Skip to content

antipaucity

fighting the lack of good ideas

Tag: security

on using nmap to help find tlstorm-affected devices

Posted on 11 March 202211 March 2022 By antipaucity No Comments on on using nmap to help find tlstorm-affected devices

You may have heard of the recently-discovered/-published TLStorm vulnerability that affects – at least – APC SmartUPS devices. One of the prime issues highlighted is the embedded nanoSSL library that APC has used on these systems. If you want to find out if your system is affected, the following nmap except should start you towards…

continue “on using nmap to help find tlstorm-affected devices” »

technical

a semi-permanent psa on passwords

Posted on 3 January 20193 January 2019 By antipaucity No Comments on a semi-permanent psa on passwords

Passwords should never expire: https://www.sans.org/security-awareness-training/blog/time-password-expiration-die Passwords should not be changed often: https://www.schneier.com/blog/archives/2016/08/frequent_passwo.html Password “complexity” is – mostly – a joke: https://www.xkcd.com/936 You have been breached: https://blog.augustschell.com/passwords-passphrases-complexity-length-crackability-memorability-data-breaches Passphrases are better than passwords – and https://password.ga will generate them for you (it will also generate random passwords that pass complexity requirements) Use a password manager of some…

continue “a semi-permanent psa on passwords” »

technical

do you leak?

Posted on 11 October 20189 October 2018 By antipaucity No Comments on do you leak?

It would seem I have configured OpenVPN, Squid proxy, and, to a lesser extent, Pi-hole well – none of the major sites that report IP, DNS, and other connection-related security issues find anything out of the ordinary when I’m either running “just” proxied, or VPN, or VPN+proxy. You should check yourself hereon: https://ipleak.net http://ip-check.info/?lang=en (ironic…

continue “do you leak?” »

cool, technical

4 places to check your website’s ssl/tls security settings

Posted on 27 March 20184 September 2019 By antipaucity No Comments on 4 places to check your website’s ssl/tls security settings

Qualys – https://www.ssllabs.com/ssltest High-Tech Bridge – https://www.htbridge.com/ssl Comodo – https://sslanalyzer.comodoca.com SSL Checker – https://www.sslchecker.com/sslchecker

technical

on entropy, password/passphrase complexity, and if you’ve been part of a data breach (spoiler alert: you have)

Posted on 30 November 2017 By antipaucity No Comments on on entropy, password/passphrase complexity, and if you’ve been part of a data breach (spoiler alert: you have)

I wrote an article on passwords, passphrases, entropy, and data breaches for my employer’s blog: https://augustschell.com/passwords-passphrases-complexity-length-crackability-memorability-data-breaches

education, personal, technical, work

what is “plan b” for iot security?

Posted on 16 November 2017 By antipaucity 4 Comments on what is “plan b” for iot security?

Schneier has a recent article on security concerns for IoT (internet of things) devices - IoT Cybersecurity: What’s Plan B? We can try to shop our ideals and demand more security, but companies don’t compete on IoT safety — and we security experts aren’t a large enough market force to make a difference. We need a…

continue “what is “plan b” for iot security?” »

commentary, ideas, technical

how did i never know about .ssh/config?

Posted on 13 April 201613 April 2016 By antipaucity No Comments on how did i never know about .ssh/config?

I’m sure folks have tried to explain this to me before, but it wasn’t until today that it finally clicked – using .ssh/config will save you a world of hurt when managing various systems from a Linux host (I imagine it works on other platforms, too – but I’ve only started using it on CentOS)….

continue “how did i never know about .ssh/config?” »

technical

Posts navigation

1 2 3 Next
March 2023
S M T W T F S
 1234
567891011
12131415161718
19202122232425
262728293031  
« Jan    
  • Patrick Henry 23 March 1775
  • Reincarnation by Wallace McCrae (adapted by Warren Myers)
  • Famed was Beowulf
  • Fuzzy Wuzzy (anonymous)
  • One bright morning in the middle of the night (various)

Books

  • Debugging and Supporting Software Systems
  • Storage Series

External

  • Backblaze
  • Cirkul
  • Digital Ocean
  • Fundrise
  • Great Big Purple Sign
  • Password Generator
  • PayPal
  • Tech News Channel on Telegram
  • Wish List

Other Blogs

  • Abiding in Hesed
  • Chris Agocs
  • Eric Hydrick
  • Jay Loden
  • Paragraph
  • skh:tec
  • Tech News Channel on Telegram
  • Veritas Equitas

Profiles

  • LinkedIn
  • Server Fault
  • Stack Overflow
  • Super User
  • Telegram
  • Twitter

Resume

  • LinkedIn
  • Resume (PDF)

Services

  • Datente
  • IP check
  • Password Generator
  • Tech News Channel on Telegram

Support

  • Backblaze
  • Built Bar
  • Cirkul
  • Digital Ocean
  • Donations
  • Fundrise
  • PayPal
  • Robinhood
  • Wish List

Copyright © 2023 antipaucity.

Powered by PressBook Green WordPress theme