Vulnerability scanning best practices

As a vulnerability management professional, I talk about vulnerability scanning best practices a lot. There’s a lot more to vulnerability management than just scanning, but if you don’t get scanning right, the rest of the program suffers.

I’m going to talk about a lot of technical controls here, but don’t forget the nontechnical side. People and processes have to support all technology.

Read more

How DDoS attacks work

Yesterday, half the Internet was broken. I knew something was wrong when I couldn’t get into Salesforce to check on a support ticket for my biggest customer. Another member of my team sent us a warning that a big DDoS attack was happening, and not to count on being able to issue very many quotes today. So what, exactly, is a DDoS attack and how do DDoS attacks work?

I suppose there’s another question to ask too: What can you do to avoid being part of the problem? We’ll save that for the end.

Read more

Clean malware from a router

Clean malware from a router

I see a few misleading articles out there promising to tell you how to scan your router for malware or viruses. Unfortunately they don’t really explain the problem. They also don’t explain the alternative way to solve the problem you want to solve. What you really want to do is clean malware from a router–and viruses too. And that’s something you can do pretty easily. For free.

Yes, that’s right. You won’t have to pay 50 bucks a year for a subscription to keep your router clean.

Read more

Recommended DD-WRT settings

Recommended DD-WRT settings

I’ve been asked a few times now for my recommended DD-WRT settings, or at least my good-enough settings. I think that’s a great idea, so I’ll walk through how I configure a DD-WRT router. Follow these steps and I can almost guarantee you’ll have the most secure network on your block.

For the purposes of this tutorial, I am going to assume you are configuring DD-WRT as your primary router.

Read more

How hard-coding your DNS can improve your security

I’ve long recommended hard-coding your DNS settings as a performance and reliability enhancement–here’s my guide for that–but it turns out it can be a security enhancement too.

Botnets targetting routers aren’t new at all, but there’s a particularly nasty one named Moose running around right now. Among other things, it changes routers’ DNS settings to point to rogue DNS servers that allow the attackers to steal your social media credentials, furthering the bot. Read more

Hillary, hackers, threats, and national security

I got a point-blank question in the comments earlier this week: Did Hillary Clinton’s home-made mail server put national secrets at risk of being hacked by our enemies?

Depending on the enemies, maybe marginally. But not enough that any security professional that I know of is worried about it. Here’s why.

Read more

Why I don’t scan networks with my own credentials

I scan the network I’m paid and sworn to protect on a nearly daily basis. I experienced a problem with the account I use for that, and I tested by scanning a small quantity of machines (my own and my cubicle neighbor’s) with my own account to make sure the problem was the account, not the tool.

Fixing the account has become a problem–my boss’ problem now–but when I told him about it, I said I could scan the network with my personal admin account, but didn’t want to. One reason has to do with liability and HR. The other, believe it or not, is technical.

Read more

What to do with insanely fast routers

I read a story last week about an insanely fast router that can run at up to 5.3 gigabits, far faster than even the crazy-fast gigabit Internet service that only a lucky few people are able to get. The article questioned what anyone would do with it.

Think beyond network speeds, though, and there’s a lot you can do with that power.

Read more

WordPress Appliance - Powered by TurnKey Linux