Equifax

Being in the industry, I understand how difficult it is to secure an organization, so I have some sympathy for Equifax. As an ex-NSA colleague noted (paraphrasing), “A defender has to protect everything, an attacker only has to find one hole.” That said, their business is PII, so there is a higher standard there.

In . . . → Read More: Equifax

Installing Plixer’s “Scrutinizer” NPMD

Plixer makes a good “Network Performance Monitoring and Diagnostics” (NPMD) application called “Scrutinizer“. NPMD, as Gartner calls it, mostly omeans, collecting, aggregating, and reporting on Netflow data.

Plixer provides a VMware OVF for installation of a virtual appliance. I, however, ran into a few issues with the installation:

I couldn’t get the install to work . . . → Read More: Installing Plixer’s “Scrutinizer” NPMD

Good basic email advice

Professor Alan Woodward from the Department of Computer Science at the University of Surrey via The Register:

“Educate users not to open files that they are not expecting. Practice your ABCs – Assume nothing. Believe no one, and Check everything should be drummed into users – personally I preach ABCD – if in any doubt . . . → Read More: Good basic email advice

ASA Firewall Rules of Thumb

Some important Cisco ASA firewall details I and others have learned and shared over the years:

Don’t use “security-level” as your method of security. In the long term at best “security-level” will cause you to block traffic you didn’t expect, at worst, it will allow traffic you didn’t want. Why? Well… If you add an . . . → Read More: ASA Firewall Rules of Thumb

IC3 Alert on Microchip-Enabled (EMV) Credit Cards

Unfortunately quite accurate and what a number of us have been saying all along:

http://www.ic3.gov/media/2015/151008.aspx

The gist can be found in a single paragraph:

Although EMV cards will provide greater security than traditional magnetic strip cards, they are still vulnerable to fraud. EMV cards can be counterfeited using stolen card data obtained from . . . → Read More: IC3 Alert on Microchip-Enabled (EMV) Credit Cards

More on “tiny” URLs…

I keep getting them from very smart, very security conscious people. However, to make my point:

http://goo.gl/1LJ1Wz

I love what they offer but…

Some do offer a preview, but users aren’t used to seeing that and unfortunately won’t care (ie: they are so used to getting them without preview, they won’t expect it . . . → Read More: More on “tiny” URLs…

Nothing new here…

But everyone should read it:

Dear Secure Companies…

Dear Secure Companies,

Please stop sending me emails to pick up critical documents or surveys where the URLs I need to follow point into random unverifiable domains. A link that leads to a URL like:

http://wl1.peer360.com/b/J9dqJDSALAS87ZWR3Te7/mle.asp?hl=5621312750&r=BBGGHHSF&CID=305151

is not going to inspire confidence and, assuming it isn’t spear-fishing or malware, is teaching end users . . . → Read More: Dear Secure Companies…

Dumping SSL certificate information

It seems lately I’m regularly having to dump the information from SSL certificates (for instance to get the “Subject” or CA signer). Since I keep having to look up the exact syntax, I thought it easier to save here and figured it might help others.

So, if in PEM format, use the following:

. . . → Read More: Dumping SSL certificate information

BankInfo Ramnit Article

Tracy Kitten at BankInfo has an interesting article about the Ramnit worm which is worthy of a read (even I would say by the general public). Ramnit is particularly pernicious because:

Ramnit’s man-in-the-middle looks like an actual social-media or bank-account sign-in page that captures a user’s ID and password, and sometimes other personal information en . . . → Read More: BankInfo Ramnit Article