All posts tagged servers

Data breaches don’t cost anything–so here’s why they matter

What seems like a million years ago, when Sony Pictures got breached, some pundits were predicting that was the end of the company. I always thought that was hyperbole, but I have to admit I never went to the extreme of saying breaches are nearly harmless, which seems to be the current popular thinking. Indeed, a financial analyst […]

Hillary, hackers, threats, and national security

I got a point-blank question in the comments earlier this week: Did Hillary Clinton’s home-made mail server put national secrets at risk of being hacked by our enemies? Depending on the enemies, maybe marginally. But not enough that any security professional that I know of is worried about it. Here’s why.

The State Department is just one of many examples of IT gone rogue

Much has been made of Hillary Clinton’s use of her own mail server, running out of her home. It didn’t change my opinion of her, and I don’t think it changed anyone else’s either–it just reinforces what everyone has thought of her since the early 1990s. Then, Ars Technica came forward with the bizarre case of […]

The Forbes Flash hack is a good example of a watering hole attack

You may have heard people like me talk about watering-hole attacks. It’s an indirect attack on someone by compromising a third party and using that to get in. In this case, back in November, attackers got a Forbes ad server, and from there, attacked visitors from government and bank networks. Here’s the logic: Since ad servers […]

How to use the lock in your web browser’s location bar

A commenter asked me last week if I really believe the lock in a web browser means something. I’ve configured and tested and reviewed hundreds of web servers over the years, so I certainly hope it does. I spend a lot more time looking at these connections from the server side, but it means I […]

Yes, we need to run vulnerability scans inside the firewall

I got an innocent question last week. We’d been scanning an AIX server with Nexpose, a vulnerability scanner made by Rapid7, and ran into some issues. The system owner then asked a question: The server is behind a firewall and has no direct connection to the Internet and no data itself, it’s just a front-end to […]

You’re telling me someone gave a stranger his password?

I was talking breaches last week when a very high-up joined the conversation in mid-stream. “Start over, Dave.” “OK. I’m talking about breaches.” “I know what you’re talking about,” he said, knowingly and very clearly interested.

Why every breach is different

I’ve grown used to being asked what unpatched vulnerability was used in the most recent breach, in an effort to make sure some other company is protected. I appreciate the desire to learn from other companies’ mistakes and not repeat them. But there are several reasons why the answer to that question is complicated, and not […]

Why a non-web server has Apache and OpenSSL on port 2381

I was doing some scanning with a new vulnerability scanner at work and I found something listening on a lot of servers, described only as Apache and OpenSSL listening on port 2381. The versions varied. Luckily I had another scanner at my disposal that solved the mystery quickly: It’s the HP System Management Homepage, a […]

Non-competes and me

I’ve read the stories this week about how fast-food chains like Jimmy John’s are forcing employees to sign non-compete agreements. I’ve been asked to sign a non-compete exactly twice in my career, and signed one once, but neither of them was back in my teenage fast-food days.