security Archives

Home » security » Page 7

Mental health and infosec

Dave Farquhar security September 15, 2021April 9, 2022

In Australia, they have a national day called R U Ok. And one of my Australian coworkers used that as an opportunity to reach out to the rest of the company. We all thanked him. Mental health is a problem in the field of computer security, and IT as a whole, and we rarely talk about it. It’s time that we start. Let’s take the taboo out of mental health and infosec.

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

Rebuild machines without making duplicates in Qualys or Tenable

Dave Farquhar security July 27, 2021May 12, 2022

My friend does vulnerability management for a company that likes to rebuild machines instead of patching them. I don’t judge; that’s how I wanted to patch machines when I was a sysadmin but I didn’t have fast enough storage. But if you do this, you’re liable to end up with duplicate machines in your reports. One unpatched, and the other one (hopefully) patched. Here’s how to rebuild machines without making duplicates in Qualys or Tenable.

Dave Farquhar

dfarq.homeip.net

Choose your passwords carefully

Dave Farquhar security July 20, 2021July 3, 2021

I participated in a brief discussion on Twitter the other week about being careful how you choose your passwords. Passwords can and will show up in places you don’t intend. When that happens, you don’t want it to cause a problem. Here’s what happened to me once when I didn’t choose a password carefully.

Dave Farquhar

dfarq.homeip.net

How you view message headers in Outlook

Dave Farquhar Office, security July 19, 2021July 18, 2021

Viewing message headers is helpful for troubleshooting, and also making sure you’re not getting phished. Microsoft moved things around in recent versions of Outlook, so here’s how to view message headers in Outlook–the current version.

Dave Farquhar

dfarq.homeip.net

What does the Qualys cloud agent do?

Dave Farquhar security July 14, 2021July 11, 2021

If you work in a corporate environment, there’s a chance you see something called the Qualys Cloud Agent running on your computer. And information about this mysterious agent can be hard to come by? What does the Qualys cloud agent do? How does it work? I’m glad you asked.

Dave Farquhar

dfarq.homeip.net

Force a Qualys Cloud Agent scan

Dave Farquhar security July 7, 2021March 15, 2022

Unlike its leading competitor, the Qualys Cloud Agent scans automatically. This means you don’t have to schedule scans, which is good, but it also means the Qualys agent essentially has free will. The latest results may or may not show up as quickly as you’d like. How to initiate an agent scan on demand was easily the most frequent question I got during the five years I supported Qualys for a living. Here’s how to force a Qualys Cloud Agent scan.

You can force a Qualys Cloud Agent scan on Windows by toggling a registry key, or from Linux or Mac OS X by running the cloudagentctl.sh shell script.

Dave Farquhar

dfarq.homeip.net

Iterate over a CSV in Python and Pandas

Dave Farquhar security June 16, 2021October 22, 2022

I frequently get data in CSV or Excel format, which I then have to use to deploy a vulnerability management solution like Tenable or Qualys. I use Pandas to process this data, which usually involves iterating each row of the dataframe in Pandas. It abuses Pandas. But it works. Yes, it’s a hack. I don’t care.

Dave Farquhar

dfarq.homeip.net

Qualys vulnerability vs discovery scan

Dave Farquhar security June 14, 2021May 22, 2021

One of my most frequent topics of discussion in my time as a vulnerability management architect was the question of a Qualys vulnerability vs discovery scan. It’s especially confusing because Qualys is completely silent on the topic. There’s a reason for that. Let’s talk about the types of Qualys scans and what they can do for you.

Officially, Qualys discovery scans don’t exist. That said, you can implement something very close to what Qualys’ competitors call a discovery scan, and reap numerous benefits from it.

Dave Farquhar

dfarq.homeip.net

What to do if you can’t scan your whole network

Dave Farquhar security June 11, 2021September 15, 2023

A former colleague contacted me some time ago with an interesting conundrum. I thought his problem in the solution would be worth sharing, because it’s not at all uncommon. He manages a network of, let’s say, 22,000 computers. But he has licenses to scan 8,800 of them. The question is, what can he do?

Dave Farquhar

dfarq.homeip.net

How to read a Nessus scan report

Dave Farquhar security June 9, 2021March 23, 2025

Reading and analyzing a Nessus vulnerability scanner report is an underrated skill. Frankly, I see a lot of misuse and abuse surrounding Nessus scans. So let’s talk about how to read and analyze a Nessus scan for the purpose of understanding and solving problems.

You can read it in the user interface but I recommend exporting a CSV so you can sort and filter. The exact CSV format has changed a bit over the years so they may not be in this exact order. But this will get you started. The most important columns are all here. You’ll find it very similar to reading a Qualys scan report.

For reference, I used the sample file here: https://github.com/derekmorr/nessus-csv/blob/master/nessus_test.csv

Dave Farquhar

dfarq.homeip.net