Tag Archives: ISP

Recommended DD-WRT settings

I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.

For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.

Continue reading Recommended DD-WRT settings

You might need a new router

Last week the New York Times, of all places, wrote a nice article about routers. If your wi-fi at home is bad, they say, think about picking up a TP-Link Archer C7 router.

A longtime friend asked me a week or two ago about routers, and I recommended a TP-Link Archer. Last week, it arrived, and he told me his wi-fi is much better now–so much so his wired network was suddenly struggling to keep up with it.

Continue reading You might need a new router

How to mitigate MS15-078 or future Microsoft font driver vulnerabilities

Microsoft rushed out an out-of-band patch, MS15-078, to deal with active exploits in their font driver yesterday. Since pushing out patches takes time, my boss asked me what we could do to mitigate the issue in the meantime.

The biggest threat, by far, is exploit-bearing fonts being downloaded from web sites. Ideally you only install trusted fonts from trusted sources locally on your workstations, right? If not, I suggest you start that practice as well.

You have a couple of options when it comes to blocking fonts in browsers.

Continue reading How to mitigate MS15-078 or future Microsoft font driver vulnerabilities

Minor-League hacking in the MLB

So, about a year ago, the Houston Astros announced their internal player database had been breached. This week, more details emerged, pointing right at the St. Louis Cardinals.

It wasn’t a terribly sophisticated attack. You knew I’d write about this, but I’ll explore it from an IT security perspective more than from a baseball perspective.

Continue reading Minor-League hacking in the MLB

Worried about the wrong things? It’s always the wrong thing.

Guy Wright’s piece titled Internet Security: We were worried about the wrong things is a bit old but it’s an important point. Security is a moving target. It’s always a moving target.

I disagree, however, with the assertion that SSL (and its successor, TLS) were a waste of time.

Continue reading Worried about the wrong things? It’s always the wrong thing.

Hillary, hackers, threats, and national security

I got a point-blank question in the comments earlier this week: Did Hillary Clinton’s home-made mail server put national secrets at risk of being hacked by our enemies?

Depending on the enemies, maybe marginally. But not enough that any security professional that I know of is worried about it. Here’s why.

Continue reading Hillary, hackers, threats, and national security

The TP-Link TD-8616. It’s a modem. It seems to work.

The TP-Link TD-8616 is a low-priced, acceptable replacement for whatever DSL modem your ISP issued you. As such, it’s less exciting than a can opener, but a DSL modem is one of those things that you shouldn’t ever think about. Just like your can opener, the only time you’re likely to have any opinion at all about your DSL modem is when it’s not doing its job well. This is my review of the TD-8616.

The TD-8616 is just a modem, but then you can pair it with a router with whatever capabilities you want, including the ability to run third-party firmware on it, which I recommend of course. Might I suggest a TL-WR841n running DD-WRT?

Continue reading The TP-Link TD-8616. It’s a modem. It seems to work.

Got tech support scammed? Worry about your credit card, not your computer

A college classmate contacted me a week or two ago. A relative of hers got scammed, and she wanted to know what to do.

“Get the charges reversed on the credit card,” was my simple response.

“What about cleaning up the computer?” she asked.

That’s the easy part. Continue reading Got tech support scammed? Worry about your credit card, not your computer