security Archives

Home » security » Page 4

Whitelist vs blacklist

Dave Farquhar security October 3, 2023September 24, 2023

I’m not a big fan of the whitelist and blacklist terminology. The language is potentially harmful, but besides the racial implications, it’s also unclear. In this blog post, I’ll go over the traditional meaning of whitelist vs blacklist, and you’ll see why I say the alternative, dare I say progressive, terminology is also much more clear.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

CVE-2023-33140 OneNote Spoofing remediation

Dave Farquhar security September 27, 2023March 22, 2024

If you need to resolve CVE-2023-33140 OneNote Spoofing remediation, the best way to do it is to uninstall it. Here’s why this is OK to do, and how to do it. Fixing Windows Store vulnerabilities is hard.

Dave Farquhar

dfarq.homeip.net

Force a Nessus agent scan on demand

Dave Farquhar security September 18, 2023September 17, 2023

Tenable’s Nessus agent has a fair bit of underappreciated power. The ability to force a Nessus agent scan on demand is a feature I hear people ask for a lot, without knowing the capability already exists. There’s a bit of setup that needs to happen in the cloud, but once you do that, a sysadmin can perform scan on demand from the host.

You can force a Tenable Nessus Agent scan on demand by dropping a file into a user-specified location, or running the nessuscli command. Read more

Dave Farquhar

dfarq.homeip.net

IBM 5170 TEMPEST variant

Dave Farquhar Retro Computing, security July 2, 2023March 18, 2025

I had an inquiry recently regarding the Tempest version of the IBM 5170, also known as the IBM 4459. The IBM 5170 Tempest variant was a version of the conventional IBM PC/AT designed for sensitive environments. It is more of a curiosity today, and there are good reasons why it is rare.

Having spent part of my career in the type of environment where this machine would have been used, I can elaborate on some of its design, and why it was built the way that it was. I may also be able to give some insight into why not many of these devices survive today.

Dave Farquhar

dfarq.homeip.net

What does legacy mean in software

Dave Farquhar security, Software April 26, 2023October 14, 2025

In computer software and general IT circles, you will sometimes hear the phrase legacy thrown around. And you may hear some conflicting information about what legacy means. So let’s talk about what legacy means and software, and computers in general.

Dave Farquhar

dfarq.homeip.net

Handling API pagination with Python

Dave Farquhar security April 5, 2023March 25, 2023

A common problem in using Python to gather data via APIs is pagination. Most APIs have a limit on how much data they are willing to send you in a single API call. So they break the data into pages. In this blog post, I’ll go through an example of handling API pagination in Python.

Dave Farquhar

dfarq.homeip.net

What is a dataframe in Python?

Dave Farquhar security March 27, 2023April 7, 2023

You’ll frequently hear the word dataframe thrown around, sometimes by data scientists or Python programmers. It can be an intimidating subject but it doesn’t need to be. Let’s talk about what a dataframe is in Python, in lay person’s terms, and how you can use them.

Dave Farquhar

dfarq.homeip.net

What manual testing is in security

Dave Farquhar security March 14, 2023March 11, 2023

The SANS vulnerability management maturity model has an entire section on manual testing. That may not be a phrase you hear very often because there are several types of manual tests. So what is manual testing in security?

Manual testing is a form of security testing, namely, looking for security vulnerabilities in a non-automated or semi-automated fashion at most. It is not the same as vulnerability scanning like one does with tools like Nessus or Qualys.

Dave Farquhar

dfarq.homeip.net

How frequently Linux updates

Dave Farquhar security March 7, 2023February 25, 2023

Unfortunately, how frequently Linux updates is not a straightforward question with a straightforward answer. Linux and related software get updates when the updates are ready. This can confuse security professionals who are used to companies like Microsoft and Adobe releasing updates on a predefined schedule.

Dave Farquhar

dfarq.homeip.net

Qualys superseded updates and caveats

Dave Farquhar security December 13, 2022September 24, 2022

The vulnerability scanner Qualys has the ability to filter superseded updates in its reports and over the API. This is a popular feature. Unfortunately, it does have some caveats that aren’t always very well understood. Here’s what you need to know about Qualys superseded updates and its caveats.

Dave Farquhar

dfarq.homeip.net