Cisco: Difference Between Network-Clock-Select and Network-Clock-Participate?

1. network-clock-participate
To allow the ports on a specified network module or voice/WAN interface card (VWIC) to use the network clock for timing, use the network-clock-participate command in global configuration mode. To restrict the device to use only its own clock signals, use the no form of this command:

network-clock-participate [slot slot-number | wic wic-slot | aim aim-slot-number]
no network-clock-participate [nm slot | wic wic-slot]

<< Usage Guidelines >>
This command is used for ATM segmentation and reassembly or digital signal processing and Cisco 3660, Cisco 3725, and Cisco 3745 routers. This command applies to any network module with T1/E1 controllers to provide clocks from a central source (MIX module for the Cisco 3660) to the network module and to the port on the network module. Then that port can be selected as the clock source with the network-clock-select command to supply clock to other ports or network modules that choose to participate in network clocking with the network-clock-participate command. This command synchronizes the clocks for two ports. On the Cisco 3700 series, you must use the network-clock-participate command and either the wic wic-slot keyword and argument or the slot slot-number keyword and argument.

2. network-clock-select
To name a source to provide timing for the network clock and to specify the selection priority for this clock source, use the network-clock-select command in global configuration mode. To cancel the network clock selection, use the no form of this command:

a. Cisco 2600 Series and Cisco 3660 with MIX Module
network-clock-select priority {t1 | e1} slot/port
no network-clock-select priority {t1 | e1} slot/port

b. Cisco MC3810
network-clock-select priority {serial 0 | system | bvm | controller}
no network-clock-select priority {serial 0 | system | bvm | controller}

<< Usage Guidelines >>
When an active clock source fails, the system chooses the next lower priority clock source specified by this command. When a higher-priority clock becomes available, the system automatically reselects the higher-priority clock source.

a. Cisco 2600 series, Cisco 3660, and Cisco 3700 series
This command is used on Cisco 2600 series and Cisco 2600XM with AIMs installed or on the Cisco 3660, Cisco 3725, or Cisco 3745 with Multiservice Interchange (MIX) modules installed. This command names a controller to provide clocking signals to the backplane, which then provides the names to all the network modules that are participating in network clocking.

b. Cisco MC3810
This command applies to Voice over Frame Relay, Voice over ATM, and Voice over HDLC on the Cisco MC3810. Use the network-clock-select command to establish the clock-selection priority when there are multiple sources of line (network) clocking in a Cisco MC3810. Possible sources of line clocking for the Cisco MC3810 are the BRI voice module (BVM), the multiflex trunk module (MFT), and a serial port configured for clock rate line.

Microsoft: Windows Update Failed Because Services Do Not Run

You might have encountered the situation where the Windows Update failed to run because the services do not run. You might want to try the solution below:
1. Go to the Windows update setting and set it as Never Check for Updates ( Not Recommended )
2. Restart your computer
3. Go to the Windows update setting again and set it as Install Update automatically ( Recommended )
4. Try to run the Windows Update again and it should work now

Microsoft: How to Uninstall System Center Configuration Manager ( SCCM ) Client

To uninstall the System Center Configuration Manager ( SCCM ) client:
1. Open a Windows command prompt and change the folder to the location in which CCMSetup.exe is located.
2. Type Ccmsetup.exe /uninstall, and then press Enter.

IT Technology: Researcher releases Free Ransomware Detection Tool for Mac OS X Users

Introducing RansomWhere, a free generic ransomware detection tool for Mac OS X users that can identify ransomware-like behavior by continually monitoring the file-system for the creation of encrypted files by suspicious processes.

This ransomware detection tool helps to block the suspicious processes and waits for the user to decide whether to allow or stop the process.

Ransomware has risen dramatically since last few years... so rapidly that it might have already hit someone you know.

With hundred of thousands of ransomware samples emerging every day, it is quite difficult for traditional signature-based antivirus products to keep their signature database up-to-date.

So, if signature-based techniques are not enough to detect ransomware infection, then what else can we do?

Some Antivirus companies have already upgraded their security solutions that detect suspicious behaviors like the sequential accessing of a large number of files, using encryption algorithms and key exchange mechanisms.

Here’s the latest ransomware detection tool for Mac OS X users:

RansomWhere? – a smart application that can identify ransomware-like behavior by detecting untrusted processes rapidly encrypting files, stop that suspicious process, and then alert the user.

<< How RansomWhere tool works >>
Patrick Wardle, a former NSA staffer who now leads research at bug hunting outfit Synack, has developed the RansomWhere tool, which aims at detecting and blocking generic ransomware on Mac OS X by regularly monitoring the user's local filesystem for the creation of encrypted files by any process.

"The ransomware will likely encrypt a few files (ideally only two or three), before being detected and blocked," Wardle wrote in a blog post.

This ransomware detection tool, by default, scans Mac apps and binaries that are signed with an Apple Developer ID and not by official Apple certificates.

If the tool detects any untrusted process, it suspends the suspicious process and alerts the user by showing a pop-up asking user to continue or terminate the process in question.

Wardle successfully tested RansomWhere against KeRanger as well as Gopher ransomware proof-of-concept, which was developed by a pro-Apple Mac hacker, Pedro Vilaca, last year.

Though Wardle admitted that his tool does not guarantee 100 percent result and that it could be circumvented by malicious hackers who can discover a way to bypass RansomWhere and avoid detection, it is always better to be somewhat safer than completely vulnerable.

<< Some known Limitations of RansomWhere tool?: >>
1. RansomWhere would not be able to help if any Ransomware malware abuses Apple-signed file or app.
2. RansomWhere detects ransomware infections after they have already encrypted some of your important files.
3. Files outside of your home directory are not protected by RansomWhere. So sophisticated ransomware could shift all your files outside home directory and lock them up.

