We Can Learn From Industrial Firewall Architecture

https://ics-cert.us-cert.gov/sites/default/files/ICSJWG-Archive/F2012/D1_PM2_Tr1_Ginter_wf-13-ways-icsjwg-2012-d2.pdf Andrew Ginter  has an interesting presentation (Director of Industrial Security – Waterfall security Solutions) Notice how in an ICS (Industrial control System)  environment there are firewalls seperating different networks from the plant floor (the device floor has PLC’s) But let me dispel some notions here, an ICS environment includes this Picture from threatpost.com  which looks … Read more

Test Your Firewall With 3 Free Scans

There are ways for you to check your own firewall/router that you connect to: This is a free service that does a quick basic scan https://www.grc.com/x/ne.dll?bh0bkyd2 here is my firewall being queried:     here is also a great site which allows you to see what your own website or DNS is giving out to … Read more

Manual vs. Automated Scan Tests

What does it mean to say check my firewall with an automated pentest scan? That means to test the firewall using various programs to review the vulnerabilities using an application like Nessus or Nikto to test the IP address for vulnerabilities known to Nessus or Nikto. Nessus:             The above … Read more

Is Your “Cloud” Safe From Cross-Tenant Side-Channel Attacks?

The X-force Blog has a good post about Platform as a Service (PaaS) cloud   (#28 in Security analyzed page) http://securityintelligence.com/platform-as-a-service-paas-cloud-side-channel-attacks-part-ii/#.VZq8NflglmM   The Platform as a Service is a certain kind of Cloud service.  In some cloud services your data resides on machines dedicated for your company (IaaS) – Infrastructure as a Service. In PaaS … Read more

IT Security is a Mindset

Here is a picture of a lock, since everyone has one (the above is a picture of a hotel lock).  We don’t buy a house with a Door that has no lock.   The lock cost is not high compared to the other items in the house, including land, wood structure, electric lines, and more. … Read more