firewall

Unix-to-Windows copies with PSCP

Dave Farquhar Linux, security, Windows , , , , ,

I’ve been moving files between Linux servers, and to and from Windows boxes, as part of my server migration. I started to write about how I’ve been doing it, but it seemed oddly familiar.

Yep, I’ve written about SCP and its Windows port, PSCP, before. Do this long enough and you find yourself repeating yourself.

Read more

The old days of viruses

Dave Farquhar security, Viruses , , , , , , , , , , , , , , , ,
The old days of viruses

Blogging pioneer John Dominik, inspired by my Michelangelo memories, wrote about his memories of viruses later in the decade. So now I’ll take inspiration of him and share my memories of some of those viruses. I searched my archives, and at the time it was going on, I didn’t write a lot. I was tired and angry, as you can tell from the terse posts I did write.

Read more

I have a server… and about four years’ worth of content

Dave Farquhar Uncategorized , ,

My new server is up and running, and let me tell you, it’s spectacular.

And if you’re reading this on 6 March 2012, you’re probably wondering what I’m talking about, because everything looks just as slow as usual. That’s because the new server is still behind my firewall because I’m struggling to get my content all moved to it.

Read more

Open-source licenses, the CISSP, and the real world

Dave Farquhar Copyright, security , , , , , , , ,

You may have a question about open-source licenses on your CISSP exam. I don’t remember the specifics and wouldn’t be able to repeat them anyway, but I had a question on my exam where knowing the differences was helpful in finding the right answer.

And I had to deal with an issue this past week involving open-source technologies where the licenses made a big difference.

Read more

My first experience with data recovery

Dave Farquhar data recovery, War Stories , , , ,
My first experience with data recovery

It was 1997. I was working my first full-time  job, and my phone rang with my first crisis.

“What happened to the K drive?” the caller asked.

I glanced over at my network drive cheat sheet, which listed all of our shares and what server they were on. In those days, most of our servers still had 300-400 megabyte drives and that meant every file server hosted, at most, a couple of shares. There was no K drive on our list. I was afraid this was about to get interesting. Read more

The contractor who built systems via P2P

Dave Farquhar security ,

Today I was helping one of my coworkers study for the Security+ exam, and one of his study questions reminded me of a story.

I wrote a few days ago about spending some time in an unhealthy IT shop. One of my cohorts supported one of the departments that decided to outsource its IT to a contractor, rather than use the internal IT department. It was a form of shadow IT on a large scale. The hand-off didn’t exactly go as it should.

Read more

The worst test I ever took

Dave Farquhar Personal , , , , , ,

I’m gearing up (finally) to take the CISSP, a 250-question marathon of an exam that covers everything from firewalls and intrusion detection systems to how tall the fence or wall around a building should be and what kind of lights to use in a parking garage.  And everything in between. Three of my colleagues have had CISSP certifications for several years, and on Friday two of them were telling me what to expect.

And the worst test I’ve ever taken came to mind. No, it wasn’t Security+. I had a pretty good idea I was going to pass that one, which I did. The worst test I ever took was Dr. Walter Johnson‘s Fundamental Macroeconomics (Economics 1) makeup final at Mizzou, circa Winter 1994.

Read more

How to make a DMZ with two routers

Dave Farquhar security , , , , , , , ,

I’ve alluded in the past to why it’s a good idea to make a DMZ with two routers, but I’ve never gone into depth about how and necessarily why to do it.

If your ISP gave you a combination modem/switch/access point/router and it only supports 100 megabit wired and 54-megabit (802.11g) wireless and you want to upgrade to gigabit wired/150-meg (802.11n) wireless, here’s a great way to make the two devices work together and improve your security.

Read more

Don’t use software firewalls: Good advice or bad?

Dave Farquhar security , , , , , , , , , , ,

A common piece of good-meaning advice you’ll hear is that you should never use software firewalls. But is that good advice, or bad?

On the surface, it’s good advice. It’s much better to use the firewall built into a cable/DSL router. But the software firewall built into Windows XP, Vista, 7, and (presumably) 8 makes for a good second line of defense, so I don’t recommend disabling it.

I’ll explain further.

Read more

Why SSL isn’t fooolproof security

Dave Farquhar security , , , , ,

Over at Rabbit-Hole, a commenter posted that my low-tier VPN is unnecessary if you’re using SSL. He’s wrong.

Perhaps I should have titled this “When SSL isn’t foolproof security,” but it’s too late now. Oh well.

When you’re sitting on a strange network (not your home or work network), SSL is vulnerable to a classic man-in-the-middle attack. If you’re paying attention, you should know if your session is being hijacked. But who’s paying attention?

Read more