Installing Plixer’s “Scrutinizer” NPMD

Plixer makes a good “Network Performance Monitoring and Diagnostics” (NPMD) application called “Scrutinizer“. NPMD, as Gartner calls it, mostly omeans, collecting, aggregating, and reporting on Netflow data.

Plixer provides a VMware OVF for installation of a virtual appliance. I, however, ran into a few issues with the installation:

I couldn’t get the install to work . . . → Read More: Installing Plixer’s “Scrutinizer” NPMD

Good basic email advice

Professor Alan Woodward from the Department of Computer Science at the University of Surrey via The Register:

“Educate users not to open files that they are not expecting. Practice your ABCs – Assume nothing. Believe no one, and Check everything should be drummed into users – personally I preach ABCD – if in any doubt . . . → Read More: Good basic email advice

ASA Firewall Rules of Thumb

Some important Cisco ASA firewall details I and others have learned and shared over the years:

Don’t use “security-level” as your method of security. In the long term at best “security-level” will cause you to block traffic you didn’t expect, at worst, it will allow traffic you didn’t want. Why? Well… If you add an . . . → Read More: ASA Firewall Rules of Thumb

IC3 Alert on Microchip-Enabled (EMV) Credit Cards

Unfortunately quite accurate and what a number of us have been saying all along:

http://www.ic3.gov/media/2015/151008.aspx

The gist can be found in a single paragraph:

Although EMV cards will provide greater security than traditional magnetic strip cards, they are still vulnerable to fraud. EMV cards can be counterfeited using stolen card data obtained from . . . → Read More: IC3 Alert on Microchip-Enabled (EMV) Credit Cards

More on “tiny” URLs…

I keep getting them from very smart, very security conscious people. However, to make my point:

http://goo.gl/1LJ1Wz

I love what they offer but…

Some do offer a preview, but users aren’t used to seeing that and unfortunately won’t care (ie: they are so used to getting them without preview, they won’t expect it . . . → Read More: More on “tiny” URLs…

Nothing new here…

But everyone should read it:

Dear Secure Companies…

Dear Secure Companies,

Please stop sending me emails to pick up critical documents or surveys where the URLs I need to follow point into random unverifiable domains. A link that leads to a URL like:

http://wl1.peer360.com/b/J9dqJDSALAS87ZWR3Te7/mle.asp?hl=5621312750&r=BBGGHHSF&CID=305151

is not going to inspire confidence and, assuming it isn’t spear-fishing or malware, is teaching end users . . . → Read More: Dear Secure Companies…

Dumping SSL certificate information

It seems lately I’m regularly having to dump the information from SSL certificates (for instance to get the “Subject” or CA signer). Since I keep having to look up the exact syntax, I thought it easier to save here and figured it might help others.

So, if in PEM format, use the following:

. . . → Read More: Dumping SSL certificate information

BankInfo Ramnit Article

Tracy Kitten at BankInfo has an interesting article about the Ramnit worm which is worthy of a read (even I would say by the general public). Ramnit is particularly pernicious because:

Ramnit’s man-in-the-middle looks like an actual social-media or bank-account sign-in page that captures a user’s ID and password, and sometimes other personal information en . . . → Read More: BankInfo Ramnit Article

Why I hate tiny-fied URLs…

In theory if the world were filled we universally good people, “bitly” and “TinyURL.com“, which given long URLs provide short ones, are a great idea. However whenever I get one I find that I’m frankly terrified to click on them.

Why?

Because while they could be going someplace useful, they could also be going to . . . → Read More: Why I hate tiny-fied URLs…