Networking company Juniper Networks is encouraging customers to upgrade their routers to fix a serious vulnerability in its operating system.
Juniper’s M- and T-Series routers are affected by the flaw in the version 6 series of Junos, which makes them vulnerable to denial-of-service attacks. Such an attack could allow a hacker to gain access to the router and crucial areas of a company’s network.
Juniper confirmed the existence of the security hole in Junos on Monday.
“It is being fixed, in that our customers are upgrading, but I’m not able to give any more details,” said Penny Still, a spokeswoman for Juniper.
According to security research firm Secunia, the vulnerability has “moderately critical” implications for networks. In an advisory posted to its Web site, the Danish company said that the flaw was in an unspecified error in processing certain network packets. It recommended that companies upgrade the operating systems on their routers.
The vulnerability is thought to affect routers running versions of Junos installed before Jan. 7 this year. It was discovered by U.S. company Qwest Communications.
The Juniper warning comes after Cisco Systems sent out two alerts of security holes in its router software. On Jan. 21, the networking giant posted a warning on its Web site to say routers connected to its IP telephony gear could be vulnerable to denial-of-service attacks. Then last week, Cisco announced it had uncovered three more security flaws in its routing software that could open the door to the same kind of intruder.
Networking company Juniper Networks is encouraging customers to upgrade their routers to fix a serious vulnerability in its operating system.
Juniper’s M- and T-Series routers are affected by the flaw in the version 6 series of Junos, which makes them vulnerable to denial-of-service attacks. Such an attack could allow a hacker to gain access to the router and crucial areas of a company’s network. Continue reading “Juniper routers exposed to attack”
BARCELONA: The founder of networking seller Juniper has lashed out at arch-rival Cisco at its EMEA press summit, claiming that its Unified Computing Technique initiative is ambitious to pull off successfully. Pradeep Sindhu, director, founder, & vice chairman of the board, also believes customers are rejecting the know-how, preferring to stay seller neutral.
Juniper is still hard at work by itself multi-year Stratus Project, which aims to “flatten” datacentre networking in to a single layer, making infrastructure less complex to administrate & implement. Sindhu says planning for the project started as far back as 2006.
“We started the conception of the Stratus project in 2006 & began seriously the design work in 2008. It took us six long years of trying to understand the issue, figure out what role Juniper could play. Juniper is a pure-play networking company – they don’t require to build computers & storage deices & other things,” they declares.
For Sindhu, Cisco’s solution of building its own servers in addition to its current range of networking gear is an unwieldy solution: “This issue is insanely complicated, & for any company to think that they can solve the issues in computing & storage as well as individuals who specialise in the [individual technologies] is a tall order. They are trying to bite off over they can chew – there is no query in my mind.”
Riverbed hosts WAN optimization seminars
“You’ll finish up with average solutions. In the event you look at UCS for example, it misses the issue of large-scale organizations. It is a solution which is intended to solve Cisco’s issue , which is: how do you increase your revenues? It doesn’t solve the customer’s issue. In fact, it forces the customer to get locked in to Cisco solutions,” they adds.
With vendors in the market increasingly moving towards consolidation & in-house – HP’s acquisition of 3Com & Cisco’s move to build servers, at the cost of relationships with long-term partners Dell & IBM – plenty of have questioned Juniper’s desire to go it alone & possibly forgo new streams of revenue. Sindhu says customers have not expressed a powerful desire for these kinds of solutions.
“My discussions with customers is that they require to run away as speedy as feasible. There is one attraction [of UCS]: you have a one-stop shop. But the opposite of attraction is the fear that they will get locked in to a proprietary & elderly solution. That is the fear that is being realized as they speak,” states Sindhu.
Juniper execs at the event declined to set a date for when products & services based on Stratus would see the light of day, sticking to earlier statements about general availability in 2011.
Security specialist Fortinet has agreed to provide some source code available, following allegations that it infringed on the GPL, the company Tuesday.
Earlier this month, will gpl-violations.org founder Harald Welte an injunction against Fortinet, banning companies that distribute their products to them with the terms of the GPL. The GPL or GNU General Public License is used by developers for the products they want to remain freely available under license to other programmers in accordance with the ideals of free software movement.
Welte claimed that Fortinet had not only abused the code under GPL, but it also tries to hide the use of GPL code by using cryptographic techniques.
