security Archives - Page 2 of 55 - The Silicon Underground

Home » security » Page 2

Vulnerability assessment vs pentest: What’s the difference?

Dave Farquhar security September 3, 2018August 30, 2018 0 Comment

You can expect any midlevel or higher security certification test to require you to compare and contrast a vulnerability assessment vs pentest. The difference is important. But since I still see people confusing the two, let me explain them.

I conduct vulnerability assessments for a living. I’ve done some light pentesting in the past, but I’m happier doing assessments. I don’t want to be a penetration tester. That seems strange to some people. Maybe that gives me a good perspective to compare and contrast the two, because both have their uses. But they aren’t interchangeable.

Cleanbrowsing.org review

Dave Farquhar security August 27, 2018September 22, 2018 0 Comment

I’ve advocated using something other than your ISP’s DNS for years. There’s little if any downside to doing so, and tons of upside. My current favorite third-party DNS is Cleanbrowsing.org because it does so much to improve performance and security. Here’s my Cleanbrowsing.org review.

First things first: Don’t worry about how much Cleanbrowsing.org costs. It has useful tiers available as a free service, even though it’s tremendously valuable.

Should I buy a used Chromebook?

Dave Farquhar Hardware, security August 15, 2018August 22, 2018 0 Comment

Should I buy a used Chromebook? I asked myself that question for years. And argued with myself about it. Finally I decided to take the plunge and bought one. Here are the pros and cons to buying a used Chromebook, and what you should look out for to protect yourself.

Overall I recommend them. For less than the price of a year of Lifelock, you can do something that really will make a difference in how secure your personal finance is.

Extract a MAC address from Excel data

Dave Farquhar Office, security July 31, 2018August 3, 2018 0 Comment

A vulnerability scanner like Nessus or Qualys will record the MAC address of every computer it finds. But Qualys doesn’t output the MAC address in a nice column format. It mixes a lot of other data into the cell. So I had to figure out how to extract a MAC address from Excel data to give an infrastructure team an inventory they wanted.

What is DDoSing?

Dave Farquhar security July 25, 2018August 3, 2018 0 Comment

What is DDoSing? It’s something every system administrator and security professional needs to be concerned about. You can expect to see this concept on certification tests and get questions about it in job interviews. So let’s look at the concept of DDoS, and why I think this is going to get worse before it gets better.

Is there a virus on my phone?

Dave Farquhar Android, security July 23, 2018September 8, 2018 0 Comment

Is there a virus on my phone? Or your phone? I can’t know for certain, but probably not. Here’s what to do if your phone says it has a virus and wants you to visit a web page or pay someone money.

I’ll tell you what you really need to do, and I’ll even show you a neat trick so you’ll see fewer of these messages. And none of this will cost you anything, either.

Inherent risk definition

Dave Farquhar security July 16, 2018July 16, 2018 0 Comment

Sometimes you’ll hear insurance professionals, banking professionals, computer security professionals, and other people who deal with risk talk about inherent risk and its counterpart, residual risk. If these are unclear to you, or you just need a refresher, you came to the right place. Let’s take a look at a simple inherent risk definition and example, as well as residual risk.

White hat gray hat black hat – what’s the difference?

Dave Farquhar security July 12, 2018November 23, 2018 0 Comment

In computer security circles, you’ll hear the words white hat gray hat black hat thrown around a lot. Everyone just assumes you know what they mean. If you’re unsure about it, here’s what the terms mean, and what the difference is.

Can your computer become infected with a virus via email?

Dave Farquhar security July 11, 2018August 19, 2018 0 Comment

Can your computer become infected with a virus via email? It absolutely can. I had one of the worst weeks of my career due to a virus delivered over e-mail. But the good news is, it’s preventable. You can take simple measures to make it much more difficult, if not impossible, to catch a virus via e-mail.

Budget pfSense build with workstation parts

Dave Farquhar Hardware, security July 9, 2018July 3, 2018 4 Comments

I’ve written about pfSense before. It’s a router project based on FreeBSD, a free Unix project that never gained the popularity of Linux but is perfectly capable in its own right. But it doesn’t run on router hardware. It’s designed to run on a PC. But a lot of pfSense builds get expensive. So let’s look at a budget pfSense build. Let’s see what we can do for around $100-$150.

I see a lot of pfSense builds with price tags of $300. If you’re OK with using used equipment, you can build a nice machine for half that. And you don’t have to give up quality either. In fact, I’ll argue that building one my way gains you quality. Let’s get to it.