Information Technology BLOG

Definition: AI or Artificial intelligence is the simulation of human intelligence processes by machines. Three main processes are used : 1- Learning: Acquiring specific pieces of information and rules 2- Reasoning: Conclude through rules 3- Self-connection  Two kinds of AI: 1- Weak Artificial Intelligence: It is a system that repeats the same particular task like SIRI, this kind needs human intervention. 2- Strong Artificial Intelligence or known as Artificial GENERAL Intelligence  It is a system that recognizes human actions and abilities, it tries to find a solution when there is a problem, sometimes it replaces human work and tasks. How Artificial Intelligence became alive? Thanks to cheaper GPUs (Graphics Processing Units), BIG DATA and Algorithms that Artificial Intelligence became a reality. Artificial Intelligence was programmed to treat special problems that a normal computer is not able to resolve on its own like perception, planning, problem

Security Information and Event Management or SIEM, grew out of two requirements. One was to contend with the flood of alerts issued from IPS or Intrusion Prevention Systems and IDS or Intrusion Detection Systems which were overwhelming security teams. IDS were used to measure and prove compliance to various legislations. A deluge of compliance legislation appeared in the first two decades of the twenty-first century in reply to numerous high-profile network breaches. In the other hand, the technology needed several things: First, logs aggregation from many network sources, such as network and security devices, servers and databases, and applications into a central repository for analysis and pattern detection. Second, storing data logs for a period of time to satisfy auditing requirements. Third, correlation, monitoring and notifying events in real-time.  SIEM is primarily an information platform. As CyberAttacks became more sophisticated and stealthy, demands for information a

Email was one of the first things that people did when the world became connected in 1990s.  It didn't need a large bandwidth back in time when technology and different connection lines were limited.  It was also easy, fast, and didn't even cost a lot of money, It was so easy and inexpensive that intelligent people saw it as a means to get a message to many people at little or no cost. Some of these mails have become legitimate businesses and official proofs and were equivalent to advertising flyers send by post, but other mails were sent by more untrusted people in order to hack or to steel personnal information or identity online like postal addresses and emails, names and phone numbers. That was the beginning of SPAM - the fact of sending irrelevant and unsolicited messages on the Internet to a large number of recipients in order to collect some information. As people started to send and receive emails without verification or accountability, it offered anonymity.

A sandbox for computer security confines the actions of code to the sandbox device and in isolation of the rest of the network.  So if something unexpected or wanton happens, it effects only the sandbox and not the other computers and devices on the network. In the grand scheme of things, sandboxing is relatively new, and it can be used for different situations. For example, prudence would dictate that we should isolate new or modified code from the rest of the network because the code may act in ways we haven't predicted. Why Sandbox? The reasons for adopting sandboxing for security purposes are obviously different. First, let us do a brief foray into the development of network security.  The history of cyberthreats and network security is a story of thrust and counter-thrust. The bad actors would develop a new technique or exploit some code deficiency, and the network security folks would eract a new defense against that thread or a write a patch to correct the code. In

Network Access Control NAC It's something that controls access to the network. And at its simplest level, this is what NAC does.  But if that's all that it was, then it wouldn't be fundamentally different from a network authentication and authorization server. Traditional authentication to the network follows the IEEE 802.1X standard that provided an authentication method to devices wishing to join a Local Area Network (LAN) or wireless LAN. 802.1X Wireless/Wired Authentication The mechanism was a port-based network access control which used agents, the software running on client devices that provide credentials to the authenticator to control access to the network. Another means to control access to a public network such as one serving a coffee shop or in a hotel, is a captive portal. If you've ever connected to a network in an airport, hotel, or coffee shop, you might recall interacting with a web page, sometimes agreeing t

On Cisco Wireless controller 5520, The Access POINTS try to join the Controller by bringing up a connection through the CAPWAP Tunnel, you can see these attempts through the AP log itself. The problem is that the DHCP server when trying to serve IP Addresses it shows the error BAD_ADDRESS in front of each IP assigned. So I Took a single access point, started debugging it, after that, I noticed that the CAPWAP connection was empty of errors BUT!! it was trying to resolve this name  CISCO-CAPWAP-CONTROLLER This resolution is made with DNS protocol, of course, I honestly wasn't so sure of what I was doing, so I added a new entry in my DNS server and it's corresponding IP was the Controller's after that magically all the Access Points where UP and showed UP on my controller. The controller I'm working with is the CISCO WIRELESS CONTROLLER 5520 Model:  AIR-CT5520-K9 Software Version:  8.3.150.0 Image of the controller Learn