Manual vs. Automated Scan Tests

What does it mean to say check my firewall with an automated pentest scan? That means to test the firewall using various programs to review the vulnerabilities using an application like Nessus or Nikto to test the IP address for vulnerabilities known to Nessus or Nikto. Nessus:             The above … Read more

Is Your “Cloud” Safe From Cross-Tenant Side-Channel Attacks?

The X-force Blog has a good post about Platform as a Service (PaaS) cloud   (#28 in Security analyzed page) http://securityintelligence.com/platform-as-a-service-paas-cloud-side-channel-attacks-part-ii/#.VZq8NflglmM   The Platform as a Service is a certain kind of Cloud service.  In some cloud services your data resides on machines dedicated for your company (IaaS) – Infrastructure as a Service. In PaaS … Read more

IT Security is a Mindset

Here is a picture of a lock, since everyone has one (the above is a picture of a hotel lock).  We don’t buy a house with a Door that has no lock.   The lock cost is not high compared to the other items in the house, including land, wood structure, electric lines, and more. … Read more

Test Your Firewall – Have You Firewalked?

All companies on the Internet have a firewall, even an older filtering firewall. here is a simplistic diagram of Internet – Modem – Firewall – Local Switch – Computers on network.   Do you know what your firewall looks like from the Internet? When a hacker looks at your network how does your firewall actually … Read more

We Depend On IT Competence & Reliability

If you are not in the IT field who would understand all the details of a potential hack-attack, here are some headlines in news today that may not create a full picture: http://www.darkreading.com/perimeter/ddos-attackers-exploiting-80s-era-routing-protocol/d/d-id/1321138? Which means the old RIPv1 or Routing Information Protocol  has abilities that can be exploited. If you have an old router, or … Read more