IPv6 - Opportunity, Necessity or Threat?

A few years ago, counters presenting the diminishing pool of available IPv4 addresses were very popular on the Internet. The closer to zero the value on the numerator approached, the more it aroused interest in the new version of the protocol - IPv6. Producers of network devices, operating systems and Internet providers quickly intensified their activities aimed at preparing them to work in the new reality. Their homework was to a greater or lesser extent done by them. The IPv4 counters have reached zero and… nothing has changed practically. In both home and business applications, hardly anyone thought about IPv6. While IANA distributed the last available pools of IPv4 addresses to regional registries (RIR), it was not a major problem for end users. The regional registers had some reserves of address space for the following years. With time, however, these also began to melt and reach zero. The situation repeated itself, but this time the role of the buffer with the backup address space was taken over by local registers (LIR), which are mainly large Internet providers. This resulted in a tightening of IPv4 address allocation policies at the level of regional registries. For example, the European RIPE has stopped registering new ASs (Autonomous Systems) for clients applying for PI (provider independet) in version 4 addresses. offer their own addresses from the pool assigned to them as LIRs. This state of affairs has continued since 2012. Although this is really the last stage before the actual exhaustion of IPv4 addresses, few people are interested in the implementation and, above all, the proper protection of the infrastructure working on IPv6. Continue ...

In the period from September to November, UpGreat takes part in three IT conventions (Wielkopolskie, Mazowieckie and Śląskie) - cyclical events organized for employees of offices and public institutions. During these meetings, issues related to the adaptation of local government institutions to the requirements of legal regulations concerning, inter alia, computerization, personal data protection or the National Interoperability Framework. The meetings are also attended by UpGreat experts in the field of ICT security, personal data protection, audits and security policies. Our consultants advise IT specialists from public institutions on how to adapt their systems to the requirements of the KRI regulation related to, inter alia, with the implementation of the Information Security Management System. We discuss issues related to the implementation of information security policies as well as risk estimation and analysis. We also answer questions regarding the amended Personal Data Protection Act and the obligations of the Information Security Administrator.
We pay special attention to security audits and penetration tests, which are an indispensable element of security management in any organization.

The AirTight Networks offer includes an interesting solution for monitoring the area of an office, warehouse, conference room in terms of the use of mobile phones. In some situations, it is necessary to discover phones and cellular connections. The applications proposed by AirTight are:

• army and police,
• prison system,
• institutions in which it is forbidden to use mobile phones, e.g. near devices and buildings classified as classified,
• detection of eavesdropping devices, network listening devices and printing systems in order to intercept confidential information and further data transmission via a GSM modem.

Continue ...

Televisions, portals and experts warn all of us against various types of cyber threats. The topic is media attractive and often discussed. However, in the sheer volume of information, these warnings are relegated to the background as relating to other people and not ourselves. We assume that, because we are careful, no one will steal our access data and empty our bank account. Anyway, in order to make their offer more attractive, banks offer various types of insurance that provide reimbursement of lost money in the event of unauthorized withdrawals from the account.

However, there are threats not only to individuals but also to larger communities. In recent months, we have dealt with our clients several times with attacks consisting in encrypting data belonging to the enterprise. The criminal undertook to decrypt the data after paying the ransom. In this case, the threat concerned the entire company / organization.

Continue ...