I-BLOG

The Managing Director of an MNC was beaten to death by the employees (ex-employees)!

Source: http://www.ndtv.com/convergence/ndtv/story.aspx?id=NEWEN20080066331

The managing director of a company in Greater Noida, just outside Delhi, was beaten to death on Monday by workers, who were fired two months ago.

Another 34 people, all from the company’s management have been injured in the riots that took place inside the office building.

This is what was left after a 30-minute riot at this huge multinational office in Greater Noida.

The trouble began at 12.30 pm when 200 workers arrived outside the office behind me. They were invited in by Human Resources managers.

Seventy workers went into the office and began attacking the management. The MD arrived to help control the situation. The workers attacked the MD for 30 minutes with sticks. They hit him repeatedly on his head. Doctors say he died of those injuries.

At the hospital, his wife, a college lecturer and son a class 12 student are surrounded by evidence of the sort of fury he was subjected to.

The police is unable to explain how the 25 guards at the company were unable to control the rioting workers.

"At least 250 workers were sitting outside. As soon as the gate was opened, they barged in and the guards who were present at that time started running here and there. By the time the guards gathered together, they had already done the damage. What can one do when there are 250 of them?" said an eyewitness.

Graziano, the electronics company attacked today has nearly 600 employees. It is a large Italian multinational, LK Choudhury who died at work had been the managing director for 10 years.

Some snaps from my camera!

Well, I like ‘em, don’t know about Ya’ll

It is old story that DVD has region codes and only when the DVD disk has the same region code as the DVD player, the movie would be played and otherwise the player wouldn’t play it. Now understand that this is one of the movement against piracy. The DVD region code on DVD movies are 1 byte valued.

Coming to the problem. I recently changed my DVD player to support more formats and as well USB mode of video playing. During my last visit, I had bought complete 3 seasons of “I love Lucy” (Its just wonderful, cuts me loose ) but couldn’t play because of region codes, The DVD was from USA (meaning Region Code 1) and my DVD player was bought in India (meaning region code 5). So I started looking out to make my DVD player “Region-Free”. C’mon, I paid good earned dollars to buy the DVD’s which I can’t play???

The region codes are;

1. United States and Canada
2. Europe and Japan
3. Southeast Asia
4. Latin America and Australia
5. Russia, rest of Asia and Africa
6. China

So finally Google comes to help, read on unlocking and setting the DVD player to region free (code 0). Got some posting on unlocking a Philips DVP 5xxx series, used the same method on my Philips DVP-3266. Took 2 minutes to unlock it and watch the video I wanted to watch

Following are the steps, if it help anybody;

Press Setup
Select the Preference Tab
Press 1,3,8,9,3,1
Press up/down key to select "0"
And hit menu to exit.

You can double check it by

Press SETUP
Navigate to [General Options] menu
Press 1 3 7 9

Oh yeah and another best part was, none of the shop guys admitted that the USB can be used for movies (I had an e-zone guy promise me that it would only play audio).

What to say man, it just works and there are some rumor going around that the USB won’t read hard disks, it is complete B.S. As long as the hard disk is formatted with FAT16/FAT32, it would play, period.

Does DHCP provide any kind of security? NOPE! It is an admin’s job to use supplemental devices/software’s to prevent it.

2 attacks to look at;

1. DHCP Flooding :- Think about if someone keeps flooding the DHCP requests and the server keeps assigning until the pool is exhausted (Now, how difficult is that?) A tool which can generate random mac addresses in the requests, then it is done!

2. DHCP Serving :- Think of a rogue server giving away IP addresses causing service disruption. Better still, I can have the hosts send packets to choice of his/her Default Gateway and sniff the contents Or hand out incorrect DNS server IP, so that the connections can be redirected to incorrect/forged web sites? Simple enough (a Google search would give out the tools).

So how does one prevent these attacks from happening;

1. Situation 1 (DHCP Flooding) – Modern switches come up with DHCP snooping capabilities where one can restrict the number of mac addresses that can come into a specific ingress port of the switch. Also there are processes to watch over the spurious DHCP requests that seems unusual. The best part is, if you restrict to ONE mac address per port on port security, it can still be circumvented. An attacker can use a tool to use the same mac address, but in the DHCP request packet there is a field to mention the mac address and which is what the DHCP server assigns the IP for (not the original frame mac). So keep changing it and Voila, you’re done!

2. Situation 2 (DHCP Serving) – This is fairly simple to stop, configure switches to make sure “DHCP OFFER” message types do not come out of normal host access ports (Only allow the “DHCP OFFER” to come out from the DHCP server port, normal hosts have no business sending a “DHCP OFFER” message, isn’t it?).

Port Security has more value to it, since if compromised at layer 2, everything up is at stake!

When we speak about MAC flooding, almost everyone with Information Security insight knows about what it is. What do one achieve with MAC flooding? There are various ways of looking at it.

Take an enterprise class switch, and see the spec’s as to how many mac addresses can the switch store in its cache. It is very interesting to understand the already known fact (but less thought about), that a switch cannot learn mac address indefinitely, the simple reason is that it is impossible! A Cisco Catalyst 6500 switch can store ~130,000 mac cache entries. What would happen if all of them are filled up? The switch cannot store any more of newly learned MAC address thus stops to add it to the cache, which in turn floods traffic across all the ports if a traffic meant for that mac address comes in!

