Two cool new exploits have been released complete with cool names and graphics. Welcome Meltdown and Spectre, these critical vulnerabilities exploit pretty much all modern processors. Even though these hardware vulnerabilities have been around forever, four independent groups of researchers discovered these vulnerabilities simultaneously. Meltdown and Spectre at a high level allow programs to steal data which is currently processed on the computer. While programs are typically not permitted to read data from other programs, a malicious program can exploit Meltdown and Spectre to get hold of secrets stored in the memory of other running programs.
Meltdown and Spectre work on personal computers, mobile devices, and in the cloud. But what about our network and security equipment using modern processors, are they vulnerable? Below is a list I put together of links to vendors sites and their responses to the vulnerabilities. I imagine most of them will keep these pages up to date as they discover new information. This is a complicated and low level issue so most vendors are going to need time to really evaluate their products and create patches.
Luckily in most cases it is an attack that is performed through the management access, so if you follow the best practice of limiting device management access from only trusted IPs or networks you should be good until the patches are released.
PaloAlto Networks
"Our initial review of the vulnerabilities disclosed in the research concludes that all PAN-OS/Panorama platforms are not directly impacted by these attacks. There are no immediate plans to release a software update to PAN-OS in response to these issues at this time"F5
"ImpactFor products with None in the Versions known to be vulnerable column, there is no impact. For products with ** in the various columns, F5 is still researching the issue and will update this article after confirming the required information. F5 Technical Support has no additional information about this issue.
BIG-IP
All three vulnerabilities require an attacker capable of providing and running binary code of their choosing on the BIG-IP platform. This raises a high bar for attackers attempting to target BIG-IP systems over a network and would require an additional, un-patched, user-space remote code execution vulnerability to exploit these new issues. The only administrative roles on a BIG-IP system that can execute binary code or exploitable analogs, such as JavaScript, are the Administrator and Resource Administrator roles. These users already have nearly complete access to the system and all secrets on the system not protected by hardware-based encryption. F5 believes that the attack with the highest impact may occur in multi-tenancy Virtual Clustered Multiprocessing (vCMP) configurations, running single-core guests owned by different administrative domains on a single BIG-IP system. In this scenario, Spectre Variant 2 may allow an attacker in one administrative domain to collect privileged information from the host or guests owned by another administrative domain, if the attacker's guest is configured as a single-core guest. The BIG-IP system always maps both hyper-threads of a given core to any guest with the "Cores Per Guest" configuration set to 2 or more, but single-core guests may execute on the same processor core as another single-core guest or host code. This threat may be mitigated by setting the "Cores Per Guest" configuration to 2 or more for all guests."
Cisco
"Cisco is investigating its product line to determine which products may be affected by these vulnerabilities. As the investigation progresses, Cisco will update this advisory with information about affected products, including the Cisco bug ID for each affected product."Juniper
"Juniper SIRT is actively investigating the impact on Juniper Networks products and services.”Brocade
Citrix/Netscaler
"Citrix NetScaler SDX: Citrix believes that currently supported versions of Citrix NetScaler SDX are not at risk from malicious network traffic. However, in light of these issues, Citrix strongly recommends that customers only deploy NetScaler instances on Citrix NetScaler SDX where the NetScaler admins are trusted."
This is one of my favorite meals, I don't make it very often but it is super good.
Ingredients:
- 1 Roasted Chicken, you can get it already cooked at most grocery stores or Costco
- 1 cup frozen or wilted fresh chopped spinach (thawed and squeeze water out so it is dry)
- 4 tablespoons of chopped chives
- 1 cup of grated Monterrey jack cheese
- 1 teaspoon salt
- 1/4 teaspoon pepper
- 1 1/2 cup cream of chicken soup
Instructions:
- Take the chicken apart, and cube 3 cups in 1/4 size cubes, set aside
- Mix all of the above ingredients together
- Purchase Pepperidge Farm Patty Shells (2 Pkgs) and let thaw to room temp
- Roll out with a little flour to approx. a 5" circle size
- Place the mixture on the lower half of the circle approx 2 tablespoons,
- Fold over top half and crimp with a fork to look like a turnover.
- Brush the tops with a mixture of beaten egg and 1teaspoon water
- Bake in over temp. of 425 for 18 minutes or until golden brown.
I've been thinking a lot about Survival lately, what with the 8th season of Walking Dead starting up and our impending nuclear war with North Korea. In my day job as a networking nerd I deal with communication on a daily basis, but as a society our world is becoming much to dependent on Digital communication. In a survival scenario ain't no one got time to troubleshoot packet loss!
This has got me thinking about radio and the role they might play in self sufficient communications.
I've been telling myself I am going to take the HAM radio test, but haven't got around to it yet. So I started researching the GMRS and FRS radio systems and was surprised just how capable the GMRS systems are and how easy it is to get an FCC license.
GMRS, FRS and MURS radios are excellent for local communications, but are much more capable then just those 19 dollar radio shack hand held units. FRS and MURS do not require an FCC license, they’re cheap, and easy to use. They’ve pretty much replaced CB radios for a lot of families. In fact they share a lot of the same limitation on power and range. There is something to be said for their availability though, and in a disaster scenario you could probably scrounge up a number of these radios from anywhere.
If you have a true GMRS radio, you have a much more capable radio.
