David L. Farquhar, computer security professional, train hobbyist, and landlord
Defense in depth is a common phrase you hear in information security. It’s also frequently misunderstood. In this blog post, I’ll provide links to a couple of examples of defense in depth, and provide some insights into the mindset. Because more than anything else, defense in depth is a mindset that takes more than seeing examples to grasp.
Black Friday is the biggest shopping day of the year in the United States. But not all Black Friday deals are what they first appear to be. That’s true in the case of tools. But if you know what you’re getting, they can still be fine for what they are. It’s not necessarily a case of whether Black Friday tools are any good, but rather, if they are suitable for your intended use case.
For Black Friday 2023, Home Depot offered a Ryobi combo kit for $79. It included a drill, a saw, and a work light. They billed it as a $300 value. I bought one so you don’t necessarily have to. In this blog post, I’ll tell you whether it’s worth considering.
I’ve been evaluating Zoho Manage Engine Patch Manager, and so far I like what I see. It is a capable patch deployment tool that supports Windows, Linux, and Macintosh, and crucially, it will deploy updates for third party applications, including open source applications, both popular and obscure.
Modern versions of Windows collect a huge amount of telemetry on you. But running older versions of Windows puts you at greater security risk, and running another OS may or may not always be feasible. So for those instances, it’s possible to use a hosts file to stop Windows from spying on you.
The Jetway 386WB was an inexpensive clone motherboard with an Opti chipset available in the 1989 /1990 time frame.
I’m familiar with the Jetway board because I own one, but many manufacturers in Taiwan produced boards based on the same Opti reference design. Essentially, Opti did the engineering work, and the Taiwan-based manufacturers handled production. The result was an unassuming board that provided good value for money.
Marx train set 9605 was an electric train set Marx that Sears sold in 1955. But you may also hear collectors refer to it as Happi-Time train set 9605, because that’s what Marx printed on the box.
Back when I was getting started in Linux, the network card to get was anything based on the DEC Tulip chipset. DEC sold them themselves for a short time, but so did Netgear, Linksys, and probably others. Unlike DEC ISA cards, which were junk, the Tulip chipset was great. At least in Linux and Windows. DOS? I never had reason to check. Here’s how (and why) I set up DEC Tulip packet drivers for DOS.
I recently came across a couple of old DEC Tulip cards in my parts stash, and I decided to try to get them working in DOS. I’ve had mixed success with PCI cards and DOS, so if I could get those old Tulip cards working, it could make life easier for me when I run DOS on that type of machine. Here’s how I did it.
Spray foam cans are expensive, and if you’re like me, they almost always clog up or dry out before you get a chance to use the whole can. In this blog post, I’ll tell you how to fix a clogged, dried out can of spray foam so you can use more of it and save time and money.
A common objection I hear to scanning systems with credentials is the fear of that account getting compromised. In this blog post, I will talk about ways to mitigate that risk using defense in depth. I will also explain why scanning with credentials is itself a vital component of defense in depth.