NTP needs a security update

NTP users and server admins – There are multiple vulnerabilities that are in the wild that are being exploited actively. If you have not been paying attention to security updates, attached is a consolidated report that will give you the resources you need to protect your infrastructure. Take a few minutes to read and see […]

Poodle Bites Back

Another Poodle related vulnerability has been reported in the wild in various channels. This time impacting TLS to a degree. So admin’s should take a moment and read up on it and keep current as its likely to continue developing over the next couple days/weeks as more vendors are likely determined as I am sure […]

Artillery – honeypot and or server protection

I need to spend some quality time looking and testing this further. It appears to be something that I can use in production quickly and easily. Good summary here https://www.binarydefense.com/project-artillery/ Also Holisticinfosec has a good writeup on it. http://holisticinfosec.blogspot.com/ and here http://www.southbasecamp.com/blog/setting-up-a-honeypot-artillery/

EMET to Help Mitigate Threats on Your Windows Systems

EMET or Enhanced Mitigation Experience Toolkit (someone in marketing needs fired) is an MS tool that adds some protections against attacks. It provides some advanced functionality. There are some nice defaults to protect the usual suspects (Like Internet Explorer, Java, and Adobe), but some more advanced options to protect other applications as well. You can […]

Another Vulnerability to Watch

Another vulnerability has sprung up you should pay attention to as you need to make some changes to your web browser of choice likely. Read the link below Health Infosec web site Basically you should disable support for SSLv3 and the specifics for most browsers are below. Additionally if you run a web server or […]

For Those Who Want To Disappear

Or at least make it a little harder to be “out there” in the WWW naked. http://prism-break.org/en/ Good listing of all kinds of good software, and a lot of really good transparent technologies if you take a little time to get to know them.    

Dont fear getting under the hood

The more I use computers and specifically Linux, the more I enjoy the terminal. I can quickly get what I want and where I want. Additionally it allows me to see what is really happening under the shiny gloss of a UI and more effectively troubleshoot. I started in a terminal 35 years ago, and […]

Technology and Humans

A personal blog by a technologist and his observations. This site will have technical and non-technical information, and thoughts and information that I find helpful. Also need a place to put things I want to find later. If you happen to find it, I hope it helps you or amuses. If not, then you might […]