'Watson', is now capable of beating human contestants. The supercomputer, which has been dubbed a 'question answering system', has been under development for about two years now. Based on IBM's 1997 success with Deep Blue the supercomputer that beat chess champion Garry Kasparov, the technological giant is convinced they have made a computer that's 'smarter' and has 'more confidence' than it's predecessor.

Watson is able to use cutting-edge natural language processing technology to analyze the meanings behind words. This gives the supercomputer the ability to identify relevant information, interpret human expressions and puns, break down questions into sub-questions, and synthesize the information into an answer. Watson has been 'studying' so to speak, by 'reading' many natural language books, texts, etc. and has stored all the information internally, just like a human brain. It will not be connected to the internet, literally putting Watson on its own against the human competitors. Knowledge isn't the only thing Watson will need to really compete on Jeopardy though, confidence in its answers and the quickness of its responses will be of paramount concern to the developers.

The human brain is essentially a blazingly fast processor and human competitors have the advantage, at least at the moment. When real Jeopardy contestants are asked a question, they will sometimes buzz in before their brain has actually recalled the information needed, taking a few seconds to respond. This instinctive confidence in our own knowlege is something IBM believes it can overcome, at least enough to make Watson competitive against human beings. Strategy is also a big part of the game and IBM has programmed the supercomputer to take the score of the game, the dollar value of the question, and the 'confidence' in its answer into account before deciding whether to buzz in.

IBM is keeping Watson's win/loss stats secret for the time being, so we will have to wait until the end of this year to see what 'the next step in AI' can actually do. Until then we can continue to bask in our cognitive superiority and wonder what exactly Watson might spend that prize money on. Maybe a nice new warehouse for Deep Blue and itself to live out their golden years? And an Aibo to keep them company? Only time will tell!

Here's an interesting little tidbit of information I came across while I was cruising some articles regarding last weeks Black Hat security conference. Cisco and other networking companies implement a 'backdoor' into all of their routers and switches for lawful intercept. What's lawful intercept you ask? Well, this basically means that by law, all networking equipment manufacturers selling to ISP's must provide a backdoor into their routers and switches so that law enforcement agencies can track the internet activity of individuals under surveillance.

With internet privacy always being a hot issue, this measure was first greeted with mixed reviews but most believed that if hackers couldn't get ahold of this backdoor information then security would be tighter for all of us. While that seems like a great thought, the fact of the matter is that Cisco and other networking giants haven't taken the time to tighten the security around the backdoors themselves. IBM researchers found several bugs, which by themselves are almost harmless, that can be used in conjunction with eachother to allow hackers to spy on network traffic and steal information.

Cisco was first warned about these bugs in 2008 and released a patch to correct some of the problems, but this major security issue still hasn't been addressed properly as of last week. Hackers are still able to access the backdoor and even after numerous failed password guessing attempts the systems don't A) Block the perpetrator from trying again or B) Alert a network administrator to the unauthorized access. This type of 'invisibility' was originally intended to hide the technique from ISP employees, who in theory could detect the intercept and alert the individual under surveillance. This has obviously gone completely wrong, instead of keeping dishonest employees out it's practically inviting hackers to spy and steal information without anyone being alerted until it's too late.

While it seems Cisco may be the primary target of the IBM researchers, keep in mind that all networking companies are legally required to bild lawful intercepts into their router and switch lines. Cisco is actually the only company that follows the advice of the Internet Engineering Task Force or IETF and makes its intercept architecture public, exposing it to peer review and security scrutiny. Other networking companies keep theirs in the dark and they most likely suffer from the same flaws or possibly more. Allowing the weaknesses to be public knowledge may seem like cutting your own throat, but knowing about them keeps IT personel informed and aware so that these issues can be mitigated properly.

As our lives are becoming more and more dependant on computers, the internet, networking, and portable gadgets; network security is quickly becoming a household term and concern. Everyday I read reports of people, not just small or large businesses, regular people becoming victims of cyber attacks. Whether it's stolen passwords, phishing scams, data loss, denial of service, or full blown Identity Theft; your cyber security should be almost as important as the lock on your front door. Today I would like to talk about one threat in particular and the strides Cisco has made to help protect us from that threat.

Botnets are a collection of software robots or 'zombie computers' that are controlled by a single 'command and control center' usually ran by one person with the ultimate goal being to steal your personal data. Computers are usually infected via website or email and depending on the type of exploit (DoS, key logging, phishing scams, etc.) it will then launch an attack. Keeping up with security updates for your PC or Mac (Macs ARE NOT invulnerable to viruses, despite what Apple entusiasts would have you believe), up-to-date antivirus software, and malware blocking programs will keep most of the unwanted software out. No program is perfect though and hackers are coming up with new tricks all the time, so how do you know if something slips through undetected? Has your computer or a computer on your network become a zombie?

This is where Cisco's Layer 4 Traffic Monitoring feature comes in, referred to as L4TM. Botnets alll have one thing in common, they must 'call home' to their command center and relay what information, if any, that they were trying to steal. L4TM tracks and detects command and control data that is being sent back to the hacker by using modified technology that Cisco had previously used in their Ironport Web Security Appliance or WSA for short. The ASA is configured to install the Botnet database from the Ironport website and check every 60 minutes for updates. Then, the L4TM feature compares the destination IP addresses with the Botnet database, looking for known malicious IPs. When a match is found, an alert will be sent to the ASDM.

These features and a host of others can be found in ASA release 8.2/ASDM 6.2 and above, compatible with the entire ASA5500 line from 5505 to 5580. If you are currently running a pre-8.2 release, I strongly recommend upgrading as these features can help keep your 'electronic life' safe. Recently, Cisco has added a Botnet drop filter capability with ASA release 8.2.2/ASDM 6.2.5 along with a slew of bug fixes and extra features, including an SSL/VPN feature that helps conserve your licenses. For a full list of features and upgrades, search Cisco's webste for 'ASA 8.2.2'.