Symtrex Inc.

Cyber Security Specialist

Call - 866-431-8972 | Send an Email | Request a Quote
Visit Us On FacebookVisit Us On TwitterVisit Us On Linkedin

Profile

Archives for September 2014

Sophos – What you need to know about the Bash “Shellshock” vulnerability

by

In the light of the recent Bash vulnerability known as “Shellshock” (CVE-2014-6271 and CVE-2014-7169), here’s the reality instead of the hype.

Shellshock is a newly-discovered vulnerability in Bash (the Bourne Again Shell), one of the most commonly used shells on Linux, UNIX and OS X.

Although it can be exploited in some cases, the good news is that not all implementations can be exploited, and only certain services and applications allow a hacker to exploit this issue.

Please see our article on Naked Security for an explanation of the vulnerability itself.

In addition, we have examined our products and we are confident that the Shellshock vulnerability can’t be exploited in any Sophos product. Our IT systems have also been patched or were not vulnerable.

For the latest information on how this bug affects Sophos products, please refer to our knowledgebase article from Sophos Support.

How long have you had your firewall?

by

Chances are that you have had the firewall for some time and unless there has been a problem, you simply keep renewing the product year after year.  Security and productivity challenges have changed a lot lately, and so has firewall technology.

Unified Threat Management systems  provide a layered defense without having to buy each component separately- Firewall, Email Firewall, Web Application Firewall and manage the wireless access Points.

A Unified Threat Management system, such as the Sophos SG /UTM units include:

Network Protection –  Configurable intrusion prevention with flexible VPN options for site-to-site and remote access

Email Protection –  Stops spam and viruses while keeping sensitive data safe with DLP and policy based encryption

Web Protection – Protect users from web threats, control online productivity and manage your web application bandwidth

Webserver Protection –  Reverse proxy protects servers from exploits while providing authentication for external users

Wireless Protection –  Centrally manage Wi-Fi access points and set up hotspots and guest access in minutes

Endpoint Protection –  Provides desktops, laptops, and servers with antivirus, device control and web security

The Sophos UTM provides all of the above, and more. Contact us for more information.

Snare Agent for Linux

by

We are pleased to announce the updated Snare Agent for Linux has been released. Our clients can login to their client areas to download the latest version.

The latest version has some added features/enhancements:

  • Implement Exclude Rules in Linux agent
  • LastLogins options needs to be implemented
  • Various UI pages are formatted incorrectly
  • Config file permissions need modification

Download the Release Notes for Snare Agent for Linux 4.1.0.

Some of the features of the Snare Enterprise Agent for Linux include:

  • Caching of events in case of a network disruption, ensuring that events are not lost
  • Log message delivery with TCP.
  • Log to multiple destinations
  • Encrypt messages between the agent and the Snare Server.
  • Allowing the event log record to be formatted so it is accepted by a SYSLOG server.
  • UTC (Coordinated Universal Time) timestamp format for events instead of local machine time zone format.
  • Allow security administrators to either locally or remotely monitor changes to the agent’s configuration through a standard web browser.

Contact us with any questions

Snare Server Update

by

We are pleased to announce the latest update to the Snare Server – Version 6.3.4. You can view the Snare Server Version 6.3.4 Release Notes.

The Snare Product Suite is comprised of the Snare Server and the Enterprise Snare Agents allowing an organization to capture and report on the relevant security events to assist with compliance and best security practices.

The Snare Product Suite is an enterprise class Security Event Management system that has been designed as either a standalone product or can be used in large organizations to facilitate collection of the security events and send them to a master collector for further analysis or to another SIEM.

To learn more about the Snare Product Suite including the Enterprise Snare Agents,  contact us.

Kaspersky – Virtualization Security

by

Virtualization promises to boost efficiency and cut costs, making it an important element in your IT department’s efforts to do more with less. Whether you’re running applications on physical or virtual machines, you still need to stay vigilant to guard against the constant and growing hazard of malware and other cyberthreats that can put your business at risk.

Kaspersky Lab security experts have created this practical guide to help you learn about:

  • The benefits and perils of virtualization
  • How to fold virtualization into your existing security policies
  • The difference between agent-based and agentless security software
  • Choosing and implementing the right virtualization security solution for your organization.

Download the whitepaper.