fighting the lack of good ideas
You may have heard of the recently-discovered/-published TLStorm vulnerability that affects – at least – APC SmartUPS devices. One of the prime issues highlighted is the embedded nanoSSL library that APC has used on these systems. If you want to find out if your system is affected, the following nmap except should start you towards…
continue “on using nmap to help find tlstorm-affected devices” »
Passwords should never expire: https://www.sans.org/security-awareness-training/blog/time-password-expiration-die Passwords should not be changed often: https://www.schneier.com/blog/archives/2016/08/frequent_passwo.html Password “complexity” is – mostly – a joke: https://www.xkcd.com/936 You have been breached: https://blog.augustschell.com/passwords-passphrases-complexity-length-crackability-memorability-data-breaches Passphrases are better than passwords – and https://password.ga will generate them for you (it will also generate random passwords that pass complexity requirements) Use a password manager of some…
It would seem I have configured OpenVPN, Squid proxy, and, to a lesser extent, Pi-hole well – none of the major sites that report IP, DNS, and other connection-related security issues find anything out of the ordinary when I’m either running “just” proxied, or VPN, or VPN+proxy. You should check yourself hereon: https://ipleak.net http://ip-check.info/?lang=en (ironic…
Qualys – https://www.ssllabs.com/ssltest High-Tech Bridge – https://www.htbridge.com/ssl Comodo – https://sslanalyzer.comodoca.com SSL Checker – https://www.sslchecker.com/sslchecker
I wrote an article on passwords, passphrases, entropy, and data breaches for my employer’s blog: https://augustschell.com/passwords-passphrases-complexity-length-crackability-memorability-data-breaches
Schneier has a recent article on security concerns for IoT (internet of things) devices -Â IoT Cybersecurity: What’s Plan B? We can try to shop our ideals and demand more security, but companies don’t compete on IoT safety — and we security experts aren’t a large enough market force to make a difference. We need a…
I’m sure folks have tried to explain this to me before, but it wasn’t until today that it finally clicked – using .ssh/config will save you a world of hurt when managing various systems from a Linux host (I imagine it works on other platforms, too – but I’ve only started using it on CentOS)….