Since hackers are always a step ahead of researchers, the RansomWhere tool has already been bypassed. Vilaca had tweaked his Gopher ransomware to bypass RansomWhere in a matter of minutes.

As mentioned in the limitations, Vilaca added just ten lines of code in its ransomware proof-of-concept to take the victim's files outside of the home directory and lock them up. You can watch the video above showing his hack.

IT Technology: Opera Browser Now Offers Free and Unlimited Built-in VPN Service

Opera becomes the first web browser to offer a built-in Free, unlimited and 256-bit encrypted VPN service for everyone.

Opera's Free VPN protects unencrypted browser session from leaking on public WiFi networks and will also let unblock firewalls to improve privacy and security.

Virtual Private Networks (VPNs) have become an important tool not just for large companies, but also for individuals to improve web privacy, dodge content restrictions and counter growing threat of cyber attacks.

Opera has released an updated desktop version of its web browser with a Free built-in VPN service to keep you safe on the Internet with just a click.

For those unfamiliar, VPNs are easy security and privacy tools that route your Internet traffic through a distant connection, protecting your browsing, hiding your location data and accessing restricted resources.

<< Free VPN Service with Unlimited Data Usage >>
Unlike several other free VPN services, Opera's built-in free VPN service will offer you unlimited data usage as well. You just have to turn on a virtual switch in the Settings menu to enable the feature.

So you required to install no third-party extensions, pay no monthly fee as well as set no limit on data usage.

"By adding a free, unlimited VPN directly into the browser, no additional download or extensions from an unknown third-party provider are necessary," Opera's engineering chief Krystian Kolondra wrote in a blog post.

"So, today, our Opera desktop users get a handy way to boost their online privacy, as well as easier access to all their favorite online content no matter where they are."

Opera's Free VPN service uses 256-bit encryption to hide all your connection details and replaces your IP address with a virtual one, making it difficult for the government or anyone to trace your location, identify your computer or block content they do not want you to see.

The free VPN feature in Opera has been made possible after the company acquired VPN provider SurfEasy last year.

<< Here's How to Try Opera's Free VPN >>
To give Opera's Free VPN a try, install the latest developer version of Opera for Windows and Mac, look for the 'Privacy & Security' tab and toggle this feature ON.

Since Operas Free VPN service is available in the latest developer version of Opera, the service lets you switch between three virtual locations: The United States, Canada, and Germany.

However, the company says it will add more countries in the stable version of its browser.

Microsoft: Office for Mac 2016 Does Not Support WebDAV

WebDAV is not supported in Office 2016 and Microsoft does not plan to add WebDAV support to Office 2016. It is because Microsoft would like to push Mac users to use OneDrive. As a result, I strongly advise you to stick to Office for Mac 2011 for Word / Excel / PowerPoint and maybe switch to Outlook 2016 which offers a far better experience with Office 365.

Apple: Disable Hibernation for Mac OS X

To disable this, turn autopoweroff in the sleep settings by running the following command in Terminal (under /Applications/Utilities):

sudo pmset -a autopoweroff 0  

The -a option disables auto poweroff for the Mac while on the charger as well as on battery. Use -c (instead of -a) to disable auto poweroff only when it's plugged in.

IT Security: SideStepper Vulnerability in iOS 9 Endangers Companies that Use MDM to Distribute Apps

Apple's iOS 9 added safeguards for businesses to help prevent employees from downloading malicious software posing as legitimate enterprise apps, but researchers now warn that the use of mobile device management (MDM) technology within companies opens up a loophole in these protections.

According to a new research report from Check Point Software Technologies, MDM solutions, which allow companies to distribute software to employees' mobile devices en masse across its enterprise, pose a threat to device-holders if MDM communications via iOS are successfully hijacked by bad actors. This vulnerability has been assigned the nickname SideStepper.

To pull off a SideStepper scam, an attacker would first trick an employee into installing a malicious configuration file by clicking on a link in a phishing email, SMS text message or instant message. This newly created profile then sets the stage for a Man-in-the-Middle attack, whereby device-holders think they've received an over-the-air app download on their devices from corporate IT, when it's actually a malicious enterprise app sent from cybercriminals who have hijacked the MDM exchange.

A malicious enterprise app could allow bad actors to completely take over the phone, endangering not only the device-holder but potentially the enterprise if confidential or sensitive documents, files or contacts are impacted. The criminals could potentially capture screenshots, even those captured inside secure containers, as well as record keystrokes.

Normally under iOS 9, a user who downloads an enterprise app on his device must first as a precaution go through a series of settings screens to verify the app's developer before actually executing the program. But MDM solutions skip these steps for the sake of expediency and efficient business workflow—“so iOS natively trusts any app installed by MDM solutions,” the report explains. “In fact, an app installed by an MDM will not show any indication of its origin.”

Furthermore, the app download and approval process looks exactly the same regardless of which MDM solution a company is using, making it easy for cybercriminals to convincingly spoof the process, as no special customization is necessary.

“The issue is not with the MDM companies,” said Michael Shaulov, Head of Mobility Product Management at Check Point Software Technologies, in an interview with SCMagazine.com. “The [MDM] communication API is not developed by the various MDM developers. It's actually something provided by Apple, so Apple is responsible” for correct this flaw. CheckPoint informed Apple of this vulnerability in late 2015 and it is not known when the company will address it. SCMagazine.com has reached out to Apple for comment. In the meantime, said, Shaulov, businesses can help themselves by coupling their MDM solutions with a proven mobile threat intelligence solution.