GMRS radios have the ability to tap into a repeater, which expands the radio's range to possibly hundreds of miles — meaning your local family radio can be transformed into a life saving communication device. GMRS radios are also allowed to operate at higher power than a lot of other radios, this will expand their local communication even without a repeater. You do need an FCC license to operate the GMRS radios, but they are easy to get, with no test required (a big bonus considering how hard the HAM test is), and they cost around $70 dollars. Also, you only have to renew the license every 5 years and one license covers your entire family.
So here's the rub! Getting your License for GMRS is a no brainer, and playing around to build a repeater sounds pretty fun. But in a true emergency you should give your self every advantage. So buying a GMRS radio might not be the way to go. In a true life threatening emergency you can communicate on HAM radio frequencies as a last resort. So what should I get?
Well, it's not illegal for a non-HAM licensed individual to own a HAM radio...its just illegal for a non-licensed individual to transmit on the designated amateur radio frequencies. That being said, many of the HAM radios can be programmed to transmit on the same GMRS FRS channels your store bought hand held radios transmit on. In addition to leveraging the thousands of GMRS and FRS radios, you can program channels/bookmarks for GMRS and HAM radio repeaters in your area, NOAA weather channels, frequencies used by emergency personnel and groups, as well as maritime radio frequencies. Having these frequencies pre-programed and documented can truly make the difference in a stressful emergency situation. The best part is you can get some of these radios for pretty cheap.
Hardware:
To start exploring the world of radio you probably don't want to go drop hundreds of dollars on radio equipment so my suggestion (and the radio I have been exploring) is the BaoFeng UV-5R Dual Band Two Way Radio (Black)
. This radio can be programmed as a HAM radio as well as FRS and GMS frequencies. I know a lot of hardcore peppers are going to disagree with this radio and I agree the quality and reliability will be less than more expensive radios. But if you want to get your feet wet $30 dollars is an acceptable amount for most people to experiment with to see if this solution works for them. The radio is small and has an operating Frequency Range of 65-108 MHz (only commercial FM radio reception) VHF: 136-174 MHz(Rx/Tx). UHF: 400-520 MHz(Rx/Tx). You will probably want to purchase the USB programming cable as well, this makes uploading and downloading the frequencies a way easier. Baofeng Programming Cable for BAOFENG UV-5R/5RA/5R Plus/5RE, UV3R Plus, BF-888S
Radio Configuration:
There are a ton of people out there with great articles on how to program this radio specifically, so I have put together a list I used to set up mine:
Programing the Radio:
Both guides were straight forward the only issue I ran into was downloading the correct driver for my radio programming cable.
Survival Channels for the Baofeng Radio (this is step by step guide on how to config your radio)
Manually Programming the Baofeng Radio (the same thing but a really good youtube resource)
CHIRP (Radio programing software)
GMRS Radio License:
Getting your GMRS License (This is a guide to getting your GMRS license put out by the AGRC)
FCC Website (The FCC Website discussing the GMRS license regulations)
General Survival Radio Sites:
Graywolf Survival (Their post discusses survival radio options as well as emergency frequencies)
At the end of the day HAM radio is still the defacto survival communication standard, and is an important institution that needs to survive. I just wanted to pose an option that seems practical and more attainable to those who may not feel they are capable to getting a HAM radio license.
. This radio can be programmed as a HAM radio as well as FRS and GMS frequencies. I know a lot of hardcore peppers are going to disagree with this radio and I agree the quality and reliability will be less than more expensive radios. But if you want to get your feet wet $30 dollars is an acceptable amount for most people to experiment with to see if this solution works for them. The radio is small and has an operating Frequency Range of 65-108 MHz (only commercial FM radio reception) VHF: 136-174 MHz(Rx/Tx). UHF: 400-520 MHz(Rx/Tx). You will probably want to purchase the USB programming cable as well, this makes uploading and downloading the frequencies a way easier. Baofeng Programming Cable for BAOFENG UV-5R/5RA/5R Plus/5RE, UV3R Plus, BF-888S
Radio Configuration:
There are a ton of people out there with great articles on how to program this radio specifically, so I have put together a list I used to set up mine:
Programing the Radio:
Both guides were straight forward the only issue I ran into was downloading the correct driver for my radio programming cable.
Survival Channels for the Baofeng Radio (this is step by step guide on how to config your radio)
Manually Programming the Baofeng Radio (the same thing but a really good youtube resource)
CHIRP (Radio programing software)
GMRS Radio License:
Getting your GMRS License (This is a guide to getting your GMRS license put out by the AGRC)
FCC Website (The FCC Website discussing the GMRS license regulations)
General Survival Radio Sites:
Graywolf Survival (Their post discusses survival radio options as well as emergency frequencies)
At the end of the day HAM radio is still the defacto survival communication standard, and is an important institution that needs to survive. I just wanted to pose an option that seems practical and more attainable to those who may not feel they are capable to getting a HAM radio license.
After tasting every drink at our local Tiki bar my wife and I wanted to reproduce our favorite The Macadamia Nut Chi Chi. This drink is easy to make, but the most important part of the drink is a good quality Macadamia Nut liqueur. We cheeped out the first time and the drink tasted horrible, after finding the Trader Vics Macadamia Nut liqueur we reproduced the drink exactly.
Ingredients:
- 2 ounce Vodka
- 1 ounce Macadamia Nut liqueur
- 1 ounce Creme of Coconut
- 4 ounces Pineapple Juice
...
Instructions:
Fill a shaker with crushed ice
Add ingredients to the shaker and shake like crazy
(Longer you shake frothier it gets)
Poor into your favorite tiki mug
Aloha!!!!!