**** Enter to WIN an iPad2 From The CyberJungle and Spector360 - Monitor, Capture, Analyze, Act with Spector360 ****

Entering to WIN a Google Android Nexus Tablet is easy

1. Watch the short, video below:



2. Send an email to: comments(at)thecyberjungle.com . In your message to us tell what you learned about Spector360 from the content in the video, tell us your age, and tell us your occupation. We hate spam as much as you do, and your email address will not be shared with third parties.

3. Winner need not be present to win. One entry per person. US residents or US mailing addresses only. Email comments(at)thecyberjungle.com for questions about the rules.

4. If you like what you see in the video, go to Spector360.com and request a FREE evaluation.



Tether for the BlackBerry

Ira's take on using Tether instead of WiFi

Tether is an application that allows you to access the Internet on your computer anywhere there is cellular coverage, through your BlackBerry smartphone. Tether let’s you use the broadband modem that is built into every modern BlackBerry, with no additional monthly fees to the cell phone carrier. And, no more searching and paying for costly WiFi hotspots.

As part of The CyberJungle promotion with Tether, I was given a copy of Tether. As an information security and forensic consultant, I like to say my office is in my hat. Before I had Tether, getting internet access while I traveled was always a challenge. I end up paying for the WiFi when there is a charge, and pick up free signals when I can. I even used to carry a long-range WiFi antenna to help pick up lower cost or free WiFi access points.

I could sign up for a cellular service for my laptop, using a USB attachment. But, since I travel in spurts, I would end up paying for the service for the weeks and months that I don’t need cell wireless laptop access. With the plans my carrier offers, I pay for service even when I don’t use it.

Here is an example of my use of Tether from a recent trip, and why I find the tool so useful: I traveled to Las Vegas to speak at a banker’s conference in an afternoon session.

On the morning of my talk, I needed to do a number of tasks for a client. I popped open my laptop to see what WiFi access was available. Sometimes a conference will provide WiFi access to attendees. Not at this event. The only WiFi access was from the hotel/conference center. Pricing varied, based upon the number of days service I purchases. For one day, it was about $17. If I wanted to go that route, I would have to get out my credit card, fill out forms, and pray. My payment might not go through. Once the payment is processed, it’s always a crap shoot that the access will be steady and reliable.

But, I skipped all that, and instead, I connected my laptop to my Blackberry, and fired up Tether. With just a few clicks, I was online using my BlackBerry with Tether. After my speech, I left that hotel/conference center, and headed down the street to the hotel where I would spend the night. By the time I arrived, the room I had reserved was sold out, so, the hotel bumped me to a top floor suite. Or, should I say, SWEET! The room had a bar, two large sofas, a dining room, big screen TVs, and more.

When I popped open my laptop, that hotel wanted another $20 for 24 hours of Internet access. With Tether, I saved $34 on WiFi access for that single, one-day trip. Over a period of a year, I will more than the $50 one-time cost of a Tether license. I even used Tether recently at home when my cable modem service went down for half a day. One of the side-benefits of Tether is that you can use one license for multiple computers, although you have to use the same BlackBerry. That’s a great feature for people that have many computers, and at least one BlackBerry.

If I have cellular data signal on my BlackBerry, I have Internet access on my laptop with BlackBerry. As a bonus, my BlackBerry is charging via USB as I use Tether. If I had a wish list, the only thing I would add is desktop Linux support. I use laptops that are set as “dual boot.” One part of the hard drive is running Windows7, another partition is running Linux. I can only use Tether on the Windows7 ‘side’ of my laptop. Oh, and yes Mac users, there is a version for the Mac.

You can try Tether for free for seven days. Just go to Tether.com.



Expertise From F5 Networks

Do Business Applications Need Protecting In A Virtual [Machine] World?

[Ira's Take: In order to reduce IT costs, businesses and looking towards virtual machine deployments. This expert paper looks at some of the security issues to consider when moving to a virtual machine enviroment. Note: The paper was writen in the UK, and uses the Queen's English for spelling.]

Some industry experts have claimed that there are still business applications that should not run on virtualised servers. This is surprising as Gartner comments in its research note that “several interrelated trends are driving the movement toward decreased IT hardware assets, such as virtualisation, cloud-enabled services” but the adoption of virtualisation, though widespread according to multiple surveys, still comprises less than 40 per cent of all servers in the data centre today (CDW's Server Virtualisation Life Cycle Report, January 2010 and F5 Networks’ Trends in Enterprise Virtualisation Technologies, 2009).

The need for improved agility and the increasing cost and complexity of IT, has driven many businesses into swiftly adopting virtualisation technologies. While some virtualisation experts claim that virtualised computing environments are less secure than physical computing environments, others claim that virtualisation can enable better security.

Both claims can be correct, but in reality when information security controls are improperly implemented or neglected in virtual environments, real security risks are exposed. These are the potential pitfalls of virtualisation, but the good news is that they don’t have to stop the technology being implemented. Another growing trend alongside virtualisation is delivering applications via the cloud as this reduces cost and moves application headaches outside the business. However, this does not come without risk.

Essential protection

The benefits of virtualisation are obvious. But every technology implementation needs to be weighed up in terms of the potential challenges and benefits, and virtualisation is no different. Security administrators and those who manage virtualisation, predominantly server managers, need to understand phrases such as ‘hardened operating system,’ ‘walled garden,’ and ‘network segmentation’ in the one-box-for-one-application world, as well as prepare for the new threat arena for distributed and targeted attacks. The need to understand these threats only increases as more elements of the network become virtualised and convergence blurs the boundaries between storage and server networks.

To completely protect a virtual environment many questions need to be addressed, including:

• How current analysis, debugging, and forensics tools will adapt themselves to virtualisation?
• Which tools will be necessary for security administrators to master between all of the virtualisation platforms?
• How will patch management impact the virtual infrastructure for visitors, hosts, and management subsystems?
• Will new security tools, such as hardware virtualisation built into CPUs, help protect the hypervisor by moving it out of software?
• How will security best practices, such as no-exec stacks, make a difference once fully virtualised?

These are all questions that need to be addressed before the enterprise world moves full-on into virtualisation. More than anything, we should be thinking today about where virtualisation security will take us tomorrow. We all agree that virtualisation is here to stay, but those implementing need to make sure they stay ahead of the threats and think about virtualised threat vectors before attackers have already coded for them.

Optimising Virtual Infrastructures

In addition to security concerns, leveraging the optimisation capabilities of modern load balancers – or application delivery controllers - is another way of making virtual infrastructure more efficient, as it increases virtual machine density and cancels out the impact of virtualisation overhead on application capacity and performance. Given that almost every cloud provider utilises some form of modern load balancing solution and can easily enable these optimisation capabilities, it seems unlikely that the lack of virtualisation awareness in applications would be detrimental to cloud computing adoption in the long run.

In fact, the ability to leverage both traditional and virtual resources, thus combining the local data centre with cloud computing resources, would seem to be a bonus to businesses seeking to address capacity concerns without moving their entire infrastructure to an external entity. The ability to optimise through solutions required to implement a cloud computing infrastructure ensures that organisations moving to an internal cloud deployment are not forced to essentially “rip and replace” their entire infrastructure to support virtualisation-aware applications, but to leverage the virtual infrastructure and assist server managers with the challenges of a virtual world.