Halloween is over but the the world is still a scary place. In a continuation of a thought from an article I wrote a few weeks back for Auditing AzureSQL Firewall Policies, I thought I would also include a short function for auditing azure storage accounts that are currently configured for “public” access. Why are […]
I periodically review Azure PaaS resource edge security. As a part of that process I examine and cleanup AzureSQL firewall rules. Once you have more than a handful of subscriptions and AzureSQL databases, doing this manually starts becoming unfeasible. To that end, Azure Powershell is your friend… As is typical, you need to install the […]
When your business hinges upon remote workers and remote offices, secure connections, and lots of data manipulation… how do you deal with some of your folks being extra remote? Granted the internet in 2020 is very different from the internet in say 2008 and the world has grown ever smaller as a result… but distance […]
FIRST – I am stealing code here and re-sharing (with very little modification). All credit goes the fine gentleman that wrote these two articles, I would urge you to read them: Bulk Add IP Access Restrictions to Azure App Service Using AZ Powershell Bulk Add Cloudflares IPs to Azure App Service Access Restrictions Using AZ […]
I have been taking a free networking class from Stanford University’s online “open source” education platform. I have really been enjoying the first unit of the course as it has started filling in some gaps in the foundation of my understanding regarding networking, the internet, and TCP/IP. I highly recommend this to anyone that has […]
One of most difficult things to find (imho) is information about API and Service URL’s for just about any and all applications. Microsoft is better than some (Dell, I am looking at you…) but it can still require some metaphorical google search back flips to get to the right information. That said… I wanted to […]
The Event Viewer is a very useful tool however, like any log management solution, the biggest hurdle can be filtering out the noise and returning only the meaningful log data that you care about. This is a follow-up on a previous article which can be viewed here: Finding Human Logins in the Windows Event Viewer […]
On Thursday I released an article detailing how to get Proxmox setup and also how to configure networking with IPv6. However that article got long and I just said I would address the firewall in the future. Well, that’s today because I need to get the configuration stuff written down before I forget. In addition […]
One of the things I wanted to get from my OpenVPN Access Server was a usage report that would be emailed to me regularly. OpenVPN Access Server writes such logs to a file in /var/log on Ubuntu and Debian based systems. However it also writes a lot of other things. So I first started by […]
Source: 14 Best Open Source Web Application Vulnerability Scanners – InfoSec Resources Regular vulnerability scanning and remediation is a key part of strong security in your enterprise. Particularly scanning publicly available services like Websites and Applications. Thankfully it doesn’t have to be a horribly expensive affair! This is a handy list with some short write-ups […]
Uncomplicated FireWall – UFW – Easy to Configure Host Based Firewall for Ubuntu Server – You Should be Running a Firewall!
If you don’t know what a firewall is, let’s start there… A firewall is basically a digital “wall” that sits on the edge of your network or device. When someone makes a connection over a network or the internet to your server, they connect by the IP address + a Port. Firewalls, on a very […]
This was going to be a long article but I decided to cut it short. Use case: You have a Remote Server – You need to securely access some sensitive service or another (let’s say a MySQL connection) and don’t want to open the port to up to the internet. What’s a person to do?