Fortinet has decided to send the source code of Linux kernel under GPL and other components to provide any interested party. The code is available upon request for the cost of distribution, from the Fortinet website. The company also agreed to amend its license to the GPL with all Fortinet include shipments. The settlement agreement also stipulates that no Fortinet partners are subject to prosecution.
This is the latest in a series of victories for the GPL-violations.org project. Since the project began in 2004, Welte has negotiated more than 30 off-court settlements.
In Newsletter 26 October, we noted that the most common rumor we heard was, was acquired by Juniper Riverbed would. In this issue, we find that for a number of reasons, we do not assume that Juniper would Riverbed. We explained, for example, to sell in the service, but certainly not Riverbed is first a rapid business-focused companies. In contrast, DNA Juniper clearly in the market for service providers.
Part of the agreement, Juniper announced that with Packet Design is the kind of partnership with OEM direct sales Juniper Packet Design Route Analytics does not sell products. announced as part of its announcement, as well as Juniper, they offer a platform for spatial development called Juno. Packet Design Route Analyzer product is one of the first solutions, which lives in the space of Juno.
Contrary to rumors of the acquisition of Riverbed, Juniper recently announced relationship with Packet Design is very much sense. This follows because Packet Design Route Analytics produces some of the challenges that occur in very large networks, targeted – both corporate and service provider.
For example, any of the products Packet Design Route Analytics for professionals is precisely to model the evolution of the network before their implementation, to allow. Another function of these products is to provide visibility, analysis and diagnosis of problems that arise in the position of the signal. To do this, have an analytical solution route has an understanding of how IP networks deliver exactly the application traffic. This requires continuous monitoring in real time, creating and maintaining a map of all roads and network-wide IP traffic flows passing through these roads. This implies that the solution analysis route must be notified in a position, any change in the lanes is controlled by the host and IP routing protocols.
We said that this relationship makes sense in part because networks are increasingly complex to administer Packet Design Route Analytics Products, Juniper understands the complexity and definitely large and complex networks.
The ads are part of Juniper interesting because they show that, despite the impression that it takes a lot of innovation in network. To reinforce this concept is a package design Be one of the panels at the next Jim Interop Conference in New York. The panel is titled “Break Through networking technologies. If you are to be at the conference, try to attend the panel, as it should be very revealing.
Its conference room near seasonal security in Las Vegas and a month of arrival, a presentation was given by Black Hat and Defcon.
Juniper Networks, then moved to a conference on the errors in the ATM software, has been a researcher plans to hold conferences in checkpoint security, according to complaints ATM provider.
In his lecture “Jackpotting Automated Teller Machines,” Barnaby Jack intends to local and remote attack vectors discussed at an ATM and a live demonstration of an attack on an ATM unmodified.
The description of the conference, which was set at Defcon website appears to have been removed, however, said: “The most common attacks on ATMs usually involves the use of the card skimmers, or theft of these devices themselves. Rarely seen targeted attacks on the underlying software. This presentation is the steps I follow to analyze the interface and find a weakness in a number of popular new model ATM. ”
Said in a statement, Juniper Networks, the company “Jack’s believes that research is important to be presented at a public forum, which is at the level of security. However, the affected ATM provider, we expressed concern by the announcement, the research protected by its elements in their entirety. Given the size and potential exposure of this issue to other vendors, Juniper has set Jack to all interested suppliers to move sufficiently addressed the issues found his research. ”
Juniper Networks is directed to other ATM providers to help them, ask for security risks in search of Jack discovered the statement.
Giving the company does not know what the builders were slot machines can be addressed in the discussion. Jack could not be reached for comment.
Safety issues related to ATM machines are a hot topic. Last month, we discovered, a computer forensics expert that Malware on ATMs, enabling criminals to steal account information and PINs have been discovered. Three people were arrested after stolen last year, the break in the Citibank ATM network inside 7-Eleven stores and PINs.
It is the second consecutive year that the format in one of two conferences, security has been given. Last year, a presentation on hacking smart cards in the Boston subway was used after a federal judge granted a request blocked Massachusetts Transit Authority for an injunction. The process was then released and contribute to improving the three MIT students who completed a muzzle finally agreeing to the transit system to its ticketing system.
And other researchers have encountered problems after having their conversations. In 2005, a security researcher position in his presentation at Defcon, how hackers could enter the Cisco routers, but hours later, Cisco Systems, brought an action against him. The case was eventually settled.
Things were even more dramatic in 2001 when the FBI took Russian crypto expert Dmitry Sklyarov into custody at his hotel in Las Vegas the day after their Defcon talk about insecurity in the e-book security software there.