David L. Farquhar, computer security professional, train hobbyist, and landlord
I’ve been listening to Patrick Gray’s coverage of the AusCERT security conference, and I walked away with two major takeaways, one for security professionals and one for everyone.
Everyone first: Use SSL (https) everywhere you possibly can. Generate superfluous https traffic if you can.
Network professionals: Block as much UDP at the firewall as you can.
Read on for more. Read more
I saw this phrase in a job description last week: Troubleshooting at all layers of the OSI model. That sounds a bit intimidating, right?
Maybe at first. But let’s not overcomplicate it. Once you get past the terminology, it’s a logical way to locate and fix problems. Chances are you already do most of this whether you realize it or not. I was already troubleshooting at at least four of the seven layers when I was working as a part-time desktop support technician in college in 1995.
Five and a half hours ago, I turned in my test and departed the CISSP test site. It took me four hours to answer the nastiest 250 test questions I’ve ever seen in my life.
I felt better about it than the other guys milling around the lobby, but….