InformationWeek Dark Reading has another article bemoaning the proliferation of Cybersecurity products: http://www.darkreading.com/endpoint/in-the-cyber-realm-lets-be-knights-not-blacksmiths/a/d-id/1321176 Yes in a couple of weeks (at BlackHat USA 8/1- 8/6) there will be many new products touting some new way to do the same basic items: SIEM -Security Information event Management and protection. Detect the bad and delete it. Most of … Read more
http://oversitesentry.com/cisco-vni-says-3x-more-data-by-2019/ Above image is from my post May 31, 2015 – as Cisco surveyed data traffic 2014-2019 (going up – Internet traffic will triple) We know there will be more Internet traffic in the future, so how much do we spend on securing our networks? To keep it simple, let’s pretend there is a … Read more
https://ics-cert.us-cert.gov/sites/default/files/ICSJWG-Archive/F2012/D1_PM2_Tr1_Ginter_wf-13-ways-icsjwg-2012-d2.pdf Andrew Ginter has an interesting presentation (Director of Industrial Security – Waterfall security Solutions) Notice how in an ICS (Industrial control System) environment there are firewalls seperating different networks from the plant floor (the device floor has PLC’s) But let me dispel some notions here, an ICS environment includes this Picture from threatpost.com which looks … Read more
There are ways for you to check your own firewall/router that you connect to: This is a free service that does a quick basic scan https://www.grc.com/x/ne.dll?bh0bkyd2 here is my firewall being queried: here is also a great site which allows you to see what your own website or DNS is giving out to … Read more
What does it mean to say check my firewall with an automated pentest scan? That means to test the firewall using various programs to review the vulnerabilities using an application like Nessus or Nikto to test the IP address for vulnerabilities known to Nessus or Nikto. Nessus: The above … Read more