I have been taking a free networking class from Stanford University’s online “open source” education platform. I have really been enjoying the first unit of the course as it has started filling in some gaps in the foundation of my understanding regarding networking, the internet, and TCP/IP. I highly recommend this to anyone that has […]

One of most difficult things to find (imho) is information about API and Service URL’s for just about any and all applications. Microsoft is better than some (Dell, I am looking at you…) but it can still require some metaphorical google search back flips to get to the right information. That said… I wanted to […]

The Event Viewer is a very useful tool however, like any log management solution, the biggest hurdle can be filtering out the noise and returning only the meaningful log data that you care about. This is a follow-up on a previous article which can be viewed here: Finding Human Logins in the Windows Event Viewer […]

I have a limited number of IPv4 addresses available to me on my servers. So I am really frugal with how I assign them. Whenever possible, my preference is to use NAT off of the main Proxmox IP. However I struggled to get this setup while also using the built-in Proxmox firewall that comes in […]

On Thursday I released an article detailing how to get Proxmox setup and also how to configure networking with IPv6. However that article got long and I just said I would address the firewall in the future. Well, that’s today because I need to get the configuration stuff written down before I forget. In addition […]

Last year Google proposed marking any and all sites not using SSL in a negative fashion in its Chrome browser. This year they are indicating they plan on moving forward with this: Google Chrome gets ready to mark all HTTP sites as ‘bad’ To clarify what this means for small content creators… an extra ~$100+ […]

Source: 14 Best Open Source Web Application Vulnerability Scanners – InfoSec Resources Regular vulnerability scanning and remediation is a key part of strong security in your enterprise. Particularly scanning publicly available services like Websites and Applications. Thankfully it doesn’t have to be a horribly expensive affair! This is a handy list with some short write-ups […]

If you don’t know what a firewall is, let’s start there… A firewall is basically a digital “wall” that sits on the edge of your network or device. When someone makes a connection over a network or the internet to your server, they connect by the IP address + a Port. Firewalls, on a very […]

This was going to be a long article but I decided to cut it short. Use case: You have a Remote Server – You need to securely access some sensitive service or another (let’s say a MySQL connection) and don’t want to open the port to up to the internet. What’s a person to do?

If you are in a decently secure network your Active Directory domain controllers are “silo’d” off from all of your workstations and member servers. This is good, however, if your internal firewalls aren’t configured properly it can cause all kinds of headache for day-to-day domain operations. Update: You might also want to checkout this article […]

We recently had a security requirement come down the line that required me to leave the wading pool of GPO administration behind and dive into the stormy waters of Powershell scripting. I am not going to dive into a full explanation of how to get started on powershell. What I am going to do is […]

If you are wanting remote access to an Ubuntu Server, the answer is SSH (Secure SHell). Ironically, SSH actually isn’t in the most secure configuration out of the box. Several of the servers I run are public facing, which means SSH particularly needs to be locked down. So lets talk about locking down SSH. I […]