I had a client with a huge list of hostnames that they needed to convert to IP addresses so they could scan them. That’s common. I used to have a Windows batch file to convert a list of hostnames to a list of IP addresses, so I dug it out of my archives. This isn’t like a ping sweep; they knew the machine names but their tool needed IPs.
I used the file to resolve lists of machines so I could load them into a centralized logging or vulnerability management system. This client had the same need and nobody there had a similar tool. So I shared mine with them. And I present it here so I won’t lose it again, and if you need it, you can use it too.
As a security professional, “is DD-WRT safe?” is a question I hear a lot. While there are options that I think are safer, I’m perfectly fine with admitting I use DD-WRT myself. I know a lot of other people like me do as well.
One thing is almost certain: DD-WRT is safer than what shipped on your router from the factory.
I recently saw advice to buy a Cisco RV130W instead of buying an Asus router such as an RT-AC66U and souping it up with Asuswrt-Merlin. I can see both sides of the argument but in the end I favor the Asus solution when I consider Asuswrt-Merlin vs Cisco. Here’s why.
Now, if you’re arguing business vs personal use, there’s no contest. In a business setting, buy the Cisco.
Whether you’ve gotten a tech support scam phone call or not, it can be helpful to know how to clean viruses off your computer for free. And yes, I do mean free.
A lot of people get ripped off due to virus scares and it makes me mad. I’m a computer security professional. I advise large companies on computer security for a living. Today I’ll take a few minutes to advise you.
When you get rid of a computer hard drive, it’s important to get rid of it properly. Your hard drive probably contains a lot of sensitive information on it, like tax returns or loan applications. Here’s how to destroy a computer hard drive when you need to.
Let’s set some expectations here. Making the data impossible to recover isn’t something you can do without a drive shredder. But you can make it so difficult and expensive to recover that nobody will bother. That’s good enough. If it costs $10,000 to recover the data from your drive, a thief isn’t going to do it, due to the risk that you don’t have $10,000 to steal.
That said, if you know the material, you can pass it using old books. I passed CISSP with old, dated books because the new books weren’t ready yet. I relied on work experience to close the gaps. Work experience is just as important as book knowledge. Perhaps more so. I’ve worked with people with lots of book knowledge who couldn’t solve the problems they encountered on the job. You can’t fake your way through operations.
If you have an old CISSP book from before 2015, read the seven relevant domains from the CISSP book: Access Control; Cryptography; Malicious Code and Activity; Monitoring and Analysis; Networks and Communications; Risk, Response and Recovery; and Security Operations and Administration. Anything that’s fair game in those domains for CISSP always was fair for SSCP too.