Such a massive switch, everyone obviously does VLAN on it. So in theory, a traffic in one VLAN is not seen by the other VLAN. However if we were to think about the lines above, if a MAC flooding happens in VLAN 1, hosts in VLAN 2 would be able to see all traffic in that VLAN 2 (in spite of having a 5 digit/6 digit valued switch). Reason ? Simple;

MAC Cache values defined in Switches are not VLAN specific, that is for the entire Switch Fabric. So if the MAC Cache Value is 10 entries, after 10 entries, broadcast flooding would happen in all other VLANs too for the newly learned MAC address.

Example;

Take a switch which can hold 10 MAC Cache Entries; There are 3 VLANS having 4 ports each in each VLAN, we call it VLAN1 VLAN2 VLAN3.

So from VLAN1, port 1, if we were to flood and fill all the 10 entries, Then the traffic flooding happens not only in VLAN1. Reason, if a new host comes on port 1 of VLAN 2, the switch cannot store the MAC address since the cache is full and is going to broadcast it, when a traffic for that MAC comes around.

Bottom line, if the mac cache is filled, everyone connected to the switch suffers and VLAN’s do not HELP! At that point; $50,000 SWITCH = $10 HUB

Of course the VLAN 2 doesn’t see anything from VLAN 1 however, every port in VLAN 2 sees everything that is happening in VLAN 2 (communication happening for all the 3 other ports).

That calls in for Layer-2 Security, for one aspect.

Well, Google for it and you can get N number of tools to do it, so I’m not going to write it down here.

How do you prevent it? MAC Security. Simple fact is to bind just 1 mac address per port. Well, it is easier said than done. In earlier switches, you have to manually do it. Now consider doing it for 348 ports? How much ever you pay, the guy ain’t gonna do it unless it is his head at stake

Good news is that, newer switches can dynamically learn one MAC address and then lock it down. Now if that happens, only the problems that arise due to change in port needs to be addressed. However with technology changes (think of IP Phone + Desktop plugged in 1 port), it kinda gets a bit ugly though! Some switches do offer to learn a limit of MAC addresses instead of just 1. All this comes with some cost obviously, the CPU load!

Well, this week as of now 2;

Over 30% of Attack/Exploit traffic coming from Japan (yeah read it again, it is Japan) ?

Rumor about Juniper Networks eyeing Aruba or Meru Networks? Good move, why reinvent when something is already there, provided you’re funded

Well, I don’t understand, here is the snip from NDTV News;

The government on Tuesday announced that smoking would be banned in all public places from October two.
The ban would include hotels, restaurants and offices, Union Health Minister Anbumani Ramadoss said in Delhi on Tuesday.
If someone is caught smoking, then a fine of Rs 200 would be imposed on that person in accordance with the National Tobacco Control Act.
"Though in the beginning, the fine would be only Rs 200, we will try to amend the act in the future, after which the fine can be increased to Rs 1,000 and the employer can also be fined if somebody is found smoking within the office premises," Ramadoss said inaugurating a tobacco workshop.
Apart from this, the minister said the government has also issued notifications to make pictorial warnings compulsory on all tobacco products from December one.
To begin with, the pictorial warnings would be those cleared by the Group of Ministers and would cover 40 per cent of the product covers, but after around one year, more pictures can be brought in, he said.
The government is also making the fight against tobacco an integral part of the school health programme.
"According to a WHO study, around 14.1 per cent of school going children are using some or the other form of tobacco, which is very worrisome," Ramadoss said.
The government had notified pictorial warnings to be carried on tobacco products last month after clearance by the Group of Ministers.

If it is that concerning, why not ban it in its entirety ??? I can’t stop but wonder, there used to be this placed called ‘Designated Smoking Place’. Well, I’ve seen it in a lot of International Airports, what is going on man? 

It is very interesting to write, today I got a visitor from Italy, who liked the blog and also gave the URL to his blog. I checked out and it was in Italian. Well, I do not know any other foreign language other than English. So used Google to translate it to English, took 5 seconds, that’s it!

Click on the image above to see it. Google Translate Buttons – A very versatile tool, you can drag your language options to your book mark tab. Next time you stumble across any other language on web, just click on the button for an automatic translation. I wonder how come I never did this!

By the way the new friend’s blog is located at http://blog.configmaker.net/

At some phase of everyone’s career, this challenge for sure is going to popup! So how does one choose if he wants to be Technically challenged or explore Management aspects of any kind. In traditional industry, it is evident and easier to make this choice, since the path flows over a long period of time and by then you know what you want, rather you’re molded into a role; but how about IT industry;

I know a Director of Managed Services who has 8 years of experience, that’s it. I moved on from there or probably I’ll be holding that role, would it make me happy? I don’t think that’s gonna happen. Now there are again 2 views about this, if you work for a smaller organization such kind of promotions are possible? Well, the one I just mentioned is pretty big [name withheld for obvious reasons], if not as big as Cisco or Microsoft, it is just BIG.

I have seen a lot of guys around me who just want to get to be *Managers* despite the fact that they can’t even have two thought processes going along. The very idea of somebody else’s blazing ideas turns them down. It is difficult to decide if not as difficult as to whether you want to get married or not Personally the way I see it, Technical track offers better opportunity to grow (not in the ranks) but the elevation of thoughts when it comes to technical thoughts. Some one might argue as to the same is applicable to a Management candidate as well. Management doesn’t have any right/correct answers that stay! It doesn’t just depend on the problem in hand, in addition it depends on Timing, Industry, Competitor Processes, kind of project and finally you solve the issue which still can be turned wrong by anybody who passes by! Comparisons hold a greater value by its virtue in management decisions. How many times do you think that happens in Technical Problem solving??? There is either a correct or incorrect solutions. The word ‘better solution’ can be coined by proven examples.

This makes me feel great for Manager turned Leaders.

So the question is still open!