firewall

The benefits of doing IT at home, too

Dave Farquhar Hardware , , , , , , , ,

Earlier this week, The Register touted the benefits of having a home lab.

That lab doesn’t necessarily have to be elaborate. But there is definitely something to be said for having some equipment that you can learn and experiment on, and that can break without the world ending. Read more

DROP DATABASE wordpress;

Dave Farquhar Apache, Linux, This weblog , , , ,

This week, I doubled back down in earnest to get my webserver running on the hardware I bought a year ago.

After  getting Apache, PHP and MySQL installed on the box and playing together nice, I installed WordPress and got it running. Then I tried backing up and restoring files from my existing server, and the server didn’t like that one bit.

Read more

Wi-fi wants to be free… except it’s not 1994 anymore

Dave Farquhar security , , ,

The Open Wi-Fi movement was on the front page of Slashdot yesterday afternoon. Predictably, comment #2 was, “give me immunity from the MPAA and RIAA and I’ll open my Wi-Fi.” Valid point. Very valid point.

Though there are other problems, too.

Read more

Mobile malware is coming. Get prepared.

Dave Farquhar security , , , , , , ,

One thing I’m seeing in the predictions-for-2013 columns is that mobile malware is going to increase this year. While I can’t be certain it’s going to happen, all of the ingredients are there. The only thing stopping it is motive.

I’m familiar with Avast antivirus on Android. It’s nice. Whenever I download an app from the Google Play store, it scans it, and if it finds something it doesn’t like, it intervenes. Read more

CISSP vs. CASP vs. CEH

Dave Farquhar security , , , , , , ,

One of my coworkers invited me to watch a webinar with him today that promised to compare CompTIA’s new high-end certification with the CISSP.

I was skeptical at first, especially when I heard it was an 80-question, 150-minute test. But by the end, I mostly liked what I heard.

Read more

Certifications are a scam! A rebuttal

Dave Farquhar Uncategorized , , , , , ,

I overheard a couple of people talking a few weeks ago, and one said, flat out, “Certifications are a scam!”

As one who has two security certifications (Security+ and CISSP), I disagree. Now that I’ve had my first post-CISSP professional review, I disagree even more strongly.

Read more

Things I wish everyone knew about home Mac security

Dave Farquhar Macintosh, security , , , , , , , , ,

On Wednesday evening, I wrote about basic computer security from a Windows-centric perspective. I knew some people who needed help in a hurry, and given there was a 90% or so chance they were running Windows, I took that route.

Some of my buddies who use Macs passed it along. And much of what I said then does apply, but I’d like to clarify a few of those points.
Read more

Is the Windows firewall safe enough?

Dave Farquhar security , , , , ,

Is the Windows Firewall safe enough? I wish more people would ask that question rather than make assumptions.

I wish I had a nickel for every time I’ve heard an unsubstantiated statement like “Windows firewall is junk.” I went looking, and the best I could find was this, an editorial that said it doesn’t do enough to address outbound connections, particularly on a program-by-program basis.

OK, point taken. But “enough” is a moving target.

Read more

Things I wish everyone knew about home computer security

Dave Farquhar security , , , , , , , , , , , , ,

I’m a security professional by trade, with two certifications. I’m not responsible for defending your computer networks, but I want your networks to be secure. There’s a really simple reason for that. If your computer and your network is secure, then it isn’t attacking mine. Or anyone else’s.

Several fellow subscribers to a train-related interest group that I like got hacked recently, and have been sending out spam messages. They’ve received a lot of advice in the hours since. Some of it has been good, and some not as good. So I tried to think of some things that people could do in about 30 minutes to keep the crooks at bay.

Incidentally, the computer crooks won’t be going away. Computer crime happens because the criminals can make more money doing that than doing something legal. The only way to make it stop is to make it too hard, so that getting a real job becomes more profitable. You won’t solve that problem in 30 minutes, but if we all take that single step down that road, we’ll make the world that much safer. So, with that, let’s roll up our sleeves. Read more

Securing wi-fi isn’t about price gouging

Dave Farquhar security , , , , , , , , ,

The so-called wi-fi golden era is over, and apparently being glad about it makes me an absolutist.

But John C. Dvorak is wrong. This isn’t about making people pay for Internet access. It’s pure security. Toilets and drinking fountains are free because the majority of people don’t abuse them. The Internet can’t be wide open and free like a public restroom because when it was totally wide open and free in the 1990s, too many people abused it